Supernotes are my preference. They are e-ink, and have an option for a smaller size than remarkables. Constant great software/firmware development, durable, and e-ink. Downside, if you care (I do not) is they’re b+w only.
Can side load android apps, they sync fine, work as e-reader, etc. Good stuff.
Remarkables are good I think but they have one foot in the digital artist niche and one in the note niche, whereas a supernote is firmly in the business/meeting/note niche.
Studying, in its base form, follows these steps:
-take in the information
-record the information
-review the information you’ve recorded in chunks. Best practice is to review your newly recorded information at the end of the session, and at the start of the next session review old information. If you can review ALL your recorded information on a subject at the start of a new session that’s best - at first it’s slow but as you review a couple times you’re skimming or skipping most of it and only focus on the parts that you have trouble retaining.
With that being said, the ways we prefer to TAKE IN and RECORD information vary between people, but the overall concept does not.
In terms of flash cards, they’re great for memorization. That has not changed - it’s a base way to record and review information.
A modern version of this applies the base method but digitizes it. Anki is a very good and popular modern flash card app/program
-you can make flash cards with text, but also audio, images, and video
-you can save decks and sync them across all devices and share/upload decks
-it’s “smart.” If you spend more time struggling to answer a card, or get it wrong, it’ll show it to you more frequently. The reverse is true if you get it right every time quickly, you see it much less frequently
-it can nag you to study. You can set it up to notify you every hour, day, whatever and thrust 10-1000 cards in your face, whatever you set it to.
-tons of ways to configure it so it meets your specific needs.
So, that’s how things have modernized, for flash cards at least. But plenty of people still buy 3x5 index cards and keep a physical deck if that’s what they prefer. Again, the method isn’t as important as the process of receive/record/review.
Personally I like to use an e-ink handwriting tablet for in person note taking (all the benefits of paper/handwriting without the fuss of paper, plus lots of other features like cut/paste, linking/bookmarking items, etc) and I prefer typing into a word document when I’m studying from a book. The word document is very clean and I can use structured outlining formatting as well as a quick Ctrl+f to find terms I’ve written about. But whether it’s e-ink tablet or word doc, the base method is the same as when I was younger and it was all paper.
I think phones have their uses but they are awful for note taking. The fastest texter is much slower than writing by hand or typing, and you are so, so much more limited in underlining, highlighting, little symbols, positioning text in weird ways to symbolize things, etc. I don’t advocate that people use them unless they’re in a bind and have nothing else, but a lot of kids grow up these days and that’s their go to method because of familiarity, and we shouldn’t encourage that because it’s flat worse. However, phones can do great things such as record/transcribe, photos, videos etc - so they’re a great addition to the toolbox, but they’re not a NOTE TAKING replacement unless they’re a stylus/handwriting type, and even those are a poor cousin to a dedicated device for the purpose, but they can be a more affordable/versatile/portable version. My note writer was about $500 and that’s a lot of cheese but it was worth every penny to me because of how I use it.
There can only be so many different server config combinations for algorithm, crypto mode, key size etc, so it would be trivial to have a bot try several combinations and nail your setup on the 5th try or whatever, especially if you selected “standard good” setups, which you should if you’re opening a port.
But overall it will weaken the protocol and there is a risk, even if it’s small, of a downgrade attack being discovered. Simply by having options means that it’s possible to trick the server or force it into a more vulnerable state. You can’t get rid of that except by completely removing the options in the first place because there will be literally nothing to downgrade to.
WG just isn’t into that risk. It’s cool if you want it and I won’t say you’re wrong in general because everyone has their preferences and makes trade-offs to set things up the way that they want, but in this particular context it goes against the design principles of WG by introducing complexity and risk, which is not what it’s about. There’s many other options if that’s what you’re looking for, and a lot of them are just as great/secure.
I think the biggest systemic issue in most places is that most people don’t actually know how to train people, including most senior staff. Very few people are actually natural trainers/instructors, so they have to be trained in how to train, and the expectations that they do so has to be part of company culture as well as time baked into the workday to do it, because it DOES take time. It pays off huge in the long run but it can be hard to see the forest through the trees if the management themselves don’t know or understand the value.
As much as I hate corporate jobs they’re generally better than small companies about having a formalized training program. It’s a shame because there’s so much garbage in corporate culture that a lot of small businesses don’t want to implement the good with the bad.
One thing I’ve seen over the years is that a TON of businesses have NO IDEA how to be functional. It’s a person that started in their garage and managed to grow and they just do stuff, and keep just doing stuff and hiring more people to do stuff and quickly outgrow the garage but don’t introduce sound business practices that you need to run things effectively. It’s crazy how many businesses are like that.
It can be both. Jobs should invest in their people, but individuals should also take some ownership of their own skills.
The apprentice/journeyman dynamic was a lot better suited to a time when a) people left their hometowns a lot less, b) information was MUCH less accessible except from people who showed you how, and c) businesses put a lot more stock into their people as an asset, instead of treating labor as a liability.
A isn’t anyone’s fault.
B isn’t anyone’s fault.
C is where businesses have gone sour, but it’s not like businesses have ever been well known for taking care of their people (labor laws, unions, OSHA are all examples of this from history)
It’s not propaganda that people need to take ownership of their own skills and careers. Nobody’s responsible for you or your success but you. If you want to be good at what you do then that’s on you. You can take what your job gives you and that’s it, and you’ll probably do fine at whatever tasks you got specific OJT for, but unless you get lucky or play your cards right that’s not going to make you very successful.
I really don’t want to sound like an old person saying that kids these days want things handed to them, and I really do think that employers in general don’t invest in their entry level workers as well as they used to, but expecting an employer to take you from know-nothing to a master of your craft is naive, frankly, because the days of someone working at a place for 10-30 years are just gone, and everyone has accepted it. There’s a ton of reasons why that’s the case and a lot of that is employers not incentivising employees to stay via wage growth, promotion opportunities, and training, but there’s a lot of other factors. Either way things have changed, and it doesn’t really do much except make you sound like you need a waahmbulance if you just sit back on your haunches and complain about it.
You can still become an apprentice if you want to work a trade, and a good union will train you up if you’re a good worker, but that isn’t fast. It was never fast, and most people aren’t satisfied with the pace today, because it doesn’t get you earning six figures out the gate. You had to work hard, earn a good reputation, and stay in the area for 10-20 years. Most people don’t want to do that, and that dynamic never took a hard root in the tech sector in the first place, which is where this conversation started.
I encourage you to stick to a career that you enjoy enough to take some joy in getting better at your skills for the sake of getting better at stuff instead of just trying to earn a paycheck. Nothing wrong with a job being just a means to an end, but I say this because you’ll enjoy your jobs much better if you’re passionate about what you do, and you’ll naturally be drawn to opportunities to gain mastery in skills that will make you more successful.
None of this might change your mind, might just piss you off even, but the guy you’re replying to sounds like he enjoys the job enough that he’s trying to be better for the sake of being better. I wouldn’t knock them for that.
My guess is that it’s a loss on the hardware but their revenue stream is tied to data collection.
I think your example of SSH is actually the perfect counterpoint to your position!
SSH is versatile but there’s SO many ways to configure it in an insecure way. It’s important for SSH to be versatile because of how many different devices need it, but that also means it’s really easy to have a config that supports crappy ciphers (3DES, RC4, etc), or enabling root login, or pick any other hundred problems that are either due to user misconfigs or just inherent vulnerabilities in a cipher or key exchange method. Its versatility is the core of its weaknesses.
For ssh, there will for sure be bots hunting the internet for vulnerable ssh servers very soon after. Automating the process of getting in
This already happens right now. If you have 22 open, your firewall is getting hammered with bots trying to get in, regardless of what cipher you’re using, trying to exploit known weaknesses.
WG was never meant to be a swiss army knife, even though it is also versatile. It’s designed to be fast, secure, and as dummy proof as possible.
giving a choice of crypto, but not adding to the protocol with negotiation.
I’m not sure how you’d achieve this. If you have a mechanism to change cipher modes then there would be part of the codebase and handshake that validates settings in some way, which adds potential attack vector.
History shows that every cipher mode eventually will be vulnerable to new computing power, I don’t think that’s avoidable. Quantum computing is the next big event on the horizon, which is why quantum resistant ciphers, even old ones that never really got adopted, are getting a lot of attention if they’re deemed to be quantum resistant.
The important thing is that if, not when, it’s reported that the cipher is vulnerable that people harden their networks in other ways until a new cipher mode is implemented. That’s just how it works IMO. Edge security cannot and should not be your only security method anyways.
Overlay VPNs like tailscale and zerotier are interesting to me because you don’t have to open any ports. I’m sure they have their own inherent vulnerabilities also but they don’t make you punch holes in your firewall, which makes them less vulnerable to random attackers trying to scan your network edge.
Even if it is the “best” it gives one target to try to find a weakness in, rather than many.
It sounds as if you’re falling prey to the allure of security through obscurity.
I’d like to remind you of Kerckhoff’s Principle.
a cryptosystem should be secure, even if everything about the system, except the key, is public knowledge
What this is saying is that in a secure cryptosystem all you need to secure is the key.
Curve 25519 is, for the time being, considered a secure cryptosystem. It’s likely that in the future it will become obsolete, but we’re not there yet. When we get there WG will port to a new cipher that is more secure.
Even if you set your configs to not negotiate, just the fact that the stack COULD negotiate opens you up to downgrade attacks. Also, anybody trying to connect would get some kind of hello/response traffic that would broadcast your (non negotiable) configs, so what do you gain from being able to choose, except the ability to make mistakes?
BJJ is one of the most “useful” when it comes to actually fighting (along with boxing).
Karate and TKD are more of an art/discipline. A well trained karate fighter will very likely outmove an untrained assailant, but someone moderately trained in BJJ will likely be able to subdue/get away from a very well karate or TKD fighter.
Honestly, BJJ is an amazing skill to have in a pinch, and it trains you in grappling with opponents that have a size/weight disparity.
Not all gyms/dojos use belts, even in BJJ. BJJ belts follow a pretty good progression based on skill, whereas karate (can’t say for TKD, never trained in it personally) often relies on performance of kata in order to progress to the next belt. Kata is choreographed movements, it’s more like a dance that you practice than an actual measure of ability to spar/fight.
If OP wants to get their kid into a fighting sport that’s fun and relatively safe, they can pick any discipline. If they want the added bonus of their kid being much better equipped to defend themself from a real aggressor they would do best getting them into BJJ, boxing, and then wrestling once they’re in middle/high school.
I would personally avoid boxing for my own kids due to the repeated head trauma and risk of fractures, but it’s the best real world striking training you’ll get, at least in the USA. BJJ and wrestling help you immensely once you’re on the ground, which is where 90% of street fights go within the first couple seconds, but a real, dangerous, fight is often over before it starts and countering a sucker punch or landing a decisive one yourself before the opponent can react is often the most important thing.
One of the downsides of BJJ is that it’s culturally tied to MMA in the USA now, which means that if OPs kid does BJJ for a while in their youth they’ll be more inclined to get into MMA in early adulthood, which is not something I would want for my children. But it’s a great skill regardless.
I listen to podcasts to get to sleep. I have some earbuds that I can use single-sided, and either of the sides can connect on their own (doesn’t have a master/slave connection where only one actually connects to phone and slave connects to master)
I go to bed with one or the other. During the night I might switch the bud to the other side, both sides can fit in either ear falling out and the sound is fine, even though they’re designed for only one ear. YMMV with that.
But this is the best way I’ve found.
There’s little Bluetooth speakers or vibrator bars that are designed to sit underneath your pillow and they’re quiet enough that a partner won’t hear it, but you can. I’ve tried those as well but you have to have your head on the pillow in a specific way for them to work and I don’t like being “confined” to that specific position.
I lay on my back and both sides so this works best for me.
Ya got me, I’m super into recycling over here
There was this asshole teacher, one of his students stole his car and crashed it through a set of double doors into the building. Destroyed the entire entryway and both sets of heavy duty doors.
Epic, man. Everyone hated that teacher and he had bought one of the new VW bugs when they first started making the new ones and he thought it was just so cool.