7·
15 days agoI think it’s one of those things that is against the spirit of a law but not the letter of it. It feels illegal, it probably should be illegal, it might be illegal in the future, but for now it’s sketchy but technically above board.
- 0 Posts
- 166 Comments
Joined 1 year ago
Cake day: June 20th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
I run ubuntu’s server base headless install with a self-curated minimal set of gui packages on top of that (X11, awesome, pulse, thunar) but there’s no reason you couldn’t install kde with wayland. Building the system yourself gets you really far in the anti-bloatware dept, and the breadth of wiki/google/gpt based around Debian/Ubuntu means you can figure just about any issues out. I do this on a ~$200 eBay random old Dell + a 3050 6gb (slot power only).
For lighter gaming I’ll use the Ubuntu PC directly, but for anything heavier I have a win11 PC in the basement that has no other task than to pipe steam over sunshine/moonlight
It is the best of both worlds.
3·2 months agothe best way to learn is by doing!
I just built my own automation around their official documentation; it’s fantastic.
https://www.wireguard.com/#conceptual-overview
vyatta and vyatta-based (edgerouter, etc) I would say are good enough for the average consumer. If we’re deep enough in the weeds to be arguing the pros and cons of wireguard raw vs talescale; I think we’re certainly passed accepting a budget consumer router as acceptably meeting these and other needs.
Also you don’t need port forwarding and ddns for internal routing. My phone and laptop both have automation in place for switching wireguard profiles based on network SSID. At home, all traffic is routed locally; outside of my network everything goes through ddns/port forwarding.
If you’re really paranoid about it, you could always skip the port-forward route, and set up a wireguard-based mesh yourself using an external vps as a relay. That way you don’t have to open anything directly, and internal traffic still routes when you don’t have an internet connection at home. It’s basically what talescale is, except in this case you control the keys and have better insight into who is using them, and you reverse the authentication paradigm from external to internal.
Talescale proper gives you an external dependency (and a lot of security risk), but the underlying technology (wireguard) does not have the same limitation. You should just deploy wireguard yourself; it’s not as scary as it sounds.
What if he wasn’t speeding, and didn’t dismiss dangerous civil behavior as something he should be allowed to pay 0.0001% of his net worth for and move on without consequence?
We should be one of those countries where civil infraction penalties are calculated based on net worth.
This seems like the closest we’ll ever get to “justice” on the guy who only isn’t in jail right now for beating the shit out of his pregnant girlfriend “because he’s Tyreek Hill”
Fail2ban and containers can be tricky, because under the hood, you’ll often have container policies automatically inserting themselves above host policies in iptables. The docker documentation has a good write-up on how to solve it for their implementation
https://docs.docker.com/engine/network/packet-filtering-firewalls/
For your usecase specifically: If you’re using VMs only, you could run it within any VM that is exposing traffic, but for containers you’ll have to run fail2ban on the host itself. I’m not sure how LXC handles this, but I assume it’s probably similar to docker.
The simplest solution would be to just put something between your hypervisor and the Internet physically (a raspberry-pi-based firewall, etc)
I believe it was a musk move that changed the default sort order from “latest first” to “most engaged” as an intentional inconvenience to encourage users to make accounts and log in.
14·3 months agoIn a world of good-faith, rational actors, it is reasonable to consult experts in the industry you’re about to regulate. In theory, a good-faith adversarial discussion will root out inconsistencies and logical fallacies within the regulation.
Obviously that’s usually not the case in modern politics, but I think the system was designed when it was thought that the average person would be operating in good faith, and in that context it makes sense.
I’ve met a surprising number of “good religious people”, but it’s not surprising most people think they don’t exist. I think this phenomenon transcends religion though
In the case of good Christians, the one unifying quality all of them have is they aren’t loud, and they aren’t pushy about it. They live their lives with a set of fundamental values and are always willing to go out of their way to help a neighbor. If it weren’t for the symbology in their homes you might never know.
I think it’s the same with anything else. If you’ve never met a trans person who doesn’t make enforcing pronouns their entire identity, it’s easy to have your perspective skewed towards the obnoxious loud ones you see online. If you don’t personally know a cop or a black person, sensationalist stereotypes might be your internal idea of normal about them too. Etc…
Linux users though… we’re all pushy weirdos. Not a normal good one among us :)
Actually now that it’s been mentioned, have you ever tried Linux on the desktop? It’s really good these days. I do not use arch btw, I’m a Debian user myself.
The color of ones skin does not preclude someone from being bigoted or hateful. It just determines which news network picks up the story.
Overall, we rate LGBTQ Nation Left Biased based on story selection and wording that almost always favors the left. We also rate them Mostly Factual in reporting, rather than High, due to not labeling opinion pieces, which may mislead the reader.
I was with you until I clicked the link but that doesn’t seem like an entirely unreasonable take. One can be both “on the right side of history” and “intentionally or incompetently misleading”.
yes, the incompetence was a management decision to allow an external vendor to bypass internal canary deployment processes.
Competent IT staffing includes IT management
To be clear, an operating system in an enterprise environment should have mechanisms to access and modify core system functions. Guard-railing anything that could cause an outage like this would make Microsoft a monopoly provider in any service category that requires this kind of access to work (antivirus, auditing, etc). That is arguably worse than incompetent IT departments hiring incompetent vendors to install malware across their fleets resulting in mass-downtime.
The key takeaway here isn’t that Microsoft should change windows to prevent this, it’s that Delta could have spent any number smaller than $500,000,000 on competent IT staffing and prevented this at a lower cost than letting it happen.
3·3 months agoIf there are any water pipes through the second half of the house you cannot let those exterior walls reach freezing temperatures. Whatever solution you go with needs to account for the entire space in some capacity.
Yeah I was going to say the same thing, I used to drink a lot and I never did anything drunk that I didn’t want to do sober. The drinking just impairs judgement and how much you care about consequences in the moment.