The Starbucks locations near me recently replaced their brewed coffee with on-demand coffee machines for each flavor, so I guess we are all destined to wait in the queue for coffee.
If they've pivoted to using those Wawa/7-11-style "latte" dispensers that sound like someone's blowing their nose while keeping the Starbucks pricing, I'm not surprised they're struggling and closing locations.
In our coming cyberpunk future, Starbucks will just be a brand of vending machines known for burnt coffee and LCD screens displaying scantily clad mermaids
Those are Clover machines from a company they acquired like 15 years ago. They're very good and in my opinion a big improvement over their traditional batch brew-and-store coffee. There are more roasts available to order, the coffee is guaranteed to be fresh, and most of the time they still "skip queue" and hand you your coffee at the register.
I loved the MBP’s from that era. That was my first (easy) upgrade as well in addition to more memory. Those 5400 RPM hard drives were horrible. Also another slick upgrade you could do back then is to swap out the super drive with a caddy to have a second SSD/HDD.
It still works fine today, though I had install Linux on it to keep it up to date.
If anything they will build a backup DC in Texas so they can hold that over NJ in case the local government starts talking about transaction taxes again. The CME is currently building a “backup” private Google Cloud datacenter in Dallas.
I have AT&T Fiber and it's been /64 since forever. I even called tech support who confirmed that they only provide /64 prefix length to home customers. How come did you manage to get a /56?
Sorry I confused prefix delegation with with having an allocation. I have multiple /64’s. It looks like with PD you can have up to 16 subnets, so equal to a /60.
That being said, the cloud providers could do a better job explaining to new/naive users that great power comes with great responsibility and there is no hand holding. Someone might be more hesitant to willy nilly spin up something if a wizard estimates that the maximum cost could be $X per month.
When I am playing around in the cloud I am super paranoid about charges, so I end up locking the ACLs to only permit traffic to my home IP. It’s too bad that they don’t have a better built in way of making sandbox labs. When I was doing cloud training with A Cloud Guru, it would generate a whole global AWS instance that would only last for 30 minutes.
In general that would be a good question, but you've asked it in a case where "use AWS" is the _only_ way to accomplish the goal... which is learning AWS.
You commented on a post that included When I was doing cloud training with A Cloud Guru which is cloud certification platform. Can’t run “locally” getting prepped for an AWS certification and AWS is absolute shit for beginners in terms of cost protections
This appears to be a server emulator for the defunct MMO Need for Speed World. My guess is that need they need to spoof the TLS certs and install local host entries to get the original game client to work.
The certificate is used for nothing more other than checking whether the launcher is "signed". The whole scheme is full of security holes, the certificate check mostly seems like it was a programming exercise for the author.
There is no need for the certificate installation with regards to any emulation functioning. Also, worth noting that this is an ongoing issue: this reboot of the game still has a decent daily player count and the CA installation concern has not been addressed, the launcher still does this.
(It's also not a server emulator, it's just a launcher for the game client, used by players of the game.)
Codesigning is expensive. You have to purchase a $500 cert and renew it every year. Or, you can issue your own CA capable of code signing and sign your own stuff. But the OS won't think it's really signed unless the OS also has the CA in it's trust store.
This is just a case of them wanting to save money on code-signing certificate renewal fees.
A code signing certificate does not cost $500 a year. The OP links to an offering by Certum which is just $25 a year plus the cost for a reusable smart card.
Personally, I recently acquired a certificate from HARICA which costs $55 a year if you only buy one year at a time.
Can we stop with this kind of hyperbole, please? It's an open-source project for a dead game. It does not come pre-installed with any hardware, nor is it required by any employer or government to be installed on your device. It's something you actively have to seek and install, and not even the person reporting the bug saw anything malicious happening.
Criminal negligence is a legal term with a specific meaning, and it is far removed from... whatever you think is happening here.
Can you think a little bigger about the implications here?? Please understand the root key for this cert has absolute mother fuckton of power ... Someone who has this key can sign certs and pretend to be your bank, your crypto provider, anything you visit!!!!
You need to understand that a root ca key is generally stored offline , in shamir secret sharing pieces, likely in some vaults... if this dude is just keeping this on his computer with a shitty router in front of it, they are being criminally negligent.
Except this is just a single validation root ca, not a wildcard across the whole internet CA. I agree that this is complete hyperbole and everyone is making a fuss about nothing.
To remind the viewers, in order for a certificate to be considered “valid”, at least an intermediate CA (certificate authority) certificate needs to be trusted by the OS. At work, we do this. When I release games, I do this. I give you my CA, so you can verify and guarantee my software was written by me, my org, and hasn’t been altered.
I get the perspective of letting end users know, but I don’t agree with giving them a choice.
The same intermediate CA is used by us for encryption of communications as well. So, we want to remove that? Make everything plain text binary? No. Get over yourself.
So I take it you didn't read the github link where the poster says that the CA has too many many permissions including server and client authentication? No?
So its not hyperbole.
Evidence verbatim from GH post:
However, even if this is in fact a well-intentioned bad execution of the code signature verification idea and not malicious in any way, it is still a pretty egregious security issue for the users of SBRW. For what it's worth, also consider the case wherein the private keys for the CA are stolen in some way from whomever currently has them.
I also want to note that the certificate has a highly inappropriate and unnecessarily broad list of key usage IDs included, of which I would assume that no more than two or three are necessary for the advertised function of this certificate. The complete list follows:
List
Server Authentication (1.3.6.1.5.5.7.3.1)
Client Authentication (1.3.6.1.5.5.7.3.2)
Code Signing (1.3.6.1.5.5.7.3.3)
Secure Email (1.3.6.1.5.5.7.3.4)
Time Stamping (1.3.6.1.5.5.7.3.8)
Unknown Key Usage (1.3.6.1.4.1.311.2.1.21)
Unknown Key Usage (1.3.6.1.4.1.311.2.1.22)
Microsoft Trust List Signing (1.3.6.1.4.1.311.10.3.1)
Unknown Key Usage (1.3.6.1.4.1.311.10.3.3)
Encrypting File System (1.3.6.1.4.1.311.10.3.4)
Unknown Key Usage (2.16.840.1.113730.4.1)
File Recovery (1.3.6.1.4.1.311.10.3.4.1)
IP security end system (1.3.6.1.5.5.7.3.5)
IP security tunnel termination (1.3.6.1.5.5.7.3.6)
IP security user (1.3.6.1.5.5.7.3.7)
IP security IKE intermediate (1.3.6.1.5.5.8.2.2)
Smart Card Logon (1.3.6.1.4.1.311.20.2.2)
OCSP Signing (1.3.6.1.5.5.7.3.9)
Unknown Key Usage (1.3.6.1.5.5.7.3.13)
Unknown Key Usage (1.3.6.1.5.5.7.3.14)
KDC Authentication (1.3.6.1.5.2.3.5)
reply