Haha I still remember finding that out

God how dumb

Russia and Ukraine may have agreed on a tentative deal to end the war in April, according to a recent piece in Foreign Affairs.

“Russian and Ukrainian negotiators appeared to have tentatively agreed on the outlines of a negotiated interim settlement,” wrote Fiona Hill and Angela Stent. “Russia would withdraw to its position on February 23, when it controlled part of the Donbas region and all of Crimea, and in exchange, Ukraine would promise not to seek NATO membership and instead receive security guarantees from a number of countries.”

Calls it peace plan, then I’m the next paragraph refers to it as “negotiated interim settlement” where Russia gets to hold all of Crimea and the Donbas… and the word peace doesn’t even appear in the linked article. Nor any reference to an end of the conflict, and even the word “deal” only about the grain export.

The “Zelensky is a badass” narrative in 2024 is hilarious.

And yet, you’re the only one calling it that. I was just stating that was offered and that Ukraine’s government declined, asking if you’re saying that this wasn’t their own decision - which you dodged answering.

Removed by mod

Absolute bonkers

No, I’m saying the documents do not sustain the claims. The documents go into supporting Ukraine, e.g. to help them defeat Russian fleet and gain maritime supremacy. However, there’s no indication on what I’ve seen there akin to the claims that they want to “drag out the war as long as possible” and “prepare their own people to live in poverty” (not exact quotes because I’m on phone and I’m afraid to lose this text). These are the authors one-sided and tendentious interpretations of continued support, which by the structure of the article and the way he presents it he makes seem as if they were part of the documents. But they aren’t.

UK supports Ukraine. That’s a known fact. It’d be insane to believe there’d be no briefings on strategy (whether these came into effect isn’t clear either).

Removed by mod

I worked in software certification under Common Criteria, and while I do know that it creates a lot of work, there were cases where security has been improved measurably - in the hardware department, it even happened that a developer / manufacturer had a breach that affected almost the whole company really badly (design files etc stolen by a probably state sponsored attacker), but not the CC certified part because the attackers used a vector of attack that was caught there and rectified.

It seemingly was not fixed everywhere for whatever reason… but it’s not that CC certification is just some academic exercise that gives you nothing but a lot of work.

Is it the right approach for every product? Probably not because of the huge overhead power certified version. But for important pillars of a security model, it makes sense in my opinion.

Though it needs to be said that the scheme under which I certified is very thorough and strict, so YMMV.

I was also with a provider that didn’t offer API access for the longest time. When they then increased prices, I switched, now paying a third of their asking price per year at a very good provider.

I guess migrating is difficult if the provider doesn’t offer a mechanism to either dump the DNS to a file or perform a zone transfer (the later being part of the standard).

Can only recommend INWX for domains, though my personal requirements aren’t the highest.

A lot of paid cert providers were not so great before LE put the spotlight on the issue; it was more of a scheme to extract money from operators who couldn’t afford to not offer TLS / SSL. https://bugzilla.mozilla.org/show_bug.cgi?id=647959 was a famous post that made fun of / criticized the system before LE. This hurt security, and if not free, LE wouldn’t have worked.

Also wildcard certificates are more difficult to do automated with let’s encrypt.

They are trivial with a non-garbage domain provider.

If you want EV certificates (where the cert company actually calls you up and verifies you’re the company you claim to be) you also need to go the paid route

The process however isn’t as secure as one might think: https://cyberscoop.com/easy-fake-extended-validation-certificates-research-shows/

In my experience trustworthyness of certs is not an issue with LE. I sometimes check websites certs and of I see they’re LE I’m more like “Good for them”

Basically, am LE cert says “we were able to verify that the operator of this service you’re attempting to use controls (parts of) the domain it claims to be part of”. Nothing more or less. Which in most cases is enough so that you can secure the connection. It’s possibly even a stronger guarantee than some sketchy cert providers provided in the past which was like “we were able to verify that someone sent us money”.

Once LSD becomes approved medication for ASD, my doctor will hear about my condition very fast

The R in LLM stand for Return on Investment

I actually have an account on there with almost nothing, just my nix configuration, plus a repo I cloned to commit a bug fix on software I used. But it seemed like the most responsible solution as in the price is reasonable, plus I actually like the interface. Codeberg also looks good and claims to be better in some regards, but these are the only choices nowadays.

Anyhow, I’m still waiting for Pijul to have a final 1.0 release and independent hosting solutions to appear.

Not exactly a stealthy name

Probably both - however I think it’s not unreasonable to assume that organizations as mentioned in the article at least have the Chinese government’s blessing, if they’re not directly controlled by it. So even if the fentanyl itself is not coming from outside the states, the precursors from which it can be made with little effort are.

That and I guess some gangs make it somewhere else and then import it, but that’s another story.

Also technically, I think there’s legal fentanyl being produced in the states, but that’s usually not what’s meant in the discussion.

Asking for a friend

The team also procured secondary ingredients used to process the essential precursors, as well as basic equipment – giving it everything needed to produce fentanyl.

The core precursors Reuters bought would have yielded enough fentanyl powder to make at least 3 million tablets, with a potential street value of $3 million – a conservative estimate based on prices cited by U.S. law enforcement agencies in published reports over the past six months.

The total cost of the chemicals and equipment Reuters purchased, paid mainly in Bitcoin: $3,607.18.

Turning these precursors into fentanyl would have required just modest lab skills and a basic grasp of chemistry. One Mexican fentanyl cook who dropped out of school at age 12 told Reuters he learned the trade as an apprentice at an illegal lab.

“It’s like making chicken soup,” said the cook, an independent producer based in the cartel stronghold of Sinaloa state. “It’s mega-easy making that drug.”

Actually one block in the article

A web browser? There goes my career as a drug lord

My point was that it’s irrelevant if the whole company knows git. We’re a Microsoft shop and a lot of people don’t even use computers at our company (or only sparingly as they work in manufacturing). And we also have a subset of people who work with git (me kind of included).

And no our janitor can’t use AD. Even though our whole company “uses” Microsoft Windows

The answer to this 100% irrelevant question is no