Darkassassin07

@Darkassassin07@lemmy.ca

This is a remote user, information on this page may be incomplete. View at Source ↗

🇨🇦

⁨Comment⁩ on ⁨Research team uses the human body to power wearables — addresses major obstacle of conventional batteries⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Just like it was yesterday: this article is garbage. Toms didn’t even read the paper they’re incorrectly ‘quoting’.
⁨Comment⁩ on ⁨Microsoft is struggling to get Windows Recall out the door — delays releasing first public preview.⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Somemore reading, for those following along:

notebookcheck.net/Removing-Windows-Recall-breaks-… (Oct 11th)
⁨Comment⁩ on ⁨Microsoft is struggling to get Windows Recall out the door — delays releasing first public preview.⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
This was their stance 2 months ago:

windowscentral.com/…/turns-out-you-wont-be-able-t…

I don’t think that would have changed if not for the backlash Microsoft has received for it.

Now, supposedly it’s optional and off by default, but that could change again anytime…
⁨Comment⁩ on ⁨Store (and access) old emails⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
If you selfhost paperless-ngx, there are option to add email accounts and regularly import emails+their attachments like any other document. You can then have it delete imported mail from the mail server, or just move/mark it so you can deal with that manually.

It doesn’t currently support OAuth2 for providers like Microsoft, so you’ve gotta use App Passwords with Gmail for now, but there is a fix in the pipeline to add OAuth2 support soon. (there’s also other methods you can use to get that part working right now)
⁨Comment⁩ on ⁨Jellyfin 10.10.0 | Jellyfin⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
The web/browser app really really sucks on console and JF doesn’t have clients for consoles :/

It’s one of the biggest things keeping me away. Xbone is my primary streaming device, and several of my users use xbone as well.
⁨Comment⁩ on ⁨Syncthing Android app discontinued⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

Plus Foldersync is way harder on battery, I’ve experimented a lot.

This is very configuration dependant. With an aggressive schedule checking a large number of files, it certainly can use a lot of battery; but I’ve had it setup to sync my entire device to my server a couple times a day, while also monitoring/syncing images immediately on creation/change. It doesn’t even register on androids battery usage monitor as it uses so little power.

Image
⁨Comment⁩ on ⁨Syncthing Android app discontinued⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I’ve always just used Folder Sync + an ssh server, if people are looking for alternatives.
⁨Comment⁩ on ⁨The most accurate description ever⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Ray Jessel on Americas Got Talent 2014

She’s got that style, She’s got that smile, She’s got the walk, She’s got the talk, She’s got that zing, There’s just one thing…

She’s got a Penis.
⁨Comment⁩ on ⁨US urges Israel to stop shooting at UN peacekeepers in Lebanon⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
“stop shooting the UN peacekeepers” says the US soldier that’s hand reloading an Israeli soldiers magazine, slipping it into the gun that Israeli is actively aiming, and lovingly brushing the dust of his shoulders…
⁨Comment⁩ on ⁨What’s the easiest way to pull ~30mA from a USB 3 port without getting a warning from Windows?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
For power delivery, ie requesting power outside the typical 5v 3a max; yes.

The charger sorting them together usually indicates to the device, it’s fixed at 5v 3a.

I think the device shorting them will indicate to the charger/port that you’re only requesting power @ 5v 3a max; but I haven’t died into the spec.

I’d give that a try and dig further if it doesn’t work.
⁨Comment⁩ on ⁨What’s the easiest way to pull ~30mA from a USB 3 port without getting a warning from Windows?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Do you get the same issue if you short the data lines? That’s usually the indication (to devices) that the port is for charging only; not sure how thats received in the reverse direction.
⁨Comment⁩ on ⁨Meta smart glasses can be used to dox anyone in seconds, study finds⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
The glasses are just a camera. Pretty much any camera can be used for this; Metas glasses are just a bit more discreet than pointing your phone at someone. Cameras are pretty ubiquitous and come in many many form factors.

The real news here:

reverse face search engines like PimEyes and Facecheck ID, as well as people search engines like FastPeopleSearch, CheckThem, and Instant Checkmate.

Can be used to dox people in seconds.
⁨Comment⁩ on ⁨Randomly getting ECH errors on self-hosted services.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
@bobslaede@feddit.dk I could kiss you. You’ve been invaluable my friend, thank you!

Just gave this a test: CNAME ombi.domain -> local.domain with cloudflares proxy re-enabled.

Now the HTTPS, A, and AAAA requests all receive the CNAME response and browsers are happy. I didn’t even have to modify ngnix to recognize local.domain like I thought I might.
⁨Comment⁩ on ⁨Randomly getting ECH errors on self-hosted services.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I think I’ve found the problem:

It seems my issue is pihole being unable to block/modify dns requests for HTTPS records, which don’t match the LAN IPs pihole handed out in A/AAAA records.

I’ve disabled cloudflare proxying so they don’t have HTTPS records to serve, but I’ll have to replace pihole with a better lan DNS solution if I want to turn that back on.
⁨Comment⁩ on ⁨Randomly getting ECH errors on self-hosted services.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Thanks. That seems to be a similar, but slightly different error. I think the below may apply though.

I believe I’ve tracked down more of my issue, but fixing it is going to be a hassle:

When cloudflare proxying is enabled, there are 3 DNS records involved; A record with cloudflares ipv4, AAAA record with cloudflares IPV6, and the key to this puzzle: an HTTPS record with cloudflares ech/https config.

With pihole I can set DNS records for A/AAAA, but I have no way of blocking/setting the HTTPS record so it gets through from cloudflare.

The A/AAAA records don’t match the HTTPS record, so browsers freak out.

Once I disabled cloudflares proxying, I no longer get HTTPS records returned and all works as intended.

I’ll either have to keep cloudflare proxying disabled, or switch pihole out for a more comprehensive DNS solution so I can set/block HTTPS records :(
⁨Comment⁩ on ⁨Randomly getting ECH errors on self-hosted services.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
That unfortunately did not work. I am only getting the ipv4 address now, but I still get the same ECH error in chrome 1/5 tries.

Firefox now changed errors from ‘invalid certificate’ to ‘connection is insecure but this site has HSTS’. Still wont show the cert or provide any further info. (forgot to grab a screenshot before the below ‘solution’)

I’m really annoyed at this point and have just disabled cloudflare proxying for this service. That seems to have sorted it for all browsers. I may look further later, I may just say fuck it and leave it like this. Gotta walk away for a bit.
⁨Comment⁩ on ⁨Randomly getting ECH errors on self-hosted services.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I’ll look into that next if what I’ve done doesn’t work. (see other comments)
⁨Comment⁩ on ⁨Randomly getting ECH errors on self-hosted services.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Added an AAAA record to pihole:

ombi.mydomain.example 0000:0000::0000:0000

Now nslookup returns the correct ipv4 address, and ‘::’ as the ipv6.

We’ll see if that works.
⁨Comment⁩ on ⁨Randomly getting ECH errors on self-hosted services.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Crap, looks like that’s exactly what it is.

Now how to fix that…
⁨Comment⁩ on ⁨Randomly getting ECH errors on self-hosted services.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I do have external acces to Ombi via cloudflare; but the device I’m seeing this problem on is permanently connected to a VPN hosted from the same server machine as ombi/nginx with ‘block all connections without VPN’ enabled. And this testing has been done from within the same LAN.

It should never see/reach cloudflare for this service.
Randomly getting ECH errors on self-hosted services.
Submitted ⁨⁨1⁩ ⁨month⁩ ago⁩ to ⁨selfhosted@lemmy.world⁩ | ⁨16⁩ ⁨comments⁩
⁨Comment⁩ on ⁨Is dockge abandoned?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
You’ve done enough, keeping it behind your routers firewall.

You could block LAN access and require a VPN connection to that specific machine if you really wanted more, but I’m not that concerned about it.
⁨Comment⁩ on ⁨Is dockge abandoned?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Yup. Point is; if you’re not depending on just its login page to keep it secure, there’s not a while lot needing ‘security updates’, so I wouldn’t be all that concerned about slow updates. As long as it remains bug free, I’m happy.
⁨Comment⁩ on ⁨Is dockge abandoned?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

And security patches

Something with the power of dockge should be behind a seprate form of authentication imo.

I only access it via VPN, it’s not exposed to WAN.
⁨Comment⁩ on ⁨Meta fined $102 million for storing passwords in plain text⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Considering how old Facebook is, you’d think they would have their shit together when it comes to password security…
⁨Comment⁩ on ⁨Best phone sync⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I tend to just use FolderSync myself. To avoid battery issues, I have a schedule for most folders; but my DCIM/Pictures folders sync immediately upon changes. I then have a widget on my homepage that triggers a ‘sync all’. Anytime I need files synced immediately, it’s easy enough to click that button.
⁨Comment⁩ on ⁨Smart TVs take snapshots of what you watch multiple times per second⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
1. it doesn’t necessarily take full resolution images
2. just because it can capture images a few hundred milliseconds apart doesn’t mean it’s continuously capturing images. It could be several in short bursts with a delay between groups of images.
⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
There’s quite a bit of info here:

…wikipedia.org/…/List_of_Internet_top-level_domai…

Some are entirely open, some have usage restrictions like .gov and .edu, some had restrictions but later removed them.
⁨Comment⁩ on ⁨Rockstar Games DDoSed Heavily By Players Protesting New AntiCheat Code⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
To be fair, they aren’t specifically targeting this data.

Rootkits give the software unrestricted access to all the data on the computer. You then trust that they don’t use that access for anything nefarious… Aswell as trusting there’s no bugs/vulnerabilities in that software that give a third party access to that data.
⁨Comment⁩ on ⁨Rockstar Games DDoSed Heavily By Players Protesting New AntiCheat Code⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
While I haven’t looked into this particular anti-cheat; they frequently prevent Linux users from playing altogether, ban users due to false positives, and sometimes even gain/require access to data entirely unrelated to gaming, such as your personal documents or even browser data (cookies, history, passwords/tokens, etc) as many of them contain Rootkits