Hacker Newsnew | past | comments | ask | show | jobs | submit | waingake's commentslogin

Let's not forget that comparing the 2020's to the 90's is like comparing the 90's to the 60's. Would we have a more substantial list between those two decades?


Probably not, as economic things like living standards or quality of life generally seem to be logarithmic and have diminishing returns, but why not make a list and show us?


Have you seen / did you create this series on youtube? The final video lands on something very similar to this. https://youtube.com/playlist?list=PLsfH1Ahi4SzE-QmrsrtyZubGm...


Wow your son is good at projects and I am bad at mental arithmetic.


Here is a much better technique which only relies on SSH https://www.jeffgeerling.com/blog/2022/ssh-and-http-raspberr...


Is there a way to move the canvas via mac track pad which works the same way the middle mouse button does? I.e. always drags even if I'm looking at an editor


Press ctrl while panning with trackpad. Creates tiny artifacts but works.


This is to zoom correct? You can also pinch/unpinch!


Holding down option seems to do what I want here


Ope sorry for the late reply but OPT/ALT is the intended way for you to do this.


The article is about Google being at its best when it had the least competition. You should read it.


It rose to prominence because it was better than its competitors. A perceived lack of competition didn't make it good.


That is exactly the thesis and the point of that whole section! I’m sorry you got downvoted for saying it, perhaps your tone was too blunt.

It’s not that Google was created as a monopoly with no competition — there’s a neat little graph about what happened to Yahoo in there! It’s that the experience of using Google and the Google suite was at its peak in their clear & unchallenged market leader phase.

Source: am author


You say that in a way that suggests that Google being a market leader is what caused or allowed them to develop a peak user experience. To me - and I suspect others too, given the downvotes - this causality is in the opposite direction to what common sense dictates. And simply pointing at the correlation doesn't help prove your case.

To me, it looks like Google achieved a market dominance because they had a great product, but quite quickly they began practising anti-competitive behaviours and before long the user experience began to degrade.


Is it? If you've got `PasswordAuthentication` disabled, only allow public key logins and keep your system up to date. Honest question.

I self host my email ( docker-mailserver ) and host my personal website on an old laptop with a static IP. Have done for years now without issue.


The keyword is diligently keeping your system up to date! That said you’ll still have exposure to zero day vulnerabilities and DOS attacks.


But an attacker with one of the biggest vulnerabilities on earth (hell, ssh noauth 0day) would very likely use it against big cloud providers and infrastructure (isps and others) and not burn it on your home server! Keeping it reasonably up to date with your distro's cycle is probably enough for most people doing this home server thing.

So of course, as things always are with security this is a matter of risk assessment and understanding your attack surface, a server with only public key and maybe on a special port goes a very long way, add fail2ban on top and i'd say it's probably fine for quite a while.

But that does make me think... what if... a wormable noauth 0day like that on ssh or some other popular system... how fast could it replicate itself to form the biggest botnet.. how long would it take, to take over all visible linux servers on the internet (so that your little home box ends up being a target)?

I guess at that point you are limited by bandwidth, but since you can scale that with every compromised server... hope someone does the math on that one day!


Ipv4 is only 4 billion addresses. It doesn't actually take very long to just try all of them. If you're running a service exposed to the internet and it has a published exploitable vulnerability, it's just a matter of time before it gets exploited. (that said, that time does give a little buffer for patching)


https://wiki.debian.org/UnattendedUpgrades Most distros have something like this.



"PasswordAuthentication disabled" not sure I can even do this on my shared BSD server. I have ssh access via pw and need it. Is this really dangerous?


Yes, it's risky to accept password auth if someone sharing the box with you has a poor password. They could do things like:

. Install a spam or brute force password bot, which could get the machine kicked off its internet connection (in addition to whatever havoc it causes first)

. DoS the server by filling up the disk or using too much RAM (are quotas enforced?)

. Exploit a local vuln to get root, if such exists on that box. (Is the kernel promptly patched and the box rebooted?)

. Explore other users' directories (are permissions locked down correctly across users?)

…and more thrilling possibilities!

Embrace key auth. Future you will thank you.


It is, if for no other reason than you never know when some other user has a guessable password. You should switch everyone to ssh keys. It's a good excuse to learn :)


Yes. Authenticating with passwords is obsolete and dangerous. Use keys and disable password auth.


And if you really like passwords, you could always enable both, too!


How good is your password? If it's long, with special characters, it's fine. Install fail2ban. The problem with auth keys is you can't get into the server if you don't have your laptop/phone/NFC device because you got pickpocketed/mugged?


"I self host my email "

Is this still possible? Are your emails getting delivered?

Downvoted. I don't know when the downvoter tried the last time to "host their own email". Yes, DMARC, DKIM und SPF. Good luck trying to get your email deliverd to t-online or something.

https://forum.hestiacp.com/t/t-online-curious-story-about-th...

They may even check if your domain has an "imprint". I kid you not. I use my own domains too, but I piggyback with infomaniak.com


> Is this still possible? Are your emails getting delivered?

Mine are. Although it probably helps to have a static IP with a 25 year long clean history.

Are there very occasional glitches? Sure. But I've seen ISPs drop everything from GMail on the floor for no obvious reason. I've seen GMail drop GMail email before. Same for every other large email provider.

To date I haven't seen any reason strong enough to push me to switch to a centralised email host. That day may yet come of course.


I self-host my email, and have not really had problems delivering normal quantities of personal email (except a bit of pain for Microsoft to accept mail in the first place, but it can be sorted quickly) - as long as you do DMARC / DKIM / SPF.

I've never heard of t-online before or tried to send an email there to my knowledge... if one provider I've never heard of would refuse to accept my mail if I ever sent something to them, that's more of a them problem than a me problem - but it certainly isn't the norm for other providers.


> Is this still possible? Are your emails getting delivered?

Yes and yes (if DMARC/DKIM/SPF configured correctly).


> Good luck trying to get your email deliverd to t-online or something.

People who say it cannot (or should not) be done should not interrupt those who are doing it.

The dismissiveness is likely why you are downvoted, I'm guessing. The suggestion that because it's hard for you and therefore you're surprised others are doing it isn't a good look.

Self hosting email isn't that hard, and there are many solutions for all sorts of self hosting issues. That's a topic for another discussion, though.


"Self hosting email isn't that hard". Self hosting is super easy. Getting your emails delivered is hard. And I am not even talking SPAM folder here (see t-online example).

Smart comment from reddit:

"The problem with selfhosting email, unlike selfhosting services like Jellyfin or Nextcloud, is that you rely on other people's servers to play ball with you, but they often don't. Or they play for a while and then suddenly decide not to without telling you. It's unpredictable and we selfhosters don't have enough control over that."

This describes it pretty well.


I fo it too and can deliver to gmail/office365 etc addresses no problem.


yes and yes.

Selfhost does not imply residential IP.


I'm way less anxious as an adult than I was as a kid. Likely due to various coping strategies that I've ingrained over the years.


Interesting, do you have a reference for the autism to weed anxiety link?


Zen and the art of motorcycle maintenance


Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: