Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)F

F04118F

@ F04118F @feddit.nl

Posts
11
Comments
237
Joined
2 yr. ago

  • Using Tailscale As A Traditional VPN

    Jump
  • Deleted

    Permanently Deleted

    Jump

  • Is privacyguides wrong?

  • Deleted

    Permanently Deleted

    Jump

  • While the company has a questionable record and a controversial business model, Brave Browser is an open-source browser with good privacy features.

  • Cheapskate's Guide: Nuking web-scraping bots

    Jump

  • Interesting approach but looks like this ultimately ends up:

    • being a lot of babysitting / manual work
    • blocking a lot of humans
    • not being robust against scrapers

    Anubis seems like a much better option, for those wanting to block bots without relying on Cloudflare:

    https://anubis.techaro.lol/

  • Vim > VSCode

    Jump

  • Thanks, I wasn't aware of that!

    Makes sense though. Vim plugins exist so anything is possible. Neovim having native support for LSP and DAP makes it a lot easier though.

  • Vim > VSCode

    Jump

  • Do you mean Neovim?

    Surely you aren't comparing a flat text editor to an IDE that has language server support, debuggers and refactoring tools?

  • Music service that works well with VPN and Music Assistant

    Jump

  • I want to have VPN enabled always on my phone. I want my music app to work on my phone.

    But yeah thanks for asking the right questions: I should split tunnel so the music app can go around the VPN obviously!

  • Music service that works well with VPN and Music Assistant

    Jump

  • I don't need to, I want to. Basic privacy.

  • Music service that works well with VPN and Music Assistant

    Jump

  • We're currently looking at Qobuz and Tidal. Will keep you updated if Qobuz' family plan "same household" rule will cause problems with the VPN

  • How to have a boring and low-maintenance system?

    Jump

  • If they don't keep any private data on any computer that trusts their home network/wifi and don't do taxes or banking on those, there's no problem.

    But if they do, I maintain that the analogy is correct: their unpatched machine is an easy way to digitally get access to their home, just like an unlocked door is to a physical home.

  • How to have a boring and low-maintenance system?

    Jump

  • You keep using the word "maintenance". All I'm worried about is not installing any security patches for months.

    The problem that I tried to highlight with my "cherry picking" is:

    • Running a machine with open vulnerabilities for which patches exist also "paints a target on your back": even if your data is worthless, you are essentially offering free cloud compute.
    • But mostly, a single compromised machine can be an entrypoint towards your entire home network.

    So unless you have separated this Orange Pi into its own VLAN or done some other advanced router magic, the Orange Pi can reach, and thus more easily attack all your other devices on the network.

    Unless you treat your entire home network as untrusted and have everything shut off on the computers where you do keep private data, the Orange Pi will still be a security risk to your entire home network, regardless of what can be found on the little machine itself.

  • How to have a boring and low-maintenance system?

    Jump

  • No it is

    https://www.pandasecurity.com/en/mediacenter/consequences-not-applying-patches/

    And:

    You're allowing for more attack vectors that would not be there if the system were to be patched. Depending on the severity of the vulnerability, this can result in something like crashes or something as bad as remote code execution, which means attackers can essentially do whatever they want with the pwned machine, such as dropping malware and such. If you wanna try this in action, just spin up a old EOL Windows machine and throw a bunch of metasploit payloads at it and see what you can get.

    While nothing sensitive may be going to or on the machine (which may seem to be the case but rarely is the case), this acts as an initial foothold in your environment and can be used as a jumpbox of sorts for the attacker to enumerate the rest of your network.

    And:

    Not having vulnerability fixes that are already public. Once a patch/update is released, it inherently exposes to a wider audience that a vulnerability exists (assuming we’re only talking about security updates). That then sets a target on all devices running that software that they are vulnerable until updated.

    There’s a reason after windows Patch Tuesday there is Exploit Wednesday.

    Yes, a computer with vulnerabilities can allow access to others on the network. That’s what it means to step through a network. If computer A is compromised, computer B doesn’t know that so it will still have the same permissions as pre-compromise. If computer A was allowed admin access to computer B, now there are 2 compromised computers.

    From https://www.reddit.com/r/cybersecurity/comments/18nt1o2/for_individuals_what_are_the_actual_security/

  • How to have a boring and low-maintenance system?

    Jump

  • I used to lose my keys all the time. I don't want to spend so much time looking for my keys, nowadays I mostly just leave them in the front door, I rarely lock it and it works like a champ.

  • Anubis - Weighs the soul of incoming HTTP requests using proof-of-work to stop AI crawlers

    Jump

  • Anubis - Weighs the soul of incoming HTTP requests using proof-of-work to stop AI crawlers

    Jump

  • It is very different from the usual flat corporate style yes, but this is just their branding. Their blog is full of anime characters like that.

    And it's not like you're looking at a literal ad for their company or with their name on it. In that sense it is subtle, though a bit unusual.

  • Linux distros if they were high school stereotypes

    Jump

  • NixOS - Queer kid who gets 10/10 at every written test, but stutters so badly that they can't do anything when asked to improvise in front of class or at speaking tests.

  • Revolt server ( Linux + Steam Deck devs / creators)

    Jump

  • Thanks for the clarification! I should try stuff more, and read less landing pages

  • Is Qwant still good privacy wise?

    Jump

  • Revolt server ( Linux + Steam Deck devs / creators)

    Jump

  • Thanks for raising awareness of FOSS Discord alternatives. Revolt certainly is the best looking of all of them.

    Last time I looked into this, Revolt's voice and video chat was "unsupported" for self-hosting while they were working on a complete rewrite. Is this still the case?

    The other big FOSS Discord alternative is Synapse-Matrix with the Element X client, but no clue how far along voice and video is over there either.

    Then there's Mattermost, which is more work-oriented and has voice and screen share, but no video calls.

    I should host some of this stuff to try it out.