• 0 Posts
  • 169 Comments
Joined 1 year ago
cake
Cake day: June 19th, 2023

help-circle



  • The American education system has failed you. I’m assuming by “a progressive candidate” in this case you mean a third party, but in a first-past-the-post voting system, voting third-party is a protest vote. At best, people voting third-party shows that voters don’t have confidence in the major parties, but at worst it helps your least preferred of the two major parties win the election because you’re not begrudgingly voting for the candidate you hate less. A third-party president is an unimaginable upset.

    But if you’re not living in a swing state nobody cares how you vote for president anyway. Hopefully you got a good option for Congress in the primaries. That’s the only thing I had any chance of influencing at a federal level for this election cycle. I’m not in a swing state and in the final election I only got one option for senate and all one candidate could say was that they weren’t the other candidate.









  • Having a non-garbage domain provider can be a luxury. I used to work at a place where we were paying boatloads of money for certificates from Sectigo for internal services, and they were charging us extra per additional name and even more if we wanted a wildcard, even though it didn’t cost them anything to include those options. Getting IT to set up the DNS records for Let’s Encrypt DNS verification was never going to happen.



  • A large percentage of those hosts with SSH enabled are cloud machines because it’s standard for cloud machines to be only accessible by SSH by default. I’ve never seen a serious security guide that says to set up a VPN and move SSH behind the VPN, although some cloud instances are inherently like this because they’re on a virtual private network managed by the hosting provider for other reasons.

    SSH is much simpler and more universal than a VPN. You can often use SSH port forwarding to access services without configuring a VPN. Recommending everyone to set up a VPN for everything makes networking and remote access much more complicated for new users.


  • Shodan reports that 35,780,216 hosts have SSH exposed to the internet.

    Moving SSH to ports other than 22 is not security. The bots trying port 22 on random addresses with random passwords don’t have a chance of getting in unless you’re using password authentication with weak passwords or your SSH is very old.

    SSH security updates are very infrequent and it takes practically no effort to keep SSH up to date. If you’re using a stable distribution, just enable automatic security updates.