Not sure if they're organic, but they sure are free range.

Presumably there might be children (or very bored adults) at the event?

E.g. this sort of thing https://www.tomshardware.com/video-games/pc-gaming/steam-che...

That's the most techbro-brained idea I could come up with.

Seems like this app could do something similar (assuming a similar dialing code is available wherever it is being used? I'd think it's a common enough feature), prepending the masking sequence to the patient's number before dialling.

cat /dev/null .

Xerox -> Fuji-Xerox -> FUJIFILM Business Innovation

That's a joke, of course, but even if they were demilitarised variants there'd probably still be a market for it.

App store? Yeah we have one, it's called make.

[1] https://www.linuxfromscratch.org/lfs/view/stable/

That is, many physical media collectors do it to have nice box sets to display, or in an attempt to have off-line copies of media, but I have never met anyone who goes to the effort of ensuring long-term readability - which is understandable, it is a huge hassle. Unless you are copying the content to new physical media every so often it will eventually rot and become unplayable.

For example, for optical media the expected lifetime is only a couple of decades depending on the type of media [1]. I believe commercially pressed DVD and blueray are somewhere around 10-20 years.

[1] https://www.canada.ca/en/conservation-institute/services/con... , see table 2.

Google has literally billions of dollars in profits (in part because they use FFmpeg in a bunch of commercial products like Youtube and Chrome), and one of the largest software workforces in the world, including expertise on secure software and vulnerability remediation.

If anyone can afford to contribute back a fix instead of just raising a report, and has the ethical responsibility to do so, it's Google.

As with X.509, any serious usage will involve a hardware security module, so that compromise of the CA host does not allow the key to be leaked. You'd still have a very bad day, but it can be mitigated.

I do think it's a fairly significant flaw that SSH CA doesn't support intermediate CA's (or at least didn't last time I looked into it) to enable an offline root CA.

>Bonus points if the same CA is also used for authenticating users.

The SSH CA mechanism can be used for both Host and User auth, yes.

Keeping in mind, in a real use case this would be tied to something like active directory / LDAP, so you can automate issuance of ssh keys to users and hosts.

Systems configured to trust the SSH CA can trust that the user logging in is who they say they are because the principal has already been authenticated and vouched for by the identity provider, no more manually managing known_hosts and authorized_keys, or having to deal with Trust On First Use or host key changed errors.

You can also set the CA's endorsement of the issued keys to fairly short lifetimes, so you can simplify your keymat lifecycle management a great deal - no worrying about old keys lying around forever if the CA only issues them as valid for an hour / day / etc. .

Overall I think you still come out ahead on security.

It's bad enough I have to see ads outside the house and on tv/internet, I don't need to see them on my fucking appliances. We are living in hell.

The main downside is people will sometimes assume you mean SFTP (not having heard of FTPS or realising they are different), and then get upset when it doesn't work as they expect. However good tooling will support both e.g. Filezilla.

Not to say it isn't a valid way to debug, but there are definately better options available.

There'll be much admin moaning

And servers not glowing

and the NOC crew in tears

It's the most blunderful time of the year ♫