Microsoft creates secure boot: “we should be able to run whatever we want on our hardware!”

Microsoft lets users install crowdstrike on their computer: “Microsoft shouldn’t let us run this on our hardware!”

start with basics:

• install iperf on every device you can between an external device and your internal host(s) and use it to find any bottlenecks
• use tools like tcpdump to analyze packets flowing over the network. you can often find surprising results this way
• start with a simple test best (again, iperf) with the most simple config (no nginx etc) and add the complexity of your config bit by bit until the issue returns

just a guess, but in order for an LLM to generate or draw anything it needs source material in the form of training data. For copyrighted characters this would mean OpenAI would be willingly feeding their LLM copyrighted images which would likely open them up to legal action.

open source software getting backdoored by nefarious committers is not an indictment on closed source software in any way. this was discovered by a microsoft employee due to its effect on cpu usage and its introduction of faults in valgrind, neither of which required the source to discover.

the only thing this proves is that you should never fully trust any external dependencies.

SMS is literally the bottom of the barrel though

you need to look at the routing tables on your computer. these tables store the prioritized rules for how packets leave your host machine.

it might be that something is adding rules, or, there is some overly broad rule taking priority (like a rule that says all 10.0.0.0/8 traffic go to your home router over 192.168.69.0/24, etc)

it’s also suspect that you can reach the NAS over the 1gb card. That to me means one of two things:

1. something is not actually using the IP you’ve configured in your fstab and is using some IP that is on the 1gb interface
2. you have some weird network routes configured that is leading to this issue. if 10.42.69.0/24 is accessible over the 192.168.69.0/24 network, then you might need to create a static route explicitly telling your OS to send packets out the 40gb card

ultimately, i suggest you run something like tcpdump or wireshark on your computer (ideally on the NAS too) so you can start to visualize how the packets are being addressed and transferred over your networks.

sincerely, a fellow 10.0.69.0/24 enjoyer

no, and that’s be a pretty bad idea, you’re opening up all your internal hosts to the public internet.

a VPN is specifically designed to keep all your internal hosts off the public internet. When you authenticate with the VPN server the remote device you are using effectively “joins” the internal network, using the VPN to act like a tunnel between you and your network.

it has the benefits of better security as well as the fact that once you set it up, you can access any services you host, not just HTTP ones.