Tossing in my two cents here to agree with you. I worked remotely on and off from about 2014 onward until post-COVID RTO brought me into an office for 18 months before I became remote again. During that time (and across a bunch of companies) I went from desktop support to senior sysadmin to security on the cusp of senior security engineer.

In my experience the biggest factor in teams usually came down to the middle management layer. If their "style" was "watch over your shoulder, butts in seats" type of micromanagement then juniors didn't tend to progress unless they were self motivated to seek it out.

My understanding is that docker will expose the ports to the host machine's network interfaces, which is a crucial difference. For my home server running docker that means exposed to the LAN, but not the WAN unless I add in a port forwarding rule on my router. Similarly in an enterprise environment you would be exposing the port on whatever VLAN the host is connected to, which hopefully doesn't have directly transit to the open internet.

Anything you're running on the perimeter with open access to the internet in an enterprise environment probably (hopefully) isn't running docker containers without some additional config and protections.

I was thinking along similar lines to what you've suggested here, but then I considered how many VPS might be configured by folks following some random web tutorial, to set up their LAMP stack (or whatever), that end up doing something like what was described.

A lot of those VPS instructions these days recommend a reverse proxy like Caddy or Traefik for that exact reason. I think it's also a valid argument to say that anyone playing around on a VPS without knowing what they're doing is probably going to learn some hard lessons, and that's kind of the point.

But there it's a feature.

Except for the M in LAMP.

Let's hope the M at least has a root password.

But you are right, that would be nasty. In my time the LAMP tutorials used the distribution packages so they always had sensible defaults.

If you ever suddenly get IPv6, it may become globally reputable without you realizing.

Again, if your router or perimeter devices are appropriately managing your network then it's a non-issue. By default most home routers have IPv6 disabled, and if you're setting up an enterprise environment with a VLAN you're probably subnetting IPv4 instead of using IPv6 at all.

All that means that if you're using IPv6 then you're proactively enabling it on whatever is handling your perimeter, which means you hopefully know what you're doing along with all the gotchas that come with that setup.

Most modern equipment bans inbound traffic that doesn't match an existing outbound traffic flow

It's not a routing issue, it's a firewall issue. Make sure you have a proper firewall on your network and don't rely on fake firewalls like ufw if you're concerned about this.

>The current SpaceX is in a far better financial and operational position than 10 years ago. By an order of magnitude. 90% of all payload to orbit right now is SpaceX alone. Starlink is profitable all on it's own. Right now.

I don't think anyone is really arguing these particular points.

>And they are just now picking up steam. American Airlines just signed onto Starlink just last week. This company is most likely gonna be the Coca-Cola of transportation between celestial bodies in solar system for the next 500 years but people on here are arguing over peanuts. On HN of all places.

This is speculation based on SpaceX's trajectory to this point, however we've seen Musk make some decisions that bring the long term future prospects of SpaceX into question. While Musk remains unbeholden to anyone else, which an IPO doesn't change, he's the biggest risk factor in the equation - and that's not speculation, it's an objective assessment of what's possible within the corporate structure of SpaceX.

What's subjective is whether you anticipate Musk will add more trash to the pile. Was the Twitter/xAI acquisition by SpaceX, with it's stupidly obvious fraudulent valuations, an outlier of some kind? Or was it a predictor of future actions that put similar economic strain on SpaceX, and would affect it's future stability and economic viability? Since Musk is capable of crashing and burning the whole of SpaceX by himself, without anyone legally capable of vetoing his decisions, it's a valid line of questioning.

Personally I feel I've seen enough of how Musk operates that I can be confident he'll make similar decisions in the future, and that makes me consider SpaceX a high risk investment. I'm also far from alone in this assessment, and there's a valid concern from investors of those index funds about being railroaded into adding SpaceX to their mix.

Their leverage is a result of having the time to be involved in politics, which is itself a result of working for decades to build up to the point that they could retire. They're an end result of the system, not an exception to it.

Not just the time, but also probably having been built up the expertise, social connections, reputation and wealth to be able to be elected on the council in the first place.

This seems a bit like a corollary to "The market can remain irrational longer than you can remain solvent". On the timescales that matter to an individual it won't matter if the eventual conclusion is that AI can't fully replace workers, because companies are going to do their damnedest to try.

I wouldn't call it a honeypot, but it's probably compromised by the feds.

It was shown a few years back that if you control enough of the exit nodes (more than some specific % that I don't remember off the top of my head) then you can associate traffic across most/all of the Tor network. Since running exit nodes is relatively cheap the assumption was that the feds (or some other state actor) were already doing so.

I'd call that materially different than a honeypot though since it wasn't designed for that purpose.

Sometimes called the "cold controller" effect as well, and not necessarily requiring sleep but rather just a break from the game.

There's not enough nuclear to go around, and the approval/permitting process for new nuclear power plants is nothing to sneeze at, both in terms of time and cost.

That's also ignoring that nuclear power plants also consume quite a bit of water, which may be a more difficult bottleneck in and of itself even without trying to add nuclear into the mix.

The reality is that unless and until the PR hit from failures like this impact their stock price or their bottom line, companies won't care to fix the processes that created them.

I don't know it's that clear cut. A constant drip of bad stories does hurt the reputation over time, and it's hard to get it back.

But I agree - in the moment, the impact is barely visible, so management would have to put up a fight to spend $$$ on a fix. The way of least resistance is to issue a press release as shown above.