No OS updates, unless promised at release. Some security updates, though. They’re GPL violators, and don’t release kernel sources, which makes 3rd party OS images harder.

Devices are generally easily repairable,they sell spares, and their support also sends you parts during warranty period if you ask - I just received a new battery for my titan slim.

This doesn’t have anything to do with user control - modern windows versions need drivers to be WHQL signed to get that kind of access. Alternatively you’ll need to enable developer mode on your system, and install your own developer certificate into its keyring for running own code, which has its own drawbacks.

Crowdstrike is implemented as a device driver - but as there is no device Microsoft could’ve argued that this is abusing the APIs, and refused the WHQL certification. Microsofts own security solution (Defender) also is implemented as a device driver, though, and that’s what the EU ruling is about: Microsoft needs to provide the same access they’re using in their own products to competitors. Which is a good thing - but if Microsoft didn’t have Defender, or they’d have done it without that type of access it’d have been fully legal for them to deny the certification for Crowdstrike.

Both MacOS and Linux have the ability to run the type of thing that requires those privileges on Windows in an unprivileged process - and on newer Linux versions Crowdstrike is using that (older versions got broken by them the same way they now broke Windows). So Microsoft now trying to blame the EU can be seen as an attempt to keep people from questioning why Microsoft didn’t implement a low privilege API as well, which would’ve prevented this whole mess.

I just mentioned that because google drive links are one of the very few things I’m opening in chrome - and they’re the only site where I need a 3rd party cookie exemption for.

I have a 96 core one. While it’ll be fine as a desktop for compiling I’d stick with an AMD system.

The devkit has 6 memory channels, and you’ll want to fill them all - there’s a surprisingly high performance penalty if you don’t. Even then, compiling a code base which could be spread over hundreds of cores is still significantly slower on the ampere compared to my old 3970x.

They probably couldn’t get google drive to work without 3rd party cookies.

The annoying aspect from somebody with decades of IT experience is - what should happen is that crowdstrike gets sued into oblivion, and people responsible for buying that shit should have an epihpany and properly look at how they are doing their infra.

But will happen is that they’ll just buy a new crwodstrike product that promises to mitigate the fallout of them fucking up again.

One thing I find very amusing about this is that AMD used to have a reputation for pulling too much power and running hot for years (before zen and bulldozer, when they had otherwise competetive CPUs). And now intel has been struggling with this for years - while AMD increases performance and power efficiency with each generation.

At the time of sending the mail I need the metadata - so offering a SMTP server implementation which keeps this in memory while forwarding is not hard. You’d lose a persistent spool in case of delivery errors - but we’ve been doing relays that keep the client connection open while trying to deliver the mail to relay errors directly to the client already 30 years ago, so that also isn’t an excuse.

For IMAP - if you don’t do serverside searching or similar it’ll work with fully encrypted mails.

They will have access to metadata - otherwise they wouldn’t be able to work as email service. That’s sufficient to implement those protocols.

The client then would have to bring their own crypto, and you’d probably want the SMTP server to reject mails if delivered unencrypted (though their FAQ says you can send unencrypted mails).

The reason they claim they can’t is probably trying to keep full control over what users are doing, in which case I agree - fuck them, don’t use services like that.

It’s already in the name - XDG stands for X Desktop Group (nowadays freedesktop), which works on interoperability for desktop environments. In a pure shell environment (or even if you’re not running a full desktop) none of the XDG variables are defined, and especially in shell environments the default fallbacks specified by XDG are not necessarily what the operator would expect.

Probably half the entries in that list are not GUI apps, and XDG doesn’t apply (though some still support it). For some others there (like emacs) XDG is used if it exists.

I’m fine with that. I don’t want to talk with people - I just want an email address to write to.

A recording of 4’33".

Don’t have links anymore, but few months ago I came across some startup trying to sell AI that watches your production environment and automatically optimizes queries for you.

It is just a matter of time until we see first AI induced large data loss.

And as soon as I learned about that I stopped using it. Turns out it was the right choice - since then more then one company had breaches where authenticator seeds extracted from a google account were used to bypass 2fa.

The problem with renewables is the fluctuation. So you need something you can quickly spin up or down to compensate. Now you can do that with nuclear reactors to some extent - but they barely break even at current energy prices, and they keep having the same high cost while idle.

So a combination of grid storage and power plants with low cost when idle (like water) is the way to go now.

Did pretty much the same with a new server recently - spent ages debugging why it didn’t find the SAS disks. Turns out, disks like to have power connected, and no amount of debugging on software level will help you.

You still had a 4GB memory limit for processes, as well as a total memory limit of 64GB. Especially the first one was a problem for Java apps before AMD introduced 64bit extensions and a reason to use Sun servers for that.

I was referring to work setups with the overengineering - if I had a cent for every time I had to argue with somebody at work to not make things more complex than we actually need I’d have retired a long time ago.

Unless you are gunning for a job in infrastructure you don’t need to go into kubernetes or terraform or anything like that,

Even then knowing when not to use k8s or similar things is often more valuable than having deep knowledge of those - a lot of stuff where I see k8s or similar stuff used doesn’t have the uptime requirements to warrant the complexity. If I have something that just should be up during working hours, and have reliable monitoring plus the ability to re-deploy it via ansible within 10 minutes if it goes poof maybe putting a few additional layers that can blow up in between isn’t the best idea.