Have you heard the gospel of the VelociPastor?
One series I haven't seen recommended yet is Alastair Reynolds novels. Revelation Space is a wonderful series, and if you want to start with a standalone story House of Suns and Diamond Dogs are great choices.
For lighter reading there's also the Murderbot Diaries by Martha Wells.
There's other older series that may appeal to you: Vatta's War and Vorkosigan Saga conf to mind.
It provides a safety net by pooling the resources of the community to support the less fortunate. This prevents people from having to sacrifice their long term goals because their short term needs may not be otherwise met.
Also in contrast to capitalism that treats society as a zero sum game ("I can't get ahead unless I take something from someone else") socialism is a benefit multiplier ("I'm part of the community. By making the life of everyone in the community better I'm also improving my own life").
They are really good at providing examples for why civilized society needs socialism.
Or companies do hire security, but the security team is incompetent and unable/unwilling to adapt to new challenges. Then it devolves into security theater, until either someone new comes who cleans house or a breach happens.
Arch: I need reproducible setups. Also bleeding edge is not for me.
I have to give credit to their documentation though!
What put me off selinux is that the officially documented way of generating a new policy is to run a service unconfined, and then generating the policy from its behaviour. This is backwards on so many levels... In contrast policy-based admission control in kubernetes is a delight to use, and creating new policies is actually doable outside of a lab.
Mine has a precondition option that can both heat the cabin and warm up the battery while still plugged in (a warm battery will give you better range). The heaters keep up, and in fact can warm the cabin faster than on ICE: The latter uses waste heat from the engine, the EV just uses a heating element like a space heater for home would.
Confucius says: man who runs in front of car gets tired; man who runs behind car gets exhausted.
Nepal, because of its irregular shape. If we bend the meaning of "national" to include autonomous territories, then Isle of Man.
so what are the reasons why it's a bad daily driver?
Don't need to go any further than "default user is root."
Sometimes the X is not quite at the spot. My guess is that it's under the sand too the right on the first picture (possibly underwater).
WASD = Path of Vampire Survivors?
The pun is so bad it made me sigh. Top quality dad joke!
Alley Cat, Dukem Nukem 3D, Ultima (4, 5, and 7), Daytona, Day of the Tentacle, Zack McCracken...
Using containers from public registries is no worse than using third party software. In both cases there's a risk of malicious code. The big difference is that for containers you can scan the image before running it, SBOMs are becoming ubiquitous so dependency vulnerabilities are easier to detect, and runtime protection software is more effective on containers because each container has a deterministic expected behaviour, making it easier to find deviations. I'd much rather manage runtime controls for containers than craft selinux policies.
The bottom line (which the OP article misses) is that while individual container configurations require more effort to set up the additional work to manage them at scale is low, whereas compliance for host based installs is requiring more and more effort. In fact given how popular curl | sh ... is becoming for host based installs I'd argue that they are regressing in terms of safety and reproducibility.