Personally I use https://github.com/jpillora/chisel as a reverse Proxy through nginx, then connect through it using OpenVPN to bypass a similarly restrictive firewall. But this discussion is filled with other, similar hacks, I may have to try some of them.
I learned about chisel in PEN-200 / preparing for the OSCP.
Then I learned about, Ligolo-ng [1] which is a game-changer. I highly recommend checking it out. It is most applicable to a penetration test. It uses TLS so I'm not sure it could be used to address the issue mentioned in the article.
I'll give it a try. It doesn't change that 2FA is a pain and I'll log into GitHub only if strictly necessary. Maybe reduced logins are part of their security plan.
I was surprised to hear this so I went searching. Yep. Wow. [1]
I use GitHub all the time but I never expected it to be mandatory if you wanted to publish a package for a popular open source language.
But as the top says, “If you are interested in helping with this work, please feel free to get started!” (Though only if you’re a contributor or open a duplicate issue)
I'm still upset with them: A couple of years ago, Linux support for Rust (the game) was discontinued and the publisher said that all Linux users would get a refund on Steam, regardless of play time. I tried several times but all my attempts at getting a refund were rejected.
Not much you can do - if the machines decide you don't get a refund, well, then you don't. I haven't bought anything on Steam since.
Only if there's the possibility of a massive fine involved. The ACCC receive FAR too many reports to action any more than a tiny percentage of them. More often than not they respond saying they can't confirm or deny any violation, but you should try mediation.
The threat of the ACCC is usually enough for international companies to provide the refund, in my experience. Link them to the Repair, Replace, Refund page[0] and you're good.
Hard to tell. It's Steam that refuses the refund, no idea how the decision is made. Apparently others managed to eventually get the refund by trying again and again; maybe I gave up too soon.
Would you mind sharing your numbers? I recently tried to figure out how much my car costs me but it was less than half of your 10'000, so I'm wondering - either I missed something, or you have a rather expensive car.
If you take the deductable tax rate per kilometer, which is 70 Rappen[0], and assume 15000 kilometers a year you get 10'500 Francs per year
If you Google the question you find a variety of answers, but I think looking at it from the tax man's perspective is a good start.
I agree that the cost nay vary, but it can also be significantly higher than 1K per month, depending on the model of car, yearly kilometers and your risk from an insurance perspective.
[0] That's the rate you can deduct from your taxable income per kilometer if you use a private car for work purposes.
Thanks, that clarifies things. The number makes sense as a rough average (which would make sense for the taxes), calling it a 'minimum' was what confused me a little.
How does the language matter? I write software (mostly) in C for a living (the simple man's "embedded" as in "Linux on an ARM board", not the "bits on a micro controller" kind) and I made sure we use test-driven development with proper version control and CI.
We have been trying to use Rust for some new projects but cross-compiling is still much more hit-and-miss with Rust (i.e. third-party libraries) than it is with C. I imagine it would be worse for proper embedded projects.
My comment wasn't saying that modern development practices only exist in newer languages - I agree that all those things are possible with C.
But the language does bring benefits. In my experience modern strongly typed languages with large standard libraries and nice tooling are more productive than C (and probably more than C++, although writing idiomatic modern C++ is quite nice). C's simplicity is nice, but it still exists in a world where your only option for 3rd party libraries are zips downloaded from some random Sourceforge. Trying to write a C program with effective string handling is an absolute nightmare. All those things are solved many times over in other languages.
As a tool for writing very low level routines handling fixed length data, C is pretty good. But embedded development is moving away from that - every project seems to have some sort of web API, and that's when the downsides of C really start to show themselves.
