This is what I use. Never had a problem and I love the auto download and removal features for subscribed podcasts.

It was the Limon 7 ones. I would have never remembered that. But seeing them now, yup that's them.

I don't think so. I recall Fundip being in large pouches with the pressed sugar sticks for dipping. These packets were a lot smaller and didn't come with the stick.

Ya, I know that's exactly what's going to happen. But, you have to start somewhere. Just getting management used to the idea that data must be encrypted is a start. That will then push the software vendors in the space to make fundamental changes, which will hopefully improve things a bit.

I actually have a pretty good example from my time in the US FedGov space. We were required (by our checkbox security) to enforce FIPS-140 compliance on all our systems. When working to setup a server for a new product, it just would not run with FIPS-140 in enforcement mode; so, I started digging into the product and found that they were still using the MD5 algorithm in their user password hashing process. Given how much the vendor really wanted our business (we were their "foot in the door" for more FedGov money), I sent an email to our customer service rep essentially saying "ya, MD5 as part of the password hashing is a deal breaker". A couple weeks later a new version of the product dropped and surprise, surprise, MD5 was no longer part of the password hashing process.

The reliance on checkboxes sucks; but, they can be a useful club to make improvements. A shift to real security takes time and a lot of effort. But, that journey starts with a first step.

Yes, Ubuntu version 16.04 was called Xenial Xerus.

Similar age and ya, I remember sour packets being popular in middle school. Can't recall the name, but it was similar to the artificial sugar packets used for coffee, except it had a mixture of sugar and citric acid (the "sour" flavoring) in them.

While I'm not a fan of checkbox security. Given that major parts of the healthcare industry don't even seem to get over that bar, maybe it's time to put something in place to give network defenders a lever to pull on to get the basics sorted.

Not having MFA and encryption for data at rest should be treated as willful negligence when a company is breached.

Good riddance. I understand the whole Mii thing got popular and Microsoft wanted to chase that wave. But, they were just such an obvious "me too" addition to the XBox 360 at the time and coincided with Microsoft changing out the functional XBox 360 main panel for the ad laden shit-fest that was the newer designs. But, maybe I'm just old and hate superfluous crap between me and playing my games.

Threat actors used an existing backdoor in a communications system to intercept communications in that system? Color me whatever the opposite of "shocked" is. This is exactly the problem which was brought up by security researchers when the NSA was asking for a frontdoor which would let them break encryption. Thankfully, we held the line in that battle of the Crypto Wars. But, the war never ends and we need to make sure folks remember this clusterfuck the next time the NSA starts pushing to break encryption.

But is #7 true if they don't have a backup?

he said. “You don’t even have to talk about you’re in a mass firing, a mass exodus. Just tell them they have to come back five days a week from 8 a.m. to 6 p.m.”

Even with a 1 hour lunch, 8am to 6pm would be a 9 hour work day. So, bro is expecting folks to just accept a 45 hour workweek along with a complete return to office. Pretty sure he's going to get his 25% reduction. It's just going to be all of the most talented people saying "fuck that".

He chased a ball into the street.

It's always cancer.
Sore throat - cancer.
Back ache - cancer.
Tiredness, cough, loss of taste and/or smell - maybe COVID. But also, cancer.

It just depends on which type of racing game you are in the mood for. Mario Kart is well, Mario Kart. F-Zero always felt more like the older, arcade style racer in the vein of Out Run.

It may be a case of laziness which has started creating a local dialect. This is one of the ways living languages change over time, people start sluring words and sounds together until there is almost nothing left of the original words and there is a new word in their place.

Na, my experience is that Defender is fine with users downloading browsers and "updates" from random Russian sites. It's happy to let the users install that software and only bothers to log a "hey, maybe this was bad" alert some time later. Edge, on the other hand, loses it's shit when you visit the official download sites for Chrome or FireFox.

The incident involved two knives. Here's a picture of them (from the linked article):

The officer tased a 95-year old woman, who needed a walker to move about, because she was holding a steak knife.
Ya, I get not wanted to get a bit of a ragged cut, but Jesus Zombie Christ, that situation sounds less threatening than a box full of kittens.

I’m still hoping that the somewhat irrational anger towards “AI” stuff subsides

I think this anger is linked to the irrational exuberance for "AI".

Personally, I kinda hate AI. Not because of any sort of fear of job loss or anything like that. It's because "AI" has been rolled out heavily in the Cybersecurity space, making my work life hell because of it. Models are only as good as their training and this means that any AI model which is going to spot anomalies in a network needs to spend a good amount of time being trained. However, what the vendors sell are touted as unsupervised models. They just need to spend a while on your network and they can automagically learn what "normal" is and then alert you on "abnormal". This ignores the fact that you still need your analysts chasing false positives constantly from this black box. And that "black box" aspect is a major problem. You'll get an AI/ML based alert with exactly fuck all in detail on why the alert triggered. If you're lucky, you might get a couple log entries along with the alert, but nothing saying why those entries are suspicious.

I will grant that, there are a few cases where the "AI" in a product has worked. Mostly, it's been in language processing. Heck, having an AI half-write a function for you in a tool you don't use very often is quite nice. You almost always need to rework the results a bit, but it can get you started. But, my first question for any vendor talking about "AI Detections" is "how do we tune false positives?". It's just too big of a headache. And most of them try to downplay the need or dodge the question. Or, you have to babysit the model, effectively making it a supervised model. Which, fine. Just stop telling me how much time it's going to save me, when I'm going to spend more time supervising the model than searching for threats in my environment. And, for fucks sake, design that shit to explain itself.

As for putting AI in my system. I can see a use case for language processing. Heck, I'd love to have the Star Trek style, "hello computer..." type stuff actually work worth a damn. Google and Siri are pretty close, though even those can be shit on toast when trying to do anything slightly complex. And having all that done locally, without having to send data "to the cloud" sounds great for privacy and security (until MS adds a keylogger as part of the OS). But, given how much time my GPU sits at or very near idle, I do wonder if the extra chip is worth the silicon or space.

In the end, I'm expecting this to go much the way TPM has. We'll all end up with it in our systems, whether or not we know, care or use it. All because manufacturers just start soldering it on to everything. Maybe someone will find a good use for it eventually, distributed AI porn, maybe? But, like a lot of AI, it seems like a solution in search of a problem.

BLUF: It's been a mixed bag, but I would call it "worth it".

I've used Ubuntu a bit before. That's what my home server runs on and has for years. Granted, most of it's functions live in Docker containers. I also used both Debian (via Kali) and Ubuntu at work (yes, I know Ubuntu is Debian based, but it's also big enough to have it's own dedicated ecosystem). I work in Cybersecurity and use Linux based tools for image acquisition, digital forensics and data recovery. Kali makes for a great "it just works" system to validate vulnerabilities and poke at a network. And, between a lot of tools targeting Ubuntu and frameworks like SANS SIFT, Ubuntu gets used a lot. I also supported several Red Hat based servers at work for various tools. I'm far from an expert on Linux, but I can usually hold my own.

In a lot of ways, Arch wasn't an obvious choice for me. And I seriously considered going with Ubuntu (or another Debian based OS (e.g. PopOS)) at first. It's worth mentioning that my primary use for my desktop is video games. So, that heavily effected my choices. That said, the reasons for choosing Arch ended up being:

1. I have a SteamDeck and most of my games "just work" on it. With Arch being the flavor of Linux Valve is targeting, following their lead seemed like a good idea. I expected that a lot of effort to get games working on "Linux" would ultimately be focused on getting games working on Arch.
2. I wanted a "minimal" system. I can be a bit of a control freak and privacy nut. I already self-host NextCloud, because I don't want my pictures/data sitting on someone else's computer. So, the "install only what you need" nature of Arch was appealing.
3. I did do some testing of Ubuntu on my system and had driver issues (nVidia GPU) and some other problems I didn't put the time into running down. In the end, it put me off Linux for a while before I came back to it and ran Arch.

One of the things I did, which was really helpful, was a "try before you buy" setup. I was coming from Windows 10. And, as mentioned above, gaming was my main use case. So, that had to work for me to make the jump. Otherwise, I was going to milk Windows 10 for as long as possible and then figure things out when it went EOS. So, I installed Arch on a USB 3.0 thumbdrive and left my Windows OS partition alone. I also mounted my "Games" drive (M.2 SSD) and installed games to that. It was still NTFS, but that only created minor bumps in the road. Running that configuration for a couple months proved out that Arch was going to work for me.

When it came time to fully change over, I formatted my Windows OS partition as ext4, setup the correct folder structure and rsync'd everything from the thumbdrive to it. So, everything was the way I'd had it for those couple months. I did have an issue that my BIOS refused to see the OS partition on the SATA SSD I used for my OS partition; but, that was MSI's fault (I have an MSI motherboard). And that was resolved by changing where GRUB is located in my /boot partition.

Overall, I've been happy with the choice I made. Arch hasn't always been easy. Even the Official Install Guide seems to come from a RTFM perspective. But, if you're willing to put the time into it, you will learn a lot or you won't have a functional system. And you'll end up with a system where you can fire up a packet capture and have a really good idea of what each and every packet is about. As for gaming, so far I've had exactly one game which didn't run on Linux. That was Call of Duty 6, which I was considering giving a go to play with some folks I know. But, Activision's Anti-Cheat software is a hard "no" on Linux. So, I had to pass on that. Otherwise, every game I have wanted to play either had native Linux support or worked via Proton/WINE.

You only get a short time with the pointy end of the spear and then once a sword wielder is inside your range, you’ve got an unwieldy stick and they have a sword. Good for stand off melee maybe but prob not.

Yes, but getting in close without getting stabbed is really hard.
Here's an actual example of modern HEMA folks giving it a lot of goes:
https://www.youtube.com/watch?v=uLLv8E2pWdk