They should not be worried, they should be educated.

If you worry a new user enough they’ll go back to Windows or Apple because there’s less scary warnings there.

We need to make the transition as pain free as possible. Learning about the joys of kernel compilation and SELinux can come later.
The first step is "Hey, this is as usable as Windows, without stupid ads in the start menu.

Depending on your level of caffeine tolerance/dependency actual coffee might be even better.

Alternatively: Decaf.

Coconut at least…

Currently:

• VR
• Uncategorized

Soon to be added:

• Linux (tested/works on)

Ah, you “work” in “marketing”?

They occupy a strange niche full of contradictions.

Entering the code on the device itself should increase security as opposed to entering it on a compromised computer.

But plugging it into a compromised computer means the data is compromised anyway.

Their security is way harder to audit than a software solution like PGP. The actual “encryption” varies from actual decent setups to “entering the code connects the data pins with no actual encryption on the storage chip”

Not having to instal/use software to use them means they are suitable for non-technical users which in turn means more support calls for “I forgot the pin, it wiped itself, can you restore my data”

They are kind of useful to check the “data is transported on encrypted media” box for compliance reasons without having to manage something bigger.

It doesn’t. It carries you by having a module for absolutely everything even shooting yourself in the foot.

To a certain degree, yes. If someone at Google decides to wage all-out war against ad blockers they have a good chance. But if that costs more money than it generates, odds are that someone will stop it. Google / Alphabet is publicly traded after all and that means profit above all else.

Embedding ads into the stream would be hard to counter, but it’s far away. That would invalidate caches along the way and need extra performance to reencode the stream with the ads inserted.

That’s extra costs that are hopefully orders of magnitude above the lost ad revenue from ad blockers

Ironically Sync does, too, and zooms to full width on tap, hiding the Rick roll.

No, No, they don’t understand everything and nothing!

IT changes usually affect management as well, while “cost saving” in production doesn’t.

Stopping AWS instances would be handy, but your idea to slag the drives is unnecessary.

Just set up full disk encryption for everything.

You die -> no key -> no data

I run a 2 node k3s cluster. There are a few small advantages over docker swarm, built-in network policies to lock down my VPN/Torrent pod being the main one.

Other than that writing kubernetes yaml files is a lot more verbose than docker-compose. Helm does make it bearable, though.

Due to real-life my migration to the cluster is real slow, but the goal is to move all my services over.

It’s not “better” than compose but I like it and it’s nice to have worked with it.

Yeah, from an actual usability and privacy standpoint, that’s horrible design. It does make for good visuals with the actor and the display in frame at the same time. No more “closeup of a message on a phone display”

I’m personally hoping for smart stuff to get a bit more distributed. A phone-like CPU unit in my pocket streaming display content to my watch and AR glasses or a full size screen on the seat in front of me on the subway. Simple visual and vibration notifications from a smart ring.

You’re asolutely right, IP addresses are kind of a grey area since the are needed for lot of troubleshooting and debugging.
Nevertheless, you can always strive to reduce the stored data.
For your application, you wouldn’t even need to store the historic IP adresses, just a rough geo-location and maybe a mobile/landline/whatever-flag and comparing the current login attempt to that. Even saves you some performance by not repeating the geo-lookups everytime.
Implement your failed-login counter separately by account and source IP and you’ve got decent security without linking an account to an IP.

Because collecting data that is not strictly necessary is almost always a bad move. IP addresses might be relatively harmless, but might link you to other activities.

You personally might be okay with reddit knowing your IP addresses, but some people might get into trouble.

Take the insane anti-abortion laws in some US states. If an IP address from those states accesses pro-choice subreddits, that might be enough for law enforcement to start harassing someone.

Very neat idea, but I’d explicitly add strong encryption to that method, cars do get broken into.

I’d encrypt every off-site backup, but a car is a bit more exposed than a rented safe box.