The breach occurred in late January and impacted 1.2 million accounts, including IBANs, account holder names, addresses, and in some cases tax identifiers.

I’m not familiar with the specifics of the compromise, but I’d think that this would warrant having banks create new accounts for affected individuals, so that at least the IBAN is invalidated.

I’m fine with it — and I think that it improves searchability to have one per community, rather than some bulk post – but the posts need to be marked NSFW, and some of the announcement posts are not, which means that people who have NSFW stuff blocked are still getting them. I think that that’s the real problem.

My understanding is that this is something of an exceptional situation, as apparently lemmynsfw.com — the biggest NSFW community host on the Threadiverse — went down and the admin was supposed to be away for some months, so it’s not coming back up in at least the near future, and so it sounds like people are setting up alternatives on other instances.

You would typically want to use static ip addresses for servers (because if you use DHCP the IP is gonna change sooner or later, and it’s gonna be a pain in the butt).

In this case, he controls the local DHCP server, which is gonna be running on the OpenWRT box, so he can set it to always assign whatever he wants to a given MAC.

except that all requests’ IP addresses are set to the router’s IP address (192.168.3.1), so I am unable to use proper rate limiting and especially fail2ban.

I’d guess that however the network is configured, you have the router NATting traffic going from the LAN to the Internet (typical for a home broadband router) as well as from the home LAN to the server.

That does provide security benefits in that you’ve basically “put the server on the Internet side of things”, and the server can’t just reach into the LAN, same as anything else on the Internet. The NAT table has to have someone on the LAN side opening a connection to establish a new entry.

But…then all of those hosts on the LAN are going to have the same IP address from the server’s standpoint. That’s the experience that hosts on the Internet have towards the same hosts on your LAN.

It sounds like you also want to use DHCP:

Getting the router to actually assign an IP address to the server was quite a headache

I’ve never used VLANs on Linux (or OpenWRT, and don’t know how it interacts with the router’s hardware).

I guess what you want to do is to not NAT traffic going from the LAN (where most of your hardware lives) and the DMZ (where the server lives), but still to disallow the DMZ from communicating with the LAN.

considers

So, I don’t know whether the VLAN stuff is necessary on your hardware to prevent the router hardware from acting like a switch, moving Ethernet packets directly, without them going to Linux. Might be the case.

I suppose what you might do — from a network standpoint, don’t know off-the-cuff how to do it on OpenWRT, though if you’re just using it as a generic Linux machine, without using any OpenWRT-specific stuff, I’m pretty sure that it’s possible — is to give the OpenWRT machine two non-routable IP addresses, something like:

192.168.1.1 for the LAN

and

192.168.2.1 for the DMZ

The DHCP server listens on 192.168.1.1 and serves DHCP responses for the LAN that tell it to use 192.168.1.1 as the default route. Ditto for hosts in the DMZ. It hands out addresses from the appropriate pool. So, for example, the server in the DMZ would maybe be assigned 192.168.2.2.

Then it should be possible to have a routing table entry to route 192.168.1.1 to 192.168.2.0/24 via 192.168.2.1 and vice versa, 192.168.2.1 to 192.168.1.0/24 via 192.168.1.1. Linux is capable of doing that, as that’s standard IP routing stuff.

When a LAN host initiates a TCP connection to a DMZ host, it’ll look up its IP address in its routing table, say “hey, that isn’t on the same network as me, send it to the default route”. That’ll go to 192.168.1.1, with a destination address of 192.168.2.2. The OpenWRT box forwards it, doing IP routing, to 192.168.2.1, and then that box says “ah, that’s on my network, send it out the network port with VLAN tag whatever” and the switch fabric is configured to segregate the ports based on VLAN tag, and only sends the packet out the port associated with the DMZ.

The problem is that the reason that home users typically derive indirect security benefits from use NAT is that it intrinsically disallows incoming connections from the server to the LAN. This will make that go away — the LAN hosts and DMZ hosts will be on separate “networks”, so things like ARP requests and other stuff at the purely-Ethernet level won’t reach each other, but they can freely communicate with each other at the IP level, because the two 192.168.X.1 virtual addresses will route packets between each the two networks. You’re going to need to firewall off incoming TCP connections (and maybe UDP and ICMP and whatever else you want to block) inbound on the 192.168.1.0/24 network from the 192.168.2.0/24 network. You can probably do that with iptables at the Linux level. OpenWRT may have some sort of existing firewall package that applies a set of iptables rules. I think that all the traffic should be reaching the Linux kernel in this scenario.

If you get that set up, hosts at 192.168.2.2, on the DMZ, should be able to see connections from 192.168.1.2, on the LAN, using its original IP address.

That should work if what you had was a Linux box with three Ethernet cards (one for each of the Internet, LAN, and WAN) and the VLAN switch hardware stuff wasn’t in the picture; you’d just not do any VLAN stuff then. I’m not 100% certain that any VLAN switching fabric stuff might muck that up — I’ve only very rarely touched VLANs myself, and never tried to do this, use VLANs to hack switch fabric attached directly to a router to act like independent NICs. But I can believe that it’d work.

If you do set it up, I’d also fire up sudo tcpdump on the server. If things are working correctly, sudo ping -b 192.168.1.255 on a host on the LAN shouldn’t show up as reaching the server. However, ping 192.168.2.2 should.

You’re going to want traffic that doesn’t match a NAT table entry and is coming in from the Internet to be forwarded to the DMZ vlan.

That’s a high-level of what I believe needs to happen. But I can’t give you a hand-holding walkthrough to configure it via off-the-cuff knowledge, because I haven’t needed to do a fair bit of this myself — sorry on that.

EDIT: This isn’t the question you asked, but I’d also add that what I’d probably do myself if I were planning to set something like this up is get a small, low power Linux machine with multiple NICs (well, okay, probably one NIC, multiple ports). That cuts the switch-level stuff that I think that you’d likely otherwise need to contend with out of the picture, and then I don’t think that you’d need to deal with VLANs, which is a headache that I wouldn’t want, especially if getting it wrong might have security implications. If you need more ports for the LAN, then just throw a regular old separate hardware Ethernet switch on the LAN port. You know that the switch can’t be moving traffic between the LAN and DMZ networks itself then, because it can’t touch the DMZ. But I don’t know whether that’d make financial sense in your case, if you’ve already got the router hardware.

You probably want to flag this post NSFW.

fedinsfw.app

I am thinking that lemmynsfw.com remaining down is going to result in a bunch of new NSFW instances showing up.

https://www.twz.com/news-features/russia-eyes-balloon-communications-system-to-fill-massive-gap-left-after-losing-starlink

Ah, gotcha, thanks. It looks like that’s a larger and more elaborate than what I was thinking of, with a ballast system and limited maneuverability. considers I dunno what the cost impact is.

However, the Barrage-1’s comparatively low altitudes could make them targets for Ukrainian air defense systems and other countermeasures.

“And what’s most important for us? To have the means that can detect such objects over our territory,” Beskrestnov suggested. “And to have the ability to shoot down such targets if they pose a threat. As far as I remember, the S-300 [surface to air missile system] can engage targets at an altitude of 20-30 km (about 12 to 19 miles).”

If it’s expensive enough, then using S-300s or comparable systems becomes economical.

Ehhh…I mean, if the things have a GPS receiver, which I assume that they do, they can probably be configured to move to a given location and then only then flip on the cell radio to act as a relay.

EDIT: Honestly, I’m kind of surprised that someone hasn’t tried a drone that can deploy, say hydrogen or helium balloons with a relay radio hanging from them. It’s gotta be a complete pain in the ass to try to shoot balloons down, as they’re cheap, and they probably linger in an area long enough to permit for operations using them as a relay on an extended basis. They can also probably get a lot higher than a comparable drone, if that’s desirable.

¯\(ツ)/¯

I assumed not, but maybe it could be.

Borges alleges that a little-known federal tech team called the Department of Government Efficiency, or DOGE

“Little known”? It was constantly in the news for the past year.

Glance…dashboard

Oh, man, that’s a little confusing name-wise. There’s also the unrelated Glances, which also displays a dashboard that might list things like the TX/RX data from your router.

Actually, thinking about this…a more-promising approach might be deterrent via poisoning the information source. Not bulletproof, but that might have some potential.

So, the idea here is that what you’d do there is to create a webpage that looks, to a human, as if only the desired information shows up.

But you include false information as well. Not just an insignificant difference, as with a canary trap, or a real error intended to have minimal impact, only to identify an information source, as with a trap street. But outright wrong information, stuff where reliance on the stuff would potentially be really damaging to people relying on the information.

You stuff that information into the page in a way that a human wouldn’t readily see. Maybe you cover that text up with an overlay or something. That’s not ideal, and someone browsing using, say, a text-mode browser like lynx might see the poison, but you could probably make that work for most users. That has some nice characteristics:

• You don’t have to deal with the question of whether the information rises to the level of copyright infringement or not. It’s still gonna dick up responses being issued by the LLM.

• Legal enforcement, which is especially difficult across international borders — The Pirate Bay continues to operate to this day, for example — doesn’t come up as an issue. You’re deterring via a different route.

• The Internet Archive can still archive the pages.

Someone could make a bot that post-processes your page to strip out the poison, but you could sporadically change up your approach, change it over time, and the question for an AI company is whether it’s easier and safer to just license your content and avoid the risk of poison, or to risk poisoned content slipping into their model whenever a media company adopts a new approach.

I think the real question is whether someone could reliably make a mechanism that’s a general defeat for that. For example, most AI companies probably are just using raw text today for efficiency, but for specifically news sources known to do this, one could generate a screenshot of a page in a browser and then OCR the text. The media company could maybe still take advantage of ways in which generalist OCR and human vision differ — like, maybe humans can’t see text that’s 1% gray on a black background, but OCR software sees it just fine, so that’d be a place to insert poison. Or maybe the page displays poisoned information for a fraction of a second, long enough to be screenshotted by a bot, and then it vanishes before a human would have time to read it.

shrugs

I imagine that there are probably already companies working on the problem, on both sides.

I’m very far from sure that this is an effective way to block AI crawlers from pulling stories for training, if that’s their actual concern. Like…the rate of new stories just isn’t that high. This isn’t, say, Reddit, where someone trying to crawl the thing at least has to generate some abnormal traffic. Yeah, okay, maybe a human wouldn’t read all stories, but I bet that many read a high proportion of what the media source puts out, so a bot crawling all articles isn’t far off looking like a human. All a bot operator need do is create a handful of paid accounts and then just pull partial content with each, and I think that a bot would just fade into the noise. And my guess is that it is very likely that AI training companies will do that or something similar if knowledge of current news events is of interest to people.

You could use a canary trap, and that might be more-effective:

https://en.wikipedia.org/wiki/Canary_trap

A canary trap is a method for exposing an information leak by giving different versions of a sensitive document to each of several suspects and seeing which version gets leaked. It could be one false statement, to see whether sensitive information gets out to other people as well. Special attention is paid to the quality of the prose of the unique language, in the hopes that the suspect will repeat it verbatim in the leak, thereby identifying the version of the document.

The term was coined by Tom Clancy in his novel Patriot Games,[1][non-primary source needed] although Clancy did not invent the technique. The actual method (usually referred to as a barium meal test in espionage circles) has been used by intelligence agencies for many years. The fictional character Jack Ryan describes the technique he devised for identifying the sources of leaked classified documents:

Each summary paragraph has six different versions, and the mixture of those paragraphs is unique to each numbered copy of the paper. There are over a thousand possible permutations, but only ninety-six numbered copies of the actual document. The reason the summary paragraphs are so lurid is to entice a reporter to quote them verbatim in the public media. If he quotes something from two or three of those paragraphs, we know which copy he saw and, therefore, who leaked it.

There, you generate slightly different versions of articles for different people. Say that you have 100 million subscribers. ln(100000000)/ln(2)=26.57... So you’re talking about 27 bits of information that need to go into the article to uniquely describe each. The AI is going to be lossy, I imagine, but you can potentially manage to produce 27 unique bits of information per article that can reasonably-reliably be remembered by an AI after training. That’s 27 different memorable items that need to show up in either Form A or Form B. Then you search to see what a new LLM knows about and ban the bot identified.

Cartographers have done that, introduced minor, intentional errors to see what errors maps used to see whether they were derived from their map.

https://en.wikipedia.org/wiki/Trap_street

In cartography, a trap street is a fictitious entry in the form of a misrepresented street on a map, often outside the area the map nominally covers, for the purpose of “trapping” potential plagiarists of the map who, if caught, would be unable to explain the inclusion of the “trap street” on their map as innocent. On maps that are not of streets, other “trap” features (such as nonexistent towns, or mountains with the wrong elevations) may be inserted or altered for the same purpose.[1]

https://en.wikipedia.org/wiki/Phantom_island

A phantom island is a purported island which has appeared on maps but was later found not to exist. They usually originate from the reports of early sailors exploring new regions, and are commonly the result of navigational errors, mistaken observations, unverified misinformation, or deliberate fabrication. Some have remained on maps for centuries before being “un-discovered”.

In some cases, cartographers intentionally include invented geographic features in their maps, either for fraudulent purposes or to catch plagiarists.[5][6]

That has weaknesses. It’s possible to defeat that by requesting multiple versions using different bot accounts and identifying divergences and maybe merging them. In the counterintelligence situation, where canary traps have been used, normally people only have access to one source, and it’d be hard for an opposing intelligence agency to get access to multiple sources, but it’s not hard here.

And even if you ban an account, it’s trivial to just create a new one, decoupled from the old one. Thus, there isn’t much that a media company can realistically do about it, as long as the generated material doesn’t rise to the level of a derived work and thus copyright infringement (and this is in the legal sense of derived — simply training something on something else isn’t sufficient to make it a derived work from a copyright law standpoint, any more than you reading a news report and then talking to someone else about it is).

Getting back to the citation issue…

Some news companies do keep archives (and often selling access to archives is a premium service), so for some, that might cover some of the “inability to cite” problem that not having Internet Archive archives produces, as long as the company doesn’t go under. It doesn’t help with a problem that many news companies have a tendency to silently modify articles without reliably listing errata, and that having an Internet Archive copy can be helpful. There are also some issues that I haven’t yet seen become widespread but worried about, like where a news source might provide different articles to people in different regions; there, having a trusted source like the Internet Archive can avoid that, and that could become a problem.

Yeah, that’s something that I’ve wondered about myself, what the long run is. Not principally “can we make an AI that is more-appealing than humans”, though I suppose that that’s a specific case, but…we’re only going to make more-compelling forms of entertainment, better video games. Recreational drugs aren’t going to become less addictive. If we get better at defeating the reward mechanisms in our brain that evolved to drive us towards advantageous activities…

https://en.wikipedia.org/wiki/Wirehead_(science_fiction)

In science fiction, wireheading is a term associated with fictional or futuristic applications[1] of brain stimulation reward, the act of directly triggering the brain’s reward center by electrical stimulation of an inserted wire, for the purpose of ‘short-circuiting’ the brain’s normal reward process and artificially inducing pleasure. Scientists have successfully performed brain stimulation reward on rats (1950s)[2] and humans (1960s). This stimulation does not appear to lead to tolerance or satiation in the way that sex or drugs do.[3] The term is sometimes associated with science fiction writer Larry Niven, who coined the term in his 1969 novella Death by Ecstasy[4] (Known Space series).[5][6] In the philosophy of artificial intelligence, the term is used to refer to AI systems that hack their own reward channel.[3]

More broadly, the term can also refer to various kinds of interaction between human beings and technology.[1]

Wireheading, like other forms of brain alteration, is often treated as dystopian in science fiction literature.[6]

In Larry Niven’s Known Space stories, a “wirehead” is someone who has been fitted with an electronic brain implant known as a “droud” in order to stimulate the pleasure centers of their brain. Wireheading is the most addictive habit known (Louis Wu is the only given example of a recovered addict), and wireheads usually die from neglecting their basic needs in favour of the ceaseless pleasure. Wireheading is so powerful and easy that it becomes an evolutionary pressure, selecting against that portion of humanity without self-control.

Now, of course, you’d expect that to be a powerful evolutionary selector, sure — if only people who are predisposed to avoid such things pass on offspring, that’d tend to rapidly increase the percentage of people predisposed to do so — but the flip side is the question of whether evolutionary pressure on the timescale of human generations can keep up with our technological advancement, which happens very quickly.

There’s some kind of dark comic that I saw — I thought that it might be Saturday Morning Breakfast Cereal, but I’ve never been able to find it again, so maybe it was something else — which was a wordless comic that portrayed a society becoming so technologically advanced that it basically consumes itself, defeats its own essential internal mechanisms. IIRC it showed something like a society becoming a ring that was just stimulating itself until it disappeared.

It’s a possible answer to the Fermi paradox:

https://en.wikipedia.org/wiki/Fermi_paradox#It_is_the_nature_of_intelligent_life_to_destroy_itself

The Fermi paradox is the discrepancy between the lack of conclusive evidence of advanced extraterrestrial life and the apparently high likelihood of its existence.[1][2][3]

The paradox is named after physicist Enrico Fermi, who informally posed the question—remembered by Emil Konopinski as “But where is everybody?”—during a 1950 conversation at Los Alamos with colleagues Konopinski, Edward Teller, and Herbert York.

Evolutionary explanations

It is the nature of intelligent life to destroy itself

This is the argument that technological civilizations may usually or invariably destroy themselves before or shortly after developing radio or spaceflight technology. The astrophysicist Sebastian von Hoerner stated that the progress of science and technology on Earth was driven by two factors—the struggle for domination and the desire for an easy life. The former potentially leads to complete destruction, while the latter may lead to biological or mental degeneration.[98] Possible means of annihilation via major global issues, where global interconnectedness actually makes humanity more vulnerable than resilient,[99] are many,[100] including war, accidental environmental contamination or damage, the development of biotechnology,[101] synthetic life like mirror life,[102] resource depletion, climate change,[103] or artificial intelligence. This general theme is explored both in fiction and in scientific hypotheses.[104]

Now some of those users gather on Discord and Reddit; one of the best-known groups, the subreddit r/MyBoyfriendIsAI, currently boasts 48,000 users.

I am confident that one way or another, the market will meet demand if it exists, and I think that there is clearly demand for it. It may or may not be OpenAI, it may take a year or two or three for the memory market to stabilize, but if enough people want to basically have interactive erotic literature, it’s going to be available. Maybe someone else will take a model and provide it as a service, train it up on appropriate literature. Maybe people will run models themselves on local hardware — in 2026, that still requires some technical aptitude, but making a simpler-to-deploy software package or even distributing it as an all-in-one hardware package is very much doable.

I’ll also predict that what males and females generally want in such a model probably differs, and that there will probably be services that specialize in that, much as how there are companies that make soap operas and romance novels that focus on women, which tend to differ from the counterparts that focus on men.

I also think that there are still some challenges that remain in early 2026. For one, current LLMs still have a comparatively-constrained context window. Either their mutable memory needs to exist in a different form, or automated RAG needs to be better, or the hardware or software needs to be able to handle larger contexts.

I was under the vague impression that a number of Russian software companies had basically relocated to Armenia so as to not deal with sanctions stuff. Which was a good deal for Armenia, since they had a bunch of tech companies suddenly materialize.

searches

This is from 2023:

https://apri.institute/how-russian-migration-fuels-armenias-it-sector/

How Russian Migration Fuels Armenia’s IT Sector Growth

The Russian invasion of Ukraine has led to a significant influx of Russian IT specialists into Armenia, boosting the sector and contributing to the country’s economic recovery.

The Russian invasion of Ukraine has triggered a significant exodus of Russians; some left Russia for political reasons, as they were against the war, and many did not want to compromise their lives. Armenia became one of the primary destinations for Russian migrants due to several reasons. Armenia and Russia enjoy a visa-free regime, and there are many daily flights to Yerevan from multiple Russian cities. Armenia and Russia are members of the Eurasian Economic Union, allowing tariff-free export and import. Perhaps, most importantly, many Armenians have favorable views on Russians. Despite the growing criticism of Russia in Armenia due to its actions or inaction during the 2020 Nagorno-Karabakh war, Azerbaijani incursions into Armenia in 2021 and 2022, and the military takeover of Nagorno-Karabakh by Azerbaijan in September 2023, this has not turned into resentment against Russians, as it has focused on the Russian state.

According to different estimates, up to 100,000 Russians have entered Armenia since February 2022, with two big waves, one in March-April and one in late September-October 2022, immediately after mobilization was declared in Russia. As of October 2023, up to 60,000 Russians remain in Armenia, primarily located in the capital, Yerevan, though a few Russians also live in Gyumri, the second biggest city of Armenia. Most Russians who migrated to Armenia are specialists in the IT sphere. The robust growth of the IT sector in Armenia played a role in influencing their choice, as Armenia can offer them developed infrastructure, including IT business centers and IT parks.

https://data.worldbank.org/indicator/NY.GDP.PCAP.CD?locations=AM

Looking at that chart, Armenia’s GDP-per-capita has roughly doubled since the start of the Russo-Ukranian War. Dunno how much of that is related to that movement, but I wouldn’t be surprised if it were a factor.

Windsor Mayor Drew Dilkens says parts of Trump’s post are factually incorrect, as U.S. steel was used in the construction from the Michigan side of the river.

“It’s just insane,” Dilkens told CBC Power & Politics host David Cochrane on Monday evening.

“I really can’t believe what I’m reading,” Dilkens said. “The faster we can get to the midterms and hopefully see a change, the better for all of us.”

The midterms are the nearest big inflection point, and the Democrats will most likely take the House. However, unless there are angles that I don’t know about, the most important thing that the Democrats will be able to likely directly do in terms of Trump doing a lot of Executive Branch things after the midterms is threaten a government shutdown when the next budget rolls around (and it won’t be on a limited “hopefully the Republicans don’t just decide to end the fillibuster and take away our power to block the budget” basis a la last time). That’s a big gun, but it’s got limited usability, and they probably have a lot of things that they want to horse-trade on it already.

They can block more legislation from being passed, but that won’t really change the status quo, not unless something new and unexpected comes up in the second half of the term that the Trump administration really wants legislation on. The Republicans have a trifecta now, so they’ll try to pass whatever they want prior to the midterms.

The biggest politically-useful thing that I’m aware of that the Democrats get is that in both houses of Congress, investigations require a simple majority, and they’ll probably have at least the House. Trump has done about a zillion things that probably would be a pretty solid case for Congress to start investigations — that’s a big part of Congress’s job, to oversee the Executive Branch — and if you get a simple majority in either house of Congress, you can compel the Executive Branch to turn over a lot of information on what it’s been doing. So Trump and a number of other people from the administration might be spending a lot of the second half of Trump’s term sitting in front of Congressional investigations.

https://en.wikipedia.org/wiki/United_States_congressional_hearing#Investigative_hearings

Oversight hearings

Oversight hearings review or study a law, issue, or an activity, often focusing on the quality of federal programs and the performance of government officials. Hearings also ensure that the executive branch’s execution goes with legislative intent, while administrative policies reflect the public interest. Oversight hearings often seek to improve the efficiency, economy, and effectiveness of government operations. A significant part of a committee’s hearings workload is dedicated to oversight. For example, on a single day, May 8, 1996, the Senate Committee on Energy and Natural Resources held an oversight hearing to look into a recent increase in gasoline prices; the Committee on Governmental Affairs held an oversight hearing on the Internal Revenue Service; the Committee on Health, Education, Labor and Pensions held an oversight hearing on the implementation of the Family and Medical Leave Act; and the Committee on Indian Affairs held an oversight hearing on the impact of a recent Supreme Court case involving Indian gaming. Many committees oversee existing programs in the context of hearings on related legislation, or routinely perform oversight when it is time to reauthorize a program, so oversight hearings may be combined with legislative hearings.

Investigative hearings

Investigative hearings share some of the characteristics of legislative and oversight hearings. The difference lies in Congress’s stated determination to investigate, usually when there is a suspicion of wrongdoing on the part of public officials acting in their official capacity, or private citizens whose activities suggest the need for a legislative remedy. Congress’s authority to investigate is broad and it has exercised this authority since the earliest days of the republic. The first such hearings were held by the House of Representatives in 1792 following St. Clair’s Defeat in the Battle of the Wabash.[11] Its most famous inquiries are benchmarks in American history: Credit Mobilier, Teapot Dome, Army-McCarthy, Watergate, and Iran-Contra. Investigative hearings often lead to legislation to address the problems uncovered. Judicial activities in the same area of Congress’s investigation may precede, run simultaneously with, or follow such inquiries.

Congress can pretty much shut down the President, or even remove him from office if he breaks a law, but it requires hefty supermajorities to do so, and unless the Democrats can turn up more-damning information via investigations or similar than they have so far, I doubt that they’d get enough Republican Congressmen to vote with them to do that to Trump.

• Impeachment alone doesn’t do much; it’s just a formal accusation of wrongdoing. If the Democrats take the House, they can impeach Trump. The problem is that that just initiates the process to remove the President from office. You need a two-thirds supermajority in the Senate to convict, which is a very high bar, and the Democrats will not have that, so they’d need to convince at least some Republican senators to vote to convict in an impeachment trial. And this really requires a law to be broken; it’s a not a recall vote or a “you’re doing a bad job” remedy something like that, but to deal with lawbreaking.

• Congress can pass new legislation over the President’s veto. However, it requires a two-thirds supermajority in both the House and the Senate to do so, so unless at least a significant number of Republicans get onboard, which I’m skeptical will happen, I doubt that they can pass laws requiring the bridge to be opened or whatever over a Trump veto.

There may be some more subtle things that might happen. So, the Supreme Court may decide not to block Executive Branch action due to the political question doctrine even if the President is likely acting outside his powers, if it’s not clear that there’s an actual disagreement between a majority in Congress and the President, over something like Trump using emergency power tariffs. That is, they may let the President do X if it looks like Congress is actually just fine with X and is just letting the President take the heat for doing X. But if the Democrats take the House and then clearly have a majority object, that might turn into SCOTUS ruling on the tariffs. That might address some things. However, I would bet that it’s probably within Presidential powers to prevent this bridge from being opened, though, so I don’t think that that would likely change due to the midterms.

My guess is that if Trump really wants to, and isn’t just posting to generate noise, he probably could block the opening of the bridge for the next three years.

If I’m traveling or I wipe my device or get a new one, I would have to add the new key to many servers as authorized keys,

So, I don’t want to get into a huge argument over the best way to deal with things, since everyone has their own use cases, but if that’s your only concern, you have a list of hosts that you want to put the key on, and you still have a key for another device, that shouldn’t be terribly difficult. Generate your new keypair for your new device. Then on a Linux machine, something like:

$ cat username-host-pairs.txt
me@host1
me@host2
me@host3
$ cat username-host-pairs.txt|xargs -n1 ssh-copy-id -i new-device-key-file-id_ed25519.pub

That should use your other device’s private key to authenticate to the servers in question and copy the new device’s pubkey to the accounts on the host in question. Won’t need password access enabled.

In fact, that’s generally what you want to do, since if one device gets lost or compromised, you just revoke access to the key for that device.

Why buy Russian Steel?

Without looking at the numbers, I’d guess that Russia is probably the cheapest option for those companies importing it from Russia.

It also sounds like it’s not just steel in general, but some specific stuff:

Sanctions on Russian exports have blocked most steel products from flowing into the EU, especially the most basic ones. Yet semi-finished slabs are still permitted into the bloc because Belgium, Czechia and Italy requested they remain available for factories that they say have no alternative sources of supply.

I’m a little skeptical that nobody else out there produces those, though.

searches

Apparently they look like this:

https://kavehmetal.com/steel-slab-7-essential-tips2025-guide/

Steel slab plays a vital role in the production of steel sheets, plates, and other related products. Its use is particularly prominent in the manufacture of:

Hot-rolled sheets or black sheets: The slab is heated to a specific temperature, then passed through rollers to reduce thickness and achieve the desired dimensions.

Structural components: It is also used in the production of I-beams, rebars, and steel pipes, which are essential for construction and infrastructure projects.