Cool, THANKS!! 😊 🙏

That is an interesting implementation of security through obscurity…

How does one enable this on the standard 7Zip client?

That makes a lot more sense for your setup, then.

Fail2ban bans after 1 attempt for a year.

Fail2ban yes; one year, however, is IMO a bit excessive.

Most ISP IP assignments do tend to linger - even with DHCP the same IP will be re-assigned to the same gateway router for quite a number of sequential times - but most IPs do eventually change within a few months. I personally use 3 months as a happy medium for any blacklist I run. Most dynamic IPs don’t last this long, almost all attackers will rotate through IPs pretty quickly anyhow, and if you run a public service (website, etc.), blocking for an entire year may inadvertently catch legitimate visitors.

Plus, you also have to consider the load such a large blocklist will have on your system, if most entries no longer represent legitimate threat actors, you’ll only bog down your system by keeping them in there.

Fail2ban can be configured to allow initial issues to cycle back out quicker, while blocking known repeat offenders for a much longer time period. This is useful in keeping block lists shorter and less resource-intensive to parse.

Well, that’s just an excuse for bad leadership.

You can’t be a leader to people who have no desire to follow you in the first place. And you can’t force anyone to accept you as a leader.

The world is not as black and white as you make it out to be. Sometimes you need to throw your weight around for the overall good of the community. It’s why law enforcement exists within every functional community - there will be people who intentionally ignore “leadership” and break rules for their own selfish purposes regardless of how good said leadership is, and the only thing that will make them behave is the threat of social censure or outright punishment.

And Linus has no ability to directly correct or punish, so social censure is the next best functional tool.

Do either of the options you mentioned provide custom nameservers? As in, the ability for ns01.yourdomain.com to resolve to your account on their DNS servers?

That’s why I was particularly clear about him being “not right”.

Because being abusive is definitely “not right”.

But sometimes you have to make a point and you just have no other way of doing so, because the deed is already done, and anything less shocking is just gonna get ignored wholesale. That foot-stomp has to be loud enough and clear enough to be heard even by the people in the back. And there are only so many (frequently limited!) ways of grabbing everyone’s attention by the nuts.

I don’t agree with how Linus handled it. But I can understand it.

reads the article

considers the triggers prompting the outburst

He’s… not wrong.

Not right, but definitely not wrong. There is a big difference between effective security and total security. He was dumping on total security, which in many ways is worse than no security at all.