OK then - so confiscate and auction off all the board members' and executives' houses, yachts, cars and all their other stuff down to their socks and jocks and we'll settle for that.
Give them a taste of what "financial hardship" really means.
yes, there had to be catch, although the guy in this letsencrypt support thread is a senior Letsencrypt engineer and he seems to be saying it is possible - although letsencrypt doesn't support it. I do think you'd have to show a bit more to the issuer to prove ownership than an http acme challenge though.
checks all the boxes - authoritative (authenticated user accounts), central location, not on fediverse, already relatively well-known by lemmy users and provides visibility to remediation. It's a good idea.
Well, I just learned something, but what does "control" the IP mean? If they are only validating a single address via http then presumably you could just use an Amazon elastic IP as long as it resolves. I doubt that letsencrypt will support that but I would be interested to know. If they do then yeah, you could presumably set up the instance using the IP as the name, but I don't know why you would want to. Apart from the fact that it would be hard to remember, could change at some point, screwing things up, it might work. I suggest OP do the necessary and report back accordingly.
it requires a name that can be addressed as https://sub.domain.name - otherwise it won't allow https inbound.
thanks - that looks like full independence and would be good to try. I've been using codeium, which was suggested here and it seems as good, if not better than github copilot and it's free for solo developers.
I appreciate you taking the time to make the suggestion - I've learned quite a lot about open source software options in a few weeks here on Lemmy and find it's been an excellent resource for technical info and suggestions.
you can't castle through check.
Right, but Lemmy.ml is really just one of a thousand plus instances. We need something instance independent or a way to propagate info that doesn't rely on any single failure points, or Lemmy as the communication channel. What happens when lemmy.ml is down, or if no instances are able to post due to concerted DoS?
It's impossible to stop anyone randomly posting stuff on Lemmy. Attackers can post misinformation as well, especially if they compromise admin accounts. Who are we gonna trust in the midst of the next incident? The account posting most prolifically about the UI exploit in progress was using a burner account that had just been created to post about it. I'm sure there were good reasons for wanting to be anonymous when discussing the work of unknown malicious actors, but it made me think twice about what was being posted at the time.
whilst I differ somewhat on sharing information on the exploit - knowing something about what was going on allowed some instance admins to take evasive steps - I agree with you completely that there could be a better channel for coordinating communication - I imagine a lot of the discussion went on via Matrix - under the circumstances the response wasn't so bad given the complete lack of formal organization but yes, it definitely could be improved - you sound quite well-versed in how to handle security/critical incidents. Maybe consider contacting the devs and offering them some help in this area?
Speaking to CNN‘s Fareed Zakaria on Friday, President Biden said he needed to send cluster bombs because Ukraine and the US are running out of ammunition. “This is a war relating to munitions. And they’re running out of that ammunition, and we’re low on it,” he said.
the FY2023 presidential budget request was $842 billion https://en.wikipedia.org/wiki/Military_budget_of_the_United_States
not enough for ammo, apparently.
Great work. Thanks for all the effort and info.
If you're installing a fresh checksummed Linux download and formatting the entire drive during install you shouldn't have any worries. Go for it.