priapus

@priapus@piefed.social

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Using Fail2ban to protect exposed services⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
I have all my services behind a reverse proxy and use Crowdsec to monitor and block automated attacks. I also have pocket-id for auth, I use SSO for apps that support it and others just require authentication to access them at all. The docs are pretty solid, it was easy to set up.

Make sure you know the services running on your server, the most likely way you could get attacked is by just leaving some vulnerable or misconfigured software running and accessible.
⁨Comment⁩ on ⁨Jack Dorsey Releases Vine Reboot Where AI Content Is Banned⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
And even with the large majority using bsky.app, the true decentralized nature of Bluesky is anyone can host the data server that contains the data for their account. Even if you keep using bsky.app as your frontend, your data can be kept on a self hosted PDS.
⁨Comment⁩ on ⁨Jack Dorsey Releases Vine Reboot Where AI Content Is Banned⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
Bluesky is decentralized, its just decentralized in a different way than Fediverse apps. People dont understand it and just say its fake decentralization rather than researching it.

There is already alternative infrastructure available (i.e. Blacksky) and a variety of other applications hosted using ATProto (you can see a few here: https://bsky.social/about).

You can use any of these apps while maintaining full control of your own data by running your own PDS, or using any community maintained PDS. If you already have an account on the Bluesky PDS, you can migrate it, retaining all of your data. If you dont feel like migrating yet, you can also just export your rotation key, which would allow you to maintain control of your account even in the event that the Bluesky PDS does become evil or something.
⁨Comment⁩ on ⁨Framework supporting far-right racists?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
What doesn’t seem clear-cut? My only point here was that using Lemmy does not directly fund the creator of it.

You support one thing who’s creator has questionable views but not the other. The main difference seems to be that you like one and not the other.

You’re making assumptions about me. I use Piefed, not Lemmy. I also do not believe that this situation is enough for me to not support Framework. All I’m saying here is that supporting Framework is for the most part direct financial support, while one can easily support the Lemmy as a whole, without providing financial support to the creator with questionable views.
⁨Comment⁩ on ⁨Framework supporting far-right racists?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Thats a valid point, but I still feel its a less direct form of support, which was my point. I dont feel that it is the same as directly financially supporting a project you morally disagree with.
⁨Comment⁩ on ⁨Framework supporting far-right racists?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
But not required. If I do not morally support the developer I can instead choose to financially support individual instances, or other projects like Piefed or mbin.

My point here is that comparing this situation to using Lemmy is a bad comparison. Supporting Framework is pretty much exclusively via financial support, the same is not true for Lemmy.
⁨Comment⁩ on ⁨Framework supporting far-right racists?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Using Lemmy isn’t giving that tankie money.
⁨Comment⁩ on ⁨Half of Young Men Would Rather Date an AI Girlfriend Than Face Loneliness or Rejection, New Report Reveals⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Zero chance any of this is true.
⁨Comment⁩ on ⁨Immich Flatpak⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
If your goal is simply having a backup then Immich seems like overkill
⁨Comment⁩ on ⁨KDE Plasma Bigscreen (Android TV alternative) is back from dead⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Looks nice! I'm getting it set up on an old Pi right now for a new media center in my basement.
⁨Comment⁩ on ⁨One-Click RCE in ASUS's Preinstalled Driver Software⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:

only applies to Windows (I think)

Well yeah, its a vulnerability in the windows software. Nothing they said implied otherwise.

and won't work without a permissions escalation.

I dont think thats true, could you explain why that would be? This article mentioned no need for a permissions escalation. In fact it seems that the RCE is automatically run as administrator by the driver process.
⁨Comment⁩ on ⁨40,000 Security Cameras Found Compromised Online.⁩ ⁨⁨5⁩ ⁨months⁩ ago⁩:
What this is talking about is not really about the brand or model, its just about them being misconfigured. These cameras were exposed to the internet with either default credentials or no authentication.

Theres very few good reasons to expose a camera to the internet at all, but if you need to, put some proper authentication in front of it.