Oh, I didn’t think about the fact that they’re a CA. That’s a good point; thanks for the info.

Maybe I’m misunderstanding what “behind cloudflare” means in this context, but I have a couple of my sites proxied through cloudflare, and they definitely don’t have my keys.

I wouldn’t think using a cloudflare captcha would require such a thing either.

Is there a reason other than avoiding infrastructure centralization not to put a web server behind cloudflare?

A couple decades at least, if things go extremely poorly for them and keep on doing that.

It works fine for me, fwiw

unless they stole your buddy’s credentials

Thank God trolls never steal people’s credentials so they can hack a small server because they’re bored.

True, though WinRar is technically neither.

would you rather …

If it means no VC, yes, without a doubt. That’s kind of the point.

Because cat people are weird as fuck.

I’m writing a paper on this, actually. Basically, it’s okay-ish at it, but has definite blind spots. The most promising route is to have AI use a traditional static analysis tool, rather than evaluate the code directly.

To be fair, there has been very slow progress toward securing some endpoints. But yeah, I was probably being too charitable; the project places way too much emphasis on “backward compatibility” and not enough on security.

You probably shouldn’t just expose jellyfin to the internet quite yet though. There are some ongoing efforts to fix unauthenticated endpoint problems.

Oh, go away.

I’m not even a librarian but pshh, I still got a card. They give them out to anyone, you know.

Ah, sure. Yeah, goroutines are a well-implemented abstraction.

real-time

Go

…huh?