Graph looks like a pump’n’dump to me

It was a default for so long that people just got used to the feel of it and its “ecosystem” if you can call it that.

I use Win at home and at work as my main desktop, because of familiarity, the apps I got used to and because I just don’t feel comfortable with any Linux UI. I get annoyed when the Win UI gets even slightly changed between OS versions, so imagine how it would be for me just switching to Linux. I have a dual boot, but the Linux partitions always gather dust no matter the distro.

But I wouldn’t touch a Windows server. I’m apt with the Linux on work servers, my home server, RaspberryPi and routers. It feeels like having swiss army knives and I feel at home in a command line.

This doesn’t make me a fanboy, but I do get raised eyebrows from co-workers.

The position is randomized.

Unique style paintings will become even more valuable in the future. Generative AI only spews “art” based on previous styles it learned / was trained on. Everything will be even more rehashed than it is today (nod to Everything is a Remix). Having a painting made by an actual human hand on your wall will be more ego-boosting than an AI generated one.

Sure, for general digital art (ie logos, game character design, etc) when uniqueness isn’t really mandatory, AI is a good, very cheap tool.

As for the “everyone becomes a programmer” part… naah.

1. because CC companies incentivize us to do so

That was my point, yes. Also, see my other comment, I live in Europe where credit lines (we do have the so-called “shopping” cards offering fixed installments for purchases but also overdraft at an ATM) aren’t the norm here and people opening up such an account take it more seriously and pay attention not to overdraft. “Building your credit score” isn’t a thing here. Confusing terms and scum agents promoting those cards do trick people into overdrafting and paying huge monthly interests (30% / year) instead of fixed installments, though.

I guess it does work differently, and it depends on the bank. I’m in Europe. When I make a payment, let’s say Saturday, that will actually be processed on Monday, the sum doesn’t show up in my account anymore and I see it as a pending transaction. So I can’t spend more than I have on a debit account.

The only time I would owe the bank are card reissue fees every few years, which could take the balance into the negative. But if you have multiple accounts with the same bank (including savings accounts) the fee is automatically withdrawn from other accounts. Also, no fees for the negative balance if it’s a debit card. You can have it pending for months without issue.

I actually take advantage of not being able to overdraft by having a separate account and attached card that I only use for online payments. It normally stays on 0, and I only move money there before making an online purchase. If my card details are leaked / stolen, transactions would get refused (no money in the account), I would just close the card and request another one.

PS Given the downvotes, I understand I might have a wrong understanding and might confuse banking terms a bit, but I don’t live in the US and I certainly wasn’t taking the side of banks regarding the overdraft fees.

I have no issue with overdraft fees, which are normal (for credit accounts), but my problem is that to my understanding most cards in the US are credit cards (so overdraft-capable) by default. Rest of the world takes advantage of the more sane debit card.

😂 That’s what Muskrat wanted you to believe. Engineers and people with more than 2 brain cells have debunked the Hyperloop idea for years. Here’s one of them from 7 years ago.

Lol, Franz is a wimp.

“So anyway, the glass is tough, basically”. Sure Elon, we’ll take your word for it. Is this how they test their rockets, too?

If on Linux and need automatization, GnuPG works, and you can use RSA keys. It’s slower than symmetric for large files, but I had success encrypting several tens of GB database backups with a 2048 bit key with no issue. The higher key length you go, the slower. But it has the advantage that you only need to keep the public key on the machine you are encrypting on, and keep the private key safely stored away for when you need to decrypt. Unlike for symmetric, when if you need repeatable / automatized encryption, and you’d store the key in a config somewhere on the same machine in plain sight, and because it’s also used for decryption, when leaked you’re done for.

Normally you would go with symmetric and generate a good, random AES key each time you encrypt, use AES for actual encryption which is very FAST, and encrypt just the AES key with RSA / asymmetric. This complicates scripts a lot and you end up with 2 dependent files to take care of (the target encrypted file and the file with the encrypted AES key). But this is the sane way of doing it because asymmetric isn’t ment for large data lengths (not just because of slow speed). HTTPS and SSH work the same way: asymmetric for key exchange handshake (through public certificates), symmetric for the actual communication while oftenly changing the key.

If no automation is necessary, use VeraCrypt containers. You can keep multiple files in a container. You have several symmetric algorithms to pick from and you can control the number of iterations for key derivation. Debatable as to the added security, but you can also choose to chain up to 3 algorithms in your preferred order.

The above covers the tools and somewhat the algos. For key lengths, see here. I wouldn’t go with RSA lower than 4096 these days, elliptic curves is preffered (256 bit +), or AES 256+ in CTR mode. And I’d stay away from lesser known / scrutinized algos.

As others have stated, any recommendation depends on your threat model, how powerful and resourceful are the bad actors you are trying to protect from, how often you need to encrypt, how often to decrypt, the time span for which you need to protect the file, etc.

That’s the idea. It’s illegal for Amazon to fire people for not wanting to return on-site, so they do the legally allowed minimum to condition promotions based on that. Legal, but still shitty. They hired a ton of remote (by contract) workers during the pandemic and made a shit ton of profit, now they don’t know how to get rid of them without a severance package.

Youtube wantses, Youtube don’t getses. Just like Gmail wantsed and I moved to another email provider. They want the money to stop shoving the ads, but still keep the tracking going. Well, I’m the product or the customer, I can’t be both.

It depends on how the password is stored / KDF used (what type of hash, salting, bcrypt, etc).

Judge for yourself if it’s an old website or old piece of software that might use (god forbid) MD5. Since one would not normally know that, I’d go with 20 (good, cryptographically) randomly generated upper/lower/digits if using a password manager, or 40ish characters passphrase if you need to remember and/or easily type it. Add some punctuation / special chars (spaces, commas, dots, paranthesis, etc) if it’s an important masterkey (ie password manager key, encrypted container, etc) and you have decent typing skills.

Some shitty sites / routers don’t accept certain special characters hence go with upper/lower/digits as standard but use longer lengths (if the shitty site allows you and doesn’t limit that too). Limits to what a password should contain and/or length limits would be a sign of lazy programming and poor password management, so treat them as unsecure from the get-go (yes, even big names like Oracle have piss-poor security or lazy implementation). Good programming nowdays shouldn’t have those limits, as user input sanitization / injection protection exists, and hash functions have a fixed length no matter what the input length is.

Also very important, don’t reuse passwords for online accounts. Hence a password manager remembering them for you. There are still websites storing passwords in plain text. You wouldn’t want your local pizza hut know or leak your email password by being hacked.

Just to add up, the “session” cookie is a special case for the browser which identifies them as such, and handles them as temporary because usually it expires in a few hours. Also, they must have an expiration, and it clears them as soon as you close your browsing session no matter if they expired or not.