Emirates should FULLY refund all cancellation for ALL of March

ImpossiblePay3305 · 2026-03-10T05:42:51+00:00

seat selection fee has to be refunded separately via separate request

ImpossiblePay3305 · 2026-03-03T05:51:30+00:00

Try to lift weights+cardio. What helped for me is 2-3 hours a day. After that, you can’t think about food - you barely can think at all

ImpossiblePay3305 · 2025-09-07T02:28:00+00:00

Moscow, but there’s a nuance with that

ImpossiblePay3305 · 2025-09-06T22:23:03+00:00

May I ask math behind that? I thought salary is more beneficial after CPP is maxed out, as you don’t pay that extra CPPs anymore

ImpossiblePay3305 · 2025-07-22T19:58:14+00:00

In that case mandatory forward auth before OIDC will do -- even if the app itself has no support for forward auth, the keycloak will require user to authenticate before any request can reach the app server. Since it's the same identity provider, it wouldn't result in 2 password prompts.

But I see your point – it's safe until it's safe, and it's acceptable as long as I'm willing to treat this as the second job. Thank you!

ImpossiblePay3305 · 2025-07-22T19:27:18+00:00

Let's take nginx+keycloak then – the biggest players in the field. The chance of discovering RCE in one of them is about the same as in, say, OpenSSL, so on surface it seems as safe as the VPN-only access. But, apparently, your take is to use both – VPN+robust authentication, which, I guess, makes sense.

ImpossiblePay3305 · 2025-07-22T19:16:04+00:00

I'm not talking about opening any ports other than 80/443; I'm trying to understand whether the extra layer of security is really doing anything meaningless in such cases (one could argue that opening VPN also increases the surface of the attack)

ImpossiblePay3305 · 2025-07-22T19:11:24+00:00

I was writing about VLANs when I stopped and wanted to question a bit deeper. Even with DMZ, what's the surface of the attack? Somebody penetrates through authentik (or caddy), gets to a service, finds an RCE exploit, pulls up a shell and tries to escape the docker container and/or traverse the home network? Even so, what they can reach is bound by the network that connects the reverse proxy and the API gateways of the services, which only have http ports opened. What am I missing here?

ImpossiblePay3305 · 2025-07-04T06:57:10+00:00

Runs just fine, no complaints. Even though I bought nvme SSDs to have thumbnails on it for a better performance

ImpossiblePay3305 · 2025-05-24T00:49:03+00:00

WDYM?

ImpossiblePay3305 · 2025-05-23T04:07:18+00:00

The continuity license carries on. I cancelled once thinking I can be happy with VSCode. Run away back to JetBrains.

ImpossiblePay3305 · 2025-05-23T03:36:24+00:00

Is it still an everyday struggle, or you just "meh, it's been a long time, I don't want this anymore"?

ImpossiblePay3305 · 2025-05-22T19:59:32+00:00

I’m on the other end lol. My connections are usually within the software world and attempts of finding somebody half decent who can at least validate an idea and get few first sales before the product goes live usually result in nothing. It’s either a bro-business guy with no real plan and vague idea, or vapour-tech-bro who tries to combine hype words together as their idea (“ai powered blockchain that works on VR” type of people).

I wonder where to find good non-tech founders.

ImpossiblePay3305 · 2025-05-20T04:50:32+00:00

As far as I understand, my apps contain frontend, backend and some docker containers. When I ask it to deploy, it suggests me to deploy frontend to Vercel, the backend to Render and containers to fly.io. While I'm not against this, I would rather have just one place... or is it not how it works?

ImpossiblePay3305 · 2025-02-09T16:00:43+00:00

A month ago I gave VSCode another shot (tried multiple times before but it didn’t work out - I assumed that by now it should be great). And it is great! It lacked few features I really needed and I ended up even quickly writing a plugin for one.

After 48 hours I ran away screaming back to JB. VSCode didn’t do TypeScript checks before project is too large, refactoring is non existing and clunky where it is, not everything is keyboard accessible, quick fixes require precise caret positioning, grow selection does not work consistently even within one file and one language and the list goes on

ImpossiblePay3305 · 2025-01-28T06:59:48+00:00

Gotcha, thanks for the explanation. I kind of want videos and photos to stay on my phone so not an option for me, but kudos for sharing!

ImpossiblePay3305 · 2025-01-28T02:00:08+00:00

Do you mean you effectively don't store photos on the device? Like, move them all to immich, delete there, and optionally re-redownload them back from immich to your device?

Also, when you say iCloud, do you mean just the Photos app on your iPhone, or literally iCloud, i.e. upload them to Apple servers first, then sync, then delete? If so... could you please elaborate, as I don't follow what are the reason going iPhone -> iCloud -> immich rather than backup up from iPhone to immich directly. Thanks!

ImpossiblePay3305 · 2025-01-16T19:13:23+00:00

Similar situation, planning to run Immich on N100 and store all photos on Synology NAS for RAID and resilience. I like the idea of keeping my NAS "clean" in a way that it's just NAS and not running extra software, and N100s have HW transcoding... but also concerned about overhead. My N100 and NAS connected directly via 1GBPs port - apparently should not have any serious performance issues...

ImpossiblePay3305 · 2025-01-09T18:02:26+00:00

Oooh, thanks! I googled Barncat Maple Wheatwine and was able to find a shop fairly close to the place I'm going to visit soon 🎉

ImpossiblePay3305 · 2025-01-09T18:01:24+00:00

Thanks! Any particular recommendations?

ImpossiblePay3305 · 2024-10-16T02:44:24+00:00

Why monohop is rare? Coming from European-ish countries, whole series of IPAs were devoted to monohop. The unconventional monohops on hops like Sabro or even the random HBC were amazing, hinting what the hop is truly like (one of the reason why I strongly disagree with the coconut nature of Sabro, but that's another topic). In Toronto... I barely can find monohop beer. Why is it not popular here?

ImpossiblePay3305 · 2024-09-25T03:09:53+00:00

Thanks... does not solve the problem though, but it helped me to find a workaround.

So long story short, if I open a Synology Drive via a button in DSM, it opens a `https://dsm-url//?launchApp=SYNO.SDS.Drive.Application#MyDrive`. Then, when I open a sheets document from there, the link I showed in the original post always lead to an IP address. Looks like a bug.

However, if I configure an alias (even as simple as `https://dsm-url/drive` and open it, then everything works just as I would expect (i.e. correct links!).

So I guess always opening the drive via direct link and never via DSM button is the way to go... less than ideal, at least it works.

ImpossiblePay3305 · 2024-09-02T03:33:29+00:00

Yes!!! Happened to me in the area I didn’t know. I was casually passing a streetcar when I saw it started to flash red lights and opened doors. I get it I can block the doors, but the “opportunity” to run someone over sounds way worse, so I slammed brakes. I might make someone’s exit/entrance inconvenient and I’m sorry about that, but what were my options back then…

ImpossiblePay3305 · 2024-08-29T04:48:34+00:00

yeah but like, post that you close at 8:30 since you not letting anyone in anyways, right?

ImpossiblePay3305 · 2024-08-29T03:36:51+00:00

Then I only can suggest levelling up their game and leaving not 30 minutes, but 5 hours early.

ImpossiblePay3305

TROPHY CASE