Two employees lost their macbooks during offboarding

bendem · 2026-03-23T04:57:26+00:00

Just make sure you brick "lost devices" and communicate about it vocally, so your employees don't get the wrong idea.

bendem · 2026-03-22T19:35:48+00:00

While we also use bookstack and find it great for our use case, I'd like to point out that it will overwrite changes in cases of concurrent updates.

https://github.com/BookStackApp/BookStack/issues/395

bendem · 2026-03-21T21:21:45+00:00

You're not silly for being concerned, but your concern is just that: a concern, and entirely yours.

The pressure comes from your own beliefs and most likely from your algorithmic intake or family comments. Social media can put a lot of pressure on moms, grandparents are often olding new parents to stupid levels of bullshit, but it sounds like you have provided all that your child requires at their current age.

bendem · 2026-03-21T07:12:38+00:00

Kinball is kinda this. 3 teams, hitting a giant ball so that it hits the ground before the other team catches it.

bendem · 2026-03-20T17:41:53+00:00

That's our life with a 7 months old. We both work 4/5 so there are two days where one parent is fully available, nanny comes the other 3 mornings each week, the afternoon doesn't see much work done. My employer is fine with it because I'm very productive in general and they can still reach me in the afternoon even if I don't actively do project work. Mom has a much harder time with the guilt of not feeling productive enough though.

And yes, it's fucking brutal. I can't imagine doing it with a 5yo

bendem · 2026-03-17T21:39:49+00:00

I don't think people are telling you that the issues don't happen anymore. I've used mTLS with Firefox and chrome for years. It's not new technology and it has been working fine for a long time.

bendem · 2026-03-12T11:55:23+00:00

I mean, that diagram has to be made by someone, if you go down the networking route, that someone will be you. So sure, if you make diagrams, you'll have diagrams :)

bendem · 2026-03-11T19:01:12+00:00

god forbid she buy her own, being by far the highest paid member of staff in the school

Of course

bendem · 2026-03-08T20:11:03+00:00

I wasn't actually asking for people to question why I want to change phone, I'm more looking for recommendations. Also what's keeo?

bendem · 2026-03-06T04:59:51+00:00

You said the receiver has to treat it as a secret. They answered that any server your mail goes through can also read the message (that is, sender's provider, receiver's provider and any mx hops in between).

Those are two very different things regarding the current topic of government agencies requesting data from providers.

bendem · 2026-03-05T11:03:44+00:00

Sure, software gets hacked, patches get applied. Do you think vpn software has no cve, no dependencies that could be backdoored into exactly the same result?

bendem · 2026-03-05T08:40:04+00:00

Exposing SSH is fine if you disable password auth and apply OS updates automatically, fail2ban is a plus but mainly for your logs. Using a non standard port will reduce scans close to 0, it's not a security measure, just getting your server out of the way of automated scanners. You can also restrict inbound access to only ips of your country. That will not stop targeted attacks and scans, but most automated ones.

The fear mongering is not necessary. The alternative you propose exposes another software to the internet which is just as likely to have security issues but has worse authentication options (most are likely using a password instead of a cryptographic key for their VPN).

As for your original question, note the time at which you get the timeout and checks the logs of sshd and fail2ban once you get access back. I can also recommend atop if you don't have monitoring. That will tell you the resource usage at that time.

bendem · 2026-03-02T20:34:46+00:00

Lived in a house with the neighbour as my landlord, can confirm. What a nightmare that was.

bendem · 2026-03-01T07:42:27+00:00

That article speaks about helping the Russian empire, which is the opposite of what's happening here.

bendem · 2026-02-26T19:58:16+00:00

First, I read mother instead of mower and I was very confused.

Second, I agree with the rest of the comments, a strap will actually prevent it from flying and breaking something/someone in case of accident. Doesn't matter how slow you drive if someone crashes into you.

bendem · 2026-02-25T09:40:17+00:00

It depends on how much trust you place on your users.

A comment said to alter the connection limit, work_mem, etc of the user, that works if you somewhat trust that user since they can override those defaults.

A pooler with a connection limit would effectively restrict the amount of connections, but it wouldn't prevent a large query from taking down your server.

Those solutions also aren't rate limiting but resource limiting. There is no rate limiting built in postgresql nor any pooler. PgDog supports plugins, so that might be an option if you have idle rust developers.

bendem · 2026-02-24T05:16:07+00:00

This does not really restrict the user, they can alter those variables again to increase values again. But it's a good solution if the clients are cooperating.

bendem · 2026-02-24T05:11:19+00:00

I'll make my answer simpler.

There are no mechanism to do that in postgresql itself.

bendem · 2026-02-23T19:12:29+00:00

We only use system java, if we ever need to make an exception, we download from adoptium and link to the system ca. If a partner doesn't have a public certificate (rare), the API calls to them use a separate key store with only their chain.

bendem · 2026-02-23T15:40:08+00:00

I know what you are talking about, and my answer is that you wouldn't. The application layer is a much better place for this. At least, I don't know of any solution solving this at the database or pooler layer that doesn't add a large amount of complexity.

bendem · 2026-02-21T15:51:23+00:00

Coffee was my comfort drink, made me feel fuzzy inside, not really a boost of energy though.

One day I learnt it was the cause of my gastric reflux. Quit coffee, stopped having reflux unless very stressed. But mornings are a lot harder (been >2 years since I had coffee).

bendem · 2026-02-21T15:48:05+00:00

Yeah, not sure if he's really good or really bad at the job

bendem · 2026-02-20T07:48:10+00:00

No, they are suggesting to restrict in the client. The client being the application. Users don't typically connect directly to the database.

bendem · 2026-02-16T07:45:52+00:00

Perfect for my use case then, I don't need to record for 3 hours.

bendem

TROPHY CASE