Our workplace cybersecurity training introduces at least 1 new word each year. This year's was "vishing" which apparently is just social engineering/credential extraction that takes place over the phone. Of course, it's presented to non-technical users as a well-adopted term that is very important to know (for the checkbox quiz in 3 slides time).

That aside, a practical issue is that Royal Mail still retains the rights to _allocate_ new postcodes for any new properties. Yet another failure of this particular privatisation.

[0]: https://www.techdirt.com/2009/10/06/uk-royal-mail-uses-copyr...

As for charging, Jago Hazzard has a video on a fast-charge trial[1] for a battery-only route. As it's using a modified tube train, I'd assume it's lighter and thus requires smaller batteries, but recharging from third-rail takes roughly 4 minutes.

[1]: https://www.youtube.com/watch?v=dV441HnVI34

If you’re wiping it and installing Linux it’s like any other server, but if you’re running macOS you’re open to a wider spectrum of vulnerabilities that wouldn’t normally apply (desktop software). Your apps could also have vulnerabilities that expose access to personal credentials, etc (e.g. filesystems, apple id) depending on your setup.

You can insulate yourself a bit with tunnels/proxies to expose specific services (e.g. cloudflare, ngrok).

I had a lot more peace of mind buying an old, cheap computer, raspberry pis, and eventually NUCs.

I doubt I'll ever find factory original cells again for the 2013 but if Apple sells them I'd consider buying a MBP again.

Unfortunately, that's not quite right. Citing the latest rules:

> The rules on what you need to do when a group enters your venue have changed. You must ask every customer or visitor to scan the NHS QR code using their NHS COVID-19 app, or provide their name and contact details, not just a lead member of the group. [0]

[0] https://www.gov.uk/guidance/maintaining-records-of-staff-cus...

Delving into the rules, it appears this applies to all sit-in venues, while takeaway customers are exempt. A paper-based system should be available, if you trust the business to handle your data responsibly (or forge fake data if not).

This morning at a cafe I was asked to scan the QR code "or we can't serve you" for a takeaway order. Clearly some misunderstanding, and I didn't press about a paper-based list as I hadn't read the details myself. Hopefully it's an isolated incident, but it wouldn't surprise me if there was some simplified comms (/FUD) about "just get customers to scan the code".

You essentially run a little proxy server on your pihole setup, and configure pihole to use it as your upstream dns resolver.

E.g., a proxy server running at 127.0.0.1:5053 which uses the Cloudflare ipv4/ipv6 DNS over HTTPS endpoints. This can also use other DoH endpoints as desired:

    /usr/local/bin/cloudflared proxy-dns \
      --port 5053 \
      --upstream https://1.1.1.1/dns-query \
      --upstream https://1.0.0.1/dns-query \
      --upstream https://2606:4700:4700::1111/dns-query \
      --upstream https://2606:4700:4700::1001/dns-query

We argued against it in the dev team, but it wasn't the worst cloud migration I've done. The console reminds me of early days AWS as it's essentially just VPC+EC2+S3, but it was refreshing to spin up a server without a pages of config being presented to you. We took the opportunity to containerise our older sites and ran everything in their managed k8s cluster. I very rarely had to use the console for anything, which tbh is a bit of a grab-bag of managed services beyond the core cloud offering. Terraform support is there if you need to do anything serious.

The title should have [2015].

Syncing bookmarks, recently opened tabs, passwords, autofill(?). These are genuine benefits when you're working with laptops, desktops, phones and tablets. Whether they're worth the cost of data mining is another matter of course.