AFAIK completely without ads. This is the first sentence from the link I provided in my previous comment:
Meta will offer people in the EU, EEA and Switzerland the choice to pay a monthly subscription to use Facebook and Instagram without any ads
You're right, these are definitely some advanced topics. But no need to know everything yourself, if you stumble upon one of these topics during your research, you might want to post them here.
Yes, that is why many big tech companies have their european hq there.
You're right, Google released their vision in 2023, here is what it says regarding lifespan:
a reduction of TLS server authentication subscriber certificate maximum validity from 398 days to 90 days. Reducing certificate lifetime encourages automation and the adoption of practices that will drive the ecosystem away from baroque, time-consuming, and error-prone issuance processes. These changes will allow for faster adoption of emerging security capabilities and best practices, and promote the agility required to transition the ecosystem to quantum-resistant algorithms quickly. Decreasing certificate lifetime will also reduce ecosystem reliance on “broken” revocation checking solutions that cannot fail-closed and, in turn, offer incomplete protection. Additionally, shorter-lived certificates will decrease the impact of unexpected Certificate Transparency Log disqualifications.
even more secure with the 90 days policy.
IMO, sticking to manual processes that are error-prone is a waste of money and not a sign of a honest business.
Letsencrypt issues wildcard certificates. This is however more complicated to setup.
AFAIK, the only reason not to use Letsencrypt are when you are not able to automate the process to change the certificate.
As the paid certificates are valid for 12 month, you have to change them less often than a letsencrypt certificate.
At work, we pay something like 30-50€ for a certificate for a year. As changing certificates costs, it is more economical to buy a certificate.
But generally, it is best to use letsencrypt when you can automate the process (e.g. with nginx).
As for the question of trust: The process of issuing certificates is done in a way that the certificate authority never has access to your private key. You don't trust the CA with anything (except your payment data maybe).
At least for me, this works out of the box.
Some requirements:
Someone in Poland chose an interesting name for his company.
I have both done pentests and received pentest reports. My observation is that the perceived severity often varies between the tester and the customer.
Reason for this meme is that some ubisoft titles are shipped with a broken version of ubisoft connect launcher. Installing these games is only possible by running the installer for the launcher again via protontricks.
Nothing tells me more that you care about my privacy than sharing my data with hundreds or thousands of companies.
As AI image recognition advances, CAPTCHAs need to get more creative.
What are your best experiences with CAPTCHAs?
Interestingly, the firewall got overload by the number of UDP packets and not by the bandwidth of traffic. See UDP Flooding on Wikipedia.
Please don't act like the german conservative party:
The CDU [german conservative party] lodged a criminal complaint against Wittmann after she told the party about a security vulnerability in the CDU-Connect election campaign app. (source)
Doesn't look too bad for me