There is a famous experiment , where a person gets 100$, and have to offer an arbitrary percentage of that to a stranger. If the stranger declines, both get nothing.
From the strangers perspective, getting offered even 1$ is a win, but the vast majority rejected anything below 30%
Yeah the bird is on a flat roof maybe a garage or something similar on the same height or slightly below the window
If you want any system to connect to you, you need to open a port. You don’t need to do that for outgoing connections (the OS and your router will automatically open ports for the return connection). So if everybody connects to one central system, nobody needs to (explicitly) open any ports (except for the central connection point)
Most VPNs use UDP. So set up a wireguard, tailscale or openvpn.
But you still need to “open up the firewall”. UDP still works on ports the same way as TCP. I do agree however, that exposing a VPN port is more secure than exposing a port for a game server, as you don’t know about the security of that server software.
In the spirit of the meme this does not constitute “finding” the radius. There doesn’t exist a radius for which both the radius and the circumference are rational numbers.
Well now you can’t find the radius
The thing that confused me when first learning about docker was, that everybody compares it to a virtual machine. It’s not. Containers dont virtualize anything. They take a (single) process from the host OS and separate that into its own environment. All system calls, memory access, file writes etc are still handled by the same os (same kernel). However the process is separated both on the file system and process level. It can’t see other processes outside of the container and it also doesn’t see the real filesystem. It sees a filesystem provided by the container. This also means it sees different file and user permissions. When you run a alpine Linux docker container on an Ubuntu system, the container only containes the (few) files for alpine but no Linux kernel no desktop environment. A process inside that container only sees the alpine files and not the Ubuntu files. It also means all containers see a filesystem independent of each other and can use libraries and dependencies of different versions (they are only files after all).
For administration it makes running complex services easy. You define how to setup that service (what base Linux distro to use, what packages to install, what commands to run, and how to start the process). You can then be save to assume the setup of that service did not interfere with the setup of any other service. “Service 1 needs a certain system wide config changed? Service 2 needs that config in the default state? And both need a different version of the same library?” In containers you can have all at the same time because they each see a different version of the same config and library.
And all this is provided by the kernel itself. All docker does is provide an “easy” way to create and manage containers but could could do all of that using chroot, runc and a few other.
As a note, containers usually don’t come with systemd as they don’t need an init system. You would run the service directly inside the container and then use systemd outside the container to make sure the container is started/restarted, or just docker as it can already do that.
I found a great article demystifying containers recently
The stomach isn’t like a big cave with a pool af acid in it. It is compacted by muscles around it so if you are swallowed whole, you would have to fight against those muscles to even be able to move at all. If your arms are above your head it’s likely you would die before you are able to move them to your hips to draw your knives. If they are at your hips, good look moving the knives to point outwards. Also the stomache is lined with thick mucous to protect it from sharp objects… Also it’s completely dark and disorienting.
It’s almost certainly you’d drown, suffocate and get crushed VERY quickly after getting swallowed alive.
They sometimes buy keys using stolen credit cards. When the fraud is found out, the banks will request the money from the developer. They in turn often don’t have a way to lock the fraudulent key, so it remains valid.
The costs for the initial bank transfer, plus the time invested in returning the money to the credit card holder are payed by the developer.
The key reseller has a 100% profit margin, the customer has a valid and cheap game key, and the developer actually lost time and money.
Dnd5e leaves to many things up to the gm, like magic items and encounter balancing. CR is notoriously inaccurate and running level appropriate fights can easily end up as unwinnable deadly or just a trivial steamroll. Especially once higher lvl magic comes into play with save or suck spells (cough polymorph cough). Yes legendary resistance can fix that, but that is not the system being stable, it is the system giving you tools to fix its unstableness. And even then, the fight ends after X presses of the “I win” button instead of one.
While there are a lot worse systems than dnd5e, when comparing it to pf2e it is objectively the system with more holes. No doubt, partly because pf2e could learn from dnds mistakes and is not produced by a company trying to milk its customers for every cent.
have done something that broke everything
When talking about dnd5e -> pf2e, I STRONGLY disagree. Pf2e is a much, much more stable and balanced system than DND and waaaay harder to break.
With pf1e I agree. That system has so many busted builds.
On the other hand the analogy is very good, as DND/windows is only considered to be “stable” and “intuitive” because it is the “Default” and usually the first thing people get in contact with. From an objective, unbiased perspective they can be very unintuitive.
… And yes I play pf2e and use Linux how could you tell.
That is a real problem. In a perfect world you would want all of your data to be available to everyone who can use it to improve your live. And only getting advertisement for things you actually want/need (not only think you want/need) is a real improvement of your live.
Sadly “improving lives of consumers” is not the goal of any of the big data collectors and as such any data collected is or will be missused to cause harm to the owner even if it is not directly obvious.
That is the function of a firewall and not of the VPN. As I understand portmaster it does both. But that is not normal VPN behavior.
VPNs are not magic. They are a piece of software that encrypt traffic and send it to a special server. They do that by creating a virtual Internet connection (think like pluging in an additional Ethernet cable or connection to an addition WiFi at the same time). Everything that is sent through the virtual connection is encrypted. Your system now has (at least) two valid Internet connections (one real and one virtual). For every packet it sends it needs to decide which connection it should send it from. This is decided by something called the routing table. When you start the VPN it will put two routes into the table.
The attack described is a way how a network router can add a new route into your devices routing table to basically override the second route from the VPN. The route is still there, there just is another one that has a higher priority.
A VPN is not the ultimate authority over your network traffic. It is just another program sending and recieving taffic.