Ezra Bowman

Apple, you kill me. They release this base model iPad thats not actually a base model, is essentially an iPad Air 4th generation, but they don't give it support for the magnetic Apple Pencil? You gotta use the 1st generation one? And they ship you an adapter? WHAT

@michael_billig Come on @Apple ! Geeez

The new iPad. Has USB-C, but supports the 1st gen Apple Pencil? Huh?

🤣😂🤣

Completely accurate interview process: newyorker.com/humor/daily-sh…

Reminder that cybersecurity tools are often abused to make this unhealthy and increasingly pervasive culture of employee productivity monitoring possible - from MDM, to keystroke monitoring, to internet usage tracking. Always think of potential abuse of the stuff you implement.

😳

FYI… golint does NOT work with go 1.18. It was deprecated and you should choose an alternative. Like staticcheck maybe. #Golang

@TheJackForge I can’t hear you - listening to a podcast.

Coming up: @tomcostellonbc sits down for an exclusive interview with General David Thompson, vice chief of U.S. space operations, who says Russia is interfering with U.S.-provided GPS signals over Ukraine. Watch @NBCNightlyNews at 6:30 pm ET / 5:30 pm CT for more.

@NASAWatch @NASA 😱

When asked what tests will not be done @NASA says "We will be missing loading operations for the upper stage itself". Ah, so only half of the rocket - the part with the crew capsule on top - will not be fully tested before launch. No problem apparently at #NASA

@TonyMcGroany These articles assume the attacker has stolen the password hash, which is typically how passwords are stored. Then the attacker can run the hashing algorithm on password guesses as many times as they want until the result matches the stolen hash.

@ezrabowman I've often wondered: How come hackers get so many attempts at my password when I only get 3 tries before being locked out?

Check out the reduction in brute force attack time on passwords since last year. Looks like 16-18 characters should be the absolute minimum.

@GergelyOrosz @linear Atlassian does still offer a self managed solution: Data Center. This does allow you to deploy to your own infrastructure, but starts at $48K per year for 500 users. So smaller shops are forced to use Atlassian Cloud or use a different vendor.

@GergelyOrosz @linear This perfect storm is going to cost Atlassian customers for sure: 1) They no longer sell Server licenses to install on-prem - pushing customers toward Atlassian Cloud. 2) We are now in day 7 of the outage. Customers and potential customers will be reconsidering.

Atlassian products like JIRA have been down for… 4 days?? Incredible how this is happening. Not a few hours, but a few days at the #1 projects management SaaS. Let me plug @linear where I couldn’t imagine an outage this long (and is much more snappy to use than JIRA).

@GergelyOrosz @linear SaaS is obviously more convenient when you can trust its reliability and security (and it meets regulatory and compliance requirements you have). Some companies must have a self managed instance while others will now want a self managed instance due to this incident.

@PenfoldDavid This link explains their methodology. Not sure how that compares to your link. hivesystems.io/blog/are-your-…

@ezrabowman What's the baseline for this? Number of guesses per second? What about different hashing/key stretching techniques? Without specifying what the rate is (and why) it seems arbitrary unless I've missed something. penfold.fr/img/entropy.png

@MUI_hq @reactjs @nginx Browser refuses to apply inline style used by MUI. Need to be able to set nonce (maybe using webpack?) or calculate the style hash. Using CSP directive style-src 'self' 'nonce-randomstrting'

@ezrabowman @reactjs @nginx What blocker did you identify?

It is not possible to use @MUI_hq with a secure CSP for a @reactjs app built by #craco served by @nginx. Prove me wrong. (for real - please prove me wrong).