IMO, that’s the shiniest thing

Can I just buy a phorus and connect to it?
Do I have to use their app?
If I have to use their app, do I need a phorus account?

For point number 2, security through obscurity is not security.
Besides, all issued certificates are logged publicly. You can search them here https://crt.sh/

Nginx Proxy Manager is easy to set up and will do LE acme certs, has a nice GUI to manage it.

If it’s just access to your stuff for people you trust, use tailscale or wireguard (or some other VPN of your choice) instead of opening ports to the wild internet.
Much less risk

Can’t wait for a tutorial on how to install steam OS on this. Seeing Microsoft try and compete with Steam on hardware price, means this either needs to be fantastic hardware, or a new user experience that’s better than the steam OS experience.
Their only in to the sector is either some exclusive bullshit that can’t happen on steam os, or better hardware that is actually worth significantly more than their asking price.

Unless they have some actually decent OS release up their sleeve…

Steam saying they are releasing steam os, and I’ve heard good things about bazzite… Could be awesome.
I think stream deck is still cheaper?

It’s open source.
just deploy it verbatim, and change your laws and taxes to work with what the web services do!

At scale, it can be considerably cheaper.
Limit data access according to security policy and some basic filtering from the request. It’s not a huge amount of processing for an API server to do.
Web pages, desktop app, mobile apps, other servers can all use it to access the data.
Template rendering is then done on the client side. So processing for that is done on the client, saving a lot of compute cost - meaning the servers can respond to more API requests.
Data transferred is lower as well. A template that gets populated by the client using data from an API request will be overall smaller than the full template rendered server side.
The client apps can then be entirely managed separately from the server apps, without having to be tightly integrated. This allows the front end team to do what they want, and the backend team do what they want - as long as the API endpoints are correct.

For most things, an SPA isn’t required or even desirable (which is why server side rendering of SPAs is a thing).
But SPAs should give a better experience to users, and can be easier to build.

Loads of SaaS/PaaS include things like saml, oidc etc only in the higher (or the “contact us”) tiers

You can distribute your public key, and have people manually add it to their trust stores.
But OSs and browsers ship with preloaded trusted certificates. This way, the owner of a preloaded trusted certificate can issue new certificates that are automatically trusted by people’s OSs and browsers.
To become a preloaded trusted certificate owner, I imagine that there are stringent audits and security requirements. Part of that will be verifying the identity of the requester before issuing them a certificate.

With LetsEncrypt, they either need to talk to a server hosted at the domain to retrieve a token (generated when the request is initiated).
This proves the requester owns/controls the domain and the server (the requester has correctly set up DNS records, and placed the required token on the server). This is HTTP challenge mode.
The other method is by a DNS challenge. The requester adds a TXT record to their nameservers with the token value, letsencrypt then inspects the DNS records for the domain and will issue a cert when it sees the token. This proves the requester owns/controls the domain.

So, proving identity is required (otherwise anyone could generate a trusted cert for any domain). And trusted certificate issuers are required, so people don’t have to constantly import (possibly dodgy) public keys

Oh, a real engineer? ducks

Default config is defined in the firmware. It can’t be deleted or changed (well, easily. I think there is a reseller option to have a custom default config).
The “no default config” means the default config will not be applied after the reset.
If you reset it again without checking “no default config”, then the default config will be applied.

“No default config” is very useful for applying your own config script. It gives you a blank canvas, making scripting a lot easier!

I have my “config.rsc” file that has the required configuration. And I have a “reset.auto.rsc” file that only has the command to reset the mikrotik with no defaults and to run the “config.rsc” script after reset.
“filename.auto.rsc” will be executed as soon as it gets FTPd (it’s a feature of mikrotik).
I use a bash script that FTPs the config.rsc file to the mikrotik, then the reset.auto.rsc file.
Makes it trivial to tweak the config then apply it, and I get all the config for the devices in easy to edit/diff script files.

99% of the police, yeh.
There are a few dodgy ones. And the system generally works to get rid of them. There are miscarriages of justice, and excessive use of force.

But, generally speaking, UK Police police by diffusing situations instead of eliminating them.
I’ve never had a bad encounter with the police. They’ve always been helpful, had some banter, or been polite but firm.
But I’ve never been on the wrong side of them. And I’ve never encountered them in a situation where the population is in the right but the laws are against the population (like a protest that gets “managed”). And it probably helps that I’m native etc.

I have no doubts that it’s different for other UK residents. So, I still judge news by the ACAB.
Withdrawing from X reinforces my beliefs that UK Police police in a good way.
If they move to Donny’s site, then I’m cooked.

The best thing is: if something doesn’t work, you tweak the compose file instead of having to retype or edit a command.

And you can have a GitHub of your compose files and any supporting config files.

I don’t get how some people can raw dog a docker run command!

If most devices had a usb-c loop through, that would be amazing.
Like, a stackable connector would be cool

Yeh, it’s there.
But Linux installers would straight up ask you. So you don’t even need to hit the CLI

Twitter operates servers in the EU. They will have at least Frankfurt server. Probably UK and probably elsewhere.
It’s geographically closer, so reduces latency and server load (faster to complete a request, faster to discard allocated resources).
It also gives redundancy. If Frankfurt DC explodes, the system will fall back to the next closest DC (probably London).

So let’s say that the EU DC stops existing. And requests go over the ocean to the US.
Twitter still has customers in the EU. They are still making money from EU citizens. Because twitter isn’t free. It costs money to manage, develop and run. Twitter tries to recoup those costs via adverts and subscription services.
So let’s say that twitter is no longer allowed to extract money from the EU. The EU bans companies advertising on twitter.
Any companies that have business in the EU (like selling to EU citizens) are no longer allowed to advertise on twitter.
Paypal, visa etc is no longer allowed to take payments from EU citizens for twitter services.
Any EU service that has twitter integrations is no longer allowed to charge for twitter features.
Basically, twitter has no way of getting money from the EU.

Why would twitter spend money to access the EU population. It’s a cost sink. Dead weight.
There is no growth. Getting 50 million new EU users means a massive cost increase.
Plus paying for that extra load on (say) US based servers, and their international backbone links. (Just because you can reach a server on the other side of the world for “free”, doesn’t mean commercial services can pump terabytes of data internationally for free).

So yeh, the servers could stay located in the US where twitter operations HQ is. Twitter could disband their international headquarters, so they no longer have companies in the EU.
But they wouldn’t be able to get any money from EU citizens. And if they tried to circumvent the rules, then they can be blocked by DNS and BGP. So the only way to access twitter is by a VPN.
That didn’t work well in Brazil, and twitter caved in to the demands of the Brazil government.

And it’s fine to continue to operate in the US.
But if it doesn’t abide by EU laws then it can’t operate in the EU.

America doesn’t set the worlds laws

Excel is great.
It does so much that people make it do what it shouldn’t, and never think to explore technologies beyond it… Like a proper fucking database.
Then you get garbage business systems based on fragile excel sheets with bonkers macros and weird ETL pipelines to sync things.
And never try to deal with dates and timezones.

My phone case has a magnet in it (so it mildly sticks to metal surfaces).
I’ve put it on a laptop and accidentally triggered the “lid close” sensor

It’s not difficult to define.
It’s about people’s choices.

People can choose to own a gun, choose to want to own a gun, choose to own a whole armoury.
I think owning a gun is stupid. I live in a country that successfully regulates guns.
Saying “I think gun owners are stupid” isn’t hate speech because they have chosen to own a gun.
If I said “gun owners should use their guns in themselves” that becomes hate speech because it’s wishing harm on them.

People choose to be Republicans, trumps choices in life are why he is where he is.
Hate trump because of what he does, not because he has blonde hair.

People don’t choose to be gay, or be trans, or be Jewish, or be black, or be short or whatever.
Which is another way opinions can become hate speech.
If I said “I think gun owners are stupid” that isn’t hate speech.
If I said “I think black people are stupid” that becomes hate speech because it is grouping people by something they have no control over.