• 39 Posts
  • 2.76K Comments
Joined 1 year ago
cake
Cake day: June 16th, 2023

help-circle
  • TCB13@lemmy.worldtoUS Authoritarianism@lemmy.worldAcademic Indoctrination
    link
    fedilink
    English
    arrow-up
    15
    arrow-down
    34
    ·
    16 hours ago

    Liberalism ≠ left. Seems like Kolleen’s higher education failed right there. In the US, yes, it might be but in other places it isn’t.

    Either way, a LOT of higher ed institutions actually teach ideologies and have entire bodies of highly biased teachers so “critical thinking” isn’t something most places are into.






  • TCB13@lemmy.worldOPtoWordPress@lemmy.worldSQLite Database Integration
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    5 days ago

    Yes, but that doesn’t mean we shouldn’t have sqlite. Many people also run WP setups on small VPS and don’t really want/need mysql running and wasting ram all the time. Having sqlite also opens the door to database git versioning and making local dev easier. While none of this will work at scale they’ll still provide immense value for a lot of people.

    Most WP websites are read-only and they could run just fine on sqlite. Even if you’ve a large number of reads, WP people are used to cache everything as static HTML files so it won’t be that bad either. For what’s worth sqlite is also getting faster/better at concurrency (WAL and whatnot) and it may even be “about 30% faster than mysql” in some cases.




  • While I agree with you, an attacker may not need to go to such lengths in order to get the PK. The admin might misplace it or have a backup somewhere in plain text. People aren’t also prone to look to logs and it might be too late when they actually noticed that the CA was compromised.

    Managing an entire CA safely and deploying certificates > complex; Getting let’s encrypt certificates using DNS challenges > easy;




  • Just be aware of the risks involved with running your own CA.

    You’re adding a root certificate to your systems that will effectively accept any certificate issued with your CA’s key. If your PK gets stolen somehow and you don’t notice it, someone might be issuing certificates that are valid for those machines. Also real CA’s also have ways to revoke certificates that are checked by browsers (OCSP and CRLs), they may employ other techniques such as cross signing and chains of trust. All those make it so a compromised certificate is revoked and not trusted by anyone after the fact.

    For what’s worth, LetsEncrypt with DNS-01 challenge is way easier to deploy and maintain in your internal hosts than adding a CA and dealing with all the devices that might not like custom CAs. Also more secure.



  • Yes, LetsEncrypt with DNS-01 challenge is the easiest way to go. Be it a single wildcard for all hosts or not.

    Running a CA is cool however, just be aware of the risks involved with running your own CA.

    You’re adding a root certificate to your systems that will effectively accept any certificate issued with your CA’s key. If your PK gets stolen somehow and you don’t notice it, someone might be issuing certificates that are valid for those machines. Also real CA’s also have ways to revoke certificates that are checked by browsers (OCSP and CRLs), they may employ other techniques such as cross signing and chains of trust. All those make it so a compromised certificate is revoked and not trusted by anyone after the fact.




  • TCB13@lemmy.worldtoPolitics@lemmy.mlWhy American left is so right-wing?
    link
    fedilink
    English
    arrow-up
    12
    arrow-down
    2
    ·
    7 days ago

    Two things I’ve noticed about American politics: first, the most left-wing American politician would be seen as borderline far right in Europe. Second, in the US there’s no left, because left would imply socialism that eventually lead to communism and that goes against the ideia of America, the American dream, the constitution etc. The entire country was built and maintained on the ideia of being against any form of communism.