RonSijm

Maybe you're confused with Truecrypt?

Truecrypt died and Veracrypt came as a port. Haven't heard of Veracrypt being dead

It's also pretty ridiculous how poorly it actually works. Recently I wanted to cash out some crypto, and the platform I was using was telling about their "peer-to-peer (P2P) rules to comply with anti-money laundering (AML) and Travel Rule standards".

I could only transfer funds to the exchange if I verified I own the account on another platform.

So all you have to do to verify it, is make a screenshot of having an account on a different (non-KYC) platform. When you verified you also own that other random wallet, everything is fine...

Soo, sending crypto "peer-to-peer" directly to the exchange is a big problem - but if you add an extra wallet in between as an extra hop, that you've verified to own but is off-platform - it doesn't matter anymore how that crypto got there

I guess it's cool - you can port some stuff from Postgres like pgVector and make Mysql a vector database.

On the other hand, I'm also think 'why?'. At some point just use Postgres instead of overcomplicating Mysql with extensions

Yea, well that was my first though, but then I though - why would chrome even allow any website to just arbitrary check which extensions you have installed.

So I checked the scripts and at this line the script is showing

async function fetchExtensionInfo(extensionId) {
  return new Promise((resolve) => {
    const url = `https://chromewebstore.google.com/detail/$%7BextensionId%7D`;

So I thought maybe they were calling the chromewebstore foreach plugin, and if you have an extension already installed, you get a different response than when you don't - or something.

But I suppose I'm wrong and for some reason a site can just ask the browser internally which plugins are installed

Uhm, doesn't really sound like this could be true. Maybe I'm missing something?

You'd see 2953 get requests in your network tab, right?

And the article says:

LinkedIn silently probes for 2,953 Chrome extensions on every page load.

Surely it would be drastically noticeable if for every page load they do 3k get requests to the chrome store

I don't think this has been mentioned, but it kind of depends on where your multiple laptops / desktops are. Is this always on your own home network? Because in that case you don't even need a remote service like Github

If so, you can create a network drive on any of the devices - mount the network device on your other devices, and then create a local git repo there. Just remember that using an external git service is also a backup. So if you do everything locally, make sure to have your own backups in place

A much, much worse but also possible solution is to just put your projects into onedrive/dropbox/gdrive and sync it everywhere. It works for syncing, since you're saying that's the main objective - but you lose out on version control

However, what is stopping a malicious actor from bypassing the API gateway and communicating directly to the micro services ? Do we solve this problem using a firewall, so only trusted traffic reaches the micro services ?

Kind of - sort of

With this kind of setup, usually you'd put all your micro services inside a VPC. The micro services wouldn't even be directly accessible from the internet. So it wouldn't really be a "firewall" - but a nat gateway.

Though conceptually a little bit the same. The API gateway is kind of acting as a firewall

It's ChatGPT that's commenting this, isn't it?

To be fair, it's not that crazy - your agents are generating a lot of data that Azure DevOps is storing. And they're doing a bunch of other things like release management and showing test results over time, etc etc

I'm using Azure DevOps practically free - (unless I build way too much and run out of free credits for the month)

But since so many things in Azure DevOps are already free.. If you're going to start substituting the paid features like extra build agents with your own "free self hosted agents" then where are they getting any money from?

Probably not "coolest" as in 'best code ever' or most complex code ever - but that got most coverage. So I think it's pretty cool

https://www.youtube.com/watch?v=ifJnWVSoyAY

Yes, but it includes your chat and voice chat history in the CoD, League, Dota and Counter Strike lobbies.... 😉

It depends on the registrar. By the rules of icann:

At least annually, a registrar must present to the registrant the current Whois information, and remind the registrant that provision of false Whois information can be grounds for cancellation of their domain name registration. Registrants must review their Whois data, and make any corrections.

So if the FBI concludes that the provided WHOIS data is false, they could potentially still use that as reason to seize the domains