Every new feature added to Github has made it more unpleasant to use

Free private repositories, Github Actions, and Github Packages are all pretty useful though. All of those were added under Microsoft’s ownership. Actions got a head start because it was built on top of Azure DevOps infra that Microsoft had already created.

I get the Pro version for free since I’ve worked on a few popular open-source projects. I’m using it in VS Code and it’s helped me write code for systems I’m unfamiliar with. I’ve used it to summarize the architecture of open-source projects so I understand how to contribute new features. The autocompletion can be pretty good too. I also use it to review my code.

We use Claude Code with the Opus 4.5 model at work, and it’s quite a bit better, but I don’t want to pay that much for an AI model for personal projects since I use it so infrequently.

hold hold

Maybe he just needs to rest his arm.

Are you including Github Copilot in that count? Technically that’s a Microsoft product. It’s probably the only Copilot that’s actually useful.

Unfortunately they no longer include elaborate Easter eggs like that, since they adopted a security policy around 20 years ago that forbids them. https://learn.microsoft.com/en-us/archive/blogs/larryosterman/why-no-easter-eggs

I don’t know many people that still call it “Microsoft Office”… They usually refer to the individual apps they use (Word, Excel) rather than the suite as a whole.

Some people just call it “Microsoft” (“please install Microsoft on my computer”), especially if they’re on MacOS where it’s the only Microsoft software they use.

Some people assume it’s part of Windows since they’ve only ever used computers that have had it preinstalled.

THE CHEESE IS UNDER THE SAUCE

Both of those documents agree with me? RedHat are just using the terms “client” and “server” to make it easier for people to understand, but they explicitly say that all hosts are “peers”.

Note that all hosts that participate in a WireGuard VPN are peers. This documentation uses the terms client to describe hosts that establish a connection and server to describe the host with the fixed hostname or IP address that the clients connect to and, optionally, route all traffic through this server.

–

Everything else is a client of that server because they can’t independently do much else in this configuration.

All you need to do is add an extra peer to the WireGuard config on any one of the “clients”, and it’s no longer just a client, and can connect directly to that peer without using the “server”.

There’s no such thing as a client or server with Wireguard. All systems with Wireguard installed are “nodes”. Wireguard is peer-to-peer, not client-server.

You can configure nftables rules to route through a particular node, but that doesn’t really make it a server. You could configure all nodes to allow routing traffic through them if you wanted to.

If you run Wireguard on every device, you can configure a mesh VPN, where every device can directly reach any other device, without needing to route through an intermediary node. This is essentially what Tailscale does.

I know of at least one big tech company that uses a self-hosted, self-contained Mattermost instance, hosted with a major cloud provider totally separate from all their infra, for communication in major outages when all their internal tools are down.

Thanks - I forgot about that.

The hostname will be encrypted eventually (ESNI) but you’re right that the IP address is visible.

Destination IP is starting to mean less and less these days, given there’s a large amount of sites that use shared IPs rather than dedicated ones (for example, if they use Cloudflare, Vercel, Netlify, AWS CloudFront, etc.)

1. It encrypts your internet traffic in transit

Note that most sites use TLS these days, so your data is already encrypted in transit.

Yeah this doesn’t make sense. Docked bars have worked fine since Windows 95. You could have the task bar on any side, and apps would handle it. You could have multiple docked bars too, as some third-party apps used to be dockable. For example, Winamp had a view that was a short bar stretching the entire width of the screen, stuck to the top of the screen. The windowing system handled it with no issues.

Yes! I’m not sure about it changing when you connect monitors (since I’m usually using desktop PCs), but you can have a different setup per monitor.

I have three monitors at work. My main monitor is configured to show all open apps in the taskbar, while the secondary monitors only show the apps opened on those monitors. You can totally change any of the configuration though… the layout, the position, the settings, or even just not have a taskbar on some monitors.

It’s what I’ve experienced at FAANG companies. MitM isn’t used and would break certificate pinning on sites (including internal tools) that use both certificate pinning and HSTS. The Chromium source code has a list of domains that are hard-coded to only accept particular root certificates.

There’s automated filters (both manually-created and AI) but bad actors find ways around them.

/var holds log files

Not just log files, but any variable/dynamic data used by packages installed on the system: caches, databases (like /var/lib/mysql for MySQL), Docker volumes, etc.

Traditionally, /var and /home are parts of a Linux server that use the most disk space, which is why they used to almost always be separate partitions.

Also /tmp is often a RAM disk (tmpfs mount) these days.

Larger companies that monitor for corporate passwords being entered on third-party sites usually use a browser extension that’s force-installed using Chrome Enterprise. That’s especially the case if they mandate the usage of Chrome.

Hong Kong to Los Angeles is around 70ms latency (140ms round trip) so I’m not too surprised.