Just your normal everyday casual software dev. Nothing to see here.
I mean if it ain’t broke don’t fix it lmao we manage oil maintenance on our vehicles the same way, we have a wooden board at the back of the garage and we use a Sharpie to draw on that wooden board the mileage of the last oil change for each vehicle
It all depends on your threat model, I own my Hardware as well but I’m still not going to use a software that is shown to me that they don’t take security seriously but I’m also more paranoid than most
I’m currently running proxmox on a 32 gig server running a ryzen 5600 G, it’s going fine the containers don’t actually use all that much RAM and personally I’m actually seeing a better benchmarks than I did when I just ran as a Bare Bones Ubuntu server, my biggest issue has actually been a larger IO strain than anything, because it’s a lot more IO heavy now since everything’s containerized. I think I easily could run it with a lower amount of ram I would just have to turn off some of the more RAM intensive items
As for if I regret changing, no way Jose, I absolutely love the ability of having everything containerized because I can set things up how I want it when I want it and if I end up screwing something up configuration wise or decide that I no longer need that service I can just nuke the container without having to remember well what did I install on this program so I can remove it and do other programs need this dependency to work. Plus while I haven’t tinkered as much in this area, you can hard set what resources you want a lot to each instance, so if you have a program like say a pi hole that you know is never going to use x amount of resources to be able to appropriately work you can restrict what it can do so if something does go wrong with it it doesn’t use all of your system resources
The biggest con out of it is probably having to figure out how to do the networking side because every container is going to have a different IP address, I found using a web dashboard is my friend because I can have heimdel tell me where all my services are and I just have to click the icon to bring me to the right IP address, it took a lot of work to figure out how it’s operational and how to get it working, but the benefits I’ve gotten of having it is amazing. Just make sure you have a spare disk to temporarily clone partitions to because it’s extremly difficult to use existing disks in the machine. I’ve been slowly going one at a time copying it over to an external drive nuking the and then reinitializing the disc as part of the proxmox lvm and then copying the data back over onto their appropriate image file.
I personally will never use nextcloud, it is nice interface side but while I was researching the product I came across concerns with the security of the product. Those concerns have since then been fixed but the way they resolved the issue has made me lose all respect for them as a secure Cloud solution.
Basically when they first introduced encrypting folders, there was a bug in the encryption program, and the only thing that ever would be encrypted was The Parent Directory but any subfolder in that directory would proceed to not be encrypted. The issue with that is that unless you had server-side access to view the files you had no way of knowing that your files weren’t actually being encrypted.
All this is fine it’s a beta feature right? Except for when I read the GitHub issue on the report, they gaslit the reporter who reported the issue saying that despite the fact that it is advertised as feature on their stable branch, the feature was actually in beta status so therefore should not be used in a production environment, and then on top of , the feature was never removed from their features list, and proceeded to take another 3 months before anyone even started working on the issue report.
This might not seem like a big deal to a lot of people, but as someone who is paranoid over security features, the projects inaction over something as critical as that while trying to advertise themselves as being a business grade solution made me flee hardcore
That being said I fully agree with you out of the different Cloud platforms that I’ve had, nextCloud does seem to be the most refined and even has the ability to emulate an office suite which is really nice, I just can’t trust them, I just ended up using syncthing and took the hit on the feature set
Seconding this, I took the plunge a month or two back myself using proxmox for my home lab. Fair warning if you have never operated anything virtualized outside of using virtualbox or Docker like I was you are in for an ice Plunge so if you do go this route prepare for a shock, it is so nice once everything is up and running properly though and it’s real nice being able to delegate what resource uses what and how much, but getting used to the entire system is a very big jump, and it’s definitely going to be a backup existing Drive migrate data over to a new Drive style migration, it is not a fun project to try to do without having a spare drive to be able to use as a transfer Drive
judging by lack of description on this post, and the videos description, it’s a rage bait video based off potential intentions behind a website that logs discord activity and sells it for profit. The video description gave a big “I’m trying to egg you to watch this” vibe though so I didn’t go further. The site named has been shut down a few times now, it just renames itself every time and boom operational again.
my opinion is that’s a risk you gotta take posting stuff online and it likely won’t be going anywhere, nothings secure unless you trust everyone involved. I wish for privacy but I don’t expect it unless I can meet that criteria
TPM is a good way, Mine is setup to have encryption of / via TPM with luks so it can boot no issues, then actual sensitive data like the /home/my user is encrypted using my password and the backup system + fileserver is standard luks with password.
This setup allows for unassisted boot up of main systems (such as SSH) which let’s you sign in to manually unlock more sensative drives.
I’m surprized as well, like I guess I would understand if it’s a no log DNS server but, what else wouldn’t have sensitive information.
Almost 60 something, I mostly browse by subscribed or local and still get content.
I mean i have a Bsky account, I don’t really use the platform since it doesn’t seem all that active in comparison to others available.
From my understanding they created it as a escape from the changes they disliked on twitter, but like in my opinion the privacy settings on it are far too simplistic to be able to function properly as a service. I find myself checking basically every other service instead.
deleted by creator
regional pricing is the phrase you are looking for friend!
I fully agree, a project should have as little ties to illegal content as it can, and yes the current system goes off of current legal law or at least how the judge/Jury interpret it. And that’s where a lot of this issue comes to play.
It’s quite clear in existing law that you are legally allowed to reverse engineer a piece of equipment that you have physically purchased, there is no argument on that. The issue occurs when you are reverse engineering something that has DRM because at that point you were breaking a security standard. This is also why most emulators are legal however ROMs are not, because while it’s completely legal to reverse engineer a switch for example, the ability to bypass the DRM on the game itself in order to play the game is breaking a security standard which is not referenced in existing laws or backup laws.
This, in my opinion is the biggest issue with current laws, it makes no sense for me to be allowed to make a digital Archive of something that I have, but not be allowed to circumvent the security on the item itself in order to actually use the archive. Due to this it also means that ripping 4K and Blu-ray discs also are breaking a DRM which means you are legally not allowed to make a digital copy of movies that you own. Which directly contradicts the intent of these laws.
Of course I’m talking about in the US, other countries have a more lapse ideology for a data retention and archival purposes. Maybe someday as the younger Generations get older they will reapproach current dmca and copyright law and give exemption for personal use to allow breaking DRM, but until that happens expect every emulator is going to have this same exact claim every time
I don’t see how that is the Yuzo teams problem though, it’s the same argument people use with firearms, just because the emulator can be used to emulate contribute piracy doesn’t mean that it was made with the intent to. How would you recommend the Yuzo team actively block non-released games/restrict it down to only legal use? They used the telemetry data that they recieved to better improve their own platform, honestly it doesn’t really matter what that data is. The issue is fully at the user who used the tool illegally, not the developers of the tool.
God I hate current copyright law, in my opinion they need to do seething similar to the legal systems “when acting as an official” law and just have them exempt from copyright/privacy suits. This happens with every emulator and it’s generally used as a scare tactic to make the devs close shop.
Honestly even if they had coded this to anything other than MacOS I wouldn’t use it, I’m not too keen on learning a software that’s developed by a team that archived their previous project, given how popular atom was when they decided to archive it it concerns they could just do the same with this one.
I just expanded the existing fail2ban config on the commonly used default ports such as 22, 21 Etc, any requests on those ports get sent into purgatory, so the ip gets blacklisted any connections from it hangs until it times out. It’s a super basic setup iptables logs whenever a request is not in the current firewall (last rule in the chain) and then fail2ban reads the log and handles the block. I don’t count it as part of the normal setup because they’re isolated Because the actual ports the service is on still have the normal rule set but the default port numbers are just an instant if there’s activity on it you’re gone
My security is fairly simplistic but I’m happy with it
software protection
physical protection
things I’ve thought about:
I fully believe that when a game stops being developed the Early Access tag should be removed but that’s the extent of where I agree, anything past that is a problem strictly of the consumer who knowingly purchased a game that advertised itself as unfinished.
I would also agree that if you want to keep an early access tag at minimum you should be required to post developer updates using steams update log like many companies already do, and failure to do so will eventually result in your Early Access tag being replaced with an abandoned tag, that way it lets buyers know that the game is not a finished product and it’s no longer in active development.
As for the sleaziness of abandoning a project once people have paid for it, I would chalk that down as they knew the risk upon buying the game since it was labeled Early Access. I think that it would be nice if the return window opened for 2 weeks when a game was abandoned to allow people who were hoping the project would go somewhere the ability to refund but I also think that neither company nor steam should be under obligation to do so since the consumer knew the risk going into it, plus I also think it would be kind of sleazy for those who got hours of playtime on it to expect that you’d get your full money’s back, even if the project was discontinued
That’s the entire point of the Early Access tag though, it’s a tag that states “hey this is still in its early development stages and is not a final product” it even states that the game might not be finished. I can understand why some might see the term Early Access and think that it means that it’s a game that is going to be finished eventually, but under the description of the tag it’s not an obligation and it would be stupid as a game developer to throw money towards something that you know isn’t going to take off or that you’ve lost passion for.
I would say they should change the name of the tag to be something that better clarifies it, but honestly I can’t think of a better term because it’s right it’s early access the only alternative I can think of is maybe early development to remove people thinking that it’s just paying to get access to the game early.
As a counter argument to the good faith argument, I personally don’t think it’s within good faith to buy an early access game with the expectation that it’s going to be finished, I’m not sure how much clearer Steam and the development team can make it regarding that the future of the game is uncertain. I for one avoid Early Access games until I can see the reviews and see whether or not it’s worth getting (or if I am super interested) and if I see the game reviews stating the game is Dead Or there’s nothing on the devlog I skip it and go to the next game.
Don’t take me wrong I’m not saying that developers should keep their game permanently in early access, however I don’t see a problem with the Early Access tag being used to illustrate at the game is still in early development, and if the tag itself didn’t say the game may or may not be finished I would even Advocate that if in Early Access game gets canceled they should give refunds.
I haven’t heard about this game in years man that brings back memories