AES can only encrypt up to 64TB; after that you need to re-key. So you need a mechanism for rekeying anyway. Definitely a good idea to use a battle-tested tool like wireguard instead of rolling your own.
I think alphager is referring to the upper limits of AES before a birthday attack becomes a concern. In GCM mode there's a realistic chance of an IV being reused after around 64GB of data. Other modes have differing limits.
Truly. I think IPSec is practically more "battle tested" than wireguard ever could be, and IPSec offers more useful functionality than wireguard ever will.
Real question: Do landlords resort to "hired help" to encourage non-paying tenants to leave more quickly? Two years sounds crazy. Many people who only own a second home for rent might go bankrupt without rent to pay the loan.
In Poland, they sometimes do. For example, they rent the property to another person (they claim that it’s legal), who is a goon. The goon moves in with the original renter, and makes his life hell. Other paths are to disconnect electricity from the property, by cancelling the contract with electric provider. However, some people are ok with living without power, if the apartment is free. Next steps are - disconnecting water and/or heating, although these are less legal than disconnecting power.
There also was a tragic case of an older lady who resisted being evicted from a building in Warsaw bought by a new owner, who in turn kidnapped her, drove to city outskirts and burned her alive to get rid of her.
It really reminds me of the Calvin and Hobbes comic where Calvin imitates his dad and says "Calvin, go do something you hate. Being miserable builds character!".
It's funny that out of a not so small corpus, most of which I can't recall, this is the one line that I actually found memorable. Great line. I use it IRL some times.
"Your ATC comment seems to continue your theme that everyone should run a private PKI instead."
Not the OP you replied to, but I want to add some nuance: there's a vast solution space between using the WebPKI and rolling your own. The enterprise focused CAs have non-WebPKI CAs and CA-as-a-service offerings, both with way longer certificate lifetimes and way longer revocation periods.
If you don't need WebPKI-compatible certs (because you're not offering services to the general public) and your org cannot abide by the WebPKI rules requiring 24 hours max before revocation, you are doing something very wrong when you use the WebPKI.
Both anecdotes and data disprove your statement. They don't work in all cases and we currently don't know if that is because depression is actually a symptom of multiple diseases and antidepressants just work on some of them or if there's something in people's brains that make them immune to antidepressants.
