ip a a 127.0.0.2/8 dev lo

You have a whole /8 subnet of localhost, do it.

Most backdoors are dangerous and dumb.

Why do you need EV certs?

“Nix” doesn’t resemble “nichts”, it’s slang for the same thing in German so it has the same meaning.

I don’t know which language is the source but if someone can access the nix paper to confirm that’d be great.

I believe that [nix meaning ‘nichts’ in german] is even intentional, the original author of nix (Eelco Dolstra) is from the Netherlands. The name comes from the fact that by default, nothing is available in build environments in nix.

Which is apparently confirmed by https://pdfs.semanticscholar.org/5fd8/8f89bd8738816e62808a1b7fb12d3ab14a2f.pdf but I can’t access that.

Nix = slang for “nichts” = word for “nothing” in German

Absolutely bamboozled

Update: April 15, 2025 (3:35 AM ET): Samsung has confirmed that the One UI 7 update will resume shortly. According to a solutions manager on Samsung’s Korean community forums, the rollout was temporarily paused due to maintenance-related issues. However, the inspection is now complete, and the update is expected to restart soon. Here’s the full statement:

https://www.androidauthority.com/one-ui-7-rollout-resuming-3544322/

And how long to push them.

Just the usual amount. I don’t think we want to know.

^{We’re a smaller chamber but a lot more echo.}

weakness in signature verification algorithm that could allow an administrator privileged attacker to load arbitrary microcode patches

I don’t think this will affect performance unless you depend on having to quickly update the CPU microcode multiple times a second.

EntrySign is a vulnerability that enables attackers with ring 0 or kernel-level access to bypass safeguards.

So almost no security impact and no performance change?

https://www.androidauthority.com/android-16-linux-terminal-doom-3521804/

Of course it runs Doom

I think google wants to run GUI applications without any vnc involved.

VM running natively

Uhh

Somethign I haven’t seen mentioned yet is clevis and tang, basically if you have more than one server then they can unlock each other and if they’re spatially separated then it is very unlikely they get stolen at the same time.

Though you have to make sure it stops working when a server get stolen, using a mesh VPN works just as well after the server is stolen so either use public IPS and a VPN or use a hidden raspberry pi that is unlikely to be stolen or make the other server stop tang after the first one is stolen.

but I often have to use email on other people’s computers

why?

public computers have usb drive access disabled

But why would you ever want to log in to your private e-mail on a public computer?

Luckely we’re not relying on emails for security relevant and or private information, right?

The emails are unencrypted, emails in transit are in transit between the e-mail servers and relays and use secure tls channels.
They are only encrypted from your phone/notebook/browser to the server, then when send they will be encrypted till the next server.

Every server/relay first decrypts everything send to it, because it has to due to the TLS terminating at each server.

See also your source:

Transport Encryption: This form of encryption is used to secure your emails while they are transmitted over the internet. Most of today’s email services, including Gmail, employ transport layer security (TLS) to protect emails in transit. While it encrypts emails between servers, it doesn’t protect the content once it reaches the recipient’s inbox.¹

In practical terms, Your e-mail server, your e-mail servers relay (if it has any) and your recipients relay server/server can all read your email unless

End-to-End Encryption (E2EE): E2EE takes encryption a step further. It ensures that only the sender and the recipient can decrypt and read the emails. Even the email service provider cannot access the contents of the email. E2EE is typically achieved through third-party encryption tools or services.¹

Which takes active effort from both the sender and the recipient to make work - it’s almost only possible with people you know and little else.

¹ https://umatechnology.org/gmails-new-encryption-can-make-email-safer-heres-why-you-should-use-it/

You can use caddy-l4 to redirect some traffic before (or after) tls and to different ports and hosts depending on FQDN.

Though that is still experimental.