It’s ok to shit in someone else’s, just not yours.

And it’s about a mile? Many common rifle bullets will be starting to nope-out of supersonic around that distance, so you would need something really beefy, like a .338 Lapua or even a .50 to be accurate. (A bullet will generally start tumbling when it drops sub-sonic.)

Don’t mistake me: many bullets can and do travel past a mile regularly, especially depending on the shot angle. Yeah, they can still kill. I am referring to the uncertainty and inaccuracy at those ranges, especially if a bullet has lost a ton of speed.

My main point is that long range sniper rifles are quite large caliber and generally require long heavy barrels. You aren’t going to swing one of those around without being noticed.

The shot speed approximation is the easy part, believe it or not. Since the bullet must be a large caliber you can guess at about 200-300 grains for a “smaller” large caliber bullet, or between 650-900 grains for a larger one. (Maybe a few more, but I am sticking with a 338 or a 50.) Muzzle velocity is also going to be on the high end at between 2900fps and +3100fps for most all of them. The math is easy to work out with a common ballistics calculator by estimating the ballistic coefficient of available bullets in the category we are talking about. (Bullet speed at the target is the most important number to calculate.)

Still, it’s not perfect math. If you look for a camera flash at an estimated time when a bullet was supposedly fired, you are probably going to find one, especially if you have a second or two of footage across multiple cameras.

Oh, fuck off.

No, that is not what he said at all.

I would look into something like Doppler instead of Vault. (I don’t trust any company acquired by IBM. They have been aquiring and enshittifying companies before there was even a name for it.)

Look into how any different solutions need their keys presented. Dumping the creds in ENV is generally fine since the keys will need to be stored and used somehow. You might need a dedicated user account to manage keys in its home folder.

This is actually a host security problem, not generally a key storage problem per se. Regardless of how you have a vault setup, my approach here is to create a single host that acts as a gateway for the rest of the credentials. (This applies to if keys are stored in “the cloud” or in a local database somewhere.)

Since you are going to using a Pi, you should focus on that being a restricted host: Only run your chosen vault solution on it. Period. Secure and patch it to the best of your ability and use very specific host firewall rules for minimum connectivity. Ie: Have one user for ssh in and limit another user account to managing vault, preferably without needing any kind of elevated access. This is actually a perfect use case for SELinux since you can put in some decent restrictions on the host for a single app (and it’s supporting apps…)

If you are paranoid enough to run a HIDS, you can turn on all the events for any type of root account actions. In theory once the host is configured, you shouldn’t need root again until you start performing patches.

That’s what you just got shown: Shove the configgy bits into Git.

You will likely have to find the configs you want to save first.

This is my opinion, but yeah. It’ll take some time.

The biggest issue is that money has moved to safer for investments. Those new investments may take time to mature and/or avoid tax penalties.

Another component is that hedge funds are likely the ones taking money out of the market in a huge way right now. Hedge funds normally specialize in short selling and there is no better time to close or massively reduce those short positions. (They have other strategies, but their main function is in their name.) They can’t close their positions rapidly, or it will trigger a faux rebound in stock prices. (Short sales are weird like that. It may be one of the reasons you see short bounces in price as a stock price is cratering.)

Unfortunately, the tarrifs are shifting investment policy against the US now from other countries. This will take years to recover from.

What will really suck is that I have always speculated that these tarrifs are just the worst kind of insider trading strategy you will ever see. If the intent was to temporarily dump stock prices for the benefit of a few, I really don’t think it’s going to work like it did during COVID. COVID didn’t force massive global policy changes against the US the same way. Even if orange man decides to reverse course and lift tarrifs tomorrow, the damage has been done and there is no reason to restore previous investments. The risk is too high.

It’s not a horrible write-up but it doesn’t do much to simplify things. If I had to explain these concepts as close to an ELI5 as I could, I would use less words.

Photons have characteristics of both a wave and a particle. In many ways, it’s easier to think of a photon as an interaction point. As a wave propagates, any collision point could be thought of as a photon. You shake some electrons in one antenna, they create a wave through the air, the wave propagates until it hits another antenna and the photons are where that wave starts to shake another bunch of electrons.

I am not quite sure what they were trying to explain about waveform collapse, TBH. There is just a probability curve about where a photon will “exist” at a specific time. You can’t predict the location of a photon, but you can observe it. There isn’t really a physical “collapse” of anything. The probability curve “collapses” into a single point once observed. There is no probability once something is observed. It’s there or it isn’t, so the math function has “collapsed”: There isn’t a need to calculate probability at that time.

This is far from perfect, but it’s probably easier to digest. I don’t even want to know how much physics I broke with my descriptions, but I do know it’s easier to visualize.

I actually like the audio. (I’ll leverage faux tape recording effects and plate reverb on occasion with music I write.)

And honestly, it was kinda refreshing to watch Charlie Chaplain again.

Sorry, I couldn’t quite get the feeling you described. It’s partially because I have seen that before and partially because it still looks old and the sound quality was reminiscent of a cylinder phonograph.

Good try though. ;)

I have been working through my “must watch” list with my teenage daughter recently. While all the movies are absolutely new to her, that hasn’t stopped the occasional snickering about how “old” some of the stuff is. (And honestly, I can’t disagree. I had a few “ah fuck I’m old” moments rewatching Predator and Blade Runner recently.)

So, in spirit, I 100% agree with you. In reality, nobody can quite escape how old some movies actually feel.

A potato is much happier as vodka as indicated by common potato lifecycle charts.

I am curious what your intentions were for a potato that you planted that wasn’t supposed to grow?

I ask because it might help formulate a plan if we can determine your intentions and expectations.

Sorry if it sounded like my rant was directed at you as it absolutely wasn’t. Your comment triggered me, because I absolutely fully agreed with yours as well. ;)

setenforce 0 is much cleaner, I have found.

Its just complex

When a security mechanism becomes more complex to manage than what it is supposed to protect, it becomes a vulnerability itself.

If you had a minimal system that you built from the ground up yourself and wanted to only have that system function in very specific ways, SELinux would be perfect. I would go so far as to say it would be nearing perfection in some ways.

Sorry, but in the real world, ain’t nobody got time for that shit. If you use auto configuration tools or pre-canned configs for SELinux on a system you are unfamiliar with, it’s more likely to cause application issues, create security gaps and will likely be shut off by a Jr. admin who really has no fucking clue what he is doing anyway.

It’s just easier to keep your system patched and ensure basic network security practices anyway.

It’s not impossible to manage these days. In the early days it was, but most everything is automagic now. If I am not mistaken, SELinux can be enabled to ‘log only’ which would give you data better handled by a HIPS anyway. (Don’t quote me on that.)

Parenthetical is a neat word and will likely use that more often now. Thanks.

Wild hogs live in “packs” (“sounders”, actually. Lulz.) as well. On all fronts, the hogs should win. Some of the bigger hogs could easily outweigh a wolf 5:1.

These creatures are what nightmares are made of and I wish I could say I was joking or being sarcastic.

Could a pack of wolves separate a hog from its pack and kill it? Sure. Not all hogs are hell-spawn. Regardless, we are also talking about mother nature’s true version of Medusa.

I admire your creativity, I seriously doubt that would help. You would only get really pissed off mutant hogs after the dust cleared.