I wonder how much of the risk could be mitigated by simply disabling the private message function of microcosm? Surely having reports button help moderating the "public facing part" of a forum?
Having said that, thanks for all the work you have done. I was (and maybe still am) a member of lfgss although I mostly lurked once in a long while without logging in and barely commented over the years.
It is sad to see all online communities slowly migrate to discord, reddit and other walled gardens.
It's a beautiful pump, but feels like only part of what an espresso machine is.
What heats the water? What provides temperature control? How would I produce steam?
It is so single purpose that it does not feel useful by itself, it feels like the prototype for part of a whole.
I like the idea of it, and I like the idea of "part of the whole" being a composable coffee machine where one could put together components which were all independently maintainable and highly serviceable... this feels like a taster for that, but by itself is very expensive for a pump that claims to be an espresso machine but could not produce an espresso alone, and would need something else to make any espresso derived coffee.
What this replaces is a lever espresso machine, but I'm not sure anyone with a home coffee machine would've purchased a lever espresso machine without the integrated boiler... and if they would, then this is right there https://bellabarista.co.uk/collections/lever-machines/produc...
You would benefit greatly from a video that showed the workflow end-to-end of making an espresso... from bean to the final drink.
Flair, which you linked, is hugely popular. Several people in my office have one even though I would not consider them coffee enthusiasts like myself.
Most people are going to have a decent electric kettle anyway (especially if they want to make pour overs) so being able to save costs and counter space by reusing what you have already makes tons of sense.
If you told me I could get something roughly equivalent to the Flair, for roughly the same price, with programmable flow profiling? Hell yeah!
I have the budget and desire for a Decent, but not the counter space or interest in cleaning and maintenance. Something like this machine would be very appealing.
I have a Flair and I'm not that happy with it. It looks beautiful but I feel like they pulled a fast one by providing the, cheapest ugliest power brick ever. There's lots of other small issues that makes it frustrating to use on a daily basis, although it's a great conversation piece for sure.
I feel this one is trying to do the same thing, all focus on the pump, 0.1% plastic - but ignore that huge plastic power brick, that doesn't count.
When it comes to espresso machines the devil really is in the details.
> I have a Flair and I'm not that happy with it. It looks beautiful but I feel like they pulled a fast one by providing the, cheapest ugliest power brick ever.
What power brick? Flair makes manually operated, lever-based espresso makers. You heat the water in a separate kettle and you can buy whichever brand of kettle you prefer.
Are you referring to a Flair grinder? That seems irrelevant to the gp’s point.
No, I'm referring to a flair 58 lever espresso machine that has a heating element and power brick. The older type of flair doesn't have that, instead you are supposed to take out the metal core and submerge it in hot water every time which sounds even more annoying.
I have looked before and never found one. I just spent ten minutes on Google now and got nothing except for identical replacement bricks. Some by third parties but looking exactly the same.
If you know of something better please share a link.
I agree on not using iOS, because Firefox + Adblock + NoScript is incredible on Android.
but... Android sucks because the default permissions and business model on Android all veer towards advertising, and this is heavy on network and bandwidth as well as background processing across lots of apps... and that drains battery and performance.
I switched to GrapheneOS and just disable network on many things like Camera, etc... the Cloud AI features are not worth it... I also run web apps instead of installed apps for the vast majority of things, if an app doesn't require some hardware capability that only an app can provide then it's staying as a web app, m.uber.com works, most news websites work best as web apps with the JS disabled... I routinely get multi-day battery and stellar performance by just not running apps that are always trying to continuously exfiltrate data about me.
I've found only 2 things that don't work the same on GrapheneOS: Revolution banking just does not work at all - so I closed my account with them, and AMEX forces 2FA on every sign-in - which I can tolerate. Nothing else was impacted, everything else is an improvement in performance and battery.
Yeah, that's my experience as well, regarding apps being bloaty. Xiaomi phones also let me disable the network, which I do, and I've found one more thing that made a big difference: Setting the background process count to 1 or 2 from the developer options.
And yes, agreed, I can't live without mobile browser extensions. Tubular for YouTube is similarly indispensable.
The replies are incredibly elucidating on the impact (things like payroll for Starbucks, and the fact that this is VMWare powered private cloud).
The full text of Kevin Beaumont toots:
The Blue Yonder SaaS ransomware incident is bad.
They got into their Private Cloud environment at hypervisor level, deleted the DR and backup storage, then encrypted all 5 datacenters.
On this - Blue Yonder, aside from doing supply chain management (how many Pot Noodles you should order per day per store etc), they also sell a HR suite called Blue Yonder Workforce Management, or WFM. It's another SaaS solution, does HR stuff, payroll etc. WFM was hosted in their private cloud and is toast.
One of the Blue Yonder things is they have absolutely nothing about the situation on their website - just a list of customers, many of whom are mentioned in the press as suffering. They’re on day four.
I’m sure the silence is intentional, they’re a subsidiary of Panasonic. It seems like this story is just starting to hit the press, and Blue Yonder publicly commenting on it would surely validate concerns around the severity of the incident. It doesn’t really benefit them to proactively communicate at this point.
I still just use VPS devices and some colocated hardware.
I'm constantly told "I am not the typical customer, most do use K8s".
Side projects and volunteer things I run include 470 websites serving about 320K registered users and about 500K-1M monthly guest users... on about 15 VPS devices or small servers.
It's just classic dynamic websites, HTML is the output of a server (no single page web apps), lots of caching for guest users, reasonable complexity (load balancers ahead of web front ends ahead of API back ends ahead of databases).
Things that look like microservices exist... it's just API calls, and they come back through the front door, it's easy to reason about.
Monitoring is mostly Prometheus node exporter, it turns out that CPU + Memory + Disk IOPS + Network IOPS is +90% of what you need... some HTTP logs or profiles are the last 10%.
It's just simple... this is run in my spare time, effort is under an hour per month. (and no it's not monetised, not everything has to be)
I use a unique account with every distinct git org / github org that I interact with.
Even if I'm in my work profile and I need to do something in an org called `acmecorp`, I will create @acmecorp-identifier to do that.
This is just a very long experience...
* Security policies for work things have a blast radius of just that employer
* OSS things have a lifetime beyond the life of an employment / contract
* Source control elsewhere (GitHub / GitLab / Bitbucket / Gitea / Forgejo / etc) all has a local blast radius, and if a provider / org forces changes (roll your keys!) then the impact is limited to just that provider
* When something changes ownership (i.e. an org), the impact to me is low
It seems much more sane.
I think of a single git identity across multiple orgs as a bit of a smell.
The safest way to browse the web in any browser is by disabling JavaScript or using a NoScript extension.
A lot of the web works surprisingly well still, and you can turn on just what you need when you need it, placing your most visited sites on an allow list, but still denying a lot of third party things on those sites.
The internet is a joy with js disabled virtually everywhere. And all the canvas fingerprinting, webrtc leak, font fingerprinting, super cookies, etc... are all defeated by simply not running JavaScript
I think the amount of useful websites that work without JS are on a steady decline. No one wants to invest into a 0.1% share, so if it works it's likely out of chance. Even newspapers have a bunch of popups that expect JS to be closed, so you have to hope uBlock is already configured to remove it for you.
But it is trivial to allow js per website using ublock. My default is no-js, and if there is some website I really want to use that requires js, then I enable it. If I find myself using that website regularly, then I make the permission permanent. It is literally zero burden.
I am not some no-js evangelist or javascript hater or anything, but a huge amount of the web really does work fine (sometimes better even!) without js enabled by default. I don't think it has to be strictly either-or.
I have. Most information-type websites (blogs, recipes, news) work fine. Many app-style websites (email, bug tracking, chat) don't work, or have very poor ux.
Guess which of these two categories I spend most of my time on...
