In all honesty, the constant rambling against any service provider when something goes wrong is tiring. as. fuck.

“I’m not using anything, I’m self-hosting everything and no cloudflare can take ME down!” - hot stuff buddy, let’s talk again when at some point you’ll have something interesting and get hugged to death. Or when something of your diy self hosted stack breaks or gets taken down by an attack.

“I’m not using (big company name) but (small startup name), and I’m not having any issues!” - wow, great, obviously the goal of the company is to stay as small as they are and supply your service. Let’s talk again too, when at some point your friendly startup gets sold, or grows more. Oh btw, smaller company usually also means less resources.

“That’s all because they are using centralized services, we need to federate everything to not have a single point of failure” - federation alone won’t help if the centralized service has several magnitudes of resources more. Any single cloudflare exit node can probably handle several times the load of the fediverse. We’ve seen lemmy instances go down all the same, and this will happen with any infrastructure.

I’m not supporting big companies having that much market share and the amount of control over the Internet as a whole that they have. But, have at least some respect from a technical standpoint for the things they’ve built. I’d say way over 80% here haven’t seen infrastructure, traffic and software on a scale that’s even remotely close to the big players, but are waffling about how this or that is better and how those problems should be solved and handled. Sit the fuck down.

No matter how well reasoned, allegedly fit for purpose or how much something pretends to be it, we shouldn’t be trusting those promises, especially not from people we don’t know. That does not end well neither for the free candy van nor for cybersecurity. Trust like that has been responsible for a lot of attacks over varying vectors and for projects going wrong.

On the other hand, detrimental reliance is a tort and if someone is relying on an app for a specific safety function, the app could be civilly liable if it fails it’s function in some way.

Yes, if the app would be any kind of official tool.

Imagine if you had this attitude about an insulin use tracker/calculator, that sometimes gave wildly wrong insulin dose numbers.

Yes, and that’s why regulations for those kinds of things exist, that prevent those things. There is no regulation for the ice tracker.

Maybe down the road, it’s decided that aiding and abetting ICE is a crime, and providing misinformation intentionally or unintentionally is a criminal act. App developer dude could be criminally liable if he knew or ought to have known he had vulnerabilities. You know, in your New Nuremberg trials that you are going to get sometime in the next decade or so.

If down the road a regulation would happen for, app developer dude would be forced to either comply or to stop operations.

So fucking what? He is not being paid in any kind, and anything he does on that project is volunteer work. If he was not able to do anything on that project due to regular work, vacation, personal issues, or the simple fact that he didn’t want to?

If you don’t pay for a service, you don’t get to decide what people do, deal with it

Honestly, apart from the report being potentially wrong, the researcher seems pretty entitled as well. Like good intentions and all that, but he’s given him a week to fix the issue, usual practice in responsible disclosure are 90 days. We’re not talking about a company here, it’s some single random dude providing the app.

This really sounds like some personal issue written down for public drama, while making himself ridiculous for not knowing his own shit properly.

Unless there are those who need certain words for their jobs, I can kinda understand why Microsoft wouldn’t want emails from work addresses to go out with political agendas… for either side.

Sure. Then block both sides, and not only the one not bringing you money.

Work emails should just be about work. Too many people use their work emails like a personal email… with their banking, shopping, etc. That’s what personal email addresses are for.

No one uses their company email for their personal banking, simply for the reason because if you’d leave, you’d lose your access, and since most companies run behind firewalls, vpns, 2fa tokens and similar additional credentials, it’s simply harder to use.

This policy should go for many non-work related topics too. IT can unblock the words for certain users who need to use them for their job.

Of course, let’s waste resources to maintain idiotic blocklists that are out of date the moment they are rolled out, and additional resources to make the blocklist actually work. Palestine, p4lestine, pale s tine, p a l e s t i n e, paleztine. Need more?

You’re not at work for someone with this kind of unhinged mentality watching you working for 8 hours a day straight with no breaks and no distractions. You’re there to get your work done. In my current team, we’ve had the best ideas talking about our problems at the coffee machine. I personally focus best when I have music on. We’re doing sports together once a week on a company fitness incentive, which boosted our team dynamic massively. None of this would be possible in such a controlled environment.

Take the following with a grain of salt, it depends on your specific setup, environment and preference, but might help you:

Regarding system backups, and depending whether you need to run fedora, check out nixos, which takes a declarative file and builds your system based on that. Declarative immutable system, no moving parts, no breakage. If your system breaks, revert to a prior version and keep using what you’ve had before before retrying. Your backup is a git repo or whatever is keeping your handful of config files. Has been an absolute game changer for me, and the community and ecosystem around it is far beyond the point of quirky esoteric immutable distro.

VSCode has a powerful feature that I’ve yet to see in another editor/IDE - remote development, and it works really, really well. Spin up a VM however you like (I’d recommend checking out Vagrant), and depending on how much you need to do in windows either use the windows box as a remote run target (just running your built artifact in windows), or as a remote development box (running everything in windows and using your Linux VSCode as a “Frontend” for everything else happening in windows). Both methods can be made to work seamlessly in vsc.

Excel - again depending on your usage, you can try wine, you can use a VM, dual boot, M365 in browser, or a remote VM.

You probably just should let an AI generate that.