One series I haven’t seen recommended yet is Alastair Reynolds novels. Revelation Space is a wonderful series, and if you want to start with a standalone story House of Suns and Diamond Dogs are great choices.

For lighter reading there’s also the Murderbot Diaries by Martha Wells.

There’s other older series that may appeal to you: Vatta’s War and Vorkosigan Saga conf to mind.

It provides a safety net by pooling the resources of the community to support the less fortunate. This prevents people from having to sacrifice their long term goals because their short term needs may not be otherwise met.

Also in contrast to capitalism that treats society as a zero sum game (“I can’t get ahead unless I take something from someone else”) socialism is a benefit multiplier (“I’m part of the community. By making the life of everyone in the community better I’m also improving my own life”).

They are really good at providing examples for why civilized society needs socialism.

Consistency with their previous default desktop environment, Unity.

Or companies do hire security, but the security team is incompetent and unable/unwilling to adapt to new challenges. Then it devolves into security theater, until either someone new comes who cleans house or a breach happens.

Arch: I need reproducible setups. Also bleeding edge is not for me.

I have to give credit to their documentation though!

What put me off selinux is that the officially documented way of generating a new policy is to run a service unconfined, and then generating the policy from its behaviour. This is backwards on so many levels… In contrast policy-based admission control in kubernetes is a delight to use, and creating new policies is actually doable outside of a lab.

Warm Blooded Hugger.

so what are the reasons why it’s a bad daily driver?

Don’t need to go any further than “default user is root.”

Sometimes the X is not quite at the spot. My guess is that it’s under the sand too the right on the first picture (possibly underwater).

WASD = Path of Vampire Survivors?

It was Arkanoid for me.

Alley Cat, Dukem Nukem 3D, Ultima (4, 5, and 7), Daytona, Day of the Tentacle, Zack McCracken…

Using containers from public registries is no worse than using third party software. In both cases there’s a risk of malicious code. The big difference is that for containers you can scan the image before running it, SBOMs are becoming ubiquitous so dependency vulnerabilities are easier to detect, and runtime protection software is more effective on containers because each container has a deterministic expected behaviour, making it easier to find deviations. I’d much rather manage runtime controls for containers than craft selinux policies.

The bottom line (which the OP article misses) is that while individual container configurations require more effort to set up the additional work to manage them at scale is low, whereas compliance for host based installs is requiring more and more effort. In fact given how popular curl | sh ... is becoming for host based installs I’d argue that they are regressing in terms of safety and reproducibility.

16 and below is unambiguous. It’s a child up to and including 16 years old. Compare that to “below 17” for example, which technically means the same but might be confused to include 17 by someone skimming the question.

I don’t recall Reddit having unique content - what I do remember however was that it had aggregated content. It filled the role of Slashdot, Fark, and other sites, and it had a comment threading system that was far more usable. The memes came after.

Take a machine with Linux preinstalled. Will it run Linux without problems? Yeah, of course.

Take a machine with Windows preinstalled. Will it run Linux without problems? Check the list.

The CIS benchmarks for Linux are a good start. There are some off the shelf tools that let you run those, notably linux-bench. Another tool in a similar fashion is lynis. You can also use eBPF tools like callander to examine your workload behaviour and help tighten your seccomp policies.

Once you’ve established a baseline for your system, you’ll next want to harden your environment. This means network scans, OWASP, etc. As far as off the shelf tools go, OpenVAS is quite popular even in Enterprise environments.

Finally there’s the continuous security tasks. Continuous package updates, runtime security, log analysis, etc. There are some free tools that cover part of this like Security Onion, but if the price is right a SaaS tool can save you a lot of time.

Many much housen.

It relates to “real” (physical, tangible, immovable or inseparable) property pertaining to land. In other words land plus buildings and resources attached to it. It contrasts with personal property and intellectual property.