Cyber

joined 2 years ago
[–] [email protected] 1 points 7 hours ago

True, but they're all as bad as each other. OpenAI was breached last year too...

[–] [email protected] 7 points 7 hours ago* (last edited 7 hours ago)

I smell politics here over ethical hacking

Normally, when vulnerabilities are found, the responsible steps are to disclose to the site owner first before waiting for them to resolve it (ie 90 days).

I didn't see that mentioned in Wiz's article - which is showing their data & links to the vulnerabilities.

[–] [email protected] 25 points 6 days ago (1 children)

There's 2 different things here:

  • Anonymity
  • Truth (of people and / or info)

You need both or you're loosing freedom of speech.

If the government is “nice“, then you won't feel threatened by this and you'll believe that it's better because we can now find the “bad guys”.

But what if the rules change and your thoughts / feelings / beliefs are now “bad”... how do you band together to make it better?

And, the internet is already flooded by bots, well, at least 50%, but I'm guessing no-one's noticed.

[–] [email protected] 1 points 6 days ago

Thanks for the update.

Now more “testers“ are aware, I wonder how long it'll be before the next article about something similar to this comes out...?

[–] [email protected] 3 points 1 week ago

Go baremetal

You want it to be as simple as possible, to be as secure as possible.

Adding proxmox - or any abstraction layer - is now adding more layers that have potential security issues.

And everyone is scanning your IP for vulnerabilities 24/7.

Plus, in my case, I want a completely separate network for Guest Wifi, IoT, etc and only some stuff hitting the LAN / homelab.

[–] [email protected] 3 points 1 week ago

Yes, that was my thoughts too.

It was possibly just as bad, but maybe all the paint dried up and flaked off...

[–] [email protected] 8 points 1 week ago

So, another “cookie banner” coming then, but this one says: “facts not checked”

[–] [email protected] 12 points 2 weeks ago

Ah, replaceable batteries...

Honestly, I kept my Nokia going until I got a Fairphone - purely to be able to replace the battery.

It was great when visiting places they just asked me to install some shitty app (ie to view a restaurant menu, etc.) I'd just show them the Nokia and they'd have to treat me ”properly”

[–] [email protected] 4 points 2 weeks ago

I agree, the acronym NAS does indeed mean that.

But would you call a Hypervisor a NAS?

When I say NAS, I mean NAS. Bulk storage remotely accessible on the network.

When someone starts talking about all their VMs/Containers, I understand that to mean something else... I'd prefer to use a generic term like “server” instead.

[–] [email protected] 2 points 2 weeks ago (3 children)

Look, there's 2 things here:

  • NAS - meaning storage

and

  • NAS - meaning a virtualisation / container server that's doing lots of fairly random disk access

Which are you wanting?

For the first, just consider capacity (you'll fill it) and noise (spinning away all night)

For the 2nd, really really consider SSDs as they're silent and fast.

RAID1 is just a convenience factor, so whatever you do, don't get too caught up in the drive mechanics as you'll have a full backup (right?) and can restore your data at a moment's notice.

Honestly, honestly, just go for something large & quiet and you'll be fine.

And yes, SSD for the OS

[–] [email protected] 3 points 2 weeks ago

+10 for keeping notes.

Yep, even that temporary thing, write it down. Usernames & passwords go in KeePass - with descriptive notes in there too

[–] [email protected] 0 points 2 weeks ago (1 children)

You should check out Ansible

 

"On 11th November BBC iPlayer will no longer be available directly on this device."

OK, so, I didn't purchase this particular (Blaupunkt) TV, but as it's my mother's then, well, I'm the one that has to "fix" this.

Personally, I use TVs as a simple screen and watch everything through other devices (Roku, or a Linux PC running MythTV).

I see the BBC website has some links to review sites, but I thought this might be another place to ask for - preferably open source - devices that could be used.

Comments?

44
submitted 7 months ago* (last edited 7 months ago) by [email protected] to c/[email protected]
 

As a long-term MythTV user, I read all the discussion about Plex vs Jellyfin, but I'm still here... recording Live TV, watching films, listening to "me choonz" all on free, open-source software. What am I missing? Any other MythTV users out there?

39
NAS vulnerabilities (www.theregister.com)
submitted 7 months ago* (last edited 7 months ago) by [email protected] to c/[email protected]
 

Just stumbled across this (overly dramatic?) article and thought I'd just post it here...

It's more to act as a reminder that if you've got a NAS that is serving content to the interwebs, then make sure it's behind a proxy of some kind to prevent weaknesses (ie in the management Web UI) being exposed.

Obvz, this article is pointing to Zyxel, but it could be your DIY home-built NAS with Cockpit: CVE-2024-2947 - just an example, not bashing that project at all.

I've used Squid and HAProxy over the years (mostly on my pfSense box) - but I'd be interested to know if there's other options that I've not heard of

 

Before I dive headlong into debugging and throwing bug tickets around, I just needed a sanity check from someone else..

I have an old Lenovo laptop as my daily driver / experimentation box (ie it gets a lot of paclages installed and removed)

Recently I've been using Vivaldi's built-in calendar to use as a CalDAV client for my radicale installation.

It's the only open tab and Vivaldi's using ~20% CPU (according to htop)... actually, I just closed that tab... even with 1 blank tab the CPU's the same.

Is this just my battle weary laptop needing a good clean, or can someone else confirm?

TIA

 

pfSense... Anyone have much experience with the new Kea DHCP server?

I'm using 2.7.2 (Community Edition) on a fairly good Celeron based system that's not heavily loaded, but I have 7 network segments (VLANs and physical interfaces), so I have 7 DHCP pools / configs.

Just adding 1 more static reservation can cause a significant delay when reloading the service and because I register static reservations in DNS, the network loses DNS so I "break the internet" for a short while.

Would Kea fix this?

 

pfSense... Anyone have much experience with the new Kea DHCP server?

I'm using 2.7.2 (Community Edition) on a fairly good Celeron based system that's not heavily loaded, but I have 7 network segments (VLANs and physical interfaces), so I have 7 DHCP pools / configs and just adding 1 more static reservation can cause a significant delay when reloading the service and because I register static reservations in DNS, I can lose comms.

Would Kea fix this?

 

Well, as the title says, I've had a few notifications that alerted over night and I'm wanting to sleep instead

These are ntfy alerts, but driven by Uptime Kuma... and I can't find a programmatic / config option that says "don't notify between 11pm and 7am" (but willing to admit I've just not found it... yet...)

I need my (Android, ofc) phone to be on in case of family calls / messages, so I can't use "Do Not Disturb", and remembering to manually mute the ntfy app each night just doesn't make sense to me - computers are quite capable of automating my requirements for me.

So... any pointers? I'm sure you're not all getting alerts at 2am because your ISP dropped a few packets...

 

I secure systems for my day job. That means installing AV software, ensuring Windows Firewall is ON, etc. (Plus many other things...)

I've seen discussions around disk encryption here, but I don't recall much about a malware protection. Maybe a little about personal (desktop) firewalls.

I'm aware of Clam, etc, but is anyone actually using these tools much?

Or are we just presuming we're all immune from the bad guys targeting Windows?

 

So, I've had it up to here (^^^) with the family using WhatsApp, etc and I'm heading off into the land of XMPP to find a better solution.

I've got a Pi3 hanging off my pfSense firewall acting as a kinda DMZ box, so thought I could setup an XMPP server on it (Prosody?)

Any advice? Will the Pi crumble (see what I did there) under the pressure of 4 people using it?

Issues with proxying outside with a Lets Encrypt cert on the pfSense box, but maybe not inside the network?

"Better" server software?

Thanks

 

I've started looking at Ansible to manage all the laptops, VMs, SBCs that I have running Arch Got the ol' pacman installs / updates working fine, but I'm having some problems understanding how to setup AUR to install some of those packages.

Main issue is where Ansible is basically doing everything as root, and AUR helpers don't want to run as root, so ok, create a 2nd non-root user first...

But even installing an AUR helper (yay) brings problems:

I can setup a folder in /tmp/aur , I can git clone the yay package, but then I have no idea how to run makepkg or then yay as that non-root user.

Does anyone have this already figured out?

Or... am I going about this the wrong way?

 

I'm currently running HA on a Pi3... it works fine, but it's now a single point of failure.

I have some new hardware arriving to run VMs in and was intending to move HA to it, but now I'm wondering if I can have HA in 2 places for fault tolerance.

I'm aware that there's no built-in failover options, but has anyone done something similar?

 

Ok, I've done a fair bit with wifi devices, now I'm waking up to zigbee.

Got myself an S26 R2 to play with, but just wanted to clarify a few things...

So, if I had a few of these around the house, would they form the man backbone of the zigbee mesh network? Or do they not provide that function?

And also - possibly n00b question - I presume there's still a need / benefit to flash with esphome? Couldn't see anything obvious on the site and only searched online for a few mins before giving up and asking for experience rather than random sites...

view more: next ›