One idea to always go back to is:

Extraordinary claims require extraordinary evidence

• Carl Sagan

This can be tough to evaluate sometimes, but it's a good general idea.

Does the claim sit outside the natural world as currently understood by scientific theory?
If yes, then there's going to need to be a lot of evidence. If not, the level of evidence is lower.

Does the claim involve a low probability event?
If yes, then more evidence is needed of that event.

Does the claimant have a stake in the claim?
For example, does the person get money, fame or other stuff by getting people to believe the claim? If so, more evidence should be required.

What type of evidence would you expect to see, if the claim were correct?
When things exist, they tend to leave evidence of their existence. Bones, ruins, written records, etc. If someone says something exists, or used to exist, but they should have archeological/anthropological evidence to back it up.

Sure, it's always going to be a bit subjective as to what requires proof. And for a lot of low stakes things, there's no point in going after it. If someone claims to be from Pitcairn, then what's the point of questioning it? Just say, "huh, cool" and move on. If someone is trying to convince you that an historical figure existed, and that should effect how you see the world, maybe ask for as bit more evidence.

While I hate the idea of people losing their jobs, stepping back for a moment and looking at what they are claiming, its not terribly surprising:

Spencer said the roles affect mostly corporate and support functions

When companies merge, this is kinda needed. You don't need two fully functional HR departments. While the HR staff from the buying company will likely need to expand, it won't be by the same amount as the HR department of the company being bought. As network functions are merged, you probably don't need all of the IT staff which came with the merger. A lot of management functions likely end up merged, meaning redundancies. And this sort of thing is going to move through a lot of the non-project work functions of the company.

Yes it sucks. But, it's to be expected in a merger. Now, whether or not we want this level of consolidation, that's a different ball of wax entirely. The last thing we need is more studios falling under the sway of these massive companies. That's the thing which should be drawing our ire.

The fact that the OS is replaceable sealed the deal for me.

And the default OS isn't locked down and doesn't try to prevent you from doing other stuff with it. What you want to do isn't in the Steam interface? Switch over to desktop mode and you have full access to the underlying OS.

My only complaint with the Steamdeck is that I find using the touchpad on the right side for long gaming sessions hurts my hands. I 3d printed some grips which help; but, I think my hands just don't like the orientation. Still love my deck though.

Not really. IP addresses are really easy to change. And doubtless the threat actors will see that their IPs have been identified and will roll them over soon. The solution is to go after the tactics the attackers are using:

The attack chains exploit known security vulnerabilities and misconfigurations, such as weak credentials, to obtain an initial foothold and execute arbitrary code on susceptible instances.

1. Install your updates. If you have a server open to the internet and you haven't patched known exploited vulnerabilities, you deserve to have your network ransomed.
2. Many products have either vendor provided or useful third party security configuration guides. While there are situations where business processes prevent some configuration changes, these guides should be followed when possible. And weak passwords should not be on that list.

EDIT: for Oracle Web Logic, you do a lot worse that going through the DoD STIG for it.

Been using the beta for a while and I gotta say, it's pretty awesome. I just hope they have the purchasing as sorted as they claim. I've had so many issues in the past letting my kids purchase games.

I was always terrible with knots growing up. My father spent far too much time trying to teach me a basic trucker's hitch and sadly never got to see me really "get it". Then, when my own son was in Cub Scouts and supposed to learn some basic knots, something just clicked in my mind and I took an interest. The bowline was the gateway knot for me and learning that led me to finally apply myself to the trucker's hitch. Just such a useful pair for tying up a load. I can understand why my father really wanted me to learn it.

Now, I keep a length of paracord on my desk and will fiddle with it, practicing knots whenever I'm doing something that leaves my hands free. And ya, having a basic set of knots down is just damned handy.

I would assume they have some basic stuff running 24x7. I can't imagine a network which doesn't have Endpoint Detection and Response (EDR) running 24x7 these days. There's also things like firewall logs, which are almost certainly being captured (or at least netflow). Stuff like screen recording and mouse monitoring is probably saved for extreme cases. That said, my own experience has been pretty close to:

We’re not going to look over your shoulder while you watch YouTube videos but if we notice you’re watching a lot of or you start visiting porn sites, we’re going to start monitoring you.

Quite frankly, no one's got time for that shit. I work at an organization with a bit north of 25,000 employees, and we have less than a dozen security analysts. While I could run a search against our firewall logs and see evidence of folks dicking around. I have much better things to do, like running down abnormal processes and writing up reports on users who got their systems infected while dicking around. And that's really the way it comes to our attention, most of the time. Someone is out trying to download movies or software on their work laptop (you'd think people would know better....) and they pickup malware. We get an alert and start investigating. While trying to determine the source, we pull browser history and see the user out on "SketchyMovieSite[.]xyz". And then their dicking around becomes our problem, mostly because the site had a malicious redirect, which is where the infection came from.

So ya, they may not be looking, but I'd always bet they are recording. Logging isn't useful if it isn't recording at the time of the compromise.

Remote work and pay. I was already interested in getting a remote gig when COVID hit. We went to a hybrid schedule and I realized that I really liked working from home. Also that my job was pretty much built for it. While many of the folks I used to work with are still hybrid, fully remote was never an option. I worked with Classified systems and I could never convince them to put a SIPR drop in my home. I guess you need to get elected President for that.

As the world was opening back up, many companies saw remote work as a carrot to offer cybersecurity folks and I started to see a lot more job postings with it as an option. So, I put my LinkedIn profile to "looking for work" and started getting recruiters messaging me on a regular basis. One hit me up with "REMOTE WORK OPPORTUNITY" (yes, all in caps) as the lead for an offer. What followed that sounded interesting and I started talking with him. A few week later, I put in my notice and started working in the private sector. Got a pay bump in the move as well.

My time in the FedGov space was overall a positive thing. I learned a lot and got to see systems locked down in a way that actually mattered (I never thought I would miss STIGs). At the same time, I don't see myself ever going back. The bureaucratic nature of everything is soul crushing. And sitting in an OSS all day long sucks. It especially sucks when you're the only one in the container and need to go out and take a piss. Clear the room, arm the alarm, spin the lock, sign the sheet, go piss. Open the lock, sign the sheet, disarm the alarm, get back to wishing for the sweet, sweet embrace of death.

When I worked as a US FedGov contractor, I was greeted with a long warning banner every time I logged into my computer. The tl;dr version of it is "fuck your privacy". Being that I was part of cybersecurity for the site I was working at, I was one of the people doing the fucking. While we didn't read everything from everyone all the time, we were logging it and could pull it up, if we were performing an investigation. We also had some automated stuff scanning for patterns and keywords on a regular basis, which could trigger an investigation.

While I'm no longer in the FedGov space (thank the gods), I still assume that everything I do on my work system or with work accounts is being logged. Also, I'm still working in cybersecurity and am often still the one doing the privacy fucking. Yes, everything is being logged. We may not look at it today, we may not look at it tomorrow. But, when HR and Legal ask us about a user's activity, we can usually be pretty detailed. Act accordingly.

NextCloud running in docker on my server. I can then sync folders from both my desktop and phone.

If we could harness the energy of Regan spinning in his grave, we'd have a limitless supply of energy.
Imagine telling any conservative, during the Cold War era, that we could completely fuck Russia's military power and readiness, for years to come, by sending weapons to a relatively small country. They would be rushing to arm anyone and everyone they could, unintended consequences be damned. And yet, here we are with the GOP blocking exactly that sort of activity. And even better, there is a very real possibility that we aren't arming future terrorists this time around. Maybe that's the GOP's problem, Russia losing in Ukraine won't create an excuse in 20 years to kill more brown people.

Good. Tying aid to cuts in IRS funding was absolutely asinine. Failing to fund Ukraine, which is actually fighting for it's continued existence as a political entity is also asinine.

Yes, Hamas is a horrible organization; but, the Israeli Government isn't facing an existential threat and has not been an innocent actor in the situation in Gaza. Aid and support should come with strings attached to ensure the protection of civilians and property rights of the people being displaced.