

Steam machines are going to finish consoles off in about 5 years.


Steam machines are going to finish consoles off in about 5 years.


So it’s actually in their best interest to give you the download ASAP and get you off their proverbial tit so they can serve the next user.
no its not. faster they serve the leecher the more leechers they’ll serve overall. the cost of the additional connections is miniscule vs the bandwidth cost.


this mother fucker thought I was talking about reading comprehension when I referred to their reference of literacy not being something game dev’s are responsible for (unless of course that is their goal). lol. I’d correct you… but not worth the bother.
Go play pajama sam or something its definitely the vibe you want from your games and its great.


Im insulting you for being an insufferable ass due to an inability to read a room. the game is literally making a mockery of fascists as most forms of art do. no one wants to deal with your holier than though nonsense over something they play as a past time. Literacy is not something game devs are going to be able to solve. Its an education problem.
I return to my original suggestion of you going outside touching some grass, breathing deeply, and interacting with real people.


You need to go touch grass. I feel for you, seriously i do but the only way to fix this is to expel the democratic neoliberals running the party and helldivers has 0 part in that lol.


its not their problem to solve. lol.


they really miss the marketing gold mines sometimes:
Make Andromeda Genial Again


didnt say it wasnt. you just missed the option for others. =)


Ultimately, to handle the fact that things are going to shit, you either choose, despair, ignorance or indifference. The last was my choice.
you’ve missed a important option.
The immigrants aren’t taking our jobs. They’re doing the work “we” don’t want to do. Agriculture. Janitorial. Construction. Stuff like that.
partially false, they’re working under conditions we technically have employment laws against. longer hours, no recourse against management, etc. it helps suppress wages across the board. This include higher paying jobs like software development, nursing, doctors, etc.


I never said anything about using the VPN as an ACL.
its literally your entire argument. you may not realize that is what you’re saying but it is. ‘vpns prevent {insert entity here} from accessing your systems by not publicly exposing them’. ACL -> ‘access control list’, you need to be on the VPNs list in order to access it which provides control for the network. your router already exposes you to the public internet. using a VPN or not doesnt change this.
in fact:
Sure, but someone would have to first get on the VPN
what do you think the phrase first get on the VPN means? its literally has access via the ACL. more on that paragraph later…
I’m also only talking about residential use cases, where it’s a common practice (when not using a VPN) to just expose everything via port forwarding.
business vs residential doesnt change security properties of approaches.
Businesses aren’t setting up Jellyfin on their servers.
because its literally is not a tool designed for any practical business use case. but that’s completely unrelated to its security properties. You’re literally just slapping a VPN in front to deal with the broken ACL’s that jellyfin provides.
Sure, but someone would have to first get on the VPN, and then find vulnerable apps once on the internal network, as opposed to just scanning the internet for public-facing vulnerable systems.
Doubling up on the authn/authz layers doesnt improve security, it just worsens user experience, which then leads to users taking short cuts for their own convenience undercutting whatever security you’re doing.
again as that wonderful federal document discusses VPNs are useful for preventing lateral movement once a device on a network is compromised (see worse user experience). but you literally need multiples of them in order for that to be effective and you need a reason for the segmentation.
Wireguard (and thus Tailscale) doesn’t respond to port scans at all - it only responds to packets that are signed with a known key.
port scanning isnt a vulnerability, its an attack optimization. a discovery mechanism once an attacker already on a network.
it doesnt really even slow attackers down these days. it doesnt take long to just plaster every port with your request for a specific application and when you’re attacking a system you essentially already know what vulnerabilities you’re going to attack (or you just try all the ones you have). oh no, it took them 30 seconds to compromise the network instead of 3…
you can also achieve similar properties at the application level w/ quic’s 0-RT, you send the auth request in the initial packet. so either the authn works or the connection silently hangs just like wireguard.
Nevermind the fact that using something like wireguard gives attackers something to target on your local device. ‘oh look, the keys to the kingdom just sitting here… on disk… in a well known directory… so kind of people to just leave these skeleton keys just lying out in the open like this, its a great trick VPNs have pulled teaching everyone they’re for security instead of privacy’
Admittedly, networking and network security isn’t my specialty
And I’ll refer you back to my original posts about VPNs not being effective security measures and how you should stop quoting dogma.
Its perfectly fine you’re using one, just stop spreading misinformation that they’re for security in any manner. you’re just using it to poorly plug security issues down stream in jellyfin.
fun fact: did you know that the encryption in the bittorrent protocol is basically useless and has major performance impacts when enabled?
also fun fact: did you know most networks get compromised by attacking the router itself first? you know the easiest thing to secure in the first place from a complexity standpoint? making this entire discuss pointless?
in real terms: try retrovibed at some point its still early days for it but its UX is designed around dealing with a lot of these issues.


Which has nothing to do with my statement.
has everything to do with your statements. you’re critique is that they could have spoken up sooner. which while true, ignores the actual behavior that they have demonstrated for literally a century. you: ‘dad, why did the bee sting me when I shook its nest?’ shocked pikachu
its hardly surprising they came out publicly now. 1) because it was patently obvious to literally everyone there was no need to except… 2) when they believe the current administration is being exceptionally idiotic… funny that its happened multiple times for this administration…
Unless you are a part of the US intelligence apparatus, your remarks on why they’ve not commented before now literally cannot be anything but speculation.
sure. I refer you to the bee example again. next you’ll tell me you shouldnt touch a hot stove.


Hardly superficial when they could have made that stance apparent at any point before now to meet that very same objective.
This is not a group that makes public statements often. they only do it as last resort. This is a group of individuals who believe not saying anything is a better practice.
Also, this isn’t a classroom and you’re not a teacher.
thank fucking god you’d all fail lol. And I’m not speculating this has been common practice for the intelligence community for literally 100 years now.


If a service is publicly accessible, anyone can access it.
false.
Even if it’s secured, there can be security issues in the auth layer of the app, improperly secured endpoints, etc.
true, fun fact a VPN is also an application with an auth layer. dun dun dun!
If a service is only available over VPN, nobody can access it unless they’re on the VPN.
which is basically anyone soon as a browser is in the mix. which it is.
I’m not sure why you seem to think that a private network isn’t more secure than a public network.
because I’ve done network hardening and know that they are only as secure as the devices and people that are a part of that network. it has nothing to do w/ private vs public and everything to do with what you do while within that network.
There’s a reason why practically every company requires people working remotely to connect to a VPN to access company resources.
uh huh. heard of lemmings? appeals to authority? etc, etc, etc. thats you right now. federal agencies guidelines regarding VPNs search terms for you: Federal Zero Trust Strategy (notably via OMB Memo M-22-09). Individuals like yourself are literally the reason they had to release these updated guidelines. because people kept quoting out of date security practices from their old guidelines as ‘good enough for the feds must be best practices’
like i said you dont know what you’re talking about. historical foot note: when the federal agency updated their recommendations regarding VPNs they were criticized by security experts for taking so fucking long to finally remove the misguided position that VPNs improve security that you hold.
here is a relevant snippet for everyone:
Regardless of the approach selected, agencies must move away from the practice of maintaining a broad enterprise-wide network that allows enhanced visibility or access to many distinct applications and enterprise functions. Accordingly, agencies should choose their zero trust approach early enough to permit them to align that approach with their plans for IT investment
Literally use ‘authn/authz’ and dont rely on VPNs for ACL. Here is another gem from that memo for today’s lucky 10,000:
Agencies must remove password policies that require special characters and regular password rotation from all systems
and yet companies still put that nonsense into their security policies.


yes. that is the very superficial view. can you think of any particular reasons why they (the usa intelligence community) decided to publicly acknowledge this very trivial conclusion at this point in time?
look people its not hard, by them doing this it completely undercuts any equivocation the current administration might do regarding iran/isreal situation. its basically them forcing the administration to hold isreal accountable or look like bigger buffoons than they already are.
this is a good thing.


so by agreeing with your assessment of the situation makes the US intelligence agencies worse than most of the world? you see what i am getting at here right?


except its not. VPNs provide no real protection for a network. its literally undercut by any network connection that reaches beyond the wall it provides.
VPNs are a routing simplification and privacy measure not a security measure. idiots try and use them as a security layer thinking they’re safer.


are you saying isreal isnt going to try and fuck up the deal? lol.


thats, like, your opinion man. frankly slapping a VPN on top of everything else doesnt improve your security posture unless you have the skills to manage that system on top of everything, including ongoing validation that its configuration is restricting what you want it to.
a robust authn/authz at the application layer is what secures your environment. VPNs are just slapping a wall around your network that is trivially penetrated by the browsers (and their extensions) within your network.
stop spouting dogma seriously doesnt make you look intelligent. personally the only reason I bother with a VPN is so I can leverage my local networks dns to access services anywhere. its not for security.
yes, but that doesnt need to be the case if valve doesnt want it to be most their money is off game sales so.