If you enter to the inside lane you exit to the inside lane. Given how roundabouts are designed in Ontario, this ensures that traffic entering from the range direction never crosses: Right lane either exits right or goes straight (first or second exit), inside lane goes straight or left (second or third exit), just like at an intersection without dedicated turn lanes.

TL;DR of article: “I have to commute into Toronto and choose to do so by car, so fuck anything that makes my life less convenient.”

Never mind pushing for better public transit, WFH policies, etc.

Does registry still have that problem of making it practically impossible to do garbage collection on old images?

Is a chicken egg an egg laid by a chicken, or an egg that if fertilized would hatch into a chicken?

Except that Starlink pricing and throughput is not linear. They’re starting to add congestion charges in popular areas, they have no satellites at higher latitudes, and their devices suffer at low temperatures. If you think that Starlink will be able to deliver what Elmo claims, then I have a trip to the Titanic to sell to you.

And increase social spending. Of those who can be reformed, they’ll only do so if there’s a support network.

I will never forgive JSON for not allowing commas after the last element in a list.

Yeah, you’d have a LoadBalancer service for Traefik which gets assigned a VIP outside the cluster.

virtual IP addresses

Yeah, metallb.

The container is reproducible. Container configuration is in version control. That leaves you with the volumes mounted into the container, which you back up like any other disk.

It’s not that Seagate improved (which it may have), it’s more that WD has noticeably declined. It’s not a race to the bottom (yet), but there’s effectively no competition any more, so they aren’t incentivised to improve quality.

Yeah, I can sleep through a fever, but I’ll wake up every few minutes if I can’t breathe through my nose.

Figure out the uid/gid (numeric) for the user in lxc, then change the data permissions to those.

IIRC those were the non-eBPF versions of the sensor.

It has a little bit to do with the OS. Windows does not have the same sandboxing capability for modules that Linux provides. The fact that the sensor needs to run in ring 0 is a problem, and eBPF at least mitigates much of the issue in Linux. But I think you meant that CrowdStrike is by no means blameless, and I agree - they have a long history of shitty implementations, and rightly deserve to be the focus of our anger.

Regulation won’t work, because regulation moves slowly, and these companies find workarounds fast. And as long as the cost of breaking the rule is less than the benefits of doing so, it’ll be “just the cost of doing business.”

Use -m and limit the build job’s memory so it doesn’t kill the docker daemon.

Proud of Canada for making it this far! No shame in losing against the current champions.

Do I read these top to bottom or clockwise?

It’s not free of risk (regional datacenter outage, account termination), but for a lot of companies the above are acceptable risks compared to the cost of managing this yourself.