Knowing the “average” is all well and good, but doesn’t give that clear a picture. Does anyone have a source for the the median age, or better yet an age distribution graph?

But it would not work on older non-GNU versions of tar.

GNU introduced the “–foo” style long options, and it was a long time before Unix versions began adopting them.

$126,500 per person, plus another $20,240 in housing expenses. Plus your $13,850 standard deduction (though if you’re making that much you’re probably itemizing for more). So $160,590 for an individual or $321,180 for married filing jointly. That’s assuming no kids and no other deductions or credits - which is pretty unlikely at that income level.

$160,590 is the 93rd percentile for US income distribution. So yeah, if you (AND your partner, if any) are both in the top 7% income bracket, bad at tax preparation, and don’t hire an accountant, you might still pay tax on the income over that amount. Of course, making that much while keeping the kind of ethics that let you care about anyone other than yourself is a nontrivial endeavor.

Don’t forget that your foreign employer won’t be reporting to the IRS. So if your protest extends to not voluntarily reporting that excess income …

Not everyone that disagrees with a law is in a position to immediately change it.

Not necessarily. There is a foreign earned income exclusion, so if you pay income taxes on it in the country where you’re living you don’t pay taxes to the US.

A less euphemistic term in English is “regulatory capture”

That wasn’t luck - it was best practice backup strategy.

Probably by buying and then sitting on the patents

Tell me you’re bi without telling me you’re bi

Nah. Replacing the kernel is probably planned for the next point release - it’ll just be GNU/systemd

It doesn’t break apt, Canonical just broke their version of apt just to prefer snaps now.

FTFY

Only reason it wouldn’t work is Canonical killing the .deb package. That was an unforced error. So no, still not a good idea.

The way this works in the server world is “95th percentile” billing. They track your bandwidth usage over the course of the month (probably in 5 minute intervals), strike off the 5% highest peaks, and your bill for the month is based on the highest usage remaining.

That’s considerably more honest than charging you based solely on the highest usage you could theoretically use at any time point in a 24 hour period (which is how ISPs define the “max bandwidth”) and then charging you again or cutting off your service if you use more than a certain amount they won’t even put in writing.

Depends who you need privacy from. I recall Stallman’s advice about VPNs - that to avoid having your information turned over you should choose a VPN from a country whose government is no friend of your government. Depending on your threat model, I could see this being the same principle

Probably not. It looks like it’s setting the fake address before reading the tunnel parameters, where the real address is stored. Probably a kludge in case the connection address is undefined so the program doesn’t crash. So check whether the address is included there.

Also check the function that establishes the connection. 10.1.1.1 is not a public subnet, so unless there is a VPN device listening at the local address, the tunnel should fail to establish and throw an error, triggering the exception clause in that code. Again, you’ll want to confirm that in the code.

That’s because “Dual License” means there are two licenses. Anyone can use it under the terms of the LGPL. If a company doesn’t want to abide by those terms, they can pay them not to by buying one of the commercial licenses

If your usecase and threat model don’t require the pinpad, Onlykey Duo is worth a look. No pin, USB A or C, and still gives you 6 slots to support any combination of Fido2, TOTP, SSH, PGP, and password storage.

Manually keying in the pin is only needed when plugging in the device. Challenges for TOTP, FIDO2, etc. are a configuration option, and are only 3 digits if enabled (press any button if disabled).

As for “excessive amount of security”, security as an absolute measure isn’t a great way to think about it. Use case and threat model are more apt.

For use case, I’ll point out it’s also a PGP and SSH device, where there is no third party server applying the first factor (something you know) and needs to apply both factors on device.

For threat model, I’ll give the example of an activist who is arrested. If their e-mail provider is in the country, they can compel the provider to give them access, allowing them to reset passwords on other more secure services hosted outside the country. The police now have the second factor (something you have), but can’t use it because it’s locked.

https://onlykey.io/

Built in hardware pin entry means your unlock code can’t be captured by a compromised machine. Emulates Yubikey if you need that, handles Fido / U2F, stores up to 12 passwords, acts as PGP and SSH key if you install the (open source) agent.

The SSH agent implementation is forked from https://trezor.io/ which is advertised more for crypyo wallet uses.

Edit: For OP’s concern about losing the key, it also has the ability to export an encrypted backup that can be restored to a replacement key

They are