I've never seen a dead battery that didn't eventually go full "spicy pillow," but until then they're as safe as new (assuming no physical damage to the battery). That being said, it wouldn't hurt you to take it to a certified battery recycler and get a new one.

1. Reach out to the SFLC, this is something a lawyer should advise you on, not any internet strangers at all whatsoever, no matter how thorough their reply is.

2. Design-wise: You need a Ulysses Pact. This can also be applied to contracts, preventing you from being pressured into closing your source under any means by licensing it or by signing a contract with yourself

Afaik the issue is that they made their code "open" source in the way many for-profit companies do: they require a subscription before you have access to the code.

If I understand the GPL correctly that doesn't violate it, since it only requires that the users have access to the source and not the general public.

I'm a self-taught sysadmin. It took me ~3 years to get comfortable, and I'm srill learning stuff that feels like if not 100-level then at most 200-level course knowledge...

I started making a pivot to self-taught pentesting in hopes of breaking into red-teaming, but I'm stuck at finding time to practice and learn and still invest some time in the parts of life that aren't my job and/or future job. I enjoy doing it just for fun outside of the career potentials, but I've been burnt out for years from turning my current career into my hobby as well, I won't make that mistake again

I guess the only answer I have is: depends on how much time you plan on investing in self-teaching. I wouldn't say anything's necessarily out of reach, but I would say that learning the skills is only half the battle of getting employed.

I do have a little advice with my perspective: don't think of it in large timeframes, e.g. "I wan't to get to this goal within a year," do it in hours or less. Force yourself to sit down and do something that furthers that goal for X amount of hours each day; that way, you have a very clear metric and can start measuring progress by how much time you actually spent studying and applying for jobs and networking (as in building relationships with your peers and future employers... but also the other kind too).

Oh, another piece of advice: don't just read, watch videos and listen to lectures—learn by doing. Set up a home lab for whatever it is. At least a solid 80% of what you'll encounter in the field can be emulated with a good enough PC and the right software (yes, even cabling). And for everything else... Well, that's just good fun to own all those tools and gadgets and gizmos galore and so, so, SO much cable of every kind.

Last bit: are you having fun? If it's not fun to learn, it'll be soul-crushingly, mind-numbingly dull when it's your job. You don't get to do the cool new stuff most days, most days it's just replying to emails and forcing the users to restart while you observe because most of the time "Yeah, I already did that" means "I may not understand computers in the least, but I'm inexplicably dead certain that the thing the expert is telling me to do won't work." So make sure you're enjoying even those bits now

Otherwise, get out now while you still can and the Sunk Cost Fallacy hasn't kicked in.

Context:

TLDR: The devs don't like bugs in released software being assigned CVEs, which requires a special security update instead of a standard bugfix included in the regular update cycle.

:The most recent "security advisory" was released despite the fact
: that the particular bug in the experimental HTTP/3 code is
: expected to be fixed as a normal bug as per the existing security
: policy, and all the developers, including me, agree on this.
:
: And, while the particular action isn't exactly very bad, the
: approach in general is quite problematic.

There was no public discussion. The only discussion I'm aware of
happened on the security-alert@ list, and the consensus was that
the bug should be fixed as a normal bug. Still, I was reached
several days ago with the information that some unnamed management
requested an advisory and security release anyway, regardless of
the policy and developers position.

And nginx's announcement about these CVEs

Historically, we did not issue CVEs for experimental features and instead would patch the relevant code and release it as part of a standard release. For commercial customers of NGINX Plus, the previous two versions would be patched and released to customers. We felt that not issuing a similar patch for NGINX Open Source would be a disservice to our community. Additionally, fixing the issue in the open source branch would have exposed users to the vulnerability without providing a binary.

Our decision to release a patch for both NGINX Open Source and NGINX Plus is rooted in doing what is right – to deliver highly secure software for our customers and community. Furthermore, we’re making a commitment to document and release a clear policy for how future security vulnerabilities will be addressed in a timely and transparent manner.

-it should be more or less stable, comparable to Ubuntu with or without LTS

Ubuntu was based on Debian, which touts its stability

-it should not be related to IBM to any way (so no fedora/redhat)

Debian has no afiliation to IBM, they're not even loosely part of each others' "partners" programs

-it should not feature snaps (no Ubuntu or KDE neon)

Debian doesn't use snaps (welcome to the greener side of the fence btw, fuck snaps)

-KDE plasma should be installable manually (best case even installed by default)

Debian uses KDE as one of it's default install options when installing the OS, and it can be installed later with tasksel (or by just getting all the packages if you want to do it the hard way)

-no DIY Distros

Debian has a barebones headless option, but the installer defaults (which come with the whole DE and oyher convenienve packages) are pretty user-friendly

In summary, I have no fucking clue what OS you should use.

P.S. newlines on lemmy are either done by using two spaces at the end of a line
and then pressing enter
(make sure your phone doesn't autocorrect/one of the spaces away like mine does) or by pressing

Enter twice (without the double spaces), so there's a

blank line in between

Y'all seriously overestimate thr average user:

Debian. It's simple, stable, minimal upkeep, rarely if ever has breaking changes, and all this out of the box.

Someone new doesn't need to be thrown in the deep end for their first foray into linux, they want an experience like windows or mac: simple interface, stable system, some potential for getting their hands dirty but not too much to worry about breaking

Here are my hobbies/interests that simultaneously get me off Social Media/Content Streams while giving me something to talk about/post about/watch about when I'm back. I may also have podcasts or youtube on in the background if the activity permits

Group A, the "touch grass" activities:

1. go on a walk
2. do some cleaning/organizing
3. spend time with people irl

That last one requires a lot of effort and rarely has immediate payoffs if you don't already have a friend group bigger that one or two friends, but it's so important and requires putting time into it and developing social skills. In fact, 2+3 both benefit from learning skills and shortcuts and habits; therefore they require just as much time and energy as any hobby.

Group B, the "what I do for fun"

1. "hacking" — pentesting computers and VMs, whether on HackTheBox, TryHackMe, Vulnhub, or someones one-off github-hosted machine; and of course so many online CTFs

2. "tinkering" — I like messing with the physical part of electronics too. Or mechanical devices. Or anything that I can dissect and modify

3. active listening to music — taking the time to listen and be carried away by music, maybe even start to analyze it. I know it's still technically "consuming content," but I consider it to stimulate a different part of the brain than, say, watching a random youtuber bring himself one mukbang closer to an embolism.

4. playing music — the world's shittest bassist. I'm not trying to be good, just have fun and improve my ear and dexterity and musical intuition

5. foreign language learning — good for the brain, good for someone who wants to travel good for jobs and making genuine human connections. Not fluent in anything besides english yet, but I'm always acquiring new vocabulary words when I can

6. Creative writing — Most of what I do anymore is just drafting elaborate shitposts to post online later, but I've been known to crank out parts of short stories and terrible poetry

7. Activism — I won't say where, when, who, nor why, but that doesn't matter. The important part is that there are few things in life more fulfilling than coming home after a long day of doing outreach/aid/[redacted]/fundraising for a community and/or cause you care about.

8. coding — of freaking course I'm also learning to program. You thought I was done with the electronics, but of course I had to sneak this in. You expect me to learn binary exploitation without having a strong understanding of programming? You expect me to do DIY hardware projects without coding the firmware? You've been absolutely HAD.

9. Worshipping the dark goddess [redacted] at the temple of [redacted] — a healthy spiritual aspect to your life has far reaching benefits that scientific medicine and psychology are only just beginning to scratch the surface of. Of course you don't have to start with worshipping [redacted], it can be as simple as cultivating a healthy appreciation for the beauty in every aspect of the natural world around you and the mystique of existence itself. Then later you can move onto the [redacted] sacrifices to make [redacted] [redacted] so [redacted] may once again [redacted] the earth.

Group C, the "dangerously close to consuming content" group, but still technically separate activities/skills

1. Armchair philosophy — we all do it, but I'm the only one who was smart/lazy enough to list it as a hobby. Unfortunately this does ocassionally learning about others' philosophy and the topics you're bullshitting about, which is why I say it's "dangerously close"

2. Media analysis — see previous... Okay, I got my degree in Literature + Language, I really enjoy deep analyses of media, and sometimes make my own. The act itself doesn't require consuming anything more than you already have, but if you haven't consumed any media in awhile...

3. reading — okay, I know, this is literally just back to consuming content, but... You don't learn how to do any of the above without some reading. It helps you learn a language if you read a story in your target language. it's the format most philosophy was originally recorded in. It's the medium writers have to learn to be good at their craft. It's what format most electronic/software documentation is in. It's how music was recorded for centuries before audio media. It's also just a fun activity that engages different parts of the brain and trains your imagination even when it's "just" fiction.

"Death is only the beginning" - Imhotep's last line in The Mummy.

A man that has been dead for a couple millenia and is about to return to death utters these ominous words. Yes, it's probably just to leave the story open for a sequel, but the metaphysical implications are terrifying. He knows what it's like, and he's claiming that so much more comes after, but we're just left with a vague notion of what it could be. What could this mean? Is there sunshine and rainbows? Eternal torture? An endless void? An infinite realm of possibilities has just opened up for us, the audience.

But there's no time for that shit, there's gold and Benny's a greedy sack of shit, the temple's crumbling, and once they escape there's a celebration and denoument to be had! We've all but forgotten that threat—or promise, as the case may be.

One of the best ways I have ever seen writers leave the door ajar for a sequel. There's no hand pushing up through the rubble, no sinister laugh as the screen fades to black, no "did anyone remember to check that he died for sure?" no cheesy gimmicks. Just an ominous vaguery, that may be about hinting at another installment, but still works by itself as a raw line that goes hard af.

Yeah ,this is really gonna ruin the public perception of them

Here's a professional security researcher/pentester explaining in depth why "leaking" IP is blown out of proportion

The relevant gist is

1. The information is usually not identifying beyond general geographic regions (at best)
2. if your threat model is that strict, there are other ways you should be obfuscating your IP than relying on VPNs, ISPs, and the apps/servers you're accessing/using.

FOSH