~/projs

I like ~/w or ~/p options

Vscode is installed on windows. Then you install vscode ssh plugin from Microsoft and open ssh connection from vscode to any Linux including WSL hosted Linux.

I am a software developer and work on Kubernetes based project.

I was given a Mac laptop when I joined. It was a few OS releases behind, because corporate IT didn’t support newer versions.

Macs have to run some sort of VM to do docker based development.

VMs are not that great.

When time came, I requested a Windows laptop. I installed Debian on WSL 2. Then got it to run systemd properly and installed Docker on WSL. Then vscode on windows host with remote ssh into WSL.

Vscode ssh integration is probably best least known feature of vscode. However, initial connection setup always requires tweaking to get that best experience.

By the way, official docker setup is through VM on windows. WSL is not a recommended route, but one can get it working.

This setup beats Mac any day for me.

I wish I could run Linux on work laptop, but corporate IT doesn’t know how to deal with it.

My wife complained that Mac got worse at searching samba shares.

Corporate support for Macs is usually worth than on Windows.

It is a very risky move.

Fedora atomic or not is nice.

I got tired of manually installing Arch and was pleased with Fedora the most.

I actually run away from Mac. Mac OS X is long time as not Linux.

WSL is a way better option than whatever VM option is on Mac.

I am happy with WSL as well. I don’t try to get Linux GUI running.

I use vscode remote ssh session. I run docker natively on Linux, not on windows.

The trick is to get DBUS services running in whatever flavor of Linux you install. Don’t try running a full UI session.

The biggest problem I have on Linux is time drift after laptop goes to sleep. it is easy to deal with manually.

We always have to ask what language is it auto-completing for? If it is a strictly typed language, then existing tooling is already doing everything possible and I see no need for additional improvement. If it is non-strictly typed language, then I can see how it can get a little more helpful, but without knowledge of actual context I am not sure if it can get a lot more accurate.

Cargo is heavily used.

Your tutorial is the odd one.

https://www.latacora.com/blog/2019/07/16/the-pgp-problem/ is a good summary about the issue

Good counter discussion about PGP security

https://www.reddit.com/r/cryptography/comments/10cfslk/exactly_how_strong_is_pgp/

I would argue that latacora could be an attempt to push users into the systems that provide 3rd party service, which by definition of 3rd party service is not secure: WhasApp, Signal.

Only true P2P can be safe. PGP provides ability to send encrypted message using any means necessary: FTP, HTTP, anonymous services, USB sticks, anything.

Be aware, that trusted Certificate Authority (CA) configuration applies to ALL certificates issued by CA. Thus, if one elects to trust “actalis” CA, then they trust ALL actalis CA users.

If the process of obtaining certificate was extremely simple, easy and did not involve identity verification steps, then bad actors can take advantage of this process and create identities that your client application will trust.

By itself the bad actor identity is of little concern to anybody, but it can have a significant impact if trusted identity is used in spam filtering, exploits of email client bugs or other hack attempts. Trusted users may be given higher access privilege at the client application level, which may be just enough for hacker to gain required access. For example, client application may be configured to trust all trusted senders with MIME attachments. An unknown trusted user sends malicious Application as file attachment. Accidental double click lunches the application, because sender is trusted. Congratulations, machine is pwned.

What I take issue with actalis, is that they don’t just sign your private key but you actually get the private key from them. It then depends on how much you trust the issuer.

By definition, that key can no longer be considered “private”.

It is very important to emphasize that the key in this model is not “private” anymore. Thus, all the communication using this key is not secure anymore.

Private key is the one generated by hardware owned by the user and immediately secured with strong password. Ideally, private key does not leave the hardware that generated it. Thus, every device shall have its own private key.

In less restricted model, private key gets copied by the user to other hardware using media like USB stick or P2P communication model that does not use cloud services.

Yes, it exists.

But the receiving side needs to have its own certificate or to be more correct a private key represented by the certificate.

Most people don’t know or don’t bother to obtain one.

Same problem if PGP is considered.

Cert based solution is supported by many clients, so it is easier on end user than PGP. But PGP is easier to manage for free. So there are some trade offs on both sides.

The technology is very old for both cases. It has not caught on due to friction of key management (PGP private key or certificate in case of S/MIME).

It is perfect if you want to communicate with family or friends as you can ensure everyone in your circle has their own private key. Even then I guarantee you will experience some friction to get this through.

Organizations can have it easier as they can issue certificates to their users. But then problem of trusted certificate authority comes into play, if they use their authority. If they use well known authority, they have to pay.

So, you can see how there’s friction in the solution. IMO, It is a good solution.

There are no shades of grey in encrypted communications.

Your messages are either plain text or not to 3rd party.

Sometimes it appears to be encrypted, but there loopholes that make it possible to significantly reduce decryption costs. It is plain text to those who put the loopholes, like specially crafted constants in the algorithm.

Signal runs a service. Even if its source code is open source there’s no guarantee that that’s the code running on the server.

I don’t know the protocol, but I am concerned of man in the middle and how safe it is from man in the middle. In this case signal servers must be considered to be man in the middle.

The only system to trust is peer to peer with proven track record of sending encrypted data over public channels.

That’s PGP and Delta Chat utilizing PGP.

I bought 2 nice queen size beds for about $300. There’s no way local furniture store would produce the same prices.

Temu cuts out entire US retail chain including Amazon shop.

I buy local after I fail to find Temu, Shein or my time needs don’t allow waiting.

Whatever are those options?

Sweet story that omits more than tells

How did the pilot die during the missile strike?

It is a sweet story that forgets to mention that this missile strike shut off electricity in multiple regions despite report of 80% interception rate.

On that day the were multiple leaks of fireballs on the ground. Odessa, for starters.

Ukraine moved significant amounts of anti-air to protect its Kursk invasion of Russia. The result was a successful missile attack against military assets in Ukraine. One of the losses was F-16 with the pilot. How did he die? Was it long range anti-air hit at an impossible distance even for long range missiles? Or was it a hit on the ground? How far away from front lines?

Is it that acknowledging hit on the ground is revealing a successful hit of military airfield used to arm F-16? What about all those sweet intercept numbers?

The way article is written makes reader to think that F-16 was in the air, when it was hit. It is all about the way story was written. However, there’s no actual statement of how or were it was hit.

Russian unofficial telegram channels reported that F-16 was hit on the ground. F-16 is not stationed in Ukraine, but it gets armed in Ukraine to avoid accusation of direct NATO involvement. So, Russians managed to hit a highly missile protected the furthest away airfield in a time window of short F-16 armament.

Suddenly the story has a completely different meaning. That’s why it is a sweet story, that omitted more, than told us.

—-

Update: today’s telegram says F-16 was shutdown by friendly anti-air fire. Was it western supplied weapons that don’t have friendlies identification?

deleted by creator