Nougat

The_Picard_Maneuver

PugJesus

tl;dr: “Strike that, reverse it.”

They can bid all they want to put ads in front of me, I ain’t gonna see them. Of course, they probably know that, too.

No idea what it was before, but it’s still propaganda, whether intentional or not.

This reads like They’re Made Out of Meat. It’s brilliant.

Which must mean that not race mixing is capitalism? That’s just slavery with extra steps.

Ignorance is bliss.

You’re not wrong. I was keeping it simple.

Turns out, if you’re further left than either realistic candidate (because FPTP), it makes it really easy to figure out who you should vote for. “I wonder if I should vote for the person who’s not left enough for my liking, or the one is so far beyond that as to be the diametric opposite of left. Whatever shall I do?”

To be fair, they probably weren’t able to take care of their own artifacts very well … after having been invaded by the British.

The solution must be a hammer, because I have one!

Windows 95 had sleep mode and hibernation. Sleep mode, then as today, writes the system state to RAM, then shuts down power to everything but the RAM. Hibernation works in a similar way, except the system state is written to disk, then the computer is powered completely off. There’s no “do stuff in the background” mode.

Big fish in a small pond.

Bad actors can afford $50 the same as good ones.

The difference between $0 and $50 isn’t really relevant.

LetsEncrypt is legit. A downside is that the certs expire after 90 days. However, that also carries an upside in that it limits the damage in case a certificate is compromised. There are procedures by which you can automatically renew/request (I forget whether they allow renewing an existing cert or require a brand new one) LE certs and apply them to your application, but that can be fiddly to configure.

If you’re not comfortable with configuring automatic certificate cycling, a long-term paid cert would be more appropriate.

Imgonnatrythis

Shits.

While “Cisco Duo” is not listed here:

The following is a list of Cisco’s trademarks and registered trademarks in the United States and certain other countries. Please note, however, that this listing is not all-inclusive and the absence of any mark from this list does not mean that it is not a Cisco trademark.

Trademarks are exactly how rules for naming things works.

Expect this name to change when Cisco comes at them for being too close to Cisco Duo.

To address the “why”:

A user account, as defined by a username/password combination, can be used to access resources on the machine without logging in interactively on that machine. In a perfect world, you would only ever log in interactively on the machine using an account with restricted permissions, and when you needed to do “administraty” things, you would provide separate admin credentials at that time (sudo, runas, whatever your OS of choice supports).

Bonus question - what are the risks of having a weak password on a root user on a spare laptop on the same network as my main device that is used exclusively for web browsing?

If someone is able to compromise that root user on Machine A, then they may be able to leverage Machine A as a platform to attack any other devices on your network, or make Machine A into a zombie in their bot army to attack other targets anywhere, send spam, whatever malicious shenanigans they desire. (I know that’s pretty simplistic, there’s a whole lot of details left out, but that’s the gist of it.)

Also, nobody has yet mentioned the PIN option. I know that Windows machines (at least some of them, depending on configuration) allow you to configure a PIN for logon for local accounts. This PIN is only stored locally on the machine, and is not transmitted anywhere else. It’s basically a “shortcut” to the full password, and I think it can only be used for interactive logon.