not a very informed comment.
torrents have checksums, you can't just send someone incorrect parts, they'll get rejected.
you asked why it happens so often, I provided a possible explanation.
just yesterday we had a similar case where a usb ethernet adapter wouldn't work on a locked device due to a similar issue, even if that one may be more logical.
especially when you have to follow an outdated password policy where people have to change their passwords at regular intervals you'll have such cases more frequently than when they only need to set it once until a suspected compromise.
the token is completely tied to your account.
you can access part of your account info/settings with that as well, a while back they added an extra password prompt to some of that.
truly anonymous searches are simply impossible unfortunately. while they claim they're not logging any searches it's impossible to verify.
I'm indeed talking about spinning up full vps. with untrusted workloads I'd rather have the best isolation reasonably possible. effectively, this is similar to how Github hosted runners work. my gitlab is currently primarily working by spinning up Hetzner cloud vps on demand, but I've also used this with proxmox before.
if I have very sensitive secrets accessible to my ci pipeline I want to minimize the risk of leakage through compromise of CI environments to a minimum.
I've been considering moving away from gitlab for a long time, but so far, as far as I know, it's still the only service that supports ephemeral self hosted runners. with gitlab it can utilize docker-machine to spin up vps on demand and ensure only a single job runs on each vps before it gets destroyed again.
view more: next ›
the second link is just incorrectly linked in the comment, as the colon is included in it. it should be https://www.auswaertiges-amt.de/de/reiseundsicherheit/suedsudansicherheit-244250