Translation: We’re extremely short staffed, so we are shaming our employees into sacrificing their vacation

Knowledge of the account is an obvious caveat. Yubikey-based MFA is an added layer of protection for accounts, so any kind of attack against MFA assumes the attacker already knows which account to target.

It’s like saying “our door lock is flawed, but the attacker would need to have knowledge of the door”.

The cost and complexity is what’s noteworthy and is more relevant. Although attack cost and complexity usuallu goes down with advances in tooling and research. So it may be a good idea to plan a progressive retirement of affected keys.

Sodas

AI is the new “the dog ate my homework”

Nice.

Does Forgejo support Git? I’m not familiar with Forgejo, and it’s not obvious in this announcement or their homepage.

Forgejo does support Git, I didn’t read carefully enough.

GIMP 2.99.99.1.5-final-reallyfinal-rc64-proper

These 5% of negative reviews probably has nothing to do with you. There’s always a small amount of people unhappy for random or unrelated reasons (broke up with boy/girlfriend, car broke, etc) and who would write negative reviews no matter what. It’s possible they cannot dissociate the course from other things happening in their life. They just happened to be unhappy at that time, and felt like leaving a nasty review.

That’s interesting. Thanks for pointing it out.

My point is having a very old constitution isn’t much of a boast if keeping it as-is causes political issues.

Tradition and inertia.

The USA is proud to have the oldest and longest-standing written constitution. The fact it hasn’t been rewriteen in a long time help explain why there’s still an electoral college, slavery for prisoners (13th amendements), and weak regulation of campaign finance.

That sounds a bit contradictory but there’s an important details. Part of the accusation seems to be about picking winners, ie giving subsidies to specific companies rather than the sector as a whole.

The anti-subsidy investigation has been intended to confirm the Commission’s allegations that manufacturers of battery electric vehicles (BEV) in China benefit from countervailable – i.e. specific and advantageous to the receiving companies – subsidies

If that’s true then a tweak to subsidies might technically solve the issue without changing the EU-China competition balance.

IMHO the EU should focus on carbon border tax, and on doing it quickly and efficiently. The idea is taxing import from countries that don’t tax pollution, or at least less than the EU does, to make competing companies subject to similar emissions tax/regulation.

Don’t waste time trying to reason them. If you’re not able and willing and sue them to enforce the GPL license, the company won’t care.

You should directly informe one of the organisations mentioned previously, they may have a lawyer and experience fighting this kind of fight.

Best you can do youself is collect evidence that they’re distributing modified GPL software, and write a precise description of the issue, to help these organisations kickstart their investigation into the GPL violation.

That’s the solution I picked at work. Refused to install that Microsoft software on my personal phone, but instead provided a phone number.

If you have a VoIP provider you could even try to the VoIP number for MFA instead of providing your real mobile number.

If IT make a comment about you not having the app, ask if they intend to provide a company device for that.

If the company cared, they would provide MFA hardware like Yubikeys to their employees.

Arkane is a gem, don’t close it damnit