Running an update script every day is good. Certbot defaults to running twice a day. Just use something with similar logic, waiting to renew short-lived certificates until halfway through their validity period. That way the actual load is nice and spread out. And you should get that logic by default if you do a normal setup.
If I would use short-lived certs I would make sure to choose an ACME client that has support for ARI (ACME Renewal Information). Then the CA will tell the client when it’s time to renew.
² By the seventh day God had finished the work He had been doing; so on the seventh day He rested from all His work. ³ Then the on-call tech, Lucifer, the Son of Dawn, was awoken at midnight because God did not renew the heavens' and the earths' HTTPS certificate. ⁴ Thusly Lucifer drafted his resignation in a great fury.
I just got home from a stressful day in retail (oh who am I kidding; every day is stress in retail) and this gave me a chuckle I really needed. Thank you.
Standard memory disclosure: the apple when eaten would be freed, but it would still be read, leaking its contents. Luckily its volume was low, so they couldn't exfiltrate all of it. But still, the heavens are closed for maintenance, pending a rewrite in Rust.
The CA/B Forum defines a "short-lived" certificate as 7 days, which has some reduced requirements on revocation that we want. That time, in turn, was chosen based on previous requirements on OCSP responses.
Those are based on a rough idea that responding to any incident (outage, etc) might take a day or two, so (assuming renewal of certificate or OCSP response midway through lifetime) you need at least 2 days for incident response + another day to resign everything, so your lifetime needs to be at least 6 days, and then the requirement is rounded up to another day (to allow the wiggle, as previously mentioned).
Plus, in general, we don't want to align to things like days or weeks or months, or else you can get "resonant frequency" type problems.
We've always struggled with people doing things like renewing on a cronjob at midnight on the 1st monday of the month, which leads to huge traffic surges. I spend more time than I'd like convincing people to update their cronjobs to run at a randomized time.
I have always been a bit puzzled by this. By issuing fixed length certificates you practically guarantee oscillation. If you have a massive traffic spike from, say, a CDN mass reissuing after a data breach - you are guaranteed to have the same spike [160 - $renewal_buffer] hours later.
Fuzzing the lifetime of certificates would smooth out traffic, encourage no hardcoded values, and most importantly statistical analysis from CT logs could add confidence that these validity windows are not carefully selected to further a cryptographic or practical attack.
Why shouldn't Apple be able to charge whatever the fuck they want on their own platform, while users of their platform can? Now Sweeney can sell vbux to kids and Apple has to just grin and bear it?
Apple needs to be broken up and separated from the App Store. Apple sells devices, and I buy one expecting to own it outright. When you own something, you should be able to install whatever you want without interference from Apple.
How is the iPhone different from the Macs? I can install anything I want from any source on the Mac, but I can't do that on the iPhone. Doesn't make any sense.
Whoever owns the device can do what they want with it, Apple cannot tell you what you're allowed to do with your phone. You're making up a scenario in your head.
This goes both ways - when Apple produces a phone, they own it and they're also free to load whatever software they want onto it. They then enter into voluntary transactions with others, in which the ownership of the phone is transferred along with the right to load whatever software is desired.
If you can't figure out how to load your desired software onto an iPhone, don't buy one. But it's certainly not Apples problem at that point since, as you said, they no longer have a right to any say in how that device is used, and thus also give up any responsibilities you seem to desire.
What a trendy article, in tune with our recently linear-algebraic turn in how we see language thanks to LLM's.
But I think this exposes an even greater problem, where words thought to be direct translations will always drift in vector value as they are weighted for attention within their respective corpora. Are we on the brink of translation-nihilism?
This isn't even limited to complex phenomena or shades of snow. Even "I like" is a different construction in many languages, in an unexpected way to new language learners.
I'm tired of software getting out of its lane. For an OS, I just want it to run shit. For a browser, load web shit. Why does it need to do AI?
Can Firefox do the bare minimum? It doesn't even have dark mode, which Chrome has had for years.
I don't want pocket, "Normandy" (botnet), Mozilla Sync, Mozilla shilling a VPN and checking all my emails against darknet lists, none of that, certainly not by default. Just render web fast, don't phone home, give me dark mode and a decent reader mode, put fucking RSS back in.
Nice try. Maybe when Democrats decide to uphold their own values and defend the working class, people will come back in from the cold. Until then, burning it all down is perfectly understandable. Betrayal stings and vengeance sometimes takes the form of scorched earth. At least with the Republican Party people know what they're getting.
As long as the Democratic Party keeps its current shape, people will continue to distrust it.
Thanks, wish I could say the same to you my friend.
What does the Democratic party have to do with the current US government, when the other party controls all three branches of the federal government? Unless I am misreading you, this seems like a complete non-sequitur.
Republicans won because Democrats sold out, and Americans feeling hurt by the powers that be would rather throw a wrench in the works (or a hand grenade in the case of Donald Trump) than keep voting Democrat
I agree that the establishment Dems would rather risk a Trump, than a Sanders. The fact that any of them have the gall to show their faces after the last 20 years of meh/pure failure is astounding. Where is the project 2028 plan? Crickets.
I would also like to point out that everyone else fell for anti-woke (McCarthyism spelled differently), fReE SpEaCh!, and Haitians eating your pets. So yeah, it's 100% the Dems' fault cause Genocide Joe!
The sooner we all admit that we are all easily programmed meat machines, myself included, the sooner we can move beyond the current insanity.
We all got played. Let's all admit it together. Is that really too much to ask?
One feature of this problem that I don't see people address is that there are plenty of very real issues, which people really care about, which get really terrible treatment on both sides. One side exaggerates the problem, the other side downplays the problem, and neither are correct. Crime rates in cities would be one issue that fits this nicely. I don't really care if crime is better than it was in the 70s if I have deal with burglary, home invasion, and many other problems. On the other hand, cities have dealt with high crime problems in the past, and the answer has never been to bring in the military. (closest thing here would probably be the LA riots which were a specific constrained event rather than just prolonged high crime.) Civil liberties and federalism are incredibly important, and bulldozing those because crime is too high is insane.
Neither side wants to really admit the others' point out of fear it would weaken their argument. Combine this with our crazy modern partizan hatred (ie, a fixation on how much you hate the other side, but very very little care to how your side is acting) and you have debates which don't go in a productive direction whatsoever. ie, we should admit that crime is a problem and prescribe real solutions. Baltimore is actually a great example here and their murder rates has dropped off a cliff. They improved some social programs, and also actually just started arresting people and keeping them in jail. (https://foxbaltimore.com/news/local/baltimore-homicide-rate-...) This is another case where one side would want to point out the social programs while the other side would want to point out the arrests. But boy I just don't even care when the crime rate is dropping. And crucially of course, they didn't use the military to do it.
I beg to differ. Far from claiming "both sides" or some similar malarkey: yet we are all humans, we all have our triggers, we are all easily fooled. This is as close to enlightenment as I will ever get.
If we cannot even admit this commonality, then we will continue to be divided and concurred by certifiable idiots.
> If we cannot even admit this commonality, then we will continue to be divided and concurred by certifiable idiots.
To continue my thought, we aren't all the same because:
1. Some can admit that they've been played, some can't.
2. Some think that fooling is easy to do, others are aware of the amount of effort and money thrown into it.
3. Some understand that people are different, some don't and hope for an imaginary uniform response.
> Far from claiming "both sides" or some similar malarkey
The question is, can the evidence for that be ignored as "malarkey" without careful investigation? Is there any rational basis for such an approach?
Outwardly, the two sides are not the same, they act according to different and rather rigid programs. However, before counting the number of bugs in each and assessing their scope, we can't claim that the sides are materially different.
Thank you for your thoughtful reply. I have been spending a lot of time thinking about this. I have personal opinions/biases on all of this, and it seems to be the issue of our time.
There was a quote from a Montenegrin political blog-spammer back in 2015-2016 that has been stuck in my mind ever since. He lived in this village full of other nerds, and they made money by getting clicks based on political posts aimed at the USA, as that was where the adsense money was best. The village had a crazy amount of nice cars, and that brought international journalist interest. In an interview, the guy said "The Trump people are great, they will literally believe anything. The Sanders people are annoying, because they always want sources." Don't shoot the messenger, that was the reporting.
Back then, I was not very charitable on the topic. Later, I saw this happen in my own family. Even later, on the other side, I saw "genocide Joe" people on the left, under utterly insane banners like "trans jihad." I then became more charitable towards all people who had fallen under the spell of propaganda.
The right in the USA is objectively entirely off the rails, 100% vibes, no sources. Every single talking point turns out to be a lie after you do 5 seconds of research. But the voters believe that they are protecting their families, maybe they are fed shit like "Haitians are eating your pets," but they are being played by assholes appealing to their misguided protective instincts.
But, even young trans Americans can get talked into thinking that they support "jihad" by some Twitch streamer, and not vote at all...? That's the kind of anti-self interest voting pattern that I had always only assigned to to right! Except in the Genocide Joe/Trans Jihad case, it's far worse!
Well, that's when I affirmed my belief that we are all easily programmed meat machines, across the board. Some more easily than others, some for noble reasons (based on my beliefs), and many more for dark reasons... but man, I am going to try to bring us all back together every chance I get. I won't get everyone, I might not get anyone, but even getting a single person to stop and think is worth a thousand typed comments.
It's how we got here. We had four years to know who Trump is. We (collectively) voted for him anyway. Why? At least partly because the Democrats have totally abandoned being the party of the working class.
Their message for the last ten years (plus or minus some) has been that if you think that an unborn baby deserves legal protection, if you don't think that trans people belong in womens' restrooms and on womens' sports teams, if you don't think that gay marriage is a good idea, then you are an irredeemable moral leper, and their goal is a complete destruction of your culture. If you're, say, poor and white and blue-collar, they still are totally against you, even though you're the people that they have, historically, represented.
A bunch of those people voted for Trump (or didn't vote at all), knowing what Trump was. They voted for the guy who at least pretended to care about them.
And, really, why did they expect a different outcome?
That's what the Democratic Party has to do with the current US government. Them abandoning their core constituency is a critical enabling step for us to be where we are.
Does that make it all their fault? No. But wow, did they ever bungle both the 2016 and 2024 campaigns.
> Their message for the last ten years (plus or minus some) has been that if you think that an unborn baby deserves legal protection, if you don't think that trans people belong in womens' restrooms and on womens' sports teams, if you don't think that gay marriage is a good idea, then you are an irredeemable moral leper, and their goal is a complete destruction of your culture. If you're, say, poor and white and blue-collar, they still are totally against you, even though you're the people that they have, historically, represented.
The opposite of your point is that I recall the GOP frequently calling anyone in favor of abortions murderers, people who are gay or transgender pedophiles and that non-whites are destroying our nation. This isn't even a recent phenomenon either, this was all stuff I heard decades ago just slightly less overt.
Mind you, I don't disagree that the Democratic Party is a complete waste, because they are. But you're arguing simultaneously that they had toxic core principles which alienated their voting base, but the reality is that they've never had any principles at all. They've had no issue for as long as I've been alive negotiating and watering down their platform into absolutely nothing for the sake of trying to cater to the people who vote for the GOP which is the actual reason why we're here today. And their plans for the future mostly involve doing the same thing: making concessions on abortion, throwing minorities under the bus etc for the sake of trying to appeal to people that will sooner vote for Bootstomper Jr provided that they make a pinky promise that they won't stomp on their head too hard.
It always bugs me when I see people saying "unborn baby" - it's a foetus if it hasn't been born. There are exactly zero unborn babies getting killed by abortion services as they don't become babies until they are born.
> The opposite of your point is that I recall the GOP frequently calling anyone in favor of abortions murderers, people who are gay or transgender pedophiles and that non-whites are destroying our nation. This isn't even a recent phenomenon either, this was all stuff I heard decades ago just slightly less overt.
Yes, and they attract independent voters with that. (Though a big reason is that the GOP has exceptional information dominance - they can convince a large part of the public of whatever they want to say; the Dems are effectively silenced.)
> At least partly because the Democrats have totally abandoned being the party of the working class.
Who do the Dems represent? Milquetoast moderates who favor hiding their heads in the sand rather than address critical issues like freedom, democracy, rule of law, hate, disinformation, tech, etc ... ?
The Democrats are so afraid of conflict that they stand for nothing (quick, name what they stand for) - so afraid that the attack members of their own party, progressives, who fight for anything. So they are left with the above demographic, and with weak support from them because, it turns out, cowardice and ineffectiveness doesn't inspire people. And they get votes from people whose dislike of the GOP is enough that they'll vote for the Dems regardless.
They are also absurdly ineffective at communication. They can't even overcome the people who say Dems are child molesters and Obama was from Kenya. I read that a Dem Congressional livestream about the shutdown peaked at 1,000 (one thousand) viewers. :D
In the NY Times in recent days is a debate over what milquetoast policies will win a few extra percent of the vote - they say that moderation is the way! The Dem elite don't realize that the problem isn't policy - Trump does great with all-time bad, all-time extreme policy - the problem is them.
> At least partly because the Democrats have totally abandoned being the party of the working class.
What would it take for the Democrats to become the party of the working class? Do you think raising the minimum wage, universal pre-k and childcare, paid family and medical leave, ACA expansion, etc. are working class policies?
Either Republicans must be the party of the working class or being "pro working class" isn't necessary to win the elections. Which one is it?
> A bunch of those people voted for Trump (or didn't vote at all), knowing what Trump was. They voted for the guy who at least pretended to care about them.
Tons of farmers, small business owners, federal workers, women who believed IVF would be free would disagree with you on the first part. And for the "pretend" part, you mean lie, right? So do you think Democrats need to start outright lying?
Oh boy! As someone from another democracy (so far) who saw it happen exactly like this slightly over a decade ago, I'd say your Democratic Party has everything to do with it (just like our own equivalent). Republicans didn't win; Democrats handed that win on a platter, and that too when they had seen it play out once already just one term ago!
This is the kind of politely dismissive language that pushes the other side even further :)
Democrats can't be expected to be the only functioning people in politics and the sole thing holding society together.
When Dems lose, its Dems fault. When Dems win, its Dems fault. When repubs win, it's also Dems fault. When repubs do something bad - believe it or not, Dems fault.
Republican representatives are not stupid babies. They are grown men and women. They are intentionally fucking Americans up the ass. It's not an "oopsy!" situation.
I think you left out the part about the Knights of Malta being a powerful group of individuals throughout history, with many prominent members in high places who are sworn to secrecy regarding their occult society and its dealings.
- 8 is a lucky number and a power of 2
- 8 lets me refresh weekly and have a fixed day of the week to check whether there was some API 429 timeout
- 6 is the value of every digit in the number of the beast
- I just don't like 6!
reply