thelittleblackbird

@thelittleblackbird@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨I2P container⁩ ⁨⁨18⁩ ⁨hours⁩ ago⁩:
OK, I’ll take a look
⁨Comment⁩ on ⁨I2P container⁩ ⁨⁨19⁩ ⁨hours⁩ ago⁩:
Should I give it a try?
⁨Comment⁩ on ⁨My Proxmox had amnesia after a power loss..⁩ ⁨⁨19⁩ ⁨hours⁩ ago⁩:
I’ve seen things… Near the gate of Tannhäuser, things you little people wouldn’t believe.

And I am not joking…
⁨Comment⁩ on ⁨I2P container⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
How is the i2p doing?

Last time I checked (several years ago) it was slow, non performing and scarce in results.

And my lack of knowledge didn’t help at all :)
⁨Comment⁩ on ⁨My Proxmox had amnesia after a power loss..⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
By any chance… Your proxmox is not close to any source of big electromagnetic fields, right?

Close to big Transformator or electric motors, right?
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Ummm, you could be right and then I misunderstood the thread in the forum
⁨Comment⁩ on ⁨Anyone running Sandstorm?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
OK, it is clearer now, thanks
⁨Comment⁩ on ⁨Anyone running Sandstorm?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
If I get it correctly, this is a kind of kasm but only for the local user, right?
⁨Comment⁩ on ⁨emergency remote access⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Yep, at least for their own internal mistake. I rebooted them a few times in that time because updates and important config updates. Even for power outages (2 iirc) they are resilient, they are set to automatic boot up when the power is back.
⁨Comment⁩ on ⁨emergency remote access⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
It didn’t happen in more than 5 years…

For critical equipment you need to spend the extra dollar to minimize this kind of stuff
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
If they don’t have a team, they don’t regularly look, if they dont look, they don’t report, if they don’t report your analysis maybe biased because you can only check about what you know…

I hope you can see my point
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Here …jellyfin.org/t-protection-against-everything
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
???

This is not about enshitification. The best user friendly app can be a security nightmare and an utterly crap can be rock solid.

It is not about that, not even development models or just rock star programmers.

It is about who has a performing security team and who doesn’t.
⁨Comment⁩ on ⁨Data Backup Solutions⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I see, well if borg really ticks all checkbox es and you know how to use it I would explore any further.

Sincerely, borgbackup is really a top solution with a lot of nice features
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Well, when I was talking about not techie people I didn’t mean technology analphabets, everybody can open a port in your consumer router with the help of chatgpt, not everybodies is able to realizes they need a reverse proxy with tls and modify the headers for the Auth…

Being secure in internet is like the herd inmunity for corona times, your system could be fairly secure, but if you are hammered with several bot nets it is going to be a challenge, and there is responsabiity is shipping a product that is easy to be infected.

And your third paragraph really confirms why this post is necessary
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Jellyfinn has a nice record of problems during the authentication and escalating privileges, even the developer team recommends to use it behind a vpn and don’t expose it to internet.

If course, you can use a reverse proxy with and external Auth framework to mitigate it, pair it with fail2ban, geo restrictions and a second factor, but those things are not in the scope of the regular user.

Let’s face reality, plex is not such widespread for being the default option in kali Linux…
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Sometimes your data is not important but your computer, nobody wants to be in a netbot.

Well, perhaps plex is not better in security (we don’t know for sure) but at least they have a cyber team, a monitoring system and in every bodies hope, dedicated developers for these topics.

Jellyfinn dies not hve a team like this one per se. Could the developers be better fit and knowledged in jellyfinn than plex? Perhaps, but probably the focus is in the features and not in the security
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
But they are responsible for the unsecured / gruyere cheese product they ship.

Jellyfinn has a lot of holes and it is easy to deploy it in a insecure way by not techie people. Last time I checked they even didn’t have a recommended practices for hardening it
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Good to read you know how to implement some protection layers around your jellyfinn :)

But most of the people (specially the plex ones) don’t have the technical background to deploy something like you have, and convince those people to do the switch without knowing how to protect themselves is not a wise thing to do. Specially when this time, plex response was perfectly fine :)
⁨Comment⁩ on ⁨Plex got hacked.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Y hope you know how to harden jellyfinn, because they are not better than plex team…
⁨Comment⁩ on ⁨Data Backup Solutions⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
If you have already borg, why don’t use it?
⁨Comment⁩ on ⁨How did it come to be that only two companies supply all of the world's PC graphics chips?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Yep, sorry, my mistake, I confused you with another user
⁨Comment⁩ on ⁨How did it come to be that only two companies supply all of the world's PC graphics chips?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
AMD are not better than Nvidia -> sure I prefer Nvidia than AMD for everything -> perfect, it is your opinion and a respetable one With AMD you can not do AAA gaming, ML or just transcoding -> a lie, simply, nothing more to add And I will ignore the sentence about AMD not being a serious company because it is too absurd to discuss

I hope this time you can get the point
⁨Comment⁩ on ⁨How did it come to be that only two companies supply all of the world's PC graphics chips?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
AMD gpus are inside in Xbox and ps5, without taking into account the handhelds like steam deck.

For the ML is usually better to use amd cards because they use to have more vram, and many many models can be trained using amd.

And about the transcoding comment I will bother myself ait it.

In summary, tells me you don’t have any clue without telling me you don’t have any clue
⁨Comment⁩ on ⁨How did it come to be that only two companies supply all of the world's PC graphics chips?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Sorry, I needed to vote negatively your comment due to the false information. Nothing personal, just keeping the house clean
⁨Comment⁩ on ⁨Three years of building no-code software for political organizations⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Interesting article, thanks for sharing
⁨Comment⁩ on ⁨China’s Use of Fossil Fuels Is Falling While Power Demand Is Surging⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
I really hope you are right.

Some days ago (and I cannot find the link now) I read an article from one of the ipccc saying that what we are seeing right now was expected in the 2035 to 2050 time frame for the 2°C increase.

So, It would mean that the 2° opportunity Window is over and now the realistic goal is 3.5° with the current development for the 2050 time frame.

It is not necessary to say that the 3.5 scenario is the worst with severe impact on the full planet and almost every ecosystem will be under very high pressure (if they are not now)

So, one again, I hope my despair is unjustified, but I will need a burning nail to grab with both hands
⁨Comment⁩ on ⁨China’s Use of Fossil Fuels Is Falling While Power Demand Is Surging⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Finally some good news.

I hope it is not too late
⁨Comment⁩ on ⁨Need help for setting up a VPN project⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
I don’t have time now so I will sketch the solution

You need a proxy server in your vps that will redirect the traffic to your home. Caddy is usually recommended here and I am planning to migrate to it (current is nginx)

For your dns you need something is called zone name resolution, it will resolve different ip depending where the request came from

Good luck
⁨Comment⁩ on ⁨IPv6 & Opnsense & Not Exposing Machine-Specific IPv6s to Corpos⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Hi,

Welcome to the ipv6 fantastic hell and it’s sequel about dual stack and 6to4 and 4to6 half cooked solutions.

First of all, I would not care a lot the ip addresses, not even google can extract a lot of info from the ip and ipv6 will cycle the subnet work part (via your isp) making tracking extremely difficult. On to of that you can select your dhcp6 daemon to give an address validity as low as minutes (but not practical), 24h validity should be enough. 1h validity only in severe paranoia mode.

It is important to make sure that your lan track the Wan interface for correctly updating the prefix renewal.

Try not to make a nat for ipv6 but firewall most of the stuff you don’t like, ipv6 comes wit great advantages that will dissappear if you nat the connections. And a tip, there are a lot of ipv6 icmp messages that shouldn’t be blocked in your firewall because it really improves your performance. If you nat it they will be out.