If I ever wanted to hurt a company

honey the codewitch wrote:

Which I will *never* *ever* use now.

I've been saying this for years, and I plan to stick by it, too! No sense in reinforcing bad behavior by shopping for their products...

One type of fishing attack (at one point in time) was to modify your hosts file such that www.realwebsitehere.com redirected to localhost, where the malware had setup a webserver mimicking the real website. Great way to capture logins. Try 0.0.0.0 instead of 127.0.0.1

obermd wrote:

I have yet to understand how PIN numbers are more secure than passwords. Face it, there are only 10,000 combinations, yet even an alphabetic, case insensitive, PIN would have 456,976 combinations. I would expect being able to brute force a pin number, regardless of length, would be easy for modern computers that can break 128-bit key based encryption systems in hours.

I wondered that too for a long while. If you dig into the various places where PINs are used, you will find that anywhere a PIN is used, there is strong protection behind it to back it up. PINs generally have very strong limitations on how many times you can get them wrong (i.e. 3 times) -- because failure lockout reset can be controlled externally by more secure methods (2FA, MFA, big brother style behavior pattern matching, etc.) Offline attacks toward a PIN tend not to work because the PIN is not the primary secret. So the use limitation of the PIN protects the use of the much stronger public/private key encryption which protects the actual data you wish to protect. Credit/debit cards have those cryptography chips now -- those hold the public/private key encryption, locked into read-only memory in nanometer scale size, and the PIN protects the use of that strong encryption, any funny business using it -- and that strong encryption becomes invalid -- it's new card time.

DNS is so crazy nowadays. A couple things to note that wasn't mentioned. Default settings for computers are to accept whatever DNS server that the DHCP server gave them when connecting to a network. So it is, without doubt, the ISP-provided router that is choosing to give their choice of DNS instead of your choice (the Pi) at the moment your machine requests an IP address from the router's DHCP server. Probably your Domain Controller setup fixes this by being the gateway and/or DHCP server for the network, and that allows you to choose what you wish. Do note that cable companies like Comcast *want* you to have their all-in-one modem/router combos, but they still *allow* you to have home-owned modem devices (certain ones are allowed, but they don't typically restrict it except by DOCSIS version capabilities). Bonus -- you don't pay the rental fee for having their all-in-one combo, Bonus 2 -- you can control what your router actually does. When you have your own device, you can easily just set in the router config what DNS server will get returned to DHCP clients, and done deal. Note that on computer side, you can override this with manual configuration per network (But Windows 11 is actually broken currently, and gets confused over whether this is set local to a network or globally for all networks -- Sigh -- that's a fun one to fix if you've ever had it manually set and Win11 UI won't allow you to change it, and nothing works to reset it) Further, a browser can choose to resolve domain names differently as well, using DNS over HTTP -- it may also be that you have to turn this off to get things to work as expected. A huge headache all around. Remember when the internet was simpler and well-designed hierarchy?

I feel your pain. Wish I could have jumped ship a decade ago and never looked back, but my real job requires me to deal with the OS and company that thinks that new icons and "View more...", "Read more..." links are a useful update.

tl;dr "larger" is ambiguous "larger" can mean "greater than" "larger" can mean "greater magnitude than" And that is the issue. English is fickle.

Quote:

Just pay for it, FFS.

Uh huh. That's exactly the attitude that people had when cable TV started to become popular. You can get this better product if you pay for it! Look at where we are now. Free TV is dead, cable TV has more advertisements than free tv ever did. No one won. Now it's Youtube's turn. You can get this "better" youtube if you pay for it! No ads, I double pinky-promise swear. And when it's all said and done, free youtube will be gone, and paid youtube will be just as shitty as free youtube is now with respect to ads.

I would say that you are 100% correct. The weirdness started when languages and frameworks started making unreasonable demands of the analogy. Take, for instance, Java's everything is a class, even when it's not.. or the concept of microservices, where essentially every method is wrapped in a class because it is a self-contained unit. I think the weirdness stems from these scenarios and pollutes design spaces where it shouldn't.

Believe it or not... C# I was a hardcore x86 assembly junky, and C when that wouldn't cut it. I hated everything there was to interpreted languages, loved everything about clean, tight code. And then C# comes along with its 134MB (at the time) of .NET Framework you have to have installed, it's interpreted bytecode, it's "assemblies" which aren't really DLLs... And, I wanted to hate it. But I've been using it for a long time now. And... it's really well designed. It's useful. It's scalable. I'm ashamed to admit that I actually like it.

BryanFazekas wrote:

When CD drives became common, they were always mapped as D -- I have no idea if that was a requirement or just a popular convention.

Just convention. I had a Win98 machine that came with two cd drives (one a burner) and they were on M: and N:

Hardware pins are always labeled from the perspective of the chip they are attached to. If a pin says TX, it means *this chip* right here transmits on this pin, and if you want to communicate between two chips, you connect one's TX to the other's RX. I know you know all this, HTCW, so just for the benefit of someone else who might not... Any hardware you find that doesn't follow this convention should be shunned and the designer publicly shamed in the town square -- but I think it's pretty rare overall.

I find your experience very weird. Especially since you think everything needs to be unbound from http port before you can use certbot. The whole *point* of certbot is that it checks to see if the machine it is running on is the machine that it can reach a http site at... Therefore, they know who it is that requested the certificate. FWIW, I have a bit of trouble with certbot because my default firewall configuration blocks http to internet, so I have to whitelist the port, run certbot, and unwhitelist every three months. Takes literally 5 seconds. I don't know what you're doing, but "it works on my machine"! BTW, please don't blame Linux for what is clearly a certbot problem. :) Remember, Linux is fragmented, so there are many many good softwares and designs that you use on Linux constantly without realizing, and only a few that are bad. It's not all one giant corporation putting out completely bad stuff.... or updating constantly to provide new icon sets.

I have been saying since Windows 8 that if your users have to search for something, your UI design skills are sh*t. Further up in the comments someone mentioned that you can't search for something if you don't know it exists! Amen! Bringing everything to a consistent UI design in Win10 basically just means that you can't find anything. But it's ok, because your users are literally children and they won't need to use a computer for anything more than accessing the internet.

This actually works. Have joined at least a few open source projects in my lifetime. Usually it's hard to understand a new codebase right off the bat, but open source projects are usually short on everything including testers. Report a few bugs, with helpful information on how to fix them and wait. Pretty soon you'll be family.

Six hours of debugging can explain why that documentation you took five minutes to read is completely wrong. FIFY.

afigegoznaet wrote:

But, of course, you don't really need to know and use all of it. Unless you're a C++ compiler developer.

Or need to read someone else's code (or your own, later). Oops.

This is a really old programming problem. How would you store a running total of a bank account? Since it has dollars and cents, how about a float? Ok, so then you run into the "floating-point rounding error" problem.

>>> 0.1+0.1+0.1
0.30000000000000004

Well... that's pretty bad to be adding/dropping pennies every trillion transactions or so because of cumulative binary representation of decimal digit errors. What else can we do? One of the commonly chosen ways is to used fixed decimal. i.e. Assume a fixed number of decimals and represent everything as integers. One no longer has to worry about fractions of a penny creeping up on you over time if you work in discrete units of pennies. i.e. 100-97 = 3, never 0.30000000000000004 Well... then your manager comes in and says, we need to be able to track hundredths of a penny because the state tax paid even including fractions of a penny. So it is deemed that 4-digits is enough precision to satisfy the need. Now 10000 - 9700 = 300 is still okay, is never gonna be 300.00000000000004 and the same situation applies as before. But your front-end buddies didn't update the website to account for the fact that the database now assumes 4 digits of precision. And thus the problem is born. Fun trivia: "Office Space" movie characters took advantage of this to siphon off millions of dollars back when this was a thing in the 80s-90s-00s.

This is definitely the way I would do it, but I'd go with a Bluetooth Low Energy version of the HC-06. There are variants, but HM-10 is a good starting search term for a lower power drop-in hardware replacement for an HC-06. Start with the HC-06, get familiar with the hardware/software, then switch to using the BLE version and figure out the differences in usage. The bluetooth radio is going to be your biggest power draw, hands down, so you should definitely consider the BLE version. PIC is a really good idea, you can get nA sleep currents out of them if you pick the right chip and know what you're doing (read the datasheets).

When your UI is so bad that searching for what you want is a better way to access it than through your UI... I mean.. That's pretty bad. ---------------------- I used to be able to see what my IP address was pre-win10 in an annoying number of clicks -- right-click wifi, network connections, right-click again properties... whatever it was... Details... and... there we go! my LAN address. Nowadays in win10? Forget about it. On the other hand, in cmd.exe...

ipconfig

Microsoft is helping us be better computer users by making the command-line a more attractive UI option!

When used in a non-gambling/card game context, when someone "doubles down" it means they are remaining firm in their position (such as in a debate or in an inquiry) *despite* there being evidence contrary to their position. i.e. "Instead of apologizing for his mistake, Bob decided to double-down on his previous statement."