1·
1 month agoTPM has solved this now for more than a decade.
Verified boot + TPM encryption key storage is a huge layer of protection for the boot process.
Check out the Arch wiki for TPM. It has some good reading.
- 0 Posts
- 24 Comments
Joined 2 years ago
Cake day: June 16th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
412·1 month agoJust use AI to remove all the AI slop!
All those backdoors
14·2 months agoIts one or the other. Either Google Play Services will push notifications, or the apps have to have the ability to handle push notifications on their own (which isn’t common).
Google Play Services can be sandboxed in GrapheneOS, but there isn’t an open source Google Play Services since its not included in AOSP. It is very much a proprietary blob.
You need VLANs if you want separate networks on the SAME router. But if you have separate routers, then you don’t need VLANs.
You will need two wireless access points. If the router you mentioned has two wireless access points built in, then just set one to connect to the shared network, and the other will act as an AP for your private network. Then the router can be configured to send WAN traffic out of the shared network AP.
If you use a router that only has a single AP built in, then you will need to purchase and additional AP to plug into one of your router’s LAN ports so that it has two total.
Some routers might have the ability to create multiple wireless networks on one router, but be sure the hardware can handle the load. I know my ubiquity UDR can create up to 5 wireless networks on that single device before you run into performance issues.
Honestly, if you’re using your own router, you won’t need to worry about VLANs as long as your router separates your private network from the shared one.
For example, if the shared network is 192.168.0.0/24, you can make your private network 192.168.5.0/24 and have your router’s firewall block incoming traffic from 192.168.0.0/24. Only allow WAN traffic out, and allow return traffic.
Then have your router or connected server act as the authoritative DNS and DHCP servers for the 192.168.5.0/24 private network.
One wireless AP will be used in client mode to connect to the 192.168.0.0/24 shared network. The other wireless AP will be used as an access point for other devices to connect to the 192.168.5.0/24 private network.
Its perfect for a small VPS. Been using it for years.
I do occasionally get places where my email simply will not send to them, even though it follows every email standard properly and isnt blacklisted. For those rare occasions, ill use a third party email address to send, which then forwards everything to my main email.
Yes, its fine to have your OS on a separate SSD and use your HDD as data storage.
Its also important to maintain your drives. Be sure to have SMART alerts, and do spinrite or badblocks occasionally to let the drive firmware remove bad sectors from use.
Check out Mail-in-a-Box
This blog is specifically for websites that are public facing. Sure, you can wireguard into your local network, but you can also SSH into your local network. Either way you have to poke a hole.
Good read.
I would just like to add some additional information that favors changing your SSH port to something other than the default. When crawlers are going around the internet looking for vulnerable SSH servers, they’re more than likely going to have an IP range and specifically look for port 22.
Now can they go through and scan your IP and all of its ports to look for the SSH service? Yes. But you will statistically have less interactions with bad actors this way since they might specifically be looking for port 22.
Whats wrong with it?
All my homies use DisplayPort
Its up to your distros package maintainer to make the patched version available. You can find who maintains it and contact them so they are aware.
Do you have an example of an app that lets a device with no Miracast capabilities act as a receiver? Im curious if its possible.
Miracast typically takes priority. It will ask for permission to allow it to display. It will then return to your previous input once the wireless display is disconnected.
Looks like Miracast and Wi-Fi Direct aren’t just some software you can tack onto a product. It’s a certification for a product that has proper software and hardware support to handle these tasks.
You can find some implementations of Android TV devices that have Miracast capabilities, such as the Nvidia Shield. Other than that, youll have to find another device that is certified for it.
Linux 3.18…???