Just one open source example … freeradius has an option to log passwords:

log {
    destination = files
    auth = no
    auth_badpass = no
    auth_goodpass = no
}

Or another example: The apache web server has a module that dumps all POST data, with passwords, in plain text:

mod_dumpio allows for the logging of all input received by Apache and/or all output sent by Apache to be logged (dumped) to the error.log file. The data logging is done right after SSL decoding (for input) and right before SSL encoding (for output). As can be expected, this can produce extreme volumes of data, and should only be used when debugging problems.

I don’t agree that this is “absolutely malice”, it could also be stupidity and forgetfulness.

This is not about facebook not hashing credentials, it is that they appeared in internal logs.

Facebook is probing a series of security failures in which employees built applications that logged unencrypted password data for Facebook users and stored it in plain text on internal company servers.

Source: Krebs on Security

All models are equipped with 16GB of RAM, and two additional storage variants are available that cost 21,999 yuan (about $3,089) for 512GB and 23,999 yuan (about $3,370) for 1TB.

They are learning from Apple about the memory price. $300 for 512 gb additional memory storage is insane.

By supporting work on a freelance basis

This sounds like Valve is paying devs to work full time on arch, and thus managing to achive more than volunteers could.

A little low specs for a tablet with “pro” in its name, but at only €400 they needed to save money somewhere

It’s quite obvious from the context

sadly not really

Lemmy alone has about 50k active users.

Source: Join Lemmy

Thanks for the hint on nVidia. That might explain my issue

I don’t think the noveau drivers are ready for gaming.

Oh, they found one scenario that looks good for them. Never trust those early benchmarks until they can be verified independently.

Doesn’t look too bad for me

Yes, that is why many big tech companies have their european hq there.

Edit: Wikipedia on Ireland as a tax haven

You’re right, Google released their vision in 2023, here is what it says regarding lifespan:

a reduction of TLS server authentication subscriber certificate maximum validity from 398 days to 90 days. Reducing certificate lifetime encourages automation and the adoption of practices that will drive the ecosystem away from baroque, time-consuming, and error-prone issuance processes. These changes will allow for faster adoption of emerging security capabilities and best practices, and promote the agility required to transition the ecosystem to quantum-resistant algorithms quickly. Decreasing certificate lifetime will also reduce ecosystem reliance on “broken” revocation checking solutions that cannot fail-closed and, in turn, offer incomplete protection. Additionally, shorter-lived certificates will decrease the impact of unexpected Certificate Transparency Log disqualifications.

If you measure from the surrounding area, the Mauna Kea is higher than Mt. Everest.

Sorry, I understood you wrong. You’re right!

Nothing of value was lost when EV certificates disappeared.

even more secure with the 90 days policy.

Yes, if you do this manually it will work.

I meant certbot with nginx plugin and http-01 challenge.