• 0 Posts
  • 24 Comments
Joined 11 months ago
cake
Cake day: January 6th, 2024

help-circle

  • I will continue to be a proponent of meditation practice. It’s honestly a shame imo that it has a “mystical” connotation. I think it’s very practical. I really don’t think of it much more than dedicating time to observing how my brain works. And a lot of that is all the stuff that arises that doesn’t feel like it “under your power.” When you actually sit down regularly and take notice of the arising and falling away of thoughts and emotions, it becomes a lot easier to not let it consume you and react.

    It’s one thing to “know” the emotions are temporary and you shouldn’t react so strongly. It’s another thing to really internalize that and be able to have that same perspective in the moment of strong emotion. It’s practice.
















  • I also don’t think it’s like a bright line that propaganda is necessarily the worst form of dishonesty. The subject matter and intent is huge. If a US president runs ads with cherry picked economy data, you could argue that’s propaganda. But that isn’t necessarily worse than say a Pharma exec who pushes through and misleading advertises a potentially harmful drug. The exec could potentially get in trouble for this, but you could easily argue his actions were worse.

    The potential harm is generally pretty high when we think of propaganda. And governments willing to participate in more flagrant propaganda are likely going to be willing to participate in other unsavory behavior. And use propaganda to affect it.



  • I think the container piece is probably the least of your concerns here honestly. The biggest thing you’ll want to focus on is the ingress networking layer, but that won’t really be any different than if you were running the app normally. Generally exposing ports from your home network to the internet is not a great idea, and you try to use something like cloudflare or get a cheap cloud VPS with a reverse proxy connected to the container host via VPN.

    But for general container security practice, what you mentioned is good. You could also look at the Docker CIS Benchmark for more good security practices. And container scanning tools like trivy or anchore syft/grype to identify vulnerabilities in your containers. But again this is secondary to the networking layer in my opinion.