no problem solving in bed when you should be resting. if something pops up, identify it & make a note (mental or otherwise) to address it at a later time.

without further explanations of OP’s intent i’m inclined to think this is perhaps the best approach

and it’s much easier to DRM

as an unapologetic irrational linux zealot, i find your joke…

fuckin hilarious 😂, well done

exactly

default: on

user: explicitly turns off

random “update”: defaults back on

Now wait 1 year

noice, TTS the summary and we’ve gone full circle :D

ever heard the phrase ‘shoot the messenger’ ?

without further context, i’m not sure you could read much into a single act of downloading

it could be as simple as it contained some keywords for a lit review someone was doing

from there they might eliminate it from their review, choose to cite it favourably, or choose to criticise it.

if the journal has a good reputation, being a comparatively frequently read (downloaded) paper from a periodical could be considered a positive reception.

i’m not an expert, but here’s my take.

personally i question when such movements take power that we should interpret it as consent by the public majority.

part of the reason the public apparently bestow power to the machinery of government is because the machinery is supposed to protect them from this very thing happening.

the fact that it is happening, means such a rise in fact did not occur within the correct functioning of that machine.

therefore we should probably question whether we should interpret it as consent by the majority.

and if its not consent by the majority, then in some ways the picture is both bleaker and brighter.

brighter, because you’re not surrounded by quite so many evil fucks as they wanted you to believe

bleaker, well, probably don’t need to explain that bit

ok fair enough, sorry i may have misinterpreted what you meant.

it sounds like your argument is that if the attacker doesn’t know the service is running then the assertion that this reduces the risk profile is classified as an obscurity control - this argument is correct under these conditions.

however, certain knocking configurations are not obscurity, because their purpose & value does not depend on the hope that the attacker is unaware of the service’s existence but rather to reduce the attacker’s window of access to the service with a type of out of band whitelisting. by limiting the attacker’s access to the service you are reducing the attack surface.

you can imagine it like a stack call trace, the deeper into the trace you go, every single instruction represents the attack surface getting larger and larger. the earlier in the trace you limit access to the attacker, you are by definition reducing the attack surface.

in case i’ve misinterpreted what you meant. susceptibility to a replay attack does not mean something isn’t a security measure. it means it’s a security measure with a vulnerability. ofc replay attacks in knocking is a well known problem addressed long ago.

perhaps the other source of miscommunication is for us to remember that security is about layers, because no single layer is ever going to be perfect.

if you can’t work out what knocking might have to do with whitelisting then i’m not sure what you hoped to contribute towards reducing misconceptions in the conversation

would you classify out of band whitelisting by IP (or other session characteristic[s]) as having no security merit whatsoever?

would you classify it as purely a decision regarding network congestion & optimisation?

you’re ofc free to define these things however you wish, but in a form which is helpful to OP’s question i’m not sure i follow you.

oh look, the thing they told us would never happen when this shit was installed

the creep is real.

thought for the day: is thin wedge always a fallacy when it’s always fucking coming true?

I fucking hate this timeline.

my first thought as well…how did we get to the point that this is a valid topic?

(not a comment about you OP, just the state of the world)

to reduce attack-surface, if there’s no reason for the port to be open, don’t open it.

while the most bare bones knocking implementation may be classed as obscurity, there’s certainly plenty of implementations which i wouldn’t class as obscurity.

People iterate through all the IPv4 addresses since there are only 4,294,967,296 possible addresses. There are 340,282,366,920,938,463,463,374,607,431,768,211,456 possible IPv6 addresses

i love your thinking!!

do you have a backup in case you accidentally find yourself locked out from an ipv4-only network?

i feel like this is a good place to mention the ship shipping ships

https://www.superyachtshipping.com/

can you pls explain what you mean in more depth?

your original post is sufficiently vague that tbh i don’t blame people for assuming you were just bootlicking? [which probably says more about the state of the world than you as an individual, but honestly it’s not clear what you’re trying to say?]

we all know a random citizen/local business presenting an identical calibre of evidence of repeated crimes would be extremely unlikely to routinely receive this degree of resource allocation.

so if it’s an idealised aspirational universal “order” you’re talking about then obviously noone’s buying it - and i don’t think you are either. so what do you mean?

searching for ‘phpbb <topic name>’ can usually bring up a few struggling to dead forums for niche communities which are being sadly absorbed into bigtech monoliths