starkzarn
@starkzarn@infosec.pub
- Comment on Security camera recommendations? 5 days ago:
There is not a mobile app, no. You can pseudo install it as a PWA if using a chromium based browser though.
I do use HomeAssistant so I let it do the notifications for me, but you could easily setup pubsub and use that to hook gotify or something. Maybe it even has native webhooks at this point, I’m not sure.
Notably though I don’t run frigate in HomeAssistant, it’s just plugged in via API. That’s to support hardware passthrough for my coral TPU.
I highly recommend it over the others. the only one I haven’t tested is blue iris because it’s windows only and I refuse to have a windows machine on my network. Frigate outperforms all the others that I tested. Zoneminder is a runner up but it feels dated and the object detection is a kludge.
- Comment on Security camera recommendations? 6 days ago:
I have some reolink and some amcrest, and I’d choose the amcrest (or dahua) any day tbh. Similar workload. Tensor and frigate for software NVR and object detection, all to a zfs dataset.
- Comment on save the planet 🌎 1 week ago:
Says who? I give all my billionaire best friends shit every day.
- Comment on save the planet 🌎 1 week ago:
The irony of using AI to make this image…
Humanity really is a lost cause
- Comment on Linkwarden v2.12 - open-source collaborative bookmark manager to collect, read, annotate, and fully preserve what matters (tons of new features!) 🚀 5 weeks ago:
Fair enough! I toyed with the idea of doing it that way because the systemd component would just reference a single yaml file for each service, which feels portable. That said though, my quadlets as they are are pretty portable too. Thanks for sharing!
- Comment on Linkwarden v2.12 - open-source collaborative bookmark manager to collect, read, annotate, and fully preserve what matters (tons of new features!) 🚀 5 weeks ago:
Just curious why you chose a kube quadlet instead of the typical podman container quadlets?
- Comment on #FGLAE 1 month ago:
Slime mold is so god damn cool man
- Comment on Why are anime catgirls blocking my access to the Linux kernel? 1 month ago:
That’s because they just terminate TLS at their end. Your DNS record is “poisoned” by the orange cloud and their infrastructure answers for you. They happen to have a trusted root CA so they just present one of their own certificates with a SAN that matches your domain and your browser trusts it. Bingo, TLS termination at CF servers. They have it in cleartext then and just re-encrypt it with your origin server if you enforce TLS, but at that point it’s meaningless.
- Comment on Systemd Service Hardening 1 month ago:
That’s a super valid question, as it seems sometimes that some of these things are configured in a way that begs the question “why?” As far as contributing to documentation, that’s a moot point. This is already in the man pages, and that’s exactly what I referenced in writing this post, in addition to some empirical testing of course. As far as implementation goes, I think that probably lies at a per distribution level, where not one size fits all. Although I don’t know of it off the top of my head, I’m sure there’s a security centric distro out there that implements more of these sandboxing options by default.
- Comment on Systemd Service Hardening 1 month ago:
Excellent! There’s certainly a lot to unpack, but being able to twist all these little knobs is part of the beauty of Linux.
- Comment on Systemd Service Hardening 1 month ago:
Hey, much appreciated!
- Submitted 1 month ago to selfhosted@lemmy.world | 6 comments
- Comment on Self-host Meshtastic Metrics in Grafana 2 months ago:
The primary thing is rather than “dumb” flood routing, you can choose the path your message takes to its destination; as a repeater operator you can also choose the path it takes to repeat out. Its a slight compensation to people carelessly placing infrastructure nodes with poor configurations in poor places. Not perfect, but better. Adoption is much, much lower though, and the licensing is not copyleft.
- Comment on Self-host Meshtastic Metrics in Grafana 2 months ago:
Meshcore does address some of the biggest shortfalls of Meshtastic, but I absolutely HATE that they’re positioned to either rugpull, or setup a perpetual “freemium” model. It’s also not interoperable, so if Meshcore is to work, it needs the numbers like Meshtastic has.
- Comment on Self-host Meshtastic Metrics in Grafana 2 months ago:
Yeah, so far the most prevalent thing around my area has been “it’s a hobby for the sake of being a hobby.” No one does anything terribly useful or important with it. I can tell you that I would certainly never rely on it as a form of emergency communication.
- Submitted 2 months ago to selfhosted@lemmy.world | 8 comments
- Comment on Just.....why? 2 months ago:
It’s not about user-led synergy. The personal data market is slurped up by those that already have and are building correlations. Just because a user didn’t report anything to their insurer doesn’t mean an insurer sure as shit isn’t going to want the data if they can link it to the user whatsoever, so long as it will make them more money.
This is hypothetical, of course, but it’s the way the market of data brokers works.
- Comment on Just.....why? 2 months ago:
You joke, but I guarantee there’s a market. Consider health insurance companies that see an opportunity to charge everyone more unless they can prove their good brushing habits via app data.
- Comment on Monitoring network devices 3 months ago:
Love me some graylog
- Comment on Monitoring network devices 3 months ago:
LibreNMS, which is a modern fork of observium.
- Comment on Monitor your AREDN Node with Prometheus and Grafana 3 months ago:
Yes! Qsl cards are very much still alive and well. Some traditions will never die. The special event stations are fun to get cards from.
Super cool anecdote on the telescope thing, I’ve never heard of that.
I hope you get back on the radio, it’s a great hobby. It’s a nice stress relief outlet for me these days too.
- Comment on Monitor your AREDN Node with Prometheus and Grafana 3 months ago:
Love to hear things like that! When I first got licensed the solar cycle was utter trash. We’re past the peak now, but band conditions are still pretty good generally. A few watts and a wire will still get you somewhere with CW and some other forward error corrected modes (like FT8). I have a lot of fun with the digital stuff like AREDN, but it’s definitely a different ball game and the old school SSB-based radio still has its place in my heart.
- Comment on Monitor your AREDN Node with Prometheus and Grafana 3 months ago:
False positive what? I didn’t give any specific examples of alerts, just simply monitoring metrics. Are you referring to the note on the Dnsmasq memory leak?
- Comment on Monitor your AREDN Node with Prometheus and Grafana 3 months ago:
For any hams here, maybe this blog post will be up your alley. 73!
- Submitted 3 months ago to selfhosted@lemmy.world | 7 comments
- Comment on Xitter Pause Encrypted DMs. 4 months ago:
They misspelled “backdoors.”
- Submitted 4 months ago to selfhosted@lemmy.world | 0 comments
- Submitted 4 months ago to selfhosted@lemmy.world | 0 comments
- Comment on Monitor Your Network the GPL Way with LibreNMS 4 months ago:
Hey good for you, that’s awesome! My home network is also dual stacked.
You’re right about the apples to oranges comparison, but it’s not so wildly off, because the commentary is on adoption of new standards, regardless of bolt-on “fixes.” Unauthenticated SNMP went through three revisions prior to adding authentication and encryption support.
- Comment on Monitor Your Network the GPL Way with LibreNMS 4 months ago:
And IPv6 was codified in RFCs and first addresses issued in 1999 but look where we are now. I’d bet your corporate network doesn’t use IPv6 still. It’s unfortunate, but sometimes the wheels of change are slow.