No such thing as good DRM. All DRM is broken by design, and exists to take your rights away. Never make excuses for this garbage software. DRM must die.
climbing walls or being stuck in the wilderness with a bike don't sound like fun at all. pointless. I don't think your suggestion is helpful for people that have depression. The metal working suggestion from parent is far more helpful, as you are actually making something.
Rock climbing is like solving a puzzle with your body. You can't just go straight up. You have to analyze all of the differently shaped holds and walls and figure out how to position your body to maximize your grip while minimizing the amount of energy you need to expend. There's also a difficulty rating system, so you feel rewarded when you manage to finish a new level. But if you're not motivated by leveling or puzzle solving, it's probably not for you.
Any australian working in the US that is able to obtain PR or citizenship likely has a well paid job that provides health insurance. While I feel for the folks in the US without coverage, lack of access to affordable health care does not really apply to employed, skilled immigrants. In my experience US health care is the best on the planet, its also the most expensive.
From my perspective, US health care is way above the quality of healthcare in Australia. Price, not so much...
Australia has a very high standard health care system. Probably on a par with the UK and the U.S.
Given that insurance companies will soon be excluding "pre-existing conditions", there's a good chance you can't get insurance under a corporate plan anyway.
You don't need to store 3 hashes, infact, you would need many hashes for all possible cases. It is easier to drop all cases pre hashing, and only store a lower case hashed value.
Hashing the the lowercase version of the password string is not the same as what they’re doing. What you’re suggesting greatly reduces the security of the password, what they’re doing only divides the search space by 3 (which is nothing).
Its pretty easy, you configure your logging library NOT to log the attribute, key/value pair, whatever containing the credential. If you can't modify it on the server side (which you can lazy bones), you tell your central logging system to mask it out before it is written to disk.
This isn't difficult or non-standard. If you are logging all client request/responses full take including auth creds, credit cards, SSN, etc, you are likely doing it wrong, and possibly violating some industry regulations.
You really want to do this if you use Spectrum Cable. You are locked out of configuring the DNS settings via their cable modems (even if you supply your own). These force a DNS search suffix that leaks all DNS requests to their server, even if you are using another public DNS. I noticed network manager kept forcing the DNS search suffix, even after I manually disabled it. I did the config change to disable it messing with the resolv.conf
You can easily configure Network Manager to ignore anything from the DHCP, including DNS (properties ipv4.ignore-auto-dns and ipv4.dns* on your connection).
DoH cuts both ways, so be sure you know what are wishing for.
Yes, it allows you to prevent your ISP manipulating your DNS. Your ISP has no way to know when you are resolving, because it is masked in other HTTPS traffic.
But it also allows the apps to prevent you from manipulating their DNS. You don't know when an app is ignoring the resolver you configured system-wide, because it is masked in its HTTPS traffic.
There is a worrying trend that apps (browsers especially) are ignoring whatever you configured in your system, and are becoming basically a blackbox outside your control with a wide open connectivity to the Internet. No explanation needed, what that means for any privacy left.
Use a firewall with nat to redirect all dns traffic to a DoT or DoH dns proxy in your network.
That way you dont have to tunnel all your traffic. (Though technically you could also use the tunnel for only DNS, but its not much easier than the solution above if you want this to apply to all your devices)
If they’re intercepting and changing your dns packets, what else are they doing? At the very least you can assume port 80 is unsafe, and should be tunnelled. SNI as a privacy problem too, so forward 443.
That's a little ridiculous. I've read[0] that Chromecasts, which are fairly common, won't work if Google DNS is unreachable (also by itself an issue), so I'm surprised they didn't get a lot of complaints.
Did you update the wikipedia article with the correct citation? Its easy to complain on HN, takes a little more effort to correct misinformation for future internet users.
