• 0 Posts
  • 7 Comments
Joined 1 year ago
cake
Cake day: June 11th, 2023

help-circle

  • A former Wagner mercenary in July told Euronews that while he served in Ukraine one of his main duties was to ensure Russian conscripts - “barely 21-years-old” - would not run away, as they were so reluctant to fight.

    Doesn’t this compare apples to oranges?

    One is an aggressive war. People are shipped into Randomiskan without clear indication what’s going on, why they should be there and they are supposed to die for the glory of the state. Sorry, but that’s when everyone wants to run. That’s also distinctively different from WW2, when concrete evidence of mass murder in occupied europe was available.

    The other would be a defensive war. An outside aggressor wants to wipe out your culture and accepts killing or deporting anyone you consider important in your life. Putting it like that, WW2 was very much a defensive war from the allied side. That’s a very different motivation.


  • The thing is, I don’t have an answer to all of these questions.

    On the other hand, I know pagan bands with songs about “Killing all the christian heathens coming to colonize scandinavia”. About “Crushing the roman christians coming to take germanic women with their fairy tales of a weak god”. (BTW, this is explicitly not about german nationalism. There are nazis abusing these terms of skandinavian/germanic origins, many of them, but this isn’t part of that). Those are what I meant when I said: I’m not sure if I want to discuss those with a christian I don’t necessarily trust. Because face it, norse mythology was colonized by roman christians. maybe for good, maybe not, I don’t know.

    And in another direction, a lot of metal / heavy metal / rock imagery is based around pushing and prodding and poking christians. Not just subtly. They thrived on this to establish themself as counter-culture. “You are Christians. We are sons of satan. We listen to the other music.” For those, I can very much find a foundation in christian religion. Like, look at denmark. Burning a stack of paper shouldn’t be a big thing, but now they are creating laws against burning the Koran. Not sure how I feel about this.

    In that light, I’d very much be in favor of a school uniform, or a specification of unicolor shirts / t-shirts without imagery, I have to say. Concessions are bound to be abused in every way, with that hat on.

    The sad thing to me personally is: IMO, we should embrace diversity. Someone wearing a weird cloth on top of their hair should be a source of curiosity. It should be an exposure to something new and an option to grow and reflect and to learn they are just a person, just a bit different. Like the first time you try to cook for a vegetarian, a vegan, or try to date a lesbian.



  • I mean to a certain degree, I can understand if people find a problem with Poetterings approach of doing things !CORRECTLY!. Like, systemd-resolved resolving A-records with multiple addresses ina deterministic fashion because it’s not defined not to be deterministic, and because actual load balancing would be better. It’s not wrong, but it’s breaking everything. And it got patched after some uproar. And there are a few things like that.

    But at the same time - I don’t think people appreciate how hard doing process management right on linux can be, especially if the daemon to run is shitty. Like, init scripts just triggering the shutdown port on a tomcat - except the tomcat is stuck and not reacting to the normal shutdown port and now you have a zombie process and an init script in a fucked up state. Or, just killing the main process and for some reason not really removing the children, now there’s zombies all over the place. Or, not trying appropriate shutdown procedures first and just killing things, “because it’s easier” - except my day just got harder with a corrupt dataset. Or, just trying soft and “Pwease wexit Mr Pwocess” signals and then just giving up. Or having “start” just crash because there was a stale PID from an OOM killed process around. Man I’m getting anxiety just thinking about this.

    And that’s just talking about ExecStart and ExecStop, pretty much, which I have done somewhat correct in a few init scripts back in the day (over months of iteration of edge cases). Now start thinking about the security features systemd-analyze can tell you about, like namespaces, unmapping syscalls, masking parts of the filesystem, … imagine doing that with the jankyness of the average init.d script. At that point I’d start thinking about rebooting systems instead of trying to restart services, honestly.

    And similarly, I’m growing fond of things like systemd-networkd, systemd-timesyncd. I’ve had to try to manage NetworkManager automatically and jeez… Or just directly handling networking with network-scripts. Always a pleasure. Chucking a bunch of pretty readable ini-files into /etc/systemd/networkd is a blessing. They are even readable even to people rather faint on the networking heart.


  • tetha@feddit.detoLinux@lemmy.mlI F*cked up and I need help.
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    1 year ago

    And even password based disk encryption can be defeated with 2-3 physical accesses if an organization wants to hard enough. Keyloggers can be very, very sneaky.

    At that point you’d have to roll something like Yubikey-based disk encryption to be safe, because this re-establishes control over some physical parts of the system. Until they find the backup Yubikey you had to not lose all data by losing the primary key you’re carrying around to maintain control over it.

    It’s not a battle the defending side can win.


  • Well, you’re looking at a method, and imagine two things.

    The first is a link to a confluence article. You click on it. Nothing loads. Ah, right. Activate the VPN. Click the link again. You have no access. So you send your IT a ticket to gain access. One week later you get a mail you have access know. For what? Who’d remember last week?

    Alternatively, there’s an inline comment, or a markdown file in the same repo so you click on it and your IDE opens it. And then you modify the piece of code and you realize you still have that markdown file still open, so you adjust a few things and also note down a weird quirk you found during debugging.

    However, in the first case… well, you finally had access to the documentation, so you want to modify it to bring it up to date. Well, guess what. You have read access. So back to another ticket with IT that you’re actually working on this and you’d like to update the documentation. After a week, you’re notified: Well they need approval of the documentation owner for you to get write access. They are on vacation. When they get back after 2 weeks, they approve the request, and it goes into a second round of approvai with your teamlead. And guess what? Right, he’s not in for the next 2 weeks. By the time you finally have write access, you’re not working in that department anymore. And no, that other department doesn’t use that confluence.

    Overall, documentation tends to be somewhat of a chore for many people. If it’s close - it’s in the same repo, you can open the file in your IDE, you can commit updated documentation with your code in the same PR - there’s a slightly higher chance for folks to update documentation. If you put in the hellscape of a process some companies have for their tooling there, no one will ever touch the documentation.