Sure was! You need to be on top of paid and free and open source software from a security stand point. There’s no shortcut no matter what you think you’re paying for. Your threat model might be better when the service automates a Web proxy for you, but that’s only one facet. You trade problems but should never feel like you can “set and forget”. Sometimes it’s better for you to do it yourself because there’s no lying about responsibilities that way.

100%

Almost like that xkcd joke…

Explains the bird feathers

First of all it clearly says counter clockwise so like first of all don’t rotate it clockwise like I did. Then secondly google image search rick roll. Thirdly consider the methods and time people go to to land a joke. Like I wonder if it was assisted by AI to just obfuscate it just enough to not be obvious.

Anyway I had to go to the comments too but mostly because I didn’t read the instructions.

Who needs 20! Lol. Says more about me than you.

Plex was how last pass got hacked. https://www.howtogeek.com/147554/lastpass-data-breach-shows-why-plex-updates-are-important/

You still need to do stuff even if it is plex.

To back off your post, does anyone have one for Australia?

April first.

I don’t think that works on my Samsung TV, or my partners iPad though. :)

Although not especially effective on the YouTube front, it actually increases network security just by blocking api access to ad networks on those kinds of IoT and walled garden devices. Ironically my partner loves it not for YouTube but apparently all her Chinese drama streaming websites. So when we go travel and she’s subjected to those ads she’s much more frustrated than when she’s at home lol.

So the little joke while not strictly true, is pretty true just if you just say ‘streaming content provider’.

Go watch “the cost of concordia” by the same guy :)

If you haven’t already that is.

Nobody happy. :(

Hey so it seems like you don’t really get licensing or ‘too expensive’ is just business speak for wanting it done free.

Exchange plan 1 licenses are minimally very very small licenses, but you can get even cheaper. You can even get exchange kiosk. Kiosk isn’t designed for users, it’s designed for things like an MFP then you’re allowed to relay with an authenticated startTLS account setup on the MFP to connect to exchange Online.

However, if you don’t use an authenticated account, you can still send internally. That way your inevitable compromised device doesn’t spam the world with mail throttle Microsoft servers. However you can scan to your own internal staff. And by internal staff I’m guessing at more and more here but I’m betting you have two mail domains. Only domains in your exchange Online Admin centre which are added into the domains, will be ‘internal’.

If you wanted hybrid you should do hybrid using the hybrid configuration wizard and it will connect your on premises exchange to your exchange Online using mail transports. You need to fix up a bunch of things to get that connected. But doing so will count the mailboxes which are on premise as ‘internal’ and unauthenticated mail will be allowed to relay to them.

But 40 exchange online only accounts with exchange plan 1 is hardly a few seconds of wage time per month in costs.

I’m guessing a lot here, but you said you have two different mail servers currently, online and on premise, I can only assume you’ve either got two different mail domains otherwise MX routing would be dead to one or the other. And I guess that because you said you’re getting errors that only happen when you send mail to external users.

So…

Five words into the article says

Apple’s internal presentation from 2013

Literally at the top under TL;DR

deleted by creator

Many of those types while having great brightness and reduced image burn in actually have terrible quality images. Eg no hdr, some may only be 30hz, some may have the contrast ratio which is so low you’ll just be sad to watch a movie on it looking at a black grey mush.

Though like all things, there’s a gradient. Some of the conference room monitor panels can be better but often >3x more expensive than the consumer model due to much better warranty (eg same day parts).

So I don’t have any advice here, just a bit of warning with experience with being around zoom, teams, and display walls from an IT solutions perspective,though generally I use AV partners for model selection and installation on any meaningfully sized conference/boardroom room or special application eg stages.

There have been a few cases where ports are blocked. For example on many residential port 25 is blocked. If you pay and get a static ip this often gets unblocked. Same with port 10443 on a few residential services. There’s probably more but these are issues I’ve seen.

If you think about how trivial these are to bypass, but also that often aligns to fixing the problem for why they’re blocked. Iirc port 10443 was abused by malicious actors when home routers accepted Nat- pnp from say an unpatched qnap. Automatically forwarding inbound traffic on 10443 to the nas which has terrible security flaws and was part of a wide spread botnet. If you changed the Web port, you probably also are maintaining the qnap maybe. Also port 25 can be bypassed by using start-tls authenticated mail on 587 or 465 and therefore aren’t relaying outbound mail spam from infected local computers.

Overall fair enough.

It’s paraphrasing Torvalds himself though. It’s a cheeky title.

“… and I have absolutely no excuses to delay the v6.6 release any more, so here it is,”

They’ll be in a hardware security module, just like the computer should be storing encryption keys with the tpm. Tbh I don’t know what’s actively implemented but definitely on the devices I manage in MDM they’re non-compliant without that. I’m sure you probably can get cheap devices without though. Just like you can get home level laptops without tpm.

Bring free on cloudflare makes it widely adopted quickly likely.

It’s also going to break all the firewalls at work which will no longer be able to do dns and http filtering based on set categories like phishing, malware, gore, and porn. I wish I didn’t need to block these things, but users can’t be trusted and not everyone is happy seeing porn and gore on their co-workers screens!

The malware and other malicious site blocking though is me. At every turn users will click the google prompted ad sites, just like the keepass one this week.

Anyway all that’s likely to not work now! I guess all that’s left is to break encryption by adding true mitm with installing certificates on everyone’s machines and making it a proxy. Something I was loathe to do.