Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)SC
Posts
11
Comments
1,437
Joined
1 yr. ago

  • Neat to see someone using TOR+IRC to make a secure messaging platform vs using some closed source/commercial/questionable alternative.

    Would say two things, though, regarding security on the system that didn't get mention.

    First, enable a firewall. Or even better, if your provider offers it, use their firewall AND configure the firewall of your choice on your VPS too. Layers of security are good, because the more layers the less likely that all of them will fail at once, and in the same way, and allow an attacker access.

    And why does this matter? It matters because future software you add, or an update, or a configuration change, or any number of things could open a port for something you didn't expect, and bam, you have something potentially vulnerable sitting on the public internet just waiting to be pwnt. (Also, if you start using Docker, it'll happily open all the ports for you!)

    Second, don't take their advice on how a weak ssh password "doesn't matter", because password auth is disabled. Same reason as the firewall: it's perfectly fine and okay to do this, until something changes, then it's not. I've seen way too many but-this-server-is-secure systems taken out by a bad password that someone forgot about or set for testing, or only used to expedite something else they were doing: if the password is weak, and it's on a user account, you're one configuration update away from a compromised system so pleeeeease don't do that.

  • I keep hearing that, but it seems like if there was a market for a 60s-themed spy game, someone would make a game that's totally starring Kat Bowman who is an agent for ACCORD.

    Sadly it's probably more that uh, there isn't and now I'm going to go sad replay NOLF again.

  • People were also quick to start reaching me via SMS instead of IM.

    I found that too: people who actually want to talk to you (and aren't just talking to you because you happen to be in a group with someone they DO want to talk to) will hop through all sorts of modest hoops to do so.

    Even after moving back to a real smartphone, there aren't any apps installed outside of SMS for people to contact me, because I really enjoyed the very clear signal that the conversation was actually important and actually needed my input vs. the constant stream of noise that existed before.

  • Man, Amazon is giving Google a run for their money on enshittification and product cancellation.

    This is more hilarious because the spy device not only cost more for the ability to show you photos, but it ALSO had a subscription fee to do so on top of that.

    I'm completely befuddled as to what the hell they were thinking, and why they think replacing family pictures with more ads is somehow going to make people do anything other than Ron Swanson these stupid things into the nearest dumpster.

  • I'm always confused by the people who get bit by malware that requires you to bypass Gatekeeper.

    Perhaps I'm just a privileged tech nerd, but when your OS goes 'THIS IS A BAD IDEA, YOU SHOULD THINK TWICE' perhaps uh, don't do that.

    Maybe it's just a poor UI on the part of Apple that's not properly conveying there-be-dragons to users who don't quite get what they're doing?

  • So now I don’t think they are even trying

    I mean, would you? The whole damn playerbase basically goes 'lol read quest text? watch cutscenes? no time, need purps!'.

    If I were Blizzard, I'd probably stop caring about story too because the player base doesn't care all that much either, and the ones that do aren't going to quit over a shitty story at this point: if they were going to, they already did in Shadowlands.

  • Decorum strikes again!

    (Am I ever tired of the government being run by people who do what they do because that's the way they've always done it. No more greatests/silents/boomers who have been in government for 20, 30, 40, 50 years please.)

  • The high-quality onboarding experience?

    Oh for fucks sake, this is just people entering information into a webpage.

    Just another failing business model trying to find somewhere to "extract value".

  • You listed a bunch of people who were "good", but honestly, none of them were. You just weren't necessarily aware of how Bill Gates treated anyone who had anything he wanted, or what Steve Jobs did to his daughter.

    Honestly, the lesson here is All CEOs Are Bad, it's just that some are only moderate psychopaths instead of ones that skin cats and then stuff them into mailboxes.

  • Do you have a route that's configured to route between the subnets that perhaps changes when you change which interfaces are enabled on your NAS?

    My $2 guess is that it's working fine, because you really shouldn't expect computers to talk to each other on subnets they're not a part of without routing, and that the interface disabling you're doing is changing something in how packets are routed/brings your router into routing packets and thus makes it work then.

  • First: compromised how?

    Second: probably just being paranoid, Apple TV + open source apps are about as good as you're going to get in terms of private viewing.

    The Apple TV might report app usage stats to Apple, but unless the app (which it doesn't) reports other telemetry that's not really useful in terms of anything other than, well, seeing that someone uses an app that plays media from Jellyfin.

  • Oh for sure: Musk can barely make a shitpost on Twitter, let alone actually do anything else.

    But, conversely, he's in a position to dictate culture and policy and direction and that's led to shitty cars and whatever the fuck is going on at Twitter.

    Aaaand yes, past performance is not a predictor for future outcomes, but uh, somehow I don't think it's irrelevant either.

  • As someone who's had the FBI serve a subpoena their information regarding activity on a non-exit TOR relay, there's no way on this planet I'd ever run an exit node, unless I were independently wealthy and could afford a lawyer to deal with the fallout.

    I got lucky that the request went to my employer, who knew who I was (obviously) and that I wasn't doing stupid shit, and it never went further than that, but good lord do I never, ever, want to be of interest to the FBI again, even though literally nothing meaningful happened other than me shitting myself for a few months.

  • It's the duality (hypocrisy?) around a lot of selfhosters.

    They're self-hosting for "privacy" from Google/Microsoft/whatever, but then install enough surveillance software that the CIA might think you've over done it and then watch everything they and any friends/family they share access with are doing.

    I mean that's cool if that's what you want to do, but it's still a weird thing.