markstos
@markstos@lemmy.world
- Comment on How do you secure your home lab? Like, physically? From thieves? 5 days ago:
I haven’t heard of that happening much outside of law enforcement raid.
Laptops, yeah. But stories of homes being broken into to steal servers?
- Comment on How do you secure your home lab? Like, physically? From thieves? 5 days ago:
When was the last time you saw a headline: “Thieves steal home lab”?
- Comment on Is there a self-hosted project that does base64 url decoding in a privacy respecting fashion? 2 weeks ago:
The encoding format of URLs is URL encoding, also known as percent-encoding. Content in the URL may be first encoding in some other format, like JSON or base64, and then encoded additionally using percent-encoding.
While there is a standard way to decode percent-encoding, websites are free to use base64 or JSON in URLs however they wish, so there’s not a one-size-fits-all way to decode them all. For example, the “/” character is valid in both percent-encoding and base64-encoding, so to know if it’s part of a base64-encoded blob or not, you might end up trying decoding several parts of the URL as base64 and checking if the result looks like URL-- essentially brute force.
A smarter way to do this might be to maintain a mapping between your favorite sites that you want to decode and what methods they use to encode links. Then a tool could efficiently directly decode the URLs embedded in these click trackers.
- Comment on Have you tried self-hosting your own email recently? 2 weeks ago:
Lol. After professionally hosting email for 15 years I’m happy to let someone else handle it now.
About 90% of incoming mail will be spam and it will be your job to make sure you are doing good job of classifying it so you don’t get junk in your inbox and don’t lose real mail in the spam folder.
Then for outgoing mail you need to make sure SPF, DKIM and DMARC are all in order.
Then there is all the usual stuff of security updates, backups, monitoring, alerting, logging and having a plan for internet outages.
Yes, it’s all doable but I won’t expect it be “set and forget”. I expect there will be quite a bit of tuning with some possible spam and delivery problems while you get kinks worked out.
- Comment on Yes, you can store data on a bird — enthusiast converts PNG to bird-shaped waveform, teaches young starling to recall file at up to 2MB/s 4 weeks ago:
Ducks? That’s quackery.
- Comment on Microsoft Word documents will be saved to the cloud automatically on Windows going forward 5 weeks ago:
Microsoft is recognizing that their biggest threat to MS Word is Google Docs, a product they underestimated in the beginning as being a serious choice for word processing.
Saving in the cloud means automatic backups and access from all your devices. Increasingly, people are willing to choose that over the real privacy benefits of local storage.
- Comment on Migrated my Docker Compose homelab to OpenTofu 1 month ago:
I posted part of it here: forum.ghost.org/t/…/2
- Comment on Migrated my Docker Compose homelab to OpenTofu 2 months ago:
I also use Ansible. Using Podman’s “quadlet” adapter, the containers run as systemd services.
- Comment on introducing copyparty, the FOSS file server 2 months ago:
Congrats on the cat box cleaning!
- Comment on New Executive Order:AI must agree on the Administration views on Sex,Race, cant mention what they deem to be Critical Race Theory,Unconscious Bias,Intersectionality,Systemic Racism or "Transgenderism 2 months ago:
As stated in the Executive Order, this order applies only to federal agencies, which the President controls.
It is not a general US law, which are created by Congress.
- Comment on Authentik vs Authelia? 2 months ago:
There’s also Zitadel: zitadel.com
- Comment on Got my first script kiddy 2 months ago:
Also, all spam messages.
- Comment on [deleted] 2 months ago:
As long you give them a good life before you murder them and eat them, that changes everything.
- Comment on [deleted] 2 months ago:
The same way that pigs are food and dogs are not. Cognitive dissonance.
- Comment on Simple Blog options? 3 months ago:
Simple means different things to different people.
I self-host Ghost and find it pleasant to use and low maintenance. It is a single Docker container plus MySQL. I recommend a reverse proxy in front of it like Nginx. There are importers from many other blog formats.
- Comment on Would alcohol be as popular if it weren't a beverage? 3 months ago:
Snorting tea, coffee and broccoli would be less popular too.
- Comment on $1.5 Billion AI Company That Reportedly Used No Actual AI Goes Belly Up 4 months ago:
Years ago there was a voice to text transcription service sold as automated that worked by people listening to your voicemails and typing them out.
- Comment on Alternatives to MZLA Pocket? 4 months ago:
For bookmarking: raindrop.io
But it’s not self-hosted and I’m not sure it supports offline reading.
- Comment on Your favorite "one click" self hosted open source app installer/server manager? 5 months ago:
It isn’t hard when every works perfectly but there is a tremendous amount of complexity in some of these apps and a huge range of quality, documentation and required env vars and mounts.
And so, so many ways for things to break.
- Comment on Suggestion request: Self-hosted app for shared directories like google drive 5 months ago:
You still have manage upgrades due security vulns in all the features you are ignoring.
- Comment on Selfhosting static site behind two routers? 5 months ago:
Yes. DMZ on router 1 exposes router 2 IP to internet.
- Comment on Hosting files on the LAN to trusted folks at a LAN party -- FTP? 5 months ago:
By the life of the party by bringing crossover cable, allowing you run ethernet directly from one laptop to the other for some intimate social networking. Keeps the LAN uncongested for everyone else.
Nice ethernet hardware will detect if you cable is not a crossover cable in this situation and reverse the pin mappings for you.
- Comment on Hosting files on the LAN to trusted folks at a LAN party -- FTP? 5 months ago:
It’s all fun and games until someone brings a USB 2.0 thumb drive.
The file could transferred over the LAN and the network de-saturated faster the file could be copied off a USB 2 drive.
- Comment on In Indiana, Putting Up Solar Panels Is Doing God’s Work 5 months ago:
Solar panels are popular with progressive Indiana churches too, who don’t mind saying they help address climate change.
In either case, a reality is that churches are a big buildings with big power needs, and the panels can pay for themselves over their life.
And if the panels get fully or partially funded by donations, that ROI can come much sooner.
- Comment on In Indiana, Putting Up Solar Panels Is Doing God’s Work 5 months ago:
I helped my Indiana church get 304 solar panels installed. It was the most panels for a church in the state at the time.
They save about $500/month in electricity.
- Comment on MAZANOKE v1.1.0: Self-hosted local image optimizer in your browser — now supports HEIC, clipboard paste, and more 5 months ago:
No, this is all happening in the browser, there are no other image manipulation tools being called.
- Comment on MAZANOKE v1.1.0: Self-hosted local image optimizer in your browser — now supports HEIC, clipboard paste, and more 5 months ago:
I just tested the new release. Consider defaulting PNGs to convert to JPEGs unless they have a PNG-specific feature like transparency. Lots of screenshots are initially PNGs, but not because they need any PNG-specific features. Consider: In a test screenshot, it compressed 3.4% with the default 80% setting and PNG->PNG, but for PNG->JPG, it compressed 84.6%. Image
- Comment on Postiz v1.39.2 - Open-source social media scheduling tool, Introducing MCP. 5 months ago:
MCP sounds like a standardized way for AI clients to connect to data sources, the Model Context Protocol.
www.anthropic.com/news/model-context-protocol
It sounds like it may compete some with Google’s A2A protocol, which is for AI agent to agent communication.
Both share the same goal of making services easier for AI to consume.
- Comment on How to harden against SSH brute-forcing? 5 months ago:
Do you have a source to cite for the literal 99%?
- Comment on How to harden against SSH brute-forcing? 5 months ago:
The top-rated answer to this question on the Security StackExhange is “not really”. …stackexchange.com/…/does-it-improve-security-to-…
On Serverfault, the top answer is that random SSH ports provide “no serious defense” serverfault.com/…/does-changing-default-port-numb…
Or the answer here, highlight that scanners check a whole range ports and all the pitfalls of changing the port. Concluding: “Often times it is simply easier to just configure your firewall to only allow access to 22 from specific hosts, as opposed to the whole Internet.” …stackexchange.com/…/should-i-change-the-default-…