[-] draagon@infosec.pub 5 points 1 year ago

Some projects try to make this easy. Check out this list / tag: https://github.com/topics/good-first-issue

People who know the code can quickly determine if an issue will be easy. Some things that may seem easy will be difficult, so as an outsider it's hard to guess. Working on issues tagged good-first-issue is the safest bet that the issue won't be overly complex to solve and that the maintainers are willing to work with new contributors.

[-] draagon@infosec.pub 5 points 1 year ago

What sort of job listings or openings

You shouldn't start freelancing if you dont have a client lined up or a network of potential clients. Job boards aren't great as they typically are low rate contracts of companies looking to get a discount. If you do good work your clients will spread your name for you.

without whatever employer benefits

Either price it in to the contract or get coverage through a spouse. (Depending on country) you need to cover your own health insurance, vacations, unemployment, additional self employment taxes, business expenses, and risks that you have gaps between contracts.

If you make $100k as an employee you may need another $30k in expenses, targeting 70% billable hours. $185/hour × 50 weeks × 40 hours × 70% = $130k. Numbers are examples only.

[-] draagon@infosec.pub 2 points 1 year ago

PiHole can be bypassed with DNS over HTTPS, although there's ways to prevent that.

84
[-] draagon@infosec.pub 17 points 1 year ago

We dont have long term data because e-cigarettes haven't been used for a long time. They got popular ten years back?

[-] draagon@infosec.pub 10 points 1 year ago

For anyone looking for alternatives, I think this list is the most up to date: https://free-for.life/#/?id=domains

7

The certificate authority (CA) system does an incredible job of solving an impossible challenge. Think about it. The CAs measure control of a domain name and then issue TLS certificates that pair cryptographic keys to those names. They do this on a global scale, often automatically. It's impossible to do this perfectly, and unfortunately, they occasionally fail.

In this post I describe the challenges the CAs face, describe a history of failures, and explain the process we use to maintain confidence in the system in spite of it all.

[-] draagon@infosec.pub 30 points 1 year ago

draagon

joined 1 year ago