Note to self: look for second hand unlocked Pixel 10 pro!

> Scotland has a lot of planted pine forests that have drowned out native species

Team Land management for Grouse hunting enters the chat.

https://www.mossy.earth/rewilding-knowledge/rewilding-scotla... ... "In the 1700s, large scale sport shooting and sheep grazing began to leave its mark on the landscape. Overabundant herbivores and over grazing, alongside regular burning, prevented woodlands from naturally regenerating, causing soil erosion, soil acidification, flooding, biodiversity loss and more"

And - https://www.youtube.com/watch?v=MuTV1SiYeu4 - is a longer story that bubbled up in social media a few months ago. Maybe not Hacker News.

There's a non-profit called "Planet Wild" that funds re-greening projects all over Europe, Africa and even India. Here's one in Scotland: https://www.youtube.com/watch?v=BiDBAU2d7oE, or Spain https://www.youtube.com/watch?v=T1QJvRsjg8M. Forest plantations are monocultures that kill biodiversity.

For a while, I've been thinking that open source package portals will at some point take over making of binaries that get released. Dev teams will run their own CI with whatever automated test pipelines they think is appropriate. For a tests-pass situation and will pass the git hash to the portal system for release, which just runs compile and making the binary. Well, not all CI runs would result in a release, of course. Then the package portal's own software kicks in to calculate an independent since-last-release report that's attached alongside the maintainer release notes.

All such portals upgrade their hash/sig noting of binaries, and keep those in a history retaining merkle tree of sorts. Of nothing, else a git repo. Something like this https://github.com/hboutemy/mcmm-yaml/blob/master/aws/sdk/ko... but with SHA256s, and maybe not the entire world on one repo.

Exciting .. I'm typing on that HP Dragonfly now :) Google - put me in the testing group pls - Paul H

Agree. But the first build you do after that clone/checkout is risky too. Maybe not as wide open, as the build-tool makers are a line of defence if they're acting on classes of vuln.

I have not met a ThinkPad I didn't want to chisel the PgUp and PgDn keys off

How bold to start with "Listen to me" then jump into something that doesn't make much economic sense and has not been properly considered

In fairness TFA:

> Hence, a solution. Or an idea, really. Incredibly half-baked. Poke all the holes you want. It’s very unwrought and muy unripe.

He he, I might now be retiring my Ubuntu25 passwordless-sudoer NUC that's only for yolo mode projects. Or giving it more duties. Also - hello from Edinburgh!

Brit here. UK Government's position "we will hold ourselves to equivalent standards via the Cyber Action Plan, just without legal obligations" -is institutionally equivalent to "trust the PDF." Fast forward to the non-repudiable era, please.

isolated-vm (https://www.npmjs.com/package/isolated-vm) here we come for increased sandboxing of node bits and pieces? And we are a year after Java took out the security manager that could sandbox jars in separate classloaders - a standout feature since 1995.