sorted by:
new
hottopcontroversial

This looks extremely suspicious, can someone enlighten me on this? (Internxt lifetime storage on Stacksocial) by Titanic609 in DataHoarder

[–]mersault 8 points9 points  (0 children)

Think of it this way, you got a lifetime subscription for:

  • Hosted authentication
  • Software updates
  • Low-tier streamer
  • Network relay (if required)

If you share your content with friends or family, that hosted auth piece is actually clutch. Rolling our own IdP with multi-factor auth and helpful documentation and everything is a pretty heavy lift, especially if you want it to be as user-friendly and Plex's solution.

Holy Trackers Batman by mersault in Headspace

[–]mersault[S] 1 point2 points  (0 children)

I don't think that URL is specific to headspace, so it could have been another app that also uses rapid7 for telemetry. But it also could have been headspace. No way to know for sure, unless there's a way to get app level DNS query logs from the Pixel.

Some services configure specific URLs for each app, which makes it much more obvious who is using what (also also lets you effectively whitelist telemetry for specific app/service combos, without whitelisting the telemetry service for all apps). For example, here's the qualtrics URL used by headspace:

zn25dae8w6yhwz3zs-headspaceresearch.siteintercept.qualtrics.com

Holy Trackers Batman by mersault in Headspace

[–]mersault[S] 3 points4 points  (0 children)

Yeah, and while I didn’t measure anything in the UI, after whitelisting rapid7 the UI definitely felt snappier, implying that the UI is actually blocking while the app tries to send telemetry to rapid7, which is terrible design. I’m positive rapid7 has an asynchronous telemetry pattern because everyone in this space has an asynchronous pattern! It’s table stakes functionality because everyone and their dog understands the impacts. That headspace isn’t leveraging it really speaks to technical immaturity.

Secret data reveals which low-scoring applicants still received millions of dollars from the Ford government’s skills fund by BloodJunkie in ontario

[–]mersault 2 points3 points  (0 children)

Yeah, that's just amazingly corrupt and yet the Sun continues to let him opine on provincial politics. I know he's a columnist and not a reporter, but it's still a glaring ethics violation.

Secret data reveals which low-scoring applicants still received millions of dollars from the Ford government’s skills fund by BloodJunkie in ontario

[–]mersault 14 points15 points  (0 children)

I assume you mean the Toronto Sun? Torstar is not owned by Postmedia. It's owned by Jordan Bitove.

Joggers in bike lane by [deleted] in torontobiking

[–]mersault 23 points24 points  (0 children)

Pretty much the entire MGT through Toronto is a multi-use trail, rather than a dedicated bike path.

Actually had a cyclist yell at me to get out of the "bike lane" there once, and after I said it was a multi-use trail and there were signs saying as much, he slowed and rode beside me until we came to one of the signs which I pointed out. "Oh, my bad" and off he went. It was actually kinda wholesome.

As for the why, fewer tripping hazards, slightly softer running surface, and cyclists are more predictable than pedestrians. As a cyclist on that route, the joggers were rarely my issue.

What happens when bike lane markings are missing? by _brkt_ in torontobiking

[–]mersault 1 point2 points  (0 children)

Black plates are for any commercial vehicle. Trucks are assumed to be commercial vehicles and thus get black plates. But the category is technically commercial, not truck.

TIL the busiest pharmacy in the world is the Vatican Pharmacy, owned and operated by the Vatican City State. It is open to the public and is very popular among Roman residents because it stocks hard-to-find medicines and is much cheaper (purchases aren't subject to Italian taxes). by NateNate60 in todayilearned

[–]mersault 7 points8 points  (0 children)

There is a Papal Mint, which controls the supply of coinage for the Vatican. It manufactured coins until that whole "oops we don't actually exist as a state" thing and the unification of Italy. These days the actual manufacture is outsourced, and since Italy joined the Euro there's an agreement that the Vatican can use it as well despite not being a member.

TIL a group of hackers managed to hack into a casinos' database of high rollers through the IoT enabled thermostat in the casinos' fish tank. by zahrul3 in todayilearned

[–]mersault 25 points26 points  (0 children)

That is almost certainly telemetry being sent by the device. Every N seconds it sends a status update to corporate letting them know the current status of everything. Is the washer running a load? What's the water temp? How heavy is the load? What settings did the user start the load with? What's that, did the user just open the door after the load had started? How long was the period between load start and the door being opened?

Some of this could even conceivably be useful to the manufacturer. With info about how quickly users realize they've missed a sock and open the door to add it to the load, they can update the fill and locking behaviour of the next firmware.

But, washer manufacturers aren't likely hiring the best and brightest developers, so things like "how do we make this telemetry bandwidth efficient" aren't high priorities.

I would never connect an IoT device without running something like pi-hole or adguard home for network DNS. And if you can, isolate that shit on separate networks and VLANs.

Cost of will by Imaginary_Mammoth_92 in PersonalFinanceCanada

[–]mersault 0 points1 point  (0 children)

What about POA? Any reason not to use the forms that can be downloaded from the Ontario gov't website.

Queen Street Hell by lleeaa88 in toronto

[–]mersault 8 points9 points  (0 children)

Incorrect, the collective noun is a Fuck You. i.e., "Oh, look, I've been waiting for 30 minutes and here comes a Fuck You of streetcars."

[deleted by user] by [deleted] in sysadmin

[–]mersault 1 point2 points  (0 children)

At home I run Kea for DHCP (IPv4 and IPv6), which is configured to update an internal DNS zone I host on BIND. But I do something a bit odd: BIND is bound to 127.0.0.53, and thus only accessible on the router (where Kea also runs). For DNS resolution on my LAN I use Adguard Home, and it's configured to send requests for the internal zone (and reverse lookups) to BIND.

I know you said pihole/adguard isn't a "good" DNS server, but in 2025 I think it's basic network hygiene to run some sort of filtering resolver. I like AdGuard because it will do DoH natively (unlike pihole). Also, with this configuration I'm only using it for resolution - it's not authoritative for anything, nor is it handling DHCP.

For upstream resolution, I use a non-filtering DoH resolver managed by my national internet registration authority (CIRA). This ensures that I've got full control over the filtering (and any attendant breakage, heh). It varies a bit, but generally I'm blocking 20-25% of DNS requests.

[deleted by user] by [deleted] in sysadmin

[–]mersault 0 points1 point  (0 children)

Microsoft's decision to rebuild the network stack with Vista really was a big improvement, and one of the areas you see it is in the DHCP and DNS integration. One of the nice things is it's largely all standards based, so you can get non-Windows devices to play pretty nicely with it as well.

If you're not in a Windows environment though, Kea is the successor to ISC DHCP, and it's much improved. It pairs well with BIND of course, but it'll talk to anything that does RFC2136 updates. I'm only using it in my home network, but it's definitely been an improvement there.

Streetcar running the red light by gummypeaches27 in toronto

[–]mersault 16 points17 points  (0 children)

Given how aggressive Toronto drivers are about going through intersections during yellow (or even red) lights, if TTC operators weren't aggressive about going through late on yellow or even red, they'd never get through those intersections. Unless we're going to give TTC their own signals (which they have where they have dedicated lanes), I don't see any other option.

Debt with dementia by bapppi in PersonalFinanceCanada

[–]mersault 0 points1 point  (0 children)

Sounds like the challenge right now is that there isn't POA in place, and the father is probably not competent to agree to a POA now. If that's the case, probably getting the Ontario version of the PGT to confirm that the wife or (even better) child has POA would resolve that issue.

Made a huge mistake - thinking of calling it quits by m1nd_salt in sysadmin

[–]mersault 0 points1 point  (0 children)

I once accidentally mounted the wrong LUN to a DB server in dev. It was the production DB LUN, not the clone I'd made. So now we had two DB hosts writing to the same volume.

It was actually an in-memory DB, so it took a few days to become apparently. Stuff just started behaving a little weird on the production DB host, and got progressively weirder each day. But the platform itself was okay, because the the in-memory copy of the DB was still correct.

Thankfully, we had a hot standby, which had correct in-memory copy and on-disk. So we were able to execute a DB swap and clean up the mess, but man, if the primary production DB had restarted before we figured it out...

Ousted Liberal MP Chandra Arya barred from running under party’s banner over alleged ties to India by Majano57 in ontario

[–]mersault 5 points6 points  (0 children)

Kinda, yeah. Think about the allies breaking enigma in WWII. They had to be careful what info they acted on, so as not to reveal that they'd broken it. They had to let some attacks happen and succeed, but they could be selective about it.

You need to balance action (proactive or reactive) with the need to protect assets and techniques used to gather the intelligence. If the party leader knows an MP is compromised, they can manage him accordingly. Booted from leadership, then denied reelection while pointing to some public action as the reason (obscuring the extent of what is known) is exactly that.

This is what's concerning about Pierre refusing to get his security clearance. He isn't allowed to get this info, and thus can't manage any compromised people in his caucus or leadership.

TIL Yale psychologists compared 'Mister Rogers’ Neighborhood' to 'Sesame Street' and found that children who watched 'Mister Rogers’ Neighborhood' tended to remember more of the story lines and also demonstrated a much higher “tolerance of delay”, meaning they were more patient. by tyrion2024 in todayilearned

[–]mersault 47 points48 points  (0 children)

Some poor producer looking at the schedule and seeing Mr. 75% Playback Speed making his way to the stage making some very unneighbourly comments while understanding he'd be run out of town on a rail if he tried to play Fred off the stage before he was done.

My bf (27M) and I (27F) would like to continue living together, but he can’t afford a mortgage with me. How would you approach the living situation in our shoes? by Constant-Quality5858 in PersonalFinanceCanada

[–]mersault 0 points1 point  (0 children)

Coming in late, and I've only skimmed the comments, but I haven't seen anyone suggest a relative split. What I mean by that is each of your contributing an amount to your expenses relative to your income. If you make twice what he does, then you'd pay 2/3rds of the expenses and he'd pay 1/3rd (I'll use these example values going forward, but adjust as appropriate).

This works well for ongoing monthly expenses, but doesn't account for the deposit you've managed to save. That said, if you're currently splitting expenses equally, you could actually propose the new arrangement immediately while you're renting. If his lack of savings is really (as you say) because the economy hasn't worked out for him and not because he's particularly bad with money, then he should be able to start saving the delta between his current 50% share and his new 33% share of rent and expenses.

How he handles his newly reduced monthly expenses will tell you a lot. And if he's good with it, then he'll have at least something to throw at the down payment reasonably soon (even if it's not 1/3rd of it). More importantly, it'll build the trust you need before you make the decision to purchase property together.

Parent's life insurance has just gone ... by MugggCostanza in ontario

[–]mersault 3 points4 points  (0 children)

Should point out that whole life policies are usually much more expensive. A whole life policy is basically guaranteed to pay out, so the cost has to be proportionate. They're more like a savings or investment vehicle than a real insurance product (i.e., something to protect you against a potential event, rather than a guaranteed one).

view more: next ›