@ryanc Can't the IRS also require you to pay estimated tax (or at least, penalize you if you don't)?
Estimated taxes | Internal Revenue Service
Who must pay estimated taxes, how much to pay and when to pay them.
(www.irs.gov)
Posts
-
Hey Americans!
-
Barth's Distinction: There are two types of people: those who divide people into two types, and those who don't. -
Somehow, yesterday I experienced a new form of email nonsense.@Sempf @cR0w @ryanc @drscriptt
I mean, my experience is outdated, but at its height I was the sole sysadmin and abuse admin for a platform that served about 60,000 users, accepting or rejecting about a million SMTP delivery attempts a day. I was a very early implementer of things like graylisting and SpamAssassin, before you could even buy an appliance to do them, let alone a cloud service. But the landscape was very different then -- spammers were smaller scale and not big business then. The scars are old, but deep. Count yourself lucky.
-
Somehow, yesterday I experienced a new form of email nonsense.@ryanc
I think we agree more than we disagree! Especially when it it is probably better for the ecosystem for the systems causing harm to be the explicit source of that harm, so that the ecosystem will start to respond to it appropriately. So I'm basically arguing myself out of silent discard even in my idealistic case!
@drscriptt @Sempf -
Somehow, yesterday I experienced a new form of email nonsense.I'm interested in minimizing ecosystem harm / impact, even if I'm not the direct / attributable source. In the worst case, if I know that an upstream hop is going to generate backscatter if I reject in my DATA phase, and I know with high confidence that the content is spam, and I know that that upstream hop is not likely to change their ways any time soon ... it's a net lessening of ecosystem harm if I silently discard, rather than indirectly "trigger" predictable backscatter.
Yes, I know this is idealistic.
-
Somehow, yesterday I experienced a new form of email nonsense. -
Somehow, yesterday I experienced a new form of email nonsense.@ryanc @Sempf I mean, I get that, but in the meantime the blowback still hits the innocent non-sender. As a troubleshooter, I 100% hated silent discard, but as a spam fighter from back in the day, never doing that produced a whole bunch of busy work and harm that was impossible to work around otherwise. (Rejecting early in the connection was of course ideal!). But I've been out of this game for more than a decade ...
-
Somehow, yesterday I experienced a new form of email nonsense. -
Somehow, yesterday I experienced a new form of email nonsense.@Sempf @ryanc
It's been awhile since I was in the daily email game, but I assume blowback is still a non-trivial problem, such that silent discard, despite non-compliance, might sometimes be preferable to innocent bystanders receiving blowback? But deciding when to do that must be complicated ...(Put another way: I don't think the RFC framers had "spoof millions of senders s day" in mind as something to be standardized against)
-
Life hack: get computer/task glasses that only work if you're using the correct posture.Life hack: get computer/task glasses that only work if you're using the correct posture. Game changer.
-
Recently, I learned that Western Digital has decided to only partially implement the ATA Secure Erase featureset for initial price points for some storage products.Recently, I learned that Western Digital has decided to only partially implement the ATA Secure Erase featureset for initial price points for some storage products.
https://www.westerndigital.com/en-us/solutions/data-security/data-protection
Specifically, they are withholding the near-instantaneous "Crypto Erase" option (encrypt the entire drive with a strong key, and then discard the key) from some products, offering only "Sanitize Block Erase" (overwrite everything) at the entry-level price point.
Technically, Block Erase does comply with NIST 800-88 "Purge" level for SSDs, per Table A-8. But it wastes [size-of-drive] writes.
I understand the need to stratify pricing. But making security harder is never better for the ecosystem.
And by the time most people realize they wanted the better option ... the purchases will have been made (maybe years before), and the folks making the purchasing decision will likely be far removed (in time, org structure, and technical awareness) from the personnel suffering the consequences.
Bad form.
-
Does anyone know how to add a new security device to a Google account?@buherator One hokey work around for YubiKeys specifically is to use their configuration program to temporarily drop support for FIDO2, leaving U2F enabled. Then register the key. Then re-enable FIDO2.
-
TIL Proton dropped their maximum supported security keys (some time after mid-August 2024) from 8 to 4 keys?!TIL Proton dropped their maximum supported security keys (some time after mid-August 2024) from 8 to 4 keys?! (Notice the tiny "8 out of 4" label, because I had registered the maximum 8 keys)
I suspect my current config will be stable until I need to explicitly delete a key, in which case I won't be able to add a replacement unless I delete five keys.
-
If you ever need to securely erase a hard drive, you may be interested to learn that the erasing core of the classic old Darik's Boot and Nuke (DBAN) software has been modernized and open-sourced under the name nwipe.@jalefkowit Wow, that is a firmware bug as far as I'm concerned. I bet WD would be surprised that it's missing!
-
If you ever need to securely erase a hard drive, you may be interested to learn that the erasing core of the classic old Darik's Boot and Nuke (DBAN) software has been modernized and open-sourced under the name nwipe.@jalefkowit If a spinning drive's controller supports the ATA Secure Erase standard (which drives have supported for more than 25 years), you can use the same command to erase both spinning drives and SSDs (It performs overwrite on rust and encrypt-then-discard-key on SSDs). The Linux
hdparmcan send the command to the controller directly, no third-party software required.Also, if a hard drive is more than 20 MB, the track density makes it much more difficult to reconstruct useful data from the fallow magnetic medium between tracks. Making seven passes has been overkill for a long time.
I cover some other corner cases here, including quoting Gutmann to back up my claim that multiple passes are no longer necessary:
-
Oooh, I saw a report that we're four CVEs away from breaking 40K for the year?Oooh, I saw a report that we're four CVEs away from breaking 40K for the year?
YouΒΉ know what to do.
ΒΉfor numbering-authority values of "you"
-
Gordon Mah Ung, PCWorld editor and renowned hardware journalist, dies at 58https://www.pcworld.com/article/2564783/gordon-mah-ung-remembered.htmlI followed him faithfully during his Maximum PC days.Gordon Mah Ung, PCWorld editor and renowned hardware journalist, dies at 58
https://www.pcworld.com/article/2564783/gordon-mah-ung-remembered.html
I followed him faithfully during his Maximum PC days. A legit legend.
PCWorld's "The Full Nerd" podcast tribute:
(looks like the last episode Gordon was in was in April?)
PCWorld executive editor Brad Chacos' personal tribute, including link to his favorite video piece of Gordon's:
Gamers Nexus tribute:
-
Important reminder, if you own a domain name and don't use it for sending email. -
Important reminder, if you own a domain name and don't use it for sending email.@Jerry No-email [inbound] domains should also set a "null MX", per RFC7505:
https://www.rfc-editor.org/rfc/rfc7505.html
MX 0 "."
