> If it’s your own personal blog, then for sure no need to read the code,
I can off the top of my head think of at least three ways in which being careless with the code powering "your personal blog" could have real consequences. Suppose it has a bug which allows unauthenticated users to manage your pages, or even worse remote code execution. Then it could be used as a jumping-off point to attack other systems, for instance by turning it into a C&C server for some malware. It could be used in a "watering hole attack" against your readers. Or someone could edit the blog articles to make it appear that you said something you didn't.
"Not reading the code" is irresponsible for any software exposed to the global network.
> Every home gets a dedicated 4-strand fiber line. Point-to-Point. Not shared. Not split 32 ways. [...] That dedicated fiber terminates in a neutral, open hub.
If you think about it, other than the "neutral, open" part, it's a return to the traditional phone model, where every home gets a dedicated point-to-point copper pair (or sometimes two pairs), which terminates in a hub (the telco central building) nearby, instead of being shared between several homes (though I've heard that, in the distant past, phone lines were also sometimes shared between households).
Until the place you're VPNing to happens to use the same RFC1918 network address as your LAN (that is, your LAN is 192.168.10.x and the network on the other side of your work's VPN is also 192.168.10.x). Or either of them use the same RFC1918 network address libvirt is using for its virtual network. Or you want to route between several LANs (for instance, after a company merger) and some of them (but not all) were using the same RFC1918 network addresses.
All of this is avoided by using public addresses for LANs, but address scarcity makes that hard with IPv4 (unless it's a legacy LAN from the 1900s which happens to still use public addresses form the pre-NAT era).
Don't confuse "simple and good" with "flawless" :-)
There are indeed only a few private-reserved IPv4 ranges, and almost everyone prefers to keep things memorable and easy to type; you get a lot of 10.0.0.0/24, 192.168.0.0/24, 192.168.1.0/24 as a result. That, and common household routers tend to default to one of these three /24 subnets. (Hardly anyone seems to remember that 172.16.0.0/12 exists, feel free to use that if it happens to work for you.)
IPv6 does solve this issue in a few major ways, one of which is the greater expectation to rely on globally routable addresses, of which every one of your devices will have at least one such address. There's also fc00::/7 which is fairly equivalent to the IPv4 private ranges, though to avoid conflicts in random VPNs you should generate a random /64 prefix inside of this, otherwise you run the risk of everyone picking fc00::/64 because it's easy to remember/type (I'm guilty of this myself, but the VPNs I've configured just go into a random 172.16.0.0/12 subnet and no v6 assigned. I have the liberty that I currently don't need/use any VPNs that I haven't personally configured, and that may not hold true in the future.)
> all of those things have a single common denominator: Microsoft, over you, getting to decide what your computer is doing. [...] OS (and device) manufacturers have gotten it in their heads that it's OK for them to have a strong say in what your computer runs.
As I've said before (https://news.ycombinator.com/item?id=44923555), in my opinion the starting point of this slide for Microsoft was WGA on Windows XP. It was the first time that they made the operating system treat the computer's administrator as hostile.
Not coincidentally, that was around when Microsoft really internalized that they are an enterprise company, not a consumer company.
In enterprises, the local user IS hostile, or at least some percentage of them are. The ethos of “we can’t trust end users” leaked from enterprise fixation into general Microsoft culture.
Local user being hostile should be a user group setting in enterprise versions, not a default across all versions of them.
But now that I think of it, I was pretty hostile to my computer when I was ten years old and running windows 2000. I don't think we ever saw so many pop-ups before.
But even so, the admins of the computer system should have control over their computers. I can understand if my mom's user profile might have limitation, but the my admin profile should not.
Security isn't an unqualified good. You're always secure somethingfrom some threat. Keeping the subject and the threat actor implicit is causing confusion in minds of many tech people, and is in part the reason how we land in situations like this.
Windows is not just an operating system on your computer. It is a product (nowadays, a service) of Microsoft. Some security systems in it are meant to protect the PC/system/user from external threats. Others are meant to protect Microsoft, and Windows as a product/service, from the user.
Being specific about what is being protected and from whom, is more important than specifics of the actual security technology. After all, depending on the answers to those two questions, the very same security technology is protecting you from a cyber-criminal installing a rootkit on your PC, protecting Microsoft from you pirating Windows, and protecting copyright interests from you trying to watch a movie in a geographic location they don't want you to watch it in.
> By the time you want to upgrade a machine part (c. 5yr+ for modern machines), you'd want to upgrade every thing,
That's only the case for CPU/MB/RAM, because the interfaces are tightly coupled (you want to upgrade your CPU, but the new one uses an AM5 socket so you need to upgrade the motherboard, which only works with DDR5 so you need to upgrade your RAM). For other parts, a "Ship of Theseus" approach is often worth it: you don't need to replace your 2TB NVMe M.2 storage just because you wanted a faster CPU, you can keep the same GPU since it's all PCIe, and the SATA DVD drive you've carried over since the early 2000s still works the same.
Even this is understating it; if you buy at the right point in the cycle, you can Ship-of-Theseus quite a while. An AM4 motherboard released in Feb 2017 with a Ryzen 1600X CPU, DDR4 memory and a GTX780 Ti would be a obsolete system by today's standards. Yet, that AM4 motherboard can be upgraded to run a Ryzen 5800X3D CPU, the same (or faster) DDR4 memory, and a RTX 5070Ti GPU and be very competitive with mid-tier 2026 systems containing all new components. Throughout all this, the case, PSU, cooling solution, storage could all be maintained, and only replaced when individual components fail.
I expect many users would be happy with the above final state through 2030, when the AM6 socket releases. That would be 13 years of service for that original motherboard, memory, case and ancillary components. This is an extreme case, you have to time the initial purchase perfectly, but it is possible.
> How is this going to work? You need uncontrolled compute for developing software.
I've read about companies where all software developers have to RDP to the company's servers to develop software, either to save on costs (sharing a few powerful servers with plenty of RAM and CPU between several developers) or to protect against leaks (since the code and assets never leave the company's Citrix servers).
> Why is that argument always applied against Linux, and never against for instance macOS, which also can't run Windows software?
There's a certain type of technical user that gets joy from coming up with arguments, good, bad, or just pulled out of their butt, explaining why people can't use Linux. I'm not going to spend my day trying to understand people's unusual preferences.
> Take away the car and people cannot live. [...] It is almost impossible to find a job and a house you can afford in walking distance of each other,
As a Brazilian, that statement feels bizarre. Yeah, my job and my home are not in walking distance of each other. I simply take the bus. Sure, some jobs are not within reach of the bus (or the ferry, or the metro, or the light tram, etc), and some jobs need a car (for instance, it would be hard for a HVAC technician to take all their equipment on a bus), but saying it's "almost impossible" to find a job?
> demanding there be things like grocery shopping as well make it not feasible for most people.
That also sounds bizarre to my ears. Most places I've known have small grocery shopping places on nearly every corner. You just have to walk.
Unfortunately that just isn't true in large parts of the US. Many cities have no public transit, and no accessible grocery stores.
Being able to live car free is pretty much limited to (expensive) major cities and some (expensive) mid-sized college towns.
The city of about 50,000 I'm from not only has no public transit and limited sidewalks, it doesn't even have crosswalks across the two main 6-lane roads that divide the city, so you can't safely walk more than about a mile even if you wanted to.
Even in cities with public transit often it is so bad that isn't reasonable to expect someone to use it. Reasonable transit must run 24x7/365, at least every half an hour. Miss a day and someone can't get someplace they might want to. More than half an hour between bus/trains and it isn't reasonable. Miss the over night - maybe you can do this if you have taxi service for the same price (which might be cheaper overall for the few people who want to ride at 3am). Half hour is the minimum, it is possible to plan your life around that level of service and not be impacted too badly, but you will hate it (particularly when the line is a little longer than you expected: you miss your bus and so your ice cream melts by the time the next comes)
Not just the US, it's like that everywhere. Private transport will always be necessary as people need to go on routes with low demand. Only counterexample I can think of is Singapore, which has a vast network of buses and trains that go to everywhere.
Even in cities with public transit cars have a very high mode share in rich countries. Some of it is 'trades' that need to carry tools and parts with them, but a lot could take transit but don't for unknown reasons
"Being able to live car free is pretty much limited to (expensive) major cities and some (expensive) mid-sized college towns"
I live in the UK (hardly a bastion of public transport) in a town of under 10k, and have a car. The main requirement for a car is to take my youngest to Drama club in the next town where it finishes at 9pm, well after buses have stopped. There is a drama club in the town, but as we only just moved we didn't want to move him. Likewise we're driving him to his old school until the end of July as he'll move school then.
I used to live in a village of 300 people, and sure you need a car there.
Sure it was nice to drive the 4 miles to the garden centre at the weekend rather than take the hourly bus, but it's not a requirement.
For a town of 10,000 people, let alone 50,000, to say you can't live car free is nonsense.
Of course America is different. Their towns are far less dense, they don't even have "sidewalks", they are consciously built so you have to drive everywhere, but that's unique to the time American towns were built.
So again, what towns in Europe with a population of 50,000 have no public transport.
As an American I can report there are sidewalks nearly everywhere. They are used for exercise only: getting anywhere is frusterating but if you just need to run (or walk the dog) they are great.
Where I live I would half to walk about a half day to get to the nearest place that sells any kind of food and back, which is a 7/11 gas station. To get to a real grocery store and return would require a full day's travel on foot (just checked google maps, 4.5 hours one-way to the closest one). There is no public transportation option at all, the only buses are school buses until you get much closer to a major city. Driving is a necessity in such places.
I live in a well populated East Coast state, so it's not like I'm even really far out in the sticks too, there are many places which are even worse off in these regards.
There are no buses to take here, and the distances are looooong. Your job or grocery store could be 15 miles away, and that's in an urban-ish area. Rural, it's much worse.
> It's set by the administrator of the computer, so a parent can set it for their child instead of hoping their child is honest to every single individual site.
You are assuming the parent is the administrator of the computer.
> One 'answer' to this concern is to have a 'leap hour' or something in the future (some future generation's problem, not ours)
A simpler solution: we already have an offset between local time and coordinated time, just change that offset. So, for instance, Brasília Time, which is currently UTC-03, would become UTC-02 or UTC-04, depending on which way the change went.
I can off the top of my head think of at least three ways in which being careless with the code powering "your personal blog" could have real consequences. Suppose it has a bug which allows unauthenticated users to manage your pages, or even worse remote code execution. Then it could be used as a jumping-off point to attack other systems, for instance by turning it into a C&C server for some malware. It could be used in a "watering hole attack" against your readers. Or someone could edit the blog articles to make it appear that you said something you didn't.
"Not reading the code" is irresponsible for any software exposed to the global network.
reply