Yup. The risk of someone breaking into your house and stealing your post-it note is vastly different from someone guessing your password, and the risk changes again when it’s a post-it note on your work computer monitor.

One of the best things you can do with your critical passwords is put them on a piece of paper with no other identifying information and then put that piece of paper in your wallet. Adults in modern society are usually quite good at keeping track of and securing little sheets of paper.

I’m paranoid, so I put mine on an encrypted NFC card that I printed to look like an expired gift card to a store that went out of business. It’s got what I need to bootstrap the recovery process if I loose all my MFA tokens (I keep another copy in a small waterproof box with things like my car title. It’s labeled “important documents: do not lose” and kept unlocked so any would be thief feels inclined to open it and see it’s worthless to them rather than taking the box to figure that out somewhere else. The home copy is important because there’s vaguely plausible scenarios where I lose both my phone and wallet at the same time. )

Stealing my laptop and getting my stuff is a significantly larger risk than me leaving my computer on and unattended without locking the screen.

Passkeys are a good trend because they’re just about the only security enhancement in recent memory that increases security and usability at the same time.

I thought the same thing about the steam deck and it turned out to be entirely fine.
This is basically cutting the screen out of a steamdeck so I’m pretty excited for a good controller.

I thought the same thing, but per it’s suggestion I tried using it for fine tuning on the steam deck and I was pleasantly surprised. I’d never use it for for large motions, but on a game designed with mouse motion in mind it can be a little tricky to get those fine motions locked in.
I tried with portal and it made it a lot easier to get little adjustments lined up that were tricky without it. Since it exclusively kicked in when I wanted it to it wasn’t as wacky as a lot of gyro controls are for games that focus on them, and I think it was as simple as “press your thumb a bit more roundly onto the joystick”.

It’s not going to supplant the mouse for fast precise motions, but it at least means you can skip the wild overcorrection that sometimes happens with joystick on unoptimized configurations.

Management isn’t your friend, but managers are still people. The job is not the person. A good, nice, friendly person can have a job where their work interests aren’t necessarily aligned with yours and still try to do what they can to see that your interests are met.

If they fire me, no manager is going to ask me how I’m holding up or what my plans for the future are

That’s just not true. It’s not universally untrue, but it’s just wrong to default to such an antagonistic view from the outset.

All that to say: it sounds like you’re mainly having difficulty reconciling your thoughts on how you behave towards people with how you behave towards management. If you replace job related words with words like “people” or “person” then the question gets a lot easier.

I had an argument with this person everyone likes and after thinking about it, it was mostly my fault we raised our voices. She raised her voice first but because I wasn’t listening to her because she triggered me.

It’s pretty obvious to me that you apologize. Then ask if they’d be open to a conversation about what you feel could have gone better.
“Hey, do you have a minute? Sorry about how I acted when we were talking the other day. I thought about it and realized that I hadn’t been listening, which wasn’t right of me and made things worse. Would you be open to discussing it now that we have a little distance from it? I’d like to explain myself a bit and share some related concerns that I had, if nows a good time.”

They’re a person. If you feel your wronged them, apologize. If you feel like you want to explain things and offer feedback, just make it clear this isn’t a prerequisite for the apology or anything.

Exactly. If you’re apologizing, apologize. There’s nothing wrong with also asking to have a conversation about what caused the conflict.

“I’m sorry” and "can we talk about what happened?” are both valid, but ultimately aren’t dependent on each other.

This isn’t the best or most popular way to do it, but: https://learn.microsoft.com/en-us/windows/wsl/install

There is a way built into windows to deploy and use Linux from inside windows.

It’s not the most pure experience, but it’s a way to make sure you have something like a feel for how some parts work before jumping in any deeper.

A bootable USB stick is another way to try before you commit. Only reason I might suggest starting with trying it the other way first is in case you run into issues connecting to the Internet or something you won’t feel totally lost. Having to keep rebooting back into windows if you have a problem can be frustrating, so getting a little familiarity with a safety line can help feel more confident.

Issues with a USB boot are increasingly uncommon, as an aside. Biggest issue is likely to be that USB is slow, so things might take a few moments longer to start.

From there, you should be pretty comfortable doing basic stuff after a little playing around. Not deep mastery, but a sense of “here are my settings”, “my files go here”, “here’s how I fiddle with wifi”, “here’s how I change my desktop stuff”. At that point a dual boot should work out, since you’ll be able to use the system to find out how to do new things with the system, and also use it for whatever, in a general sense.

If it’s working out, you should find yourself popping back into windows less and less.

No, I think it’s saying that opensuse breeds Linux distros, and is trying to get Debian and arch to rub cloacas.

Also, opensuse once bit off a little chunk of someone’s ear.

Oh, I totally know there’s been a lot of politics in the Foss community and that some of the people are nasty, I’m just flabbergasted that someone would try to connect such disparate things.
I can comprehend a Nazi Foss enthusiast having opinions on race and on window managers. It’s when they start having racist opinions on window managers that it all flies out the window. It’s like being opposed to copper plumbing because it’s too Norwegian.

Just a case of seeing irrational people who act irrationally act irrationally in a new way and being shocked that the irrationality doesn’t follow a pattern or stay in topic.

Ugh. people can suck sometimes. I can comprehend the concept of bigotry and all that, but it just deeply does not make sense to me. And I think I’m ultimately okay with not being able to empathize with actual hatred.

I’m just confused. Like, how would someone even connect Linux software to those topics?
I totally believe you that they do, and I’m not actually interested in hearing messed up shit, I’m just…

If you asked me which topics were unlikely to have bizarre vile messaging I would have listed window managers and init systems pretty high in the list.

To each their own I suppose. “Catsup” has always just seemed like a weird affectation to me.

For the first one… Not sure I get it. It was originally ketchup, and has been predominantly spelled that way for hundreds of years. It was spelled that way before ketchup even had tomato in it.

Typically people propose switching everything to UTC.

The read this doesn’t work is because humans are still bound by a diurnal cycle and you won’t have everyone wake up at 0800, since for some people that’s the time in the middle of when the sun sets and rises.
So you still need to communicate to people across space where the sun is or will be for you at a time in the future, or otherwise relate where in your wake cycle you’ll be.
Tied to this is legal jurisdictions. Within a legal jurisdiction it’s important for regulatory events to be synchronized. For things like bank hours, school hours, government office hours, things like “no loud noises when people tend to be sleeping”, “teenagers old enough to have a job aren’t allowed to work late on school nights”, and what specifically constitutes “after hours or weekend labor” for the purposes of overtime and labor regulation you need your definition to be consistent across the jurisdiction. Depending on where you are in relation to Greenwich a typical workday can start at 1900 Friday night/morning, and extend until 0300 Saturday morning/afternoon. Your “weekend” would start when you woke up around 1800 Saturday evening/morning.

Right now we solve this problem by deciding on a consistent set of numbers for where the sun is across some area that inevitably lines up with legal jurisdiction. Then we use a lookup table to translate our conception of where the sun is to where it is elsewhere.

Without timezones you instead need to use the same type of lookup table to find the position of the sun at the time and place of interest, and then try to infer what the situation would be.

We have UTC now, and people inevitably already use it where it makes sense. It’s just usually easier to have many clocks that follow similar rules than it is to have one clock that’s interpreted many different ways.

Walk me through that analogy, and what point you’re trying to make. My hammer doesn’t typically have unexpected interactions with things I’m not hammering. When I build a bookshelf, I don’t have to make sure my desk is clean to keep people I let borrow books from unlocking my front door without a key.

Do you think that improper setuid isn’t a common enough vulnerability to have a name and designation?

What constitutes a security nightmare if not something that requires a large and annoying amount of work, and can be made insecure by a mistake somewhere else?

I would describe need to proactively go out of your way to ensure a program is simple, minimal, and carefully constructed to avoid interactions potentially outside of a restricted security scope as a “security nightmare”.

Being possible to do right or being necessary in some cases at the moment doesn’t erase the downsides.

It’s the opposite of secure by default. It throws the door wide open and leaves it to the developer and distro maintainer to make sure there’s nothing dangerous in the room and that only the right doors are opened. Since these are usually not coordinated, it’s entirely possible for a change or oversight by the developer to open a hole in multiple distros.
In a less nightmarish system a program starting to do something it wasn’t before that should be restricted is for the user to get denied, not for it to fail open.

https://www.cve.org/CVERecord/SearchResults?query=Setuid

It may be possible, but it’s got the hallmarks of a nightmare too.

I mean, you have your answer right there. It’s not like Harvard is a particularly untrustworthy source for diet recommendations.

Why are you doubting the number? If you feel fine and don’t want to change, don’t. Everybody is different and has different needs, and you might just need less, but anyone reputable is going to give the same rough range.

“a drink” contains roughly the same amount of alcohol regardless of type, so a daiquiri should get you about as inebriated as a beer.
Some caveats: since drunk people drink more, some places have specials earlier in the evening or on some drinks where you can make it a double for no or low upcharge. That glass now has two drinks in it.
Some drinks are easier to drink fast, which makes you feel the effects faster and stronger, so you might perceive yourself to be “more drunk”, even though it’s really just hitting you all at once. Delicious sugary drinks that mask the alcohol flavor are notorious for that.

It takes about an hour to process a drink; sugary drinks will inevitably give you an upset stomach; water and food help keep your stomach settled ; you’ll have a better time not having a drink you could have and feeling good than having a drink your shouldn’t have and feeling gross, so if in doubt say nah.

You’ll be fine with one with a meal with someone you know. A second is probably fine in the circumstances but more than that is iffy.

I think the most alive you could be would then be some manner of homeless drug addict. You have no power over your life, so no notion of what any day will look like.

This quote kinda rubs me the wrong way because it treats predictability the same as banality.
If you want a job where you never know what the day is going to look like, work for a poorly managed company. You never know what you’re going to be doing, sometimes the project you’re working on one day is cancelled without warning and now people are mad at you for not having been working on the new priority for the past month. Sometimes you go in and you work 36 hours straight without warning because someone else messed up and your boss doesn’t give a shit who’s responsible and you’re the one who knows how to fix it, so fix it or fuck off. Better hope you don’t have a family or you’re going to have to make choices.

Knowing what you’re going to do tomorrow is just having work of any consequence. Food service knows what they’re doing tomorrow. So does a CEO, a software developer at a competent business, or a project manager. I can think of very few jobs whose scope of work is limited to a day, and is so variable that you just don’t know what you’ll be doing. Temp? Personal assistant to an eccentric actor? (Not the manager type assistant, they need to know the schedule. The one that buys coffee, six turtles and a pair of roller skates and doesn’t actually exist).

I could just be dead inside because I know that tomorrow is going to go a particular way that I like.

Paranoia in the sense of being concerned with the ill intent of others, not the sense of an irrational worry about about persecution. Much like how the intelligence community itself is said to have institutional paranoia.

While they created a set of patches that would implement the security features that selinux provides, what was actually merged was the result of several years of open collaboration and development towards implementing those features.

There’s general agreement that the idea that the NSA proposed is good and an improvement, but there was, and still is, disagreement about the specific implementation approaches.
To avoid issues, an approach was taken to create a more generic system that selinux would then take advantage of. That’s why selinux, app armor and others can live side by without it being a constant maintenance and security nightmare. Each one lives in their little self contained auditable boxes, and the kernel just makes the “check authorization” function call and it flows into the right module by configuration.

The Linux community was pretty paranoid about the NSA in 2000, so the code definitely got a lot more scrutiny than the typical proposal.

A much easier way to introduce a backdoor would be to start a tiny company that produces some arbitrary piece of hardware which you then add kernel support for.

https://github.com/torvalds/linux/tree/master/drivers/input/keyboard - that’s just the keyboard drivers.

Now you’re adding code to the kernel and with the right driver and development ability you can plausibly make changes that have non-obvious impacts, and as a bonus if someone notices, you can just say “oops!” And not be “the god-damned NSA” who everyone expects to be up to something, and instead be 4 humble keyboard enthusiasts with an esoteric set of lighting and input opinions like are a dime a dozen on Kickstarter.