Eh, that may just promote a lot of "What are your opinions about x" posts where the first comment is the ad. Suppose it's an open call to list alternatives though.

Nothing like a well seasoned firewall

0.0.0.0/0 0::0/0

You didn't specify it couldn't be in CIDR block notation...

I was working at a company at one point that got a contract to build something I viewed equivalent to malware. Immediately I brought it up to several higher-ups that this was not something I was willing to do. One of them brought up the argument "If we don't do it someone else will."

This mentality scares the shit out of me, but it explains a lot of horrible things in the industry.

Believing in that mentality is worse than the reality of the situation. At least if you say no there's a chance it doesn't happen or it gets passed to someone worse than you. If you say yes then not only are you complicit, you are actively enforcing that gloomy mentality for other engineers. Just say no.

significant economic harm to our company

Oh! I have a solution! Make it a local API you fucking goofs.

This was a large part of the reason I switched to rootless podman for everything

This is so dumb, how could anyone at the FCC even humor such a request?

"Please help us, we overcomplicated billing and don't want to explain it to anyone"

A thinly veiled M$ ad, trying to save face after the .NET fiasco of 2021...

The most useful quote to those familiar with the linux boot process:

“An attacker would need to be able to coerce a system into booting from HTTP if it's not already doing so, and either be in a position to run the HTTP server in question or MITM traffic to it,” Matthew Garrett, a security developer and one of the original shim authors, wrote in an online interview. “An attacker (physically present or who has already compromised root on the system) could use this to subvert secure boot (add a new boot entry to a server they control, compromise shim, execute arbitrary code).”

If an attack needs root then it doesn't matter. Your box is toast anyway. If you're using http boot without verification then you should have seen a MITM attack coming.

Or servo. Literally anything but chrome man.

There's still valid concern about this being a foot in the door tactic. Once an OS complies with this request what will the next one be? Why should this even be allowed?

Either way though, the reddit citation is a bit unnerving.

Microsoft tried to lock a development feature behind a paywall by introducing an artificial dependency on Visual Studio.

This also happened to occur right around the time there were also licensing and hosting issues around open source libraries. The manipulation of the .NET foundation was the really concerning part. Made it clear that MS still doesn't give a damn about the wider community using their language.

If I resort to using a Mac I want someone to put me out of my misery.

Cross platform! You know, accessible across all our platforms

openbenchmarking.org

This is unrealistic, agile stages aren't missing unusual pieces that aren't quite critical but probably should be there anyway.

Who could have possibly seen that coming? It's almost like anything other than server side anticheat is conceptually broken! (See the monitors with ML map assist and the past 20 years of client exploits). And that's ignoring the currently strong financial incentives of breaking these things...

I'm pretty sure the mirror was setup before that was an option. No reason to turn it off now that it's a source of entertainment.

Bottom for life (or at least until something with more stats comes out)

Why? They are just bringing to light the tools already being used by corps behind closed doors.

Edit: Seems the author wants to paint a different picture. Either extreme CYA or you were correct.