Having a non-garbage domain provider can be a luxury. I used to work at a place where we were paying boatloads of money for certificates from Sectigo for internal services, and they were charging us extra per additional name and even more if we wanted a wildcard, even though it didn’t cost them anything to include those options. Getting IT to set up the DNS records for Let’s Encrypt DNS verification was never going to happen.

I’m pretty sure browsers stopped distinguishing EV certificates years ago.

A large percentage of those hosts with SSH enabled are cloud machines because it’s standard for cloud machines to be only accessible by SSH by default. I’ve never seen a serious security guide that says to set up a VPN and move SSH behind the VPN, although some cloud instances are inherently like this because they’re on a virtual private network managed by the hosting provider for other reasons.

SSH is much simpler and more universal than a VPN. You can often use SSH port forwarding to access services without configuring a VPN. Recommending everyone to set up a VPN for everything makes networking and remote access much more complicated for new users.

Shodan reports that 35,780,216 hosts have SSH exposed to the internet.

Moving SSH to ports other than 22 is not security. The bots trying port 22 on random addresses with random passwords don’t have a chance of getting in unless you’re using password authentication with weak passwords or your SSH is very old.

SSH security updates are very infrequent and it takes practically no effort to keep SSH up to date. If you’re using a stable distribution, just enable automatic security updates.

Having SSH open to the internet is normal. Don’t use password authentication with weak passwords.

This is the guide for making the gif look good: https://blog.pkh.me/p/21-high-quality-gif-with-ffmpeg.html

It’s also ahead of gitea in some aspects: https://forgejo.org/faq/#is-there-a-roadmap-for-forgejo

intel’s WiDi software supported Miracast, which is a standard.

Or use Miracast, AKA WiDi, Smart View, SmartShare if you just want to mirror a screen.

You don’t need a static IP to have a domain name, and you don’t always need to pay for a domain name either.

That Pentum is a budget CPU from just over 10 years ago. It has PCIe 2.0. Maybe the “gigabit” ethernet is connected to the CPU by a single 500Mbit PCIe lane.

The link is broken, but this is apparently an issue with Signal Desktop, not regular Signal. The proposed solution does not work on Windows: https://www.electronjs.org/docs/latest/api/safe-storage

[…] content is protected from other users on the same machine, but not from other apps running in the same userspace.

It’s unfortunately about the best you can do on Windows.

Calling an unspecified gender person anything other than “they” was until recently considered to be incorrect. “They” is plural but now is used to refer to singlar persons because writing “he or she” everywhere is too much. Calling a user “he” does not imply that users are male or can only be male. Not using “they” or “he/she” or obscure gender neutral pronouns does not make something inherently transphobic. Closing PRs that unnecessarily change pronouns as spam is not inherently transphobic, but the accompanying comment is not very inclusive.

The post talks about “white suppremacist language,” but the proposed change did not remove white suppremacist language. It was just a generic anti “woke” message, possibly motivated by people brigading after the original PR to change “he” to “they.” White suppremacists may use also use similar language, but you can’t just pick things that a white suppremacist has done and decide that anyone else who does the same is a white suppremacist. He’s not blameless, but people are intentionally provoking the developer and exagerating the responses for drama.