elvith
@elvith@feddit.org
- Comment on Oracle hid serious data breach from customers, now hacker has it up for sale 1 day ago:
At least we’re constantly told to be ready to act to reroll secrets, etc and try to automate the change/deployment of changed passwords and such.
Depending on the system you’re working with, this may still be a PITA, but at least we do have plans for even the “problematic” systems and we have probably done this a few times. Although maybe not at this scale, tbh.
So, imagining I were tasked to do that for $hyperscaler in “my” systems… I feel some dread, as even if everything is automated ä, there’s always something that doesn’t go as planned - but at least I know what can be done in which way and which timeframe is realistic (and which parts will be the most sensitive). If you do not have plans, well… Good luck. You’ll need it.
- Comment on Oracle hid serious data breach from customers, now hacker has it up for sale 3 days ago:
Ok, who of you guys is working with Oracle Cloud and has not yet rerolled all API/Access Keys, passwords and so on? And what company do you happen work for? ^Just asking for a friend^
- Comment on GOG seems to be considering paid membership option 3 days ago:
I also got this survey and I had the same feeling. It felt more like a patron for their game preservation program with possible features like a members-only-community, interviews or documentation about the preserved games, their publishers/studios and the efforts to keep them running or some kind of loyalty rewards/discount coupons. Maybe even ‘special builds’ like ‘experience the OG version 1.0 of $game’.
There was one option, that I interpreted like ‘maybe we will put future compatibility updates after purchase (e.g. supporting Windows 12 or whatever) behind the membership’ - but that’s purely my interpretation of a single bullet point style line in that whole several page long survey
- Comment on Fascinating and efficient new lamp design 5 days ago:
Don’t worry, it’ll cum to your mind
- Comment on Now that is something that you didn't know 5 days ago:
May I press it?
FTFY
- Comment on The vast majority of "Remind Me"s notifications in Reddit will never be seen by users who set them. 5 days ago:
IIRC you can send a PM with a command to the remindme bot and it lists all future timers. Not sure whether past timers are included, though.
- Comment on How to configure UFW rules for podman 6 days ago:
I’m currently experimenting if I can convert my stack to rootless podman.
I found in my notes, that
A user-mode networking tool for unprivileged network namespaces must be installed on the machine in order for Podman to run in a rootless environment.
Podman supports two rootless networking tools: pasta (provided by passt) and slirp4netns.
Could this be your problem?
Taken from github.com/containers/…/rootless_tutorial.md
- Comment on Yeah i drive morse shift 1 week ago:
Yeah, I drive Horse shift
HorseDick.jpg
- Comment on Model UN is political D&D. 1 week ago:
Very verbose and communicative? Check
A constant stream of checks for skill in persuasion, deception, intimidation, perception, insight and investigation? Check
Rolling dices? Uhm… Maybe?
- Comment on Do I really need a firewall for my server? 1 week ago:
If done correctly, those may only be open from the internet, but not from the local network. While SSH may only be available from your local network - or maybe only by the fixed IP of your PC. Other services may only be reachable, when coming from the correct VLAN (assuming you did segment your home network). Maybe your server can only access the internet, but not to the home network, so that an attacker has a harder time spreading into your home network (note: that’s only really meaningful, if it’s not a software firewall on that same server…)
- Comment on Do I really need a firewall for my server? 1 week ago:
Instead of thinking with layers, you should use think of Swiss cheese. Each slice of cheese has some holes - think of weaknesses in the defense (or intentional holes as you need a way to connect to the target legitimately). Putting several slices back to back (in random order and orientation) means that the way to penetrate all layers is not a simple straight way, but that you need to work around each layer.
- Comment on AI Programming Assistant Tells User to Stop Being Lazy and Learn to Code 1 week ago:
- Comment on [Discussion] What would it take to selfhost some of the backend that Tesla's connect to? 1 week ago:
…But will it run DOOM?
- Comment on What if there really was a "pee tape"? 1 week ago:
Don’t forget to release the P-sides to every of your albums
- Comment on Brother accused of locking down third-party printer ink cartridges via forced firmware updates, removing older firmware versions from support portals 4 weeks ago:
Exactly what I meant with
LAN != internet
Most routers allow you to set child safety settings for devices to block them from accessing the internet in specific timeframes or completely. You can still access the local network from the affected device or access that device from your local network
- Comment on Brother accused of locking down third-party printer ink cartridges via forced firmware updates, removing older firmware versions from support portals 4 weeks ago:
Why? Does the printer need to be connected to the internet at all, if not for firmware upgrades? (Note: LAN != internet)
- Comment on Lets make some change. 4 weeks ago:
When they want us to call it Gulf of America, why can’t we just also name it Flu of America?
- Comment on The Saw movie franchise, but for mild annoyances 1 month ago:
Oh, that’s an easy one:
Just constantly stick your finger up your nose, scratch your balls, etc. Make them dirty, greasy,… You get it. If there are “better” means (e.g. food) available, use that. Then play dumb and try to use their computer as if it was a phone and try to do everything as if it had a touch screen. Smear it all over their screen. Cuss as the PC doesn’t react, try again, get visibly angry and irritated.
They’ll stop asking questions fast. Probably right after they realize what you did to the first PC.
- Comment on What does the 3-2-1 rule look like for you? 1 month ago:
- Daily incremental (and occasionally full) backup to an external HDD - a full image of my PCs, so that I should be able to restore anything back to what it was in the last ~14 days, assuming no ransomware or fire or…
- All the data I care about gets synced to my Nextcloud (VPS, not home lab) - somewhat ransomware protected as I could restore VPS backups independently from my PC.
- Most precious data (mostly photos) gets backed up regularly to an encrypted zip file and then gets send to a glacier tier S3 bucket. Some manual retention is done on the zip file level, so that I can get a tad older backup restored.
- At least monthly a full backup image of my PCs is created on a separate external HDD which is not stored at home, but in a place I could access 24/7 if I really needed to restore something fast.
Phones, etc? Just sync to the mentioned Nextcloud, PC downloads from there and everything gets then into the aforementioned backups.
Homeserver? See “PC” above. With the caveat that some VMs/containers are not in the backup cycle, as they do not store any valuable data besides temp files, etc. For these, only things like docker compose files, custom config, ansible playbooks,… are in my backup.
- Comment on I would do this for just 1.99 1 month ago:
I own a small USB stick that acts as a camera. But in reality it’s just a HDMI input on the other end. Now beat that with software
- Comment on Oh no, anyways 1 month ago:
The king is dead, long live the king!
- Comment on Emma 1 month ago:
Plausible deniability
- Comment on Jeep Introduces Pop-Up Ads That Appear Every Time You Stop 1 month ago:
Roll verification coal to continue
FTFY
- Comment on Jeep Introduces Pop-Up Ads That Appear Every Time You Stop 1 month ago:
Here you go
- Comment on Jeep Introduces Pop-Up Ads That Appear Every Time You Stop 1 month ago:
Hey, you might want to team up with Sony…
- Comment on Those YouTube ads everyone hates made $10.4 billion in just three months 1 month ago:
Line go up
- Comment on Brother HL-2280DW, what are you doing? 1 month ago:
Instructions unclear, D stuck in printer
- Comment on Fuck 2024! And 2025! 2 months ago:
While I’m totally with you, many people may be affected by the orange one, even if their not from the US. US politics influences a lot of places globally.
- Comment on EU disease agency considers quitting Elon Musk’s X over disinfo 4 months ago:
What’s he gonna do about it?
Sue them?
- Comment on Just read an article somebody stole 40k from an atm. How is that possible that an atm carries that much? And is it even possible to get inside an ATM if so? 4 months ago:
