I interview developers and information security people all the time. I always ask lots of questions about Linux. As far as I’m concerned:
If you’re claiming to be an infosec professional and don’t know Linux you’re a fraud.
If you’re a developer and you don’t know how to deploy to Linux servers you’re useless.
So yeah: Get good with Linux. Especially permissions! Holy shit the amount of people I interview that don’t know basic Linux permissions (or even about file permissions in general) is unreal.
Like, dude: Have you just been chmod 777 everything all this time? WTF! Immediate red flag this guy cannot be trusted with anything.
Can I ask if the reverse applies, eg is having no idea how to use non Unix like OSes (like Windows) any kind of red flag? Kinda been considering trying to go into a tech career so that I can have a 9-5 office job (I’ve until recently worked in what would be considered “blue collar” jobs, recently switched to an education job, would be nice to just sit down in an office and use computers for a living). I’ve used (GNU/)Linux from a very young age (parents had an Ubuntu laptop), as my primary OS/daily driver since I was 13, and exclusively (i.e. got rid of my Windows partition due to Windows enshittification) since I was idk maybe 16 ish? So I’m pretty comfortable doing things in Linux. But I have a reputation for being a tech person among my friends and they ask me to fix their stuff sometimes and whenever it’s a Windows problem I literally have no idea how to use the OS lol. So are Windows skills and knowledge also expected for tech jobs or just Linux/Unix-like?
Just leaving this here in case you don’t know: there are also the Framework laptops, which are designed to be modular, upgradable, and have easy to buy replacement parts.
They even sell motherboards, so you can now get a e.g. Intel Core Ultra motherboard for your 3-4 year old laptop.
Of course It’s a bit more expensive than a used 10 year old Thinkpad, but it kind of competes with other high end laptops, and it is cheaper especially when you consider it’s designed to last more
(Not a sponsored post, just glad there is a company that makes such products, and that when I broke a part I could just go to their store and order a replacement instead of searching for serial numbers on random online stores etc like I’ve done before)
Don’t think you’re grown and will only make smart decisions now. I only started making the right decisions yesterday. And I’ll say the same thing tomorrow.
“We regret to inform you little Timmy didn’t pass his final secondary-school exam because he couldn’t count back change from a transaction. We will send his ashes as soon as they’re ready.”
Listening to other people, especially to women, is a skill. Don’t spend silent time in a conversation waiting for your chance to speak or be smart or witty, stay quiet and really process what you’re hearing. Imagine yourself in their situation. Accept that what they say is exactly how they feel.
The less time you spend talking, the more your conversational partner will tell you, and the more you will start to understand them, their lives, their goals, and their anxieties.
Knowing and understanding other peoples’ experiences will help you not only make better decisions in your own life, but understand why other people act and think the way they do. You’ll be less likely to snap-judge or make assumptions about others. And knowing more about your loved ones, co-workers, and neighbours will allow you to help them effectively if they need it.
And travel abroad as much as possible - listen to people from other countries and cultures. The human experience is wildly varied and endlessly fascinating.
One of the bigger things that makes something “secure” is going to be a chain of trust, whereas you are using a third-party library. That’s one difference, but as you’ve already mentioned, a larger security model and protocol with solid functional tests and regular auditing is probably going to be safer than something like this.
How can I describe the chain of trust in a self hosted system? I’m sure auditing will help inspire confidence but this isn’t something I can do for the app. Open sourcing is the next best thing to open it up to public review.
A third-party library breaks chain of trust was my point. If you don’t have control over the code being used, you can’t certify it to be absolutely safe. This is something fairly essential when trying to prove your software to be secure. See the ‘xz’ fiasco from earlier this year.
The frontend and the peerjs-server are open source and selfhostable independently. This should address any third party concerns. Perhaps the app can only be considered secure if it’s self hosted?
Well, I guess it depends on your audience. I’m not saying don’t put it out there. I was just giving you the answers you were asking for in your original post by comparison. Put it out on GitHub, listen to issues filed, address concerns, and just work with it. If you think it really sets itself apart and is useful in some way, there’s absolutely no reason to not put it out.
I have a shit ton of physical media going back into the eighties
If you care about it, you should make sure that you still have it, and not just useless plastic, and make backup copies (and / or upload it)… magnetic tapes and discs degrade quite fast, and even CDs and DVDs have a limited lifespan… vinyls will probably be fine, though if treated properly.
kbin.life
Oldest