rtxn
@rtxn@lemmy.world
I take my shitposts very seriously.
- Comment on Why are anime catgirls blocking my access to the Linux kernel? 4 days ago:
New developments: just a few hours before I post this comment, The Register posted an article about AI crawler traffic. www.theregister.com/2025/…/ai_crawler_traffic/
Anubis’ developer was interviewed and they posted the responses on their website: xeiaso.net/notes/2025/el-reg-responses/
In particular:
Fastly’s claims that 80% of bot traffic is now AI crawlers
In some cases for open source projects, we’ve seen upwards of 95% of traffic being AI crawlers. For one, deploying Anubis almost instantly caused server load to crater by so much that it made them think they accidentally took their site offline. One of my customers had their power bills drop by a significant fraction after deploying Anubis. It’s nuts.
So, yeah. If we believe Xe, OOP’s article is complete hogwash.
- Comment on Why are anime catgirls blocking my access to the Linux kernel? 4 days ago:
That’s why the developer is working on a better detection mechanism. xeiaso.net/…/avoiding-becoming-peg-dependency/
- Comment on Why are anime catgirls blocking my access to the Linux kernel? 5 days ago:
The developer is working on upgrades and better tools. xeiaso.net/…/avoiding-becoming-peg-dependency/
- Comment on Why are anime catgirls blocking my access to the Linux kernel? 5 days ago:
The current version of Anubis was made as a quick “good enough” solution to an emergency. The article is very enthusiastic about explaining why it shouldn’t work, but completely glosses over the fact that it has worked, at least to an extent where deploying it and maybe inconveniencing some users is preferable to having the entire web server choked out by a flood of scraper requests.
- Comment on [deleted] 5 days ago:
You can go with Debian (or Devuan), easily. My home server is running Proxmox (Debian-based itself) and multiple Debian containers on an i3-4150 and previously 4GB RAM (now mis-matched 10GB).
- Comment on Securing a 'public' service for family 1 week ago:
Bro is also concerned about attacks on exposed well-known ports, in which case bro can use Tailscale Funnel to expose a service without exposing a port. Besides, bro can make up bro’s own mind.
- Comment on Securing a 'public' service for family 1 week ago:
Consider Tailscale. It’s a mesh VPN based on Wireguard that uses a hosted service to manage keys and devices. It works without having to expose any ports on the firewall, and can expose a service through a relay server.
Some people will say that you shouldn’t trust it because company bad, but you should give it a try and make up your own mind. If you’re feeling adventurous, you can install Headscale on a VPS to serve as a control server.
- Comment on Is this mail something I should be concerned about? 1 week ago:
I can’t believe it. The incident has actually been reported!
I don't use Caddy, but it seems like it tried to generate and write a TLS certificate into `/usr/local`, but didn't have the necessary permissions. Is Caddy running in a container?
- Comment on Turn linux server into a router? 2 weeks ago:
Do not do that. You need to set up VLANs and proper separation between them on both the switch and the router, assuming the switch even supports tagged trunk lines. If you don’t, you’re just connecting all of your clients to the unfiltered internet.
- Comment on Turn linux server into a router? 2 weeks ago:
Yes, that will be enough. You can also use a single port on the NIC and the one on the motherboard if it can handle the ethernet speed you want.
This is my network setup on Proxmox: Image
vmbr0
is a bridge that has a single port going to the modem. The OPNSense VM’s first virtual interface is connected to this and configured as a WAN interface. Nothing else connects to this bridge as it is exposed to the internet.vmbr1
also has a single port that goes to the physical switch. OPNSense’s second interface connects to it as a LAN port, as well as every other VM and container running on the server. - Comment on Turn linux server into a router? 2 weeks ago:
You can use OPNSense inside a virtual machine. You can use QEMU or install the Proxmox toolkit over Debian to manage it.
You’ll have to create a bridge network for the WAN and the LAN interface, connect them to the VM, then configure the virtual interfaces inside OPNSense.
- Comment on More adventures in self-hosting the fediverse 2 weeks ago:
Please share those options, don’t keep them secret.
- Comment on Your favourite piece of selfhosting - Part 1 - Operating System 2 weeks ago:
PVE running on a pile of e-waste. Most of the parts are leftovers from my parents’ old PC that couldn’t handle Win10. Proxmox loves it. Even the 10GB mis-matched DDR3 memory. The only full VM is OPNSense (formerly pfSense), everything else runs inside Debian containers. It only struggles when Jellyfin has to transcode something because I don’t have a spare GPU.
- Comment on Your favourite piece of selfhosting - Part 1 - Operating System 2 weeks ago:
+1 for OMV. I use it at work all the time to serve Clonezilla images through an SMB share. It’s extremely reliable.
My first choice for that role was TrueNAS, but at the time I had to use an old-ass Dell server that only had hardware RAID, and TrueNAS couldn’t use ZFS with it.
- Comment on Selfhosted - friendly ways to fight spam without email / sms verification? 3 weeks ago:
Still don’t understand why they cut the fleeb.
- Comment on Simplifying Crypto Parties 4 weeks ago:
I don’t think you fully comprehend just how many footprints people leave behind on the internet. Users would have to practice perfect opsec – and I mean completely, absolutely perfect. One mistake, like using an e-mail address or an alias off-site, will link a person to the account. It’s happened before.
Thinking you can solve the issue of privacy with a single idea is simply delusional.
- Comment on Simplifying Crypto Parties 4 weeks ago:
Have you heard of surveillance cameras and facial recognition? If a hostile actor knows in advance that members of a targeted online community will be physically present at a location at a given time, those people will be linked to the community. It doesn’t take a lot from then to link specific persons to accounts.
- Comment on Noob Tailscale questions 5 weeks ago:
Something’s not right. There shouldn’t be a
deck-tailscale.sh
file. There’s supposed to be a directory nameddeck-tailscale
and atailscale.sh
and some other files inside it.Here’s what you do. First, open a terminal like Konsole. Then run these commands:
git clone https://github.com/tailscale-dev/deck-tailscale cd deck-tailscale sudo bash tailscale.sh
- Comment on Noob Tailscale questions 5 weeks ago:
You should see “Getting version…” right after running the script. Did you
cd
into the directory where the repository was cloned? - Comment on Noob Tailscale questions 5 weeks ago:
Program no worky will not be enough if you want help. What is the exact output when you try to run
tailscale.sh
? - Comment on Noob Tailscale questions 5 weeks ago:
The problem is that your phone’s hotspot network doesn’t advertise routes through the Tailscale tunnel. I don’t know how/if it can be done.
Try this guide on the deck: github.com/tailscale-dev/deck-tailscale
- Comment on What are your VPN recommendations for accessing self-hosted applications from the outside? 5 weeks ago:
Managing Wireguard is just one of Tailscale’s features.
It uses some UDP black magic fuckery to get through NAT and firewalls without having to open ports. Very useful if you’re behind CGNAT and/or your ISP is a dickhead and locks down the firewall on your router (this is why I use it; eat a dick, Vodafone). If the UDP fuckery is not available, it reverts to simple relay servers. The client can also advertise subnets and route to hosts on it. You could install the Tailscale client on OPNSense/pfSense/OpenWRT and access your entire home network through that one device.
- Comment on What are your VPN recommendations for accessing self-hosted applications from the outside? 5 weeks ago:
And why, pray tell, do you need Mullvad to do it? I want to know why you think that.
- Comment on Anubis is awesome! Stopping (AI)crawlbots 1 month ago:
I’ve made that exact comparison before. TLS uses encryption; ransomware also uses encryption; by their logic, serving web content through HTTPS with no way to bypass it is a form of malware. The same goes for injecting their donation banner using an iframe.
- Comment on Anubis is awesome! Stopping (AI)crawlbots 1 month ago:
But don’t you know that Anubis is MALWARE?
…according to some of the clowns at the FSF, which is definitely one of the opinions to have. www.fsf.org/…/our-small-team-vs-millions-of-bots
- Comment on Is there a last resort, whistleblowing like app that requires a password on a timer? 1 month ago:
My immediate thought is a cron job that tests the user account’s last login time and fires a script if it is exceeded.
- Comment on VERY simple web-based reliable file browser/hosting 1 month ago:
You can use basically any HTTP server to achieve that, like Apache or Nginx. If the directory (specified by the path in the URL) doesn’t contain a file that matches the default file in the config (index.html and such), the server will list the directory contents instead.
- Comment on PewDiePie: I'm DONE with Google 1 month ago:
Extrapolate from the context. I’m tired of explaining obvious things.
- Comment on PewDiePie: I'm DONE with Google 1 month ago:
The discourse goes to the same fucking place every time Felix is mentioned. People don’t deserve the benefit of doubt.
- Comment on PewDiePie: I'm DONE with Google 1 month ago:
I seriously doubt that anyone who asks that question doesn’t already have a foregone conclusion, but fine, I’ll indulge you.
Probably not. If he was, and had been hiding it his entire life, even in the era when he was the youtube star and had zero restraint, why would he slip up those few times, and especially such highly public ways?
He did and said some shit in his early 20s, and he deserved the criticism at the time, but those incidents weren’t repeated and weren’t part of a pattern. He wasn’t the paragon of virtue and maturity, but I’m willing to bet my left nut that neither are the people who are lining up to crucify him.