This isn’t the best or most popular way to do it, but: https://learn.microsoft.com/en-us/windows/wsl/install

There is a way built into windows to deploy and use Linux from inside windows.

It’s not the most pure experience, but it’s a way to make sure you have something like a feel for how some parts work before jumping in any deeper.

A bootable USB stick is another way to try before you commit. Only reason I might suggest starting with trying it the other way first is in case you run into issues connecting to the Internet or something you won’t feel totally lost. Having to keep rebooting back into windows if you have a problem can be frustrating, so getting a little familiarity with a safety line can help feel more confident.

Issues with a USB boot are increasingly uncommon, as an aside. Biggest issue is likely to be that USB is slow, so things might take a few moments longer to start.

From there, you should be pretty comfortable doing basic stuff after a little playing around. Not deep mastery, but a sense of “here are my settings”, “my files go here”, “here’s how I fiddle with wifi”, “here’s how I change my desktop stuff”. At that point a dual boot should work out, since you’ll be able to use the system to find out how to do new things with the system, and also use it for whatever, in a general sense.

If it’s working out, you should find yourself popping back into windows less and less.

No, I think it’s saying that opensuse breeds Linux distros, and is trying to get Debian and arch to rub cloacas.

Also, opensuse once bit off a little chunk of someone’s ear.

So, I wasn’t referring to enjoyment. I spoke of engagement or interest. It’s why programming is more appealing than data entry.

You’re just doubling down on the false dichotomy I spoke of. It’s not at all uncommon to find someone with plenty of experience who can easily and honestly tell you why they think what the company they work for does is interesting.

Asking someone why they think working at the job they’re applying for is appealing isn’t “hiring for enthusiasm”, and it’s honestly odd that you keep casting it that way.
I get where you’re coming from, and I partly disagree. It doesn’t seem like you’re parsing what I’m saying because of this “either one or the other” attitude though.
No offense intended, but it makes you come across as burnt out and sad. I don’t work for small companies, with inexperienced people, and I’m not constantly shipping broken code that needs rewriting. I’ve been doing this for roughly 15 years and I can honestly say “working in security in general is interesting because it forces you to think about your solution from a different perspective, the attacker, and working at $AuthenticationVendorYouQuitePossiblyUse in specific is appealing because you get to work on problems that are actually new at a scale where you can see it have an impact”.
That’s not gushing with enthusiasm: it’s why I’m not bored everyday. If you’re actually just showing up to work everyday and indifferently waiting to be told what to do because it’s all just the same old slog… That’s sad, and I’m sorry.

I’m lucky that after all these years still get those moments of great enjoyment when at the end of doing something insanelly complex it all works

I just think it’s worth pointing out that that is an example of the work being engaging.

No one is so naive as to think that you work a job for anything other than money. The original post doesn’t even seem to convey that it’s bad to ask about the pay and benefits. It’s saying that if, when directly asked, the candidate has no answer to what seems interesting about the job they might not be a good fit.

You seem to be an experienced software developer. You’re easily qualified to do basic manual data entry. Same working environment, same basic activity. Would you be interested in changing roles to do data entry for $1 more salary?
I’m also a software developer, and I can entirely honestly say I would not, even though it would be less responsibility and significantly easier work.
Even the boring parts of my work are vaguely interesting and require some mental engagement.

It seems there’s this false dichotomy that either you’re a cold mercenary working 9 to 5 and refusing to acknowledge your coworkers during your entitled lunch break, or you’re a starry eyed child working for candy and corporate swag. You can ask for fair money, do only the work you’re paid for, have a cordial relationship with coworkers, and also find your work some manner of engaging.

It’s not unreasonable for an employer to ask how you feel about the work, just like it’s not unreasonable for a candidate to ask about the details of the work.

Sure. I wouldn’t disqualify someone for being ambivalent towards what we’re working on, but the person who seems interested is gonna be better to work with.

Likewise when looking for a place to work, if the tangibles are equivalent I’ll prefer the place with better intangibles.

I’m not in HR or management, so I don’t care about cost effectiveness or productivity beyond “not screwing me over”. From that perspective, it’s generally nicer to work with someone who finds it interesting than with someone who doesn’t.

There’s no point asking “why do you want to work here”, because the answer is obviously a combination of money and benefits, and how food and healthcare keeps you from being dead.
I can’t fault an interviewer who’s clearly trying not to ask the obvious question and instead actually ask how the candidate feels about the work instead of disqualifying them for not volunteering the right answer.

It’s not unreasonable for an employer to ask a candidate how they feel about the work anymore than it’s unreasonable for the candidate to ask about the working environment.

I actually kinda agree with both here.

It sucks working with someone who is utterly disinterested in the work, if it’s anything above rote work.
Asking the candidate what they found interesting about it is at least a basically fine idea. If they can’t answer when you ask, that actually is kinda concerning.
Big difference between asking and expecting them to volunteer the information.

At the same time, if the people interviewing you can’t even pretend to show basic conversational courtesy by asking some basic “what do you do for fun” style questions or anything that shows they’re gonna be interested in the person they’re looking to work with, that’s a major concern.

Could also store our bools as floats.

00111111100000000000000000000000 is true and 10111111100000000000000000000000 is negative true.

Has the fun twist that true & false is true and true | false is false .

But only if you really mean it. If not, it’s a syntax error and the compiler will know.

Sounds like a compiler problem to me. :p

I set all 8 bits to 1 because I want it to be really true.

Okay. You’re still doing tech support either way. I have no way of knowing how much free tech support you’re willing to give, hence my caveat of how much you’re willing to support them.

Netflix would disagree. People feel like they’re supposed to be getting access to a service, and if they’re not getting it they’ll complain to the nearest party to what isn’t working. In this case that’s you or Netflix being asked questions about why the router isn’t working.
That it’s wrong or irrational has nothing to do with who’s getting asked the question, and who’s the first line of troubleshooting when the service doesn’t work.

If people didn’t ask the wrong people questions, Netflix wouldn’t need support articles on how to reset your router.

Honestly, you’re supporting a chunk of her network by being a media provider in the first place. “It won’t play” doesn’t usually come with an assurance that it’s not a device or network issue.

Neither plex nor jellyfin seem remotely worth the effort to provide to others in my opinion, I just felt like sharing that there are ways to afford network protection to locked down devices.

I’ve got no real care for jellyfin one way or another, just sharing that there’s ways to make the network obey.

I think giving people access to my media server is asking for too much trouble personally. Now you’re dealing with forgotten passwords, people using your bandwidth at weird hours, and you basically become the media fairy, responsible for finding whatever it is people want, and then dealing with their issues when their device can’t codec at it for whatever janky reason.

I’m good at setting boundaries with family so it’s not stressful, just more annoying than I want to deal with.

Depending on their router and how much IT labor you care to do for these people you can actually configure a site to site VPN tunnel. All traffic for a particular address range will get routed through the VPN automatically.

It used to be a high end feature but it’s made it’s way into general routers since it doesn’t really require many resources and it lets you label it as having more home office features.

Walk me through that analogy, and what point you’re trying to make. My hammer doesn’t typically have unexpected interactions with things I’m not hammering. When I build a bookshelf, I don’t have to make sure my desk is clean to keep people I let borrow books from unlocking my front door without a key.

Do you think that improper setuid isn’t a common enough vulnerability to have a name and designation?

What constitutes a security nightmare if not something that requires a large and annoying amount of work, and can be made insecure by a mistake somewhere else?

I would describe need to proactively go out of your way to ensure a program is simple, minimal, and carefully constructed to avoid interactions potentially outside of a restricted security scope as a “security nightmare”.

Being possible to do right or being necessary in some cases at the moment doesn’t erase the downsides.

It’s the opposite of secure by default. It throws the door wide open and leaves it to the developer and distro maintainer to make sure there’s nothing dangerous in the room and that only the right doors are opened. Since these are usually not coordinated, it’s entirely possible for a change or oversight by the developer to open a hole in multiple distros.
In a less nightmarish system a program starting to do something it wasn’t before that should be restricted is for the user to get denied, not for it to fail open.

https://www.cve.org/CVERecord/SearchResults?query=Setuid

It may be possible, but it’s got the hallmarks of a nightmare too.

Anarchism is opposition to power hierarchies, specifically non-consensual or coercive ones. Wealth inequality without safety networks is a coercive power hierarchy, and so needs to be fought. Capitalism as a whole is almost always incompatible with anarchy, at least in the way we tend to do it now. In a system with strong social safety networks the choice to work for someone can actually be a choice, and so some schools of thought would view it as compatible.
Others view exclusive ownership of property as someone asserting power over someone else’s ability to use said property, and therefore wrong. Needless to say, abolition of private property is not compatible with capitalism.

Depends on the anarchist. Many would focus on seeking the absence of involuntary power hierarchies. A manager who distributes work and does performance evaluations isn’t intrinsically a problem, it’s when people doing the work can’t say “no, they’re a terrible manager and they’re gone”, or you can’t walk away from the job without risking your well-being.

Anarchists and communists/socialists have a lot of overlap. There’s also overlap with libertarians, except libertarians often focus on coercion from the government and don’t give much regard to economic coercion. An anarchist will often not see much difference between “do this or I hit you” and “do this or starve”: they both are coercive power hierarchies.
Some anarchists are more focused on removing sources of coercion. Others are more focused on creating relief from it. The “tear it down” crowd are more visible, but you see anarchists in the mutual aid and community organization crowds as well.

It wasn’t the crypto key pair part I was referring to, it was the part where fido is geared towards interactive user auth, not non-interactive storage.
It wouldn’t have surprised me if the ssh devs hadn’t put implementing fido support for host keys high in the development list, or that it was tricky to find documentation for. Using something like a tpm is the more typical method.

There’s no technical reason it can’t work, and the op got it to work so clearly the implementation supports it, but that doesn’t mean it’s the most expected setup, which means it might have unexpected gaps in functionality or terrible documentation.

Unfortunately, I think you’re going to run into trouble because fido authenticators are geared towards working as user authenticators rather than as device authenticators.
It certainly should be possible from a technical perspective, but implementation-wise, it’s very likely that the code focuses on making fido devices work with client keys, and using tpms for host keys, since that’s much more focused on headless server functionality.

Oval peg in a round hole.