rtxn

@rtxn@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

I take my shitposts very seriously.

⁨Comment⁩ on ⁨Why are anime catgirls blocking my access to the Linux kernel?⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
New developments: just a few hours before I post this comment, The Register posted an article about AI crawler traffic. www.theregister.com/2025/…/ai_crawler_traffic/

Anubis’ developer was interviewed and they posted the responses on their website: xeiaso.net/notes/2025/el-reg-responses/

In particular:

Fastly’s claims that 80% of bot traffic is now AI crawlers

In some cases for open source projects, we’ve seen upwards of 95% of traffic being AI crawlers. For one, deploying Anubis almost instantly caused server load to crater by so much that it made them think they accidentally took their site offline. One of my customers had their power bills drop by a significant fraction after deploying Anubis. It’s nuts.

So, yeah. If we believe Xe, OOP’s article is complete hogwash.
⁨Comment⁩ on ⁨Why are anime catgirls blocking my access to the Linux kernel?⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
That’s why the developer is working on a better detection mechanism. xeiaso.net/…/avoiding-becoming-peg-dependency/
⁨Comment⁩ on ⁨Why are anime catgirls blocking my access to the Linux kernel?⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
The developer is working on upgrades and better tools. xeiaso.net/…/avoiding-becoming-peg-dependency/
⁨Comment⁩ on ⁨Why are anime catgirls blocking my access to the Linux kernel?⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
The current version of Anubis was made as a quick “good enough” solution to an emergency. The article is very enthusiastic about explaining why it shouldn’t work, but completely glosses over the fact that it has worked, at least to an extent where deploying it and maybe inconveniencing some users is preferable to having the entire web server choked out by a flood of scraper requests.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
You can go with Debian (or Devuan), easily. My home server is running Proxmox (Debian-based itself) and multiple Debian containers on an i3-4150 and previously 4GB RAM (now mis-matched 10GB).
⁨Comment⁩ on ⁨Securing a 'public' service for family⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Bro is also concerned about attacks on exposed well-known ports, in which case bro can use Tailscale Funnel to expose a service without exposing a port. Besides, bro can make up bro’s own mind.
⁨Comment⁩ on ⁨Securing a 'public' service for family⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Consider Tailscale. It’s a mesh VPN based on Wireguard that uses a hosted service to manage keys and devices. It works without having to expose any ports on the firewall, and can expose a service through a relay server.

Some people will say that you shouldn’t trust it because company bad, but you should give it a try and make up your own mind. If you’re feeling adventurous, you can install Headscale on a VPS to serve as a control server.

⁨Comment⁩ on ⁨Is this mail something I should be concerned about?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

I can’t believe it. The incident has actually been reported!


I don't use Caddy, but it seems like it tried to generate and write a TLS certificate into `/usr/local`, but didn't have the necessary permissions. Is Caddy running in a container?

⁨Comment⁩ on ⁨Turn linux server into a router?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Do not do that. You need to set up VLANs and proper separation between them on both the switch and the router, assuming the switch even supports tagged trunk lines. If you don’t, you’re just connecting all of your clients to the unfiltered internet.
⁨Comment⁩ on ⁨Turn linux server into a router?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Yes, that will be enough. You can also use a single port on the NIC and the one on the motherboard if it can handle the ethernet speed you want.

This is my network setup on Proxmox: Image

vmbr0 is a bridge that has a single port going to the modem. The OPNSense VM’s first virtual interface is connected to this and configured as a WAN interface. Nothing else connects to this bridge as it is exposed to the internet.

vmbr1 also has a single port that goes to the physical switch. OPNSense’s second interface connects to it as a LAN port, as well as every other VM and container running on the server.
⁨Comment⁩ on ⁨Turn linux server into a router?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
You can use OPNSense inside a virtual machine. You can use QEMU or install the Proxmox toolkit over Debian to manage it.

You’ll have to create a bridge network for the WAN and the LAN interface, connect them to the VM, then configure the virtual interfaces inside OPNSense.
⁨Comment⁩ on ⁨More adventures in self-hosting the fediverse⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Please share those options, don’t keep them secret.
⁨Comment⁩ on ⁨Your favourite piece of selfhosting - Part 1 - Operating System⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
PVE running on a pile of e-waste. Most of the parts are leftovers from my parents’ old PC that couldn’t handle Win10. Proxmox loves it. Even the 10GB mis-matched DDR3 memory. The only full VM is OPNSense (formerly pfSense), everything else runs inside Debian containers. It only struggles when Jellyfin has to transcode something because I don’t have a spare GPU.
⁨Comment⁩ on ⁨Your favourite piece of selfhosting - Part 1 - Operating System⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
+1 for OMV. I use it at work all the time to serve Clonezilla images through an SMB share. It’s extremely reliable.

My first choice for that role was TrueNAS, but at the time I had to use an old-ass Dell server that only had hardware RAID, and TrueNAS couldn’t use ZFS with it.
⁨Comment⁩ on ⁨Selfhosted - friendly ways to fight spam without email / sms verification?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Still don’t understand why they cut the fleeb.
⁨Comment⁩ on ⁨Simplifying Crypto Parties⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
I don’t think you fully comprehend just how many footprints people leave behind on the internet. Users would have to practice perfect opsec – and I mean completely, absolutely perfect. One mistake, like using an e-mail address or an alias off-site, will link a person to the account. It’s happened before.

Thinking you can solve the issue of privacy with a single idea is simply delusional.
⁨Comment⁩ on ⁨Simplifying Crypto Parties⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Have you heard of surveillance cameras and facial recognition? If a hostile actor knows in advance that members of a targeted online community will be physically present at a location at a given time, those people will be linked to the community. It doesn’t take a lot from then to link specific persons to accounts.
⁨Comment⁩ on ⁨Noob Tailscale questions⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Something’s not right. There shouldn’t be a deck-tailscale.sh file. There’s supposed to be a directory named deck-tailscale and a tailscale.sh and some other files inside it.

Here’s what you do. First, open a terminal like Konsole. Then run these commands:
```
git clone https://github.com/tailscale-dev/deck-tailscale
cd deck-tailscale
sudo bash tailscale.sh
```
⁨Comment⁩ on ⁨Noob Tailscale questions⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
You should see “Getting version…” right after running the script. Did you cd into the directory where the repository was cloned?
⁨Comment⁩ on ⁨Noob Tailscale questions⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Program no worky will not be enough if you want help. What is the exact output when you try to run tailscale.sh?
⁨Comment⁩ on ⁨Noob Tailscale questions⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
The problem is that your phone’s hotspot network doesn’t advertise routes through the Tailscale tunnel. I don’t know how/if it can be done.

Try this guide on the deck: github.com/tailscale-dev/deck-tailscale
⁨Comment⁩ on ⁨What are your VPN recommendations for accessing self-hosted applications from the outside?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Managing Wireguard is just one of Tailscale’s features.

It uses some UDP black magic fuckery to get through NAT and firewalls without having to open ports. Very useful if you’re behind CGNAT and/or your ISP is a dickhead and locks down the firewall on your router (this is why I use it; eat a dick, Vodafone). If the UDP fuckery is not available, it reverts to simple relay servers. The client can also advertise subnets and route to hosts on it. You could install the Tailscale client on OPNSense/pfSense/OpenWRT and access your entire home network through that one device.
⁨Comment⁩ on ⁨What are your VPN recommendations for accessing self-hosted applications from the outside?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
And why, pray tell, do you need Mullvad to do it? I want to know why you think that.
⁨Comment⁩ on ⁨Anubis is awesome! Stopping (AI)crawlbots⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I’ve made that exact comparison before. TLS uses encryption; ransomware also uses encryption; by their logic, serving web content through HTTPS with no way to bypass it is a form of malware. The same goes for injecting their donation banner using an iframe.
⁨Comment⁩ on ⁨Anubis is awesome! Stopping (AI)crawlbots⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
But don’t you know that Anubis is MALWARE?

…according to some of the clowns at the FSF, which is definitely one of the opinions to have. www.fsf.org/…/our-small-team-vs-millions-of-bots
⁨Comment⁩ on ⁨Is there a last resort, whistleblowing like app that requires a password on a timer?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
My immediate thought is a cron job that tests the user account’s last login time and fires a script if it is exceeded.
⁨Comment⁩ on ⁨VERY simple web-based reliable file browser/hosting⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
You can use basically any HTTP server to achieve that, like Apache or Nginx. If the directory (specified by the path in the URL) doesn’t contain a file that matches the default file in the config (index.html and such), the server will list the directory contents instead.
⁨Comment⁩ on ⁨PewDiePie: I'm DONE with Google⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Extrapolate from the context. I’m tired of explaining obvious things.
⁨Comment⁩ on ⁨PewDiePie: I'm DONE with Google⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
The discourse goes to the same fucking place every time Felix is mentioned. People don’t deserve the benefit of doubt.
⁨Comment⁩ on ⁨PewDiePie: I'm DONE with Google⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I seriously doubt that anyone who asks that question doesn’t already have a foregone conclusion, but fine, I’ll indulge you.

Probably not. If he was, and had been hiding it his entire life, even in the era when he was the youtube star and had zero restraint, why would he slip up those few times, and especially such highly public ways?

He did and said some shit in his early 20s, and he deserved the criticism at the time, but those incidents weren’t repeated and weren’t part of a pattern. He wasn’t the paragon of virtue and maturity, but I’m willing to bet my left nut that neither are the people who are lining up to crucify him.