Unfortunately, if my manner of speaking directly is breaking the site guidelines, then I'm afraid my values are incompatible with posting here.

I hope you didn't expend too much energy digging through my post history looking for transgressions. Though I do think it's funny the post that got me yelled at was the post insulting pit bulls.

Remember to not throw the baby out with the bathwater. Many of my posts were highly upvoted. I bid you good day.

That said, they are leagues apart. It's like claiming Eric Clapton is as good as a guitarist in some shitty bar band.

Perhaps you're not familiar with who Brian was and what he's done.

I once watched a woman hold her little dog over the glass at the pizza bar in Whole Foods. Was waiting for the dog to drop a free sausage link onto the pizza below.

Placing dogs into shopping carts is another one. Dogs rub their dirty buttholes on the same surfaces where you later place your fruits and vegetables.

Calling bullshit on this one. I have one, it's positively wonderful, but the filters are expensive and per the manufacturer's recommendation you're supposed to change them all simultaneously. So when one times out, they all time out. This runs approximately $150 a year minimum depending on usage.

I use filtered tap water (under-sink type) which removes most of it.

A lot of the higher end coffee makers like Keurig have built-in filter cartridges in the water tank.

Most commercial coffee maker setups I've seen (hard-plumbed) in offices have a filter attached to the plumbing behind the appliance.

Water can be safe/potable and taste terrible, and vice versa.

Everyone acts like bottled water is evil until there is a water crisis, then it's the lifeline.

The concept is frequently misunderstood in that IPv4 consumer SOHO "routers" often combine a NAT and routing function with a firewall, but the functions are separate.

Remember when they used to mock this as part of their marketing?

https://www.youtube.com/watch?v=DUPxkzV1RTc

No, because it's the antithesis of IPv6 which is supposed to be globally routable. The concept isn't supposed to exist.

Not to mention Google can't even agree on the meaning of "local" - the article states they completely changed the meaning of "local" to be a redefinition of "private" halfway through brainstorming this garbage.

Creating a nonstandard, arbitrary security boundary based on CIDR subnets as an HTTP extension is completely bonkers.

As for your application, you're going about it all wrong. Just assume your application is public-facing and design your security with that in mind. Too many applications make this mistake and design saloon-door security into their "local only" application which results in overreaction such as the insanity that is the topic of discussion here.

".local" is reserved for mDNS and is in the RFC, though this is frequently and widely ignored.

Fantastic. Well, Google doesn't agree

The proposal defines it along RFC1918 address space boundaries. The spitballing back and forth in the GitHub issues about which imaginary TLDs they will or won't also consider "local" is absolutely horrifying.

Forensics, among a hundred other things.

> Literal amateurs can launch a WooCommerce site from nothing in a weekend

Selling low-volume horseshit out of your garage is in no way comparable to running a major eCommerce site.

> two Stanford grads in YC can do a hundred-fold better than that.

No they literally can't.

> Yes, a big site is more complicated, maybe there will be some frazzled manual data entry in Excel sheets while your team gets the "real" site back up

Great idea, we'll have Chloe in Accounts manage all the orders in a million-row Excel sheet. Only problem might be they come in at 50 orders a minute, but don't worry I hear she's a fast typist.

90% of startups fail within 5 years so probably not the best example of how to run things.

The few that do "succeed" often carry over mountains of cruft and garbage code into perpetuity (for example Reddit).

I most recently remember sifting through gloating that 4chan - a shoestring operation with basically no staff - was offline for a couple weeks after getting hacked.

I've worked at a shop that had DR procedures for EVERYTHING. The recovery time for non-critical infra was measured in months. There are only so many hands to go around, and stuff takes time to rebuild. And that's assuming you have procedures on file! Not to mention if there was a major compromise you need to perform forensics to make sure you kick the bad guys out and patch the hole so the same thing doesn't happen again a week after your magical recovery.

And if you don't know, you shut it down till it's deemed safe. How do you know the backups and failover sites aren't tainted? Nothing worse than running an e-commerce site processing customer payment card data when you know you're owned. That's a good way to get in deeper trouble.

Makes it utterly useless as a digital signature then.

we call those contactless smart cards