There are searches where that is the best way for a human to get the answer too. It can also search the Internet Archive if you ask for historical details, so does it not just do what a good human researcher would do?

I think the intention is to show the divide between Amazon's and Cloudflare's responsibility, over the piece of fibre linking their network devices together. It would have been clearer to continue the lines and just put a dotted divider between them I feel.

    The company said the breach hit some of its third-party customer relationship databases. If any other data was stolen, Workday didn’t say for sure. The company only said there was “no indication of access to customer tenants or the data” within those databases

So that would be customer data of the admin / HR team at their customers, but not all the users, so while not good, it's not going to directly give really sensitive data; most likely to be used for further phishing attacks.

You sound like a crazy person. The actual relevant bit of law is APP 13[1], which has a definition for "holds", which shows the source of the information does matter. If you're going to go and quote half the law, but ignore the actual relevant piece, at least talk to a lawyer.

[1]: https://www.oaic.gov.au/privacy/australian-privacy-principle...

Pardon? Why do you think I sound like a crazy person? Go on, please do.

Also APP 13 is tangentially relevant, for sure, but not the crux of it.

APP 13 is far less relevant than, for example, APP 11.

Bugs are "High value" in different ways, you have to find the companies willing to pay highly. Most of the high payers are on bug bounty programs (like hackerone.com) and don't always give you ability to talk about bugs later.

Google is quite unique here, particularly given Chrome is paying easily 10x what Mozilla would for a sandbox escape. Apple is in the middle -- per [1] a "WebContent sandbox escape" would be $50k, but to get $250k on their scale you need to combine that with a kernel bug.

So if you want to optimise for "value", you have to pick the targets that are easier (still not easy, obviously).

[1]: https://security.apple.com/bounty/categories/

"file paths (obfuscated)" -- this is likely enough for them to work out who the user is, if they work on open source software. They get granular timing data and the files the user has edited, which they could match with open source PRs in their analytics pipeline.

I suspect they aren't actually doing that, but the GDPR cares not what you're doing with the data, but what is possible with it, hence why any identifier (even "obfuscated") which could lead back to a user is considered PII.

2.5GBASE-T? But I do 10GBASE-T over one. Provided it has Cat 6A cable inside it and has been tested to IEC 60512-9-3 & IEC 60512-99-002. (See https://ieee802.org/3/bt/public/oct15/Draft%20of%20IEC%20605... for some fun photos of what happens when PoE is disconnected on a connector before IEC 60512-99-002...).

The combination of "When documenting" and referencing "J3" indicates that dlcarrier is referencing a limitation of a specific port on a product that they worked on, not a set of global limitations on any 8P8C connectors

I had assumed that the wires in the jack would rest along the bottoms of the blades in the plug, but I guess if it was never designed for high current applications, the contact area wouldn't be a consideration.

It took a few tries to get it right, but it's amazing that PoE is even an option given how far it is outside of the scope of what the cables and connectors were designed for. I've heard of locations that use it for power, instead of 120 V outlets, because it's cheaper and safer and most portable high-current appliances use batteries, while fixed high-current appliances use 240 V outlets.

Hot plugging is always a challenge, especially with direct current, and negotiation prevents that from being a problem while making a connection, but I never considered that unplugging isn't negotiated first. I wonder if IEC has ever considered using a locking latch, like an EV charger.

I have a PoE camera that I sometimes unplug to restart it, when it freezes up and I can't restart it from the web interface. I'll be sure to turn that port off first, before unplugging it.

If you can turn the port off and then back on remotely, perhaps you can skip the unplugging part completely? I know that some managed PoE switches even offer a button to power cycle a port.

Good point, now that you mention it, it's not turning off PoE, just stopping data. I don't know if there's a great way to handle it, and there's no way I'm shutting off the entire switch. I'll just unplug the patch panel end of the cable, instead of the switch end, so the jack I'm wearing out is one that's easy to replace.

It's just the chip the NSA put in the cable, failing to initialize first try.

You'll also enjoy annex H of https://usb.org/sites/default/files/USB%20Type-C%202.4%20Rel...

> This is a problem when standards are pushed by US tech companies but don't consider the rest of the world.

What would have changed? This isn’t a problem that can be solved in a protocol. Even if a field was added for license information, it wouldn’t actually constitute a license if someone put the wrong info into the field (claiming to license content they didn’t own). It also wouldn’t have solved anything if there was an implied license for use on, e.g., social media sites as the author re-hosted it on their own domain.

I don’t think it’s fair to blame the tech companies for making a protocol. It’s up to the users to confirm their country allows the usage.

#include <Usual IANAL comment>

> In the US usage like this may be considered "Fair Use", however UK copyright law is less generous in its "Fair Dealing" and associated exceptions to copyright[1].

> This is a problem when standards are pushed by US tech companies but don't consider the rest of the world.

Similarly, the German analogue to the US-American copyright laws (Urheberrecht) has no concept of fair use (meaning that a lot of memes that are based copyrighted material are actually illegal under German law), but on the other hand, as far as I am aware (IANAL), there is more explicit permissions for citations (Zitierrecht) in Germany (instead of relying on "vague" concepts such as fair use), meaning that I conceive at least fictional situations (but IANAL) where it might happen that quotations of copyrighted material are legal under German law, but not considered to be "fair use" under US copyright.

Yeah, one of the tests for "Fair Dealing" exceptions to copyright in Canada is ... could you have produced you work without infringing copyright. If so, then it's not Fair Dealing.

> One of the reasons why these patches are not included in the kernel is that the free space calculations do not work properly.

It seems these patches possibly fix that.

That example doesn't work, but an IPv6 address like: 3fff:0020::

Would be in the IP SAN as 3fff0020000000000000000000000000, which this code expands:

   "3fff0020000000000000000000000000"
                .toLowerCase()
                .match(/.{1,4}/g)
                .join(":")
                .replace(/\b:?(?:0+:?){2,}/, "::")
   '3fff::20:0000:0000:0000:0000:0000:0000'

Which has one too many parts and doesn't parse as an IPv6 address. But like mentioned this is just presentation code. I don't want to waste time if this isn't actually a bug, but maybe someone on the LetsEncrypt trial could actually make a cert to see if IP addresses formatted like that are a problem in reality...

That one does look like a bug. I stand corrected.