NaibofTabr
@NaibofTabr@infosec.pub
- Comment on Why is Lemmy.ml blocked? 2 days ago:
Authoritarians love to project their behavior on everyone else to excuse their own abuses.
- Comment on Why is Lemmy.ml blocked? 2 days ago:
This is just nonsense. Lemmy.ml is an admin-enforced echo chamber. The only other server that behaves like they do is hexbear.
- Comment on Promising Graphene Perovskite research may dramatically increase efficiency and lower costs of Perovskite solar cells 4 days ago:
Graphene is the most amazing material, it can do anything and everything… except leave the lab.
- Comment on A hypothesis 5 days ago:
From Middle English discluden, from Latin disclūdō, disclūdere (“separate or keep apart”).
- Comment on Looking for controller recommendations 6 days ago:
Depending on what you’re emulating, the 8BitDo ultracompact options might work for you:
Basically turn your phone into a Gameboy, good for 90s games where you don’t need sticks. The controller and clip together will cost you $35.
- Comment on We could have lived in a world where Hideo Kojima made a Matrix game, if only someone had told him he was offered to make one 1 week ago:
- Cool Spot - an unreasonably good (and challenging) platformer that is basically just an add for 7-up
- Chex Quest - DOOM but with Chex cereal - it’s stupid, it’s fun
- The Simpsons: Hit & Run
- Star Wars: Knights of the Old Republic
- Star Wars: TIE Fighter
- Star Wars: Jedi Knight: Jedi Academy
- Comment on Remember to check your kids candy 1 week ago:
- Comment on Please no, just stop 1 week ago:
Please increase our user count so we can get more VC funding!
- Comment on Trump Administration Providing Weapons Grade Plutonium to Sam Altman 1 week ago:
Residential solar cost per MWh is much more expensive than other sources, because many small generators is a more expensive (but more resilient) way to build power production.
Grid-scale solar plants are one of the most cost-effective ways to generate electricity. Only wind turbines are competitive in cost per MWh, and the real-world cost of any installation depends on the specifics of the particular installation (land value, insolation, wind patterns, scale, etc).
- Comment on Sometimes I feel nothing will change for the better and I feel frustrated about it. 1 week ago:
- Comment on Australian police design AI tool to decipher predators' Gen Z slang 1 week ago:
These are the people that want to eliminate encryption so they can read everyone’s messages in the clear. This implementation of message scanning is about two steps away from thought crime.
These are just authoritarians with a fetish for surveillance state bullshit, justified by “think of the children!”
- Comment on Piping mouse 1 week ago:
The DecapiCone:
Make injections and decapitation quicker and easier with Braintree Scientific’s DecapiCones. Tapered plastic film tubes provide quick and easy restraint of rats, mice, and other small animals. I.P. injections can be made directly through the film! DecapiCones restrain post-decapitation kicking and prevent personal contact with feces or urine. A unique dispenser holds DecapiCones open and ready for use. Simply hold the DecapiCone in one hand and introduce the animal with the other. Animals enter readily, heading for the breathing hole at the small end. Roll and squeeze the large end closed. They may be used repeatedly for injections and simply discarded when soiled. For decapitation, hold at the rear and insert the small end into the decapitator.
- Comment on Show your pride 1 week ago:
Uranium is neon blue:
- Comment on Why do I need a domain to access my Funkwhale library but not SyncThing? 1 week ago:
Perfect explanation.
Thank you, I try. It’s always tricky to keep network infrastructure explanations concise and readable - the Internet is such a complicated mess.
People like paying for convenience.
Well, I would simplify that to people like convenience. Infrastructure of any type is basically someone else solving convenience problems for you. People don’t really like paying, but they will if it’s the most convenient option.
Syncthing is doing this for you for free, I assume mostly because the developers wanted the infrastructure to work that way and didn’t want it to be dependent on DNS, and decided to make it available to users at large. It’s very convenient, but it also obscures a lot of the technical side of network services which can make learning harder.
This kind of thing shows why tech giants are giants and why selfhosted is a niche.
There’s also always the “why reinvent the wheel?” question, and consider that the guy who is selling wheels works on making wheels as a full-time occupation and has been doing so long enough to build a business on it, whereas you are a hobbyist. There are things that guy knows about wheelmaking that would take you ten years to learn, and he also has a properly equipped workshop for it - you have some YouTube videos, your garage and a handful of tools from Harbor Freight.
Sometimes there is good reason to do so (e.g. privacy from cloud service data gathering) but this is a real balancing act between cost (time and money, both up-front and long-term), risk (privacy exposure, data loss, failure tolerance), and convenience. If you’re going to do something yourself, you should have a specific answer to the question, and probably do a little cost-benefit checking.
- Comment on ‘There isn’t really another choice:’ Signal chief explains why the encrypted messenger relies on AWS 1 week ago:
Right, OK, but Signal sustains itself on charity.
- Comment on Why do I need a domain to access my Funkwhale library but not SyncThing? 1 week ago:
But if I’m reading the materials correctly, I’ll need to set up a domain and pay some upfront costs to make my library accessible outside my home.
Why is that?
So when your mobile device is on the public internet it can’t reach directly into your private home network. The IP addresses of the servers on your private network are not routable outside of it, so your mobile device can’t talk to them directly. From the perspective of the public internet, the only piece of your private network that is visible is your ISP gateway device.
When you try to reach your Syncthing service from the public internet, none of the routers know where your private Syncthing instance is or how to reach it. To solve this, the Syncthing developers provide discovery servers on the public internet which contain the directions for the Syncthing app on your device to find your Syncthing service on your private network (assuming you have registered your Syncthing server with the discovery service).
This is a whole level of network infrastructure that is just being done for you to make using Syncthing more convenient. It saves you from having to deal with the details of network routing across network boundaries.
Funkwhale does not provide an equivalent service. To reach your Funkwhale service on your private network from the public internet you have to solve the cross-boundary routing problem for yourself. The simplest and most reliable way to do this is to use the DNS infrastructure that already exists on the public internet, which means getting a domain name and linking it to your ISP gateway address.
If your ISP gateway had a static address you could skip this and configure whatever app accesses your Funkwhale service to always point to your ISP gateway address, but residential IP addresses are typically dynamic, so you can’t rely on it being the same long-term. Setting up DynamicDNS solves this problem by updating a DNS record any time your ISP gateway address changes.
There are several DynDNS providers listed at the bottom of that last article, some of which provide domain names. Some of them are free services (like afraid.org) but those typically have some strings attached (afraid.org requires you to log in regularly to confirm that your address is still active, otherwise it will be disabled).
- Comment on We gotta be more encouraging 1 week ago:
physics crackpots: a ‘theory’ - Angela Collier
- Comment on What if reincarnation is real, but you were probably plankton in your last life, so you don’t remember anything anyway? 1 week ago:
Even if it’s just Earth, if we assume there is a degree of randomness in species assignment then you’ve got decent odds of reincarnating as an ant:
We conservatively estimate total abundance of ground-dwelling ants at over 3 × 10^15^ and estimate the number of all ants on Earth to be almost 20 × 10^15^ individuals. 1
And of course, massively high odds of being a bacteria. There are probably ~40 trillion bacteria living just in your body right now:
They estimate that the range of bacterial cells goes from about 30 to 50 trillion in each individual. 2
- Comment on Is it really worth the BS for a couple more years? 1 week ago:
Granpa always wants excitement
He’ll try anything new
So he made some homemade bungie cords
He would’ve been eighty-two! - Comment on One photograph. Two daughters. Three Nobel Prizes. 1 week ago:
Seriously though, her Wikipedia page is ridiculous. When the hell did she have time to raise children?
- Comment on If only we knew... 2 weeks ago:
Everyone in the PRC supports the CCP.
It’s because the ruling party is so good that everyone loves them unconditionally, of course.
- Comment on From the outside looking in 2 weeks ago:
- Comment on Is compressed air the best way to clean my pc that I consider dusting once every 2 years? 2 weeks ago:
Assuming this is a desktop PC, prevention is much better. Get a case with dust filters (preferably removable) on the intake fans or just add some to your existing case. I would call this essential if you have pets.
- Comment on China releases 'UBIOS' standard to replace UEFI — Huawei-backed BIOS firmware replacement charges China's domestic computing goals 2 weeks ago:
UBIOS’s unique features over UEFI include increased support for chiplets and other heterogeneous computing use-cases, such as multi-CPU motherboards with mismatching CPUs, something UEFI struggles with or does not support. It will also better support non-x86 CPU architectures such as ARM, RISC-V, and LoongArch, the first major Chinese operating system.
Hmm, I haven’t read the full spec, but typically when you’re making mismatched components work together like this it means you can only support security features that are common for all of them - that is, any security can only be the lowest common standard. Does anybody know where to find more specific information on security features in UBIOS? Wider compatibility generally means more vulnerability.
One of the major design goals of UEFI was to add security to BIOS, which never had any real security in its design. If UBIOS is less secure than UEFI then it’s really not a good idea to use it for anything beyond personal devices.
Does UBIOS have feature parity with UEFI or is it just targeting a different use case altogether? UEFI’s security features are still not complete protection, but it would be a terrible idea to run a network server without them in the present cybersecurity environment.
- Comment on Got 'em 2 weeks ago:
- Comment on If websites are slow for you, this is why, AWS is breaking everything 2 weeks ago:
AWS is a huge suite of products and services, and there’s a lot of old legacy shit running on it.
Yup, AWS is legacy cloud. It was only recently that they set encryption by default on S3 buckets, before that they were just in the clear by default.
Cybersecurity and disaster recovery are not directly profitable, so they are almost always neglected in your average shop.
It’s never important until suddenly it’s the most important thing in the world.
- Comment on If websites are slow for you, this is why, AWS is breaking everything 2 weeks ago:
Yeah, but proper failover and recovery requires additional infrastructure, and that costs money.
Hopefully a bunch of risk management people are writing I-told-you-so emails to C-suites right now.
- Comment on Ruby Central tries to make peace after 'hostile takeover' 2 weeks ago:
Damn man, you are really bending over backward to defend this guy… do you owe him money or something?
- Comment on If a girl asks you if you're big, are you supposed to lie or not? 2 weeks ago:
“Big enough.”
- Comment on If a girl asks you if you're big, are you supposed to lie or not? 2 weeks ago:
You can’t generalize women this way. They’re individual people.
