I’m confused by this comment, do you want to elaborate? Only the thirteenth author has an association with NASA at all, and that author lists two associations. This paper is primarily from U. Maryland and MIT. Why do you feel like this paper reflects to any significant degree on NASA’s mission?
What is NASA’s mission in your mind? What is the point of what they’re doing if not to use science and the knowledge resulting from practicing science to benefit humanity? NASA’s web pages, for one, do happen to say exactly that in multiple ways. Is there some congressional funding agreement you’re aware of that limits or prevents NASA from engaging in certain scientific topics?
Also what problem do have with this paper? It seems like it’s saying something that’s widely known and non-controversial. It maybe adds new kinds of data and support to the thing we already knew, but it’s largely a meta review of many other papers that also demonstrate what we already know, that it’s common for poorer people to live in worse conditions than richer people.
I consider the flexibility of pass(1) to be one of the best features. In my case, I use a hierarchy to manage secrets across different orgs and classifications. The structure I use is:[ORGANIZATION]/[CLASSIFICATION]/[SITE|APP]/[USER]
The folder structure allows for different keys to be used in .gpg-id files, so secret access can be limited on different devices based on which keys are available. For example, only a subset of keys are available on my android phone via the Password Store app from F-Droid, with all devices using a shared password-store synced using git(1).
Completion with bash works well (on Fedora) and following the convention of having the password on the first line allows for the android app to work and you don't need to worry about someone looking over your shoulder by using 'pass -c ...'.
This sounds like a very nice system, and I'll give it a try. I'm already using git to keep things synced between my desktop and my laptop. I've never even attempted syncing to my phone, but if I do that giving access to only a subset of the keys sounds great.
I have been self hosting email for just over 23 years and I am more emboldened than ever to keep doing so. Even with SPF/DKIM/DMARC setup, I am constantly asking people to check their spam folder, add me to their contacts, etc. I refuse to pay an email tax to one of the larger players to solidify their hold over the protocols.
I do not really understand their structure. There is a bunch of engineering scopes, and then one set for the engineering management (all scopes are covered)?
In other words you can have a "M7 Security Senior Engineering Director"?
