Of course! It's easy to forget he was a guard at one of America's most notorious concentration camps, Guantanamo Bay. It's foolish to think of him only as a Fox News personality.
Do you have any evidence for this at all? That they are automatically awarded? We can discuss the low bar that O's seemingly have for earning some awards, but there is no reason to misrepresent the process. And I know at least one person that was awarded a Bronze Star without the V, even thought the award was for a specific valiant action they took, it's tough to say without reading the award or being there.
While anecdotal, every single O3 and higher in my company received one after our OEF rotation, despite spending their entire time on KAF and not at COPs or FOBs.
Here's an excerpt from the Military Times describing changes to awarding criteria:
"The policy changes also seek to tighten the criteria for awarding the Bronze Star specifically, a combat award that can be presented without a “V,” and often was throughout the wars in Afghanistan and Iraq, for “meritorious” performance.
And here's some details about Pete's own awards:
"The first Bronze Star was awarded to Mr. Hegseth for his assignment in Iraq as a rifle platoon leader in Iraq from September 2005 to July 2006. The citation noted his “professionalism and commitment to excellence” while he was with the 101st Airborne Division. He received the second Bronze Star in 2012 after serving as a counterinsurgency instructor in Afghanistan."
I think that's a strawman about my use of the word "automatic"; my point is that it's not indicative of anything special as they were awarded without needing a qualifying event like you'd see with a V device, silver star, LoM, MoH, etc.
Him denigrating fellow soldiers and being grossly unqualified to even communicate properly in his role are also concerns, but somewhat off-topic.
It is not a strawman, you literally said the awards are automatic, which is untrue on it's face. The vast majority of HN users are not veterans, and likely would not know that what you said is untrue.
Typing a comment isn't the same as providing a source; I've provided two that support my claim. You're welcome to try again, but it's too early for bad faith arguments so you won't get any more replies.
You literally misrepresented the truth then provided 2 articles, neither of which backed up you original claim. All because you evidently don't like someone. The only claim I made is that the awards are not automatic, which we both know is true.
Regardless, my source that Bronze Stars are not automatically awarded is AR 600–8–22.
> Prior to 7 January 2016, awards may be made to recognize single acts of merit or meritorious service.
Which corroborates my other claim - including the timing - about the tightening of criteria? Dang. That's wild. Good thing you have a source that you didn't link or apparently read.
What are you talking about? your original statement was that they were awarded automatically, now you are talking about the standards for awarding it, which implies it is not actually automatic. I said In my original response that we could discuss the standards, but your statement that they are automatic for O3-O4 is just plain false. Your sources do nothing to back up your original claim, in fact, they do quite the opposite. No level of snark will make your assertion correct. There is a reason why your original response was flagged, which I had no part in.
My point was that he served in Iraq and has more "real" experience than being a prison guard. This doesn't mean he has enough experience to run the DoD of course, but I wanted to add that because it's misrepresenting a vet who served a deployment.
Unlike Nebula, it gives you an IPv6 address (actually, millions of them per node, if needed).
They now also have a userspace only SOCKS 5 proxy server that can connect your app to the whole network without forcing user to install drivers or to mess with their network configuration.
The last time I tried ZeroTier (years ago, I admit) it wasn't possible to self-host all of it I think and I couldn't make it reliably use my own relays for good performance of non-direct connections.
I've been happily using Nebula for a while now, pretty easy to configure and self-host.
Thanks for the recommendation! I wanted a VPN like this for a long time, to manage HA in a remote propery, and this seems like a great option. Even the hosted service is very reasonably priced - https://www.defined.net/pricing/
They are not directly comparable. Nebula is a mesh VPN. Wireguard can be used as a building block for a mesh VPN (as it is in Tailscale), but it does not have that function organically.
I have tried Tailscale / Headscale and did not find the overhead worth it. Both can saturate a 10Gbps link and that's all I need right now. Nebula's much simpler to administer. The configuration's spelled out in the client configs and in the certificates you provision. If you're already using some form of configuration management, it's quite easy to make changes. If you require a Web UI, Tailscale / Zerotier / etc may be better. There is a company that provides a Nebula-based service with a Web UI but I haven't tried it.
I'd characterize it as such: Wireguard is more of a plumbing solution that gives you a point-to-point connection, either it's enough for you or you can use this to build what you need.
Nebula is more of an end-user ready-to-use solution, gives you features like NAT traversal, automatic selection of direction connections if possible, the nodes don't need to know other nodes' addresses ahead of time(x) etc.
Looking at that file may make you reach misleading conclusions. Some tun/io code may be use but there's that. As far as I understand WireGuard the protocol is not used anywhere:
nebula (master)> git rev-parse HEAD
2b427a7e8934f0a436fea25eb40a6b979b34ee7a
nebula (master)> rg --glob '*.go' -i wireguard
wintun/tun.go
6: * Copyright (C) 2018-2021 WireGuard LLC. All Rights Reserved.
9://NOTE: This file was forked from https://git.zx2c4.com/wireguard-go/tree/tun/tun_windows.go?id=851efb1bb65555e0f765a3361c8eb5ac47435b19
udp/udp_rio_windows.go
4:// Inspired by https://git.zx2c4.com/wireguard-go/tree/conn/bind_windows.go
25: "golang.zx2c4.com/wireguard/conn/winrio"
overlay/tun_wintun_windows.go
17: "golang.zx2c4.com/wireguard/windows/tunnel/winipcfg"
wintun/device.go
6: * Copyright (C) 2017-2021 WireGuard LLC. All Rights Reserved.
9://NOTE: this file was forked from https://git.zx2c4.com/wireguard-go/tree/tun/tun.go?id=851efb1bb65555e0f765a3361c8eb5ac47435b19
Nope, it wouldn't have been in RHEL 10 or any of the rebuilds. CentOS Stream 10 already branched from Fedora / ELN. The closest it would have gotten is a Fedora ELN compose, and it's doubtful it would have remained undiscovered long enough to end up in CentOS Stream 11.
We likely would have backported the change. I'm already planning a big rebase of packages that missed the Fedora 40 / C10S branch (related to RISC-V in that case).
Ha, fun to see this again! Back before everything was HTTPS, it was fun to use the Browser Exploitation Framework (https://beefproject.com) which had a script included that did this. Though in those cases I wasn't in control of the gateway, so ARP spoofing was required to get other devices to route through me.
Happily surprised to see this hit the front page! If anyone is interested, I keep track of some statistics regarding Rocky Linux usage at https://rocky-stats.tiuxo.com/auto.html
Note that those statistics are only really useful for determining relative usage of Enterprise Linux distros as it's derived from EPEL logs. I haven't gotten around to attempting to derive statistics from the Rocky Linux logs because it's an intimidating amount of data.
(It's supposed to be automatic, but it seems the GitHub CI is having an issue with one of the dependencies for the past week. Guess now's a good time to fix it, and maybe make the page look more aesthetically pleasing...)
We aim to be as transparent as possible. The only information that we don't share publicly is the obvious stuff (PII, sensitive infrastructure information, etc). The information regarding source access / challenges / etc is available at https://rockylinux.org/news/keeping-open-source-open/.
I had already read that when it was published, and I think it's very vague.
> Fortunately, there are alternative methods available to obtain source code, and we would like to highlight two examples
Okay, you list two options for obtaining the source of any RHEL binaries, but which one of these do you currently use? Or can't you say anything about it due to legal reasons?
> These methods are possible because of the power of GPL. No one can prevent redistribution of GPL software.
Not every RHEL binary is GPL-licensed, though. How do you plan to obtain the source for non-GPL-licensed binaries, where there might be no legal guarantee to obtain the source?
The vagueness is not intentional, it's vague only because at the time it was written we hadn't decided on a particular source. For Rocky Linux, RHEL cloud instances are currently the primary source.
Not every RHEL binary is GPL licensed, but all the packages we distribute have an open source license permitting such redistribution. There are a few left out, for example some Red Hat proprietary artwork, tools, etc.
I often get a bit of a feel of the Monty Python "Nudge Nudge Wink Wink" sketch from talking with folks who think we're doing something legally dubious.
> For Rocky Linux, RHEL cloud instances are currently the primary source.
Okay this answers the first question thanks.
> Not every RHEL binary is GPL licensed, but all the packages we distribute have an open source license permitting such redistribution.
Regarding the second question, fair enough, you are allowed to redistribute the source code. However, there is no legal obligation for Red Hat to distribute the source code to you for non-GPL binaries. So, what happens if you cannot obtain the source code of the Red Hat binaries (non-GPL) via your RHEL cloud instance workaround? Essentially, Rocky relies on an RHEL cloud instances workaround to fetch sources that could stop working (for non-GPL) at any time. Not such a bright and shiny future, if you ask me.
We thank our upstream often, in person, in social media, etc.
We sponsor the Fedora Flock conference, the only opportunity to fiscally support Fedora, and will continue to do so. Same with the CentOS Connect conference. Those checks get written directly to Red Hat, by the way.
Given you work for Red Hat, we can even say we've paid you a little! :)
We do love collaborating with our upstreams--I myself recruit folks into Fedora and CentOS whenever I can, in addition to Rocky.
It's more than words and sponsorship--I really do mean it when I say I want to empower the Enterprise Linux community, and I'm thrilled that Rocky is at a point where we're able to do so.
reply