Yeah, containerization does make it much easier to just throw away the base system and start fresh. This way, you don’t have to worry about possibly straying the recommended upgrade path and accidentally breaking something.

More code adds complexity, complexity leads to more bugs, more bugs means more vulnerabilities. Virtualization takes a lot of code. With all this extra code, it is possible that you are actually expanding the attack surface instead.

It is likely inconsequential for most people just running a couple personal services at home, but organizations are pretty frequently targeted by sophisticated attacks, where the consequences of a breach can be severe.

Yes, many of these vulnerabilities are difficult to exploit, either requiring local access or the existence of another vulnerability to achieve local access.

However, there also exists a massive market segment whose entire business model relies on selling local access to VM compute resources, cloud server providers. An attacker could simply rent a VM on a vulnerable platform to gain the needed local access, launch an attack on the host and thereby compromise the other guests on the same machine.

There have been an incredible number of flaws found and fixed (for now) in the isolation provided by virtual machines. VMware had a spat of critical vulnerabilities in 2024.

Yes, it matters.

Also, the actual isolation of container environments varies greatly, on a per container basis. Containers are far less isolated than virtual machines, and virtual machines are less isolated than separate hosts.

Neither containers or VMs will will protect from attacks on the host, see regreSSHion. You may be able to limit access to your host by using containers or VMs, but container escapes and VM escapes are not impossible.

There is much time and effort required to maintain each of these layers. With “stable” distros like Debian, It is often the responsibility of the distribution to provide fixes for the packages they provide.

Given Debian as the example, you are relying on the Debian package maintainer and Debian security team to address vulnerabilities by manually backporting security patches from the current software version to whatever ancient (stable) version of the package is in use, which can take much time and effort.

While Debian has a large community, it may be unwise to use a “stable” distro with few resources for maintaining packages.

OTOH, bleeding edge distros like Arch get many of their patches directly from the original author as a new version release, placing a lower burden on package maintainers. However, rolling releases can be more vulnerable to supply chain attacks like the XZ backdoor due to their frequent updates.

I’m sorry, but there is no situation where it is permissible to stand idle as someone suffers an untimely and preventable death.

Even soldiers at war, captured in foreign territory without visas, are entitled to lifesaving care.

OK. So by that logic, let’s say you are touring Europe and have a heart attack. The paramedics are in the area and available, but refuse to take you to the hospital. You are left to die on the street.

You think you deserve such foul treatment?

When a government is informed that people are dying within its waters, and the gov has the capability to respond but deliberately chooses not to because the victims are “african”, you think that the government bears no responsibity for their deaths?

Is it really so different though? The outcome of both situations is the same. Migrants are dying, through direct action and deliberate inaction.

Mediterranean nations have the opportunity to protect lives, but instead they choose kill / let migrants die.

You are defending willful negligence that leads to the deaths of migrants.

Up to 1 in 13 migrants die in the Mediterranean. Italy as well as Greece have been allowing migrants to die as a part of deterrence-based migration policy. Rescuing the passengers of capsized migrant vessels has been criminalized. There are plenty of articles that confirm these facts. Here is one example.

Are you trying to equate the ideology of a political regime with a minority population of South Africans?

South Africa had no right to exist as an apartheid state, and Israel has no right to exist as an apartheid state.

After apartheid ended and living conditions improved, black South Africans didn’t go and slaughter every white South African as retribution, so when Israel says freed Palestinians would slaughter all Israelites, why should we believe them?

If the occupation ended today and Palestinians were allowed to live fairly and given ample resources to rebuild, what reason would they have to seek further conflict? If treated fairly, why would Palestinians act any differently than the South Africans freed from apartheid? This conflict is ultimately the direct result of unfair treatment after all.

Why are there foreign judges serving in Hong Kong?

It is a holdover from Hong Kong’s past as a British colony. After the UK handed Hong Kong back to China in 1997, the agreement between the countries stipulated that the special territory would continue to operate with its freedoms and systems for 50 years- including its common law legal system which operates in several other jurisdictions worldwide. Currently there seven foreign judges remaining on the court– three British and four from Australia.

So, foreign judges who are meddling in HK affairs are upset that China (the inheritor of HK) is meddling in HK affairs?

If the West actually cared about HK independence, why do they wish to maintain colonial judges in HK courts? If they cared, shouldn’t HK judges be in HK courts?

While China has been heavy handed in its effort to speed up the timeline of the power transfer, in the end, the West has concluded that HK is to be Chinese territory. By the West’s own policy, these are foreign judges getting kicked out by the “rightful” new rulers, just a bit early.

Sure, but “effectiveness” is usually not a binary and is often difficult to measure. Small, but persistent changes should still add up. Eventually.

So long as people recognize that these things are in fact quite toothless, I’m not sure they are entirely detrimental. There’s no reason this couldn’t be used as a starting point for more effective action, now that signatories are in greater contact with the campaign.

I don’t know.

I still think there’s at least some value, even if the only thing it accomplishes is getting people to talk about it. Many people have never even heard of The Internet Archive.

Either way, there isn’t really a reason not to.

Sure, but it is still better than doing nothing.

No, it’s:

“Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in boogie woogie reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.”

Unfortunately, the card mentioned in the article is far too slow to record high resolution, high bit-rate video from even older “pro” cameras.