Understandable, he was right very often and “only” his tone was…unfiltered. but I ignore the “was right” part when using that phrasing :)
I’d like to imagine that this would be close to the phrasing Linus himself would choose, although I could be off of course!
Take a sentence with 200 characters then.
And your opinion is exactly that and doesnt match security research:
For the following you’re not the target group but others reading this who might want to make their lifes easier. Just from your way of writing I at least don’t expect that minor sources like okta or the NCSC will change your mind.
( article links with high level descriptions and links to their primary sources)
https://www.okta.com/identity-101/password-vs-passphrase/
https://www.4bis.com/passphrase-vs-complicated-passwords-passphrases-are-best/
https://specopssoft.com/blog/passphrase-best-practice-guide/
I really don’t enjoy Linus’ content without context I have to admit.
He was an absolute dipshit back then and he’s one of the few people I’ve read about who not only acknowledged that but also put effort into changing it - and succeeded.
Yeah the newer mails are not as funny to third parties anymore but I’m really happy for him and especially the kernel devs around him.
There’s a xkcd for that of course! Linking directly to the explain as it has more info but the important thing is: password guidelines tricked humans into thinking in a machine way about safe passwords but long pass phrases are more secure from an entropy point of view and way easier to remember!
https://www.explainxkcd.com/wiki/index.php/936:_Password_Strength
Oh yeah I see…
As some old philosopher once said: “shit’s fucked, yo”.
Seems to be appropriate here.
Because a security engineer focused on cloud would rightfully say “pod security is not my issue, I’m focused on protecting the rest of our world from each pod itself.”. With AWS as example: If they then analyze the IAM role structures and to deep into where the pod runs (e.g. shared ec2 vs eks) etc. then it would just be a matter of different focus.
Cloud security is focused on the infrastructure - looks like you’re looking for a security engineer focused on the dev side.
If they bring neither to the table then I’m with you - but I don’t see how “the cloud” is at fault here… especially for security the world as full of “following the script” people long before cloud was a thing.
All the claims concerning telemetry in that thread are made by the person “asking” the question.
I don’t understand the intent of this post. It looks like you’re trying to start a rumor to be honest.
Telemetry in Thunderbird exists and is well documented. If someone is not happy with their engine or approach they need to switch clients and not basically tell them “I want you to rebuild everything around my nerds”.
Wenn “50% der Belegschaft” dich hassen hast du entweder einen sehr seltenen betrieb erwischt oder es liegt nicht nur an deiner Umgebung. So eine Veränderung kann für dich da auch eine gute Gelegenheit sein, deine eigenen Muster zu hinterfragen.
ich wünsche dir so oder so das Beste!
One could argue they a reading service should not alter the thing that’s read. Android is not a quantum state!