NaibofTabr

Say it ain’t so
Your bug is a heartbleeder
Say it ain’t so
My NIC is a bytetaker

I am of two minds on this. I love repairing electronic equipment, it’s what I do for a living, and I buy old tech to fix up all the time.

Replaceable batteries seem like a good thing, in terms of reducing waste for devices that are otherwise still useful… theoretically.

Realistically, the charge management circuitry and the battery chemistry in phones has gotten so good today that most batteries have a useful lifespan that is longer than the useful life of the device. Three years is easily doable for any mid-range phone on the market.

At five years you’re probably going to be disappointed with the battery performance, but how many people are continuing to use a 5-year-old phone? At that point the internal technology has changed substantially and there might even be a new network standard that you want to use, so you’re probably replacing the whole device even if replacing only the battery is an option.

On top of that, giving the user access to the battery means the phone body can’t be fully sealed against moisture and dust, plus the access panel is a big mechanical weakpoint which means the body will be less rigid than a fully enclosed device and thus more prone to breaking when dropped or sat on. Adding those weaknesses back into mobile devices will make them more fragile and (I predict) will lead to more frequent failure and replacement of the entire device, which will offset any waste-saving benefit from the replaceable battery.

Plus, the addional space required to fit in the replaceable battery casing, the removable access panel and the contact points for the battery means either the whole device will have to be bulkier or the battery will have to be smaller (than it would otherwise be with a permanent internal battery).

Replaceable batteries made a lot more sense in 2010 when the batteries were shit (and sometimes still NiCad) and the charge management was basically nonexistent (so the battery cycling wore it out faster). Today it’s weight and bulk, plus fragility that will probably lead to equivalent or increased e-waste.

Almost all of these turn into attempts to get the target to buy into some crypto scam or other.

It’s not meant to catch people who are moderately aware, it’s meant to catch the stupid, ignorant, and easy to manipulate. Being an obvious scam is part of the utility - it saves time by naturally filtering out anyone who is too aware to actually give them any money.

The issue is more that trying to upgrade everything at the same time is a recipe for disaster and a troubleshooting nightmare. Once you have a few interdependent services/VMs/containers/environments/hosts running, what you want to do is upgrade them separately, one at a time, then restart that service and anything that connects to it and make sure everything still works, then move on to updating the next thing.

If you do this shotgun approach for the sake of expediency, what happens is something halfway through the stack of upgrades breaks connectivity with something else, and then you have to go digging through the logs trying to figure out which piece needs a rollback.

Even more fun if two things in the same environment have conflicting dependencies, and one of them upgrades and installs its new dependency version and breaks whatever manual fix you did to get them to play nice together before, and good luck remembering what you did to fix it in that one environment six months ago.

It’s not FUD, it’s experience.

This is also a great way to just break everything you’ve set up.

OK, so that’s a possibility, but when you start adding a ~$30 fee on top of the cost of the part and shipping from Fairphone you’re looking at about $100 per repair, which stops making sense pretty quickly. You’re better off spending a little more money on a good device that is dust- and moisture-sealed and taking care of it for a few years.

I really wanted to buy the Fairphone 5, but they don’t ship replacement parts to where I live which makes the entire concept pointless.

I recommend getting familiar with SMART and understanding what the various attributes mean and how they affect a drive’s performance and reliability. You may need to install smartmontools to interact with SMART, though some Linux distributions include this by default.

Some problems reported by SMART are not a big deal at low rates (like Soft Read Errors) but enterprise organizations will replace them anyway. Sometimes drives are simply replaced at a certain number of Power-On Hours, regardless of condition. Some problems are survivable if they’re static, like Uncorrectable Sector Count - every drive has some overhead of extra sectors for internal redundancy, so one bad sector isn’t a big deal , but if the number is increasing over time then you have a problem and should replace the drive immediately.

Also keep in mind, hard drives are consumables. Mirroring and failovers are a must if your data is important. New drives fail too. There’s nothing wrong with buying used if you’re comfortable with drive’s condition.

So… who wants to bet that the new version of Notepad is not constantly scraping anything you type into it and feeding it into the AI, regardless of whether you’re paying for this feature or not?

you don’t get pregnant, obviously

If nothing else, the list of customers who were interested enough to spend money on such a product might be valuable to them.

ever since libraries have been a thing, the majority of developers have just used the libraries without really understanding what goes on inside them. And that’s not necessarily a bad thing — the entire point of abstraction is so that developers can focus on the stuff they need to get done while ignoring the already solved problems.

Nobody but nobody has time to know what’s in every library they might need to use. Who among us truly understands their network stack, all 8 layers?

senior devs have to spend all their time doing code reviews and editing and refactoring codebases that nobody else understands.

That’s OK we will just train AI to review and refactor for us! I’m sure everything will be fine.

Vulnerable code will be with us forever. The system will always be Swiss cheese. If you think you understand common mistakes, enough that you can review other peoples’ code for them, there’s work for you in infosec for sure.

I think you accidentally a word.

The public use case.

Dependent on federal money.

Was it DNS?

…as a subscriber, I’d settle for an incident report.

Which is insane if you know anything about the public ledger.

Also Bitcoin is still the entry point for buying a lot of other cryptocoins, so it’s not likely to go down unless the entire market goes down.

Yeah, pay somebody else to be responsible for the server uptime and the bandwidth. Somebody who specializes in providing that.

I think the answer depends a lot on the use case of each business’s website and what the business owner/employees expect from it.

Is the website a storefront? You’ll be spending a lot of time maintaining integration with payment networks and ensuring that the transaction process is secure and can’t be exploited to create fake invoices or spammed with fake orders. Also probably maintaining a database of customer orders with names, emails, physical addresses, credit card info, and payment and order fulfillment records… so now you have to worry about handling and storing PII, maybe PCI DSS compliance, and you’ll end up performing some accounting tasks as well due to controlling the payment processing. HIPAA compliance too if it’s something medical like a small doctor’s office, therapist, dialysis clinic, outpatient care - basically anything that might be billable to health insurance.

Does the business have a private email server? You’ll be spending a lot of time maintaining spam filters and block lists and ensuring that their email server has a good reputation with the major email service providers.

Do the employees need user logins so that they can add or edit content on the website or perform other business tasks? Now you’re not just a web host, you’re also a sysadmin for a small enterprise which means you’ll be handling common end-user support tasks like password resets. Have fun with that.

Do they regularly upload new content? (e.g. product photos and descriptions, customer testimonies, demo videos) Now you’re a database admin too.

Does the website allow the business’s customers to upload information? (comments/reviews/pictures/etc, e.g. is it Web 2.0 in some way) god help you.

You’re going to expose this to the public internet. It will be crawled, and its content scraped by various bots. At some point, someone will try to install a cryptominer on it. Someone will try to use it as a C2 server. Someone will notice that you’re running multiple sites/services from one infrastructure stack and attempt to punch their way out of the webhost VM and into the main server just to poke around and see what else you’ve got there. Someone will install mirai and try to make it part of a DDOS service provider’s network.

Recommendation for a replacement keyboard app: HeliBoard