I am a Meat-Popsicle
Yeah, a company got toasted because one of their admins was running Plex and had tautulli installed and opened to the outside figuring it was read-only and safe.
Zero day bug in tat exposed his Plex token. They then used another vulnerability in Plex to remote code execute. He was self-hosting a GitHub copy of all the company’s code.
Home assistant Web app would be fine.
I keep a root folder. On Windows it’s in c:\something on Linux it’s in /something
Under there I’ve got projects organized by language. This helps me organize nix shells and venvs.
Syncthing keeps the code bases and synced between multiple computers
I don’t separate work from home because they don’t live in the same realm.
Only home stuff in the syncthing.
Running Ubuntu on my 2015 air I struggle to get 2 hours out of it. I was able to get TLP to bring it close to 4, But it was at the cost of being borderline unusable.
It’s crazy as hell watching that form factor reduce. The early bipeds looked like first generation NASA moon landing suits. That thing looks small enough to fit in clothing you could buy at a local department store.
And while I think the 360 pivoting hips are an interesting touch I really wish they would constrain themselves to human anatomical moves.
That’s not simping, The vast majority of that’s paid marketing.
Absolutely a scam. There’s about 10 common ways to bleed money out of somebody at that point. Maybe You’re paying for a background check or certification. Maybe they send you a check that’s too big, and you need to send them back some cash, only to find out that the check itself got reversed in your account after you mail off the money.
Great, now we’re not going to catch the next zero day compression vulnerability. :)
I totally agree, and I did try. It was just some kind of soul reposting things from Reddit and me.
Well, the sub in question had one person copying the articles from Reddit and me commenting on them. That was decidedly too few :)
Philosophically, I think you need enough engagement that there’s chat at least a few times a week in the group. Anything less than that and it’s closer to a search engine result than a community.
The problem isn’t that they won’t create them, there’s insufficient biomass to populate them.
If I want to talk about a 5-year-old video game with myself, I’ll just open Notepad.
I used enlightenment for something like a decade. When Gnome hit the big time I used Gnome because it looked Nice and was very flexible. I went back to Mac and Windows Land for a bit, when I came back I went Gnome again. I just screw around for a day looking and picking plugins and fighting with it to get it exactly how I wanted it. After fighting with one of the older plugins that mustn’t doing what I wanted to do I saw somebody mentioned using KDE. I tried KDE and sure enough every single thing I was plugging the hell out of Gnome for was a default setting in KDE. I’m currently running Plasma. I must say that Cinnamon’s not bad either.
Taskkill /f is reasonably close to sudo kill -9
Hitting the X in Windows and hitting the X in Linux both cause the application to start a save yourself routine. From the OS standpoint they’re not far off.
The problem is we have a lot of confirmation bias in windows because every time we want to close an application that’s not working, that save yourself call has to sit around for a hellaciously long time out followed by a telemetry call so that Microsoft can track that it happened.
It’s pretty rare that Linux apps don’t just close.
Matrix did it!
The crypto is decent, it’s electron so it’s source available. If you want to ignore their hosting solution, you can disable the syncing and just take the vault from its config directory and sync it yourself
The real downsides are that it’s not actual open source, so if they decided to screw around with the security or turn the crypto off somebody can’t just fork it.
Realistically with that screen size you could put anything in that thing. How do you get the impression that it might be a little smaller than it looks though.
I’d vote for anytype or obsidian
Anytype has a learning curve, But it has built-in encryption and IPFS syncing provided by the company. The templating system is really slick and the relational aspect is pretty solid.
Obsidian + syncthing fork is a really solid contender. It’s much easier to work with out of the box but the features are a little more generic.
Neither of these are really self-hosted, so much as they are contained in their own ecosystem. You get some measure of higher availability that you have to really work for if you’re really self-hosting a product.
More like Google harvests your __________ to sell more targeted ads.
I you’re going to hack one, this one is much cooler
https://www.ebay.com/itm/186640570101
there’s a teardown here:
https://hackaday.com/2020/04/27/teardown-vtech-whiz-kid-luggable-computer/
Minimum open services is indeed best practice but be careful about making statements that the attack surface is relegated to open inbound ports.
Even Enterprise gear gets hit every now and then with a vulnerability that’s able to bypass closed port blocking from the outside. Cisco had some nasty ones where you could DDOS a firewall to the point the rules engine would let things through. It’s rare but things like that do happen.
You can also have vulnerabilities with clients/services inside your network. Somebody gets someone in your family to click on something or someone slips a mickey inside one of your container updates, all of a sudden you have a rat on the inside. Hell even baby monitors are a liability these days.
I wish all the home hardware was better at zero trust. Keeping crap in isolation networks and setting up firewalls between your garden and your clients can either be prudent or overkill depending on your situation. Personally I think it’s best for stuff that touches the web to only be allowed a minimum amount of network access to internal devices. Keep that Plex server isolated from your document store if you can.