the threshold is proportional to 1.5^(32-subnet_mask)

what are you basing that prefix length decision off? whois/NIC allocation data?

is the decision loop running locally to any given f2b instance, or do you aggregate for processing then distribute blocklist?

either way, seems like an interesting approach for catching the type of shit that likes to snowshoe from random cloud providers while lying in agent signature

I’m not sure I understand your comment, mind elaborating on the details?

it’s the holidays, it’s okay: you don’t have to go near the c++ right now

I haven’t really got enough information about that side of it, the details I have to go on are mostly about things particularly around the values CCC has tried to hold/build (and even there I am absolutely not intimately familiar, for reasons of distance and exposure and such)

yep, have made the same critique. the way people “overcommit” on this is a fascinating interplay of sunk cost fallacy combined with some other shit

why they even are there

(from observation over some years) congress orga more than occasionally fucks up on paradox of tolerance by letting shit like this through

it’s been a thing I’ve noticed and have wanted to actually discuss with some folks, but never really gotten to yet on account of life stuff

there were also the much, much less grey-area instances a couple of years back where they were far too open to a number of abusers (this was around the time the appelbaum shit hit wide daylight), so there is a possibility that the issue runs deeper (in a structural sense, at best; personal sense, at worst) too but I possess insufficient information to know one way or the other what exactly may constitute the problem here

full service plagiarism! bet you we’ll see whiteglove variant of it next

I was trying to remember at which point I unfollowed him, and I think it was exactly this nonsense

tangentially: I’ve been getting reminded of a bunch of services existing, by way of pointless “your year in review” bullshit

fuck spotify for starting that misfeature, and fuck everyone else for falling over themselves to get On Trend

let me spell it out for you: don’t be such an ass.

a swing with a double miss

I’ve seen what effort goes into it at somewhere else, it’s a lot

not sure I’d say it’s unprofitable though, given just how goddamn much money google does make from its advertising monopoly. but I get what you meant with the conversion angle nonetheless

no to this, kthx

still don’t get it

what

Oh yeah I forgot to mention that in my comment: drop PIA. Never touch anything owned by PIA or Kape. Ever.

GPUs: not even once

I am in the same boat, except all of the software I’ve ever written has been TeX

I’m sorry

giving contrived examples to undergrads to demonstrate why dp[i][j] is a shit table name or why ∞ is better than float('inf') or MAX_INT in pseudocode

that sound you can hear is my despairing screaming[0]

VPN client where … jump through the hoops of learning a new shitty client

(not a pitch, but multiple commercial references) I really liked how simple tunnelbear made this for a lot, and also quite like how slick the wireguard desktop-style handling is (you can see this for example with fly.io’s integration to that). I think there’s long context here, and if you buy me a beer I could rant in detail

PS: There is Goldwarden

oh good, it’s in Go, my other code allergy

shitposting aside, re the password manager thing: @self and I have co-ranted in dms, and about similar gripes.

so, by way of idea, loose laundry list for foundations/design: modern crypto (jfc why is so much still going “yeah gpg is fine”), crdt sync, a sane fucking language to build everything on, own-devices friendly (in the “you can sync device to device peer-wise” sense, vs the “there’s a remote server broker” sense), and pretty okay™ interfaces for client building/extensibility

alas: my main workstation is (non-slate) macos, and it’s unchangeable for the foreseeable future

good to know those (already) exist as options, though. if I can find some spoons I’ll try look around and see if there’s maybe something similar I can hack up/agglutinate from what’s around

Their desktop app is a bit shit anyway

I haven’t even tried it yet because I’m real “ehhhhhhhhhhhhhh” about even the idea of a js-/ts-based gui client for my password manager. largely because I’ve met too many js/ts devs and I outright don’t trust their competence and processes. so your post is definite motivation for me to eyeball some of the other clients too

this is such a mess, holy shit

and only on .com? I have some very pointed questions about the maturity of the verification program/design