ghjones

joined 1 year ago
[–] ghjones@beehaw.org 4 points 3 months ago

ACLs on Linux can be a bit weird. If I remember correctly, the ACL mask corresponds to the group bit when using masks. Some more details here:

https://unix.stackexchange.com/questions/65888/setfacl-incorrectly-changes-group-permissions

[–] ghjones@beehaw.org 4 points 3 months ago

As an aside, I’ve been watching bcachefs with some interest, as it seems to be getting faster with every kernel release, building on the data integrity guarantees of ZFS while pushing performance boundaries and being GPL compatible (i.e. in tree). Kent Overstreet et al. have done a fantastic job with this FS.

[–] ghjones@beehaw.org 5 points 3 months ago (1 children)

A combination of XFS and ZFS. I work in high performance computing (academic). While I love the reliability of ZFS for data archival and peace of mind that results provably haven’t suffered bitrot, sometimes I just need a 10 TB temp file(s) with fast mostly-sequential R/W. Appropriate selection of file systems lets me have both.

[–] ghjones@beehaw.org 2 points 3 months ago (1 children)

Yeah, but it’s had some actual data corruption bugs related to sending encrypted snapshots (off the top of my head).

[–] ghjones@beehaw.org 2 points 3 months ago (1 children)

I feel your pain on the CDDL (although I think it is still considered a “free” license), and while I love to hate Oracle, I think the CDDL decision was originally Sun’s, even if Oracle could “free” it now to be GPL.

[–] ghjones@beehaw.org 3 points 3 months ago

Just to verify all permission-related things in one go, see if you can open the key as your user with an editor like vi or nano. This will let you separate out some behavior specific to OpenSSL vs some behavior purely permissions-based.

I’m not sure what’s happening here, but the above test can at least narrow the focus.

[–] ghjones@beehaw.org 1 points 9 months ago

Here I was hoping that if you took the UTF-8 representation in bytes and decoded it as ASCII, you would get something interesting. But no, just Unicode characters. Almost interesting is that none of the bytes are valid ASCII characters (< 128), which you might expect for the first byte of every UTF-8 codepoint due to backwards compatibility for ASCII encoding, but perhaps not for the subsequent bytes that comprise the rest of the grapheme.

I'm finally starting to understand the appeal of numerology.

[–] ghjones@beehaw.org 2 points 1 year ago (1 children)

Self correction, the author is a different Elizabeth Anderson, also a philosopher.

[–] ghjones@beehaw.org 1 points 1 year ago

Fair enough. Doesn't bode well for DoH in authoritarian regimes.

[–] ghjones@beehaw.org 2 points 1 year ago (2 children)

If you like this, the author (Ellie Anderson) also has a podcast with her co-host David Peña-Guzmán called Overthink.

https://www.overthinkpodcast.com/aboutus

[–] ghjones@beehaw.org 6 points 1 year ago (2 children)

Even Palo Alto notes that they can only effectively block DoH if you're MITMing all https traffic already (e.g. using a root certificate on corporate-managed devices). If not able to MITM the connection, it will still try to block popular DoH providers, though.

https://live.paloaltonetworks.com/t5/blogs/protecting-organizations-in-a-world-of-doh-and-dot/ba-p/313171

view more: next ›