“almost all of the most technical employees in framework are using either ubuntu, fedora or nixos. I’m mostly on Windows because we need actually people that are using Windows because our employee base in framework is all Linux users”
That is not the case for every country though. In France and Germany for example almost 3/4 of google requests are via IPv6.
Hab ich mir auch mal gedacht, und habs bereut.
Ich vermute bei einer solchen Frage lebst du in einer Stadt, und nicht iwo auf dem Land mit Haus und Hof. Suche mal nach Rad-Waschboxen/-Waschanlagen in deiner Umgebung, so Zeug gibt’s. Es gibt sogar Tankstellen die in den Waschboxen für Autos ausklappbare Fahrradständer haben. Und zur Not würd ich es einfach in ner Auto-Waschbox auf den Boden legen und fertig.
This is the correct answer, every device you use a bitwarden-client regularly on automatically becomes a backup
As far as I understand, in this case opaque binary test data was gradually added to the repository. Also the built binaries did not correspond 1:1 with the code in the repo due to some buildchain reasons. Stuff like this makes it difficult to spot deliberately placed bugs or backdors.
I think some measures can be:
So I think from a technical perspective there are ways to at least give attackers a hard time when trying to place covert backdoors. The larger problem is likely who does the work, because scalability is just such a hard problem with open source. Ultimately I think we need to come together globally and bear this work with many shoulders. For example the “prossimo” project by the Internet Security Research Group (the organisation behind Let’s Encrypt) is working on bringing memory safety to critical projects: https://www.memorysafety.org/ I also sincerely hope the german Sovereign Tech Fund ( https://www.sovereigntechfund.de/ ) takes this incident as a new angle to the outstanding work they’re doing. And ultimately, we need many more such organisations and initiatives from both private companies as well as the public sector to protect the technology that runs our societies together.
Well you must have either set up a port redirect (ipv4) or opened the port for external traffic (ipv6) yourself. It is not reachable by default as home routers put a NAT between the internet and your devices, or in the case of ipv6 they block any requests. So (unless you have a very exotic and unsafe router) just uhhh don’t 😅 To serve websites it is enough to open 443 for https, and possibly 80 for http if you want to serve an automatic redirect to https.
A colleague of mine had a (non externally reachable) raspberry pi with default credentials being hijacked for a botnet by a infected windows computer in the home network. I guess you’ll always have people come over with their devices you do not know the security condition of. So I’ve started to consider the home network insecure too, and one of the things I want to set up is an internal ssh honeypot with notifications, so that I get informed about devices trying to hijack others. So for this purpose that tool seems a possibilty, hopefully it is possible to set up some monitoring and notification via uptime kuma.
Ah thank you, that wasn’t obvious to me from its website
Why do you prefer it over syncthing?
I don’t have one, I can only tell you that you can change the keyboard layout. The Readme of the firmware sourcecode says:
To change the keyboard layout, adjust the matrix arrays in keyboard.c.
https://source.mnt.re/reform/reform/-/tree/master/reform2-keyboard-fw
You might find more information in the mnt forum, it is here: https://community.mnt.re/
You do not want Octoprint on a machine that is busy. Otherwise you have load spikes that cause Octoprint to not be able to send the move-commands (gcode) as fast as the printer executes the movements. This problem is pronounced with faster printers and slicers that break up arcs into small straight lines (which is practically all slicers). Otherwise your printer stutters because it has to take small breaks to wait for the next command from octoprint.
What privacy concerns do you have? I’m all for privacy, but I don’t really see where registrars are a delicate topic in that. The most that comes to mind is that some (most?) have a service where they do not give out your name and address for whois requests, but instead the details of the registrar (namecheap has that for example).
True words. The sustained effort to keep something in decent shape over years is not to be underestimated. Now when life changes and one is not able or willing anymore to invest that amount of time, ill-timed issues can become quite the burden. At one point I decided to cut down on that by doing a better founded setup, that does backup with easy rollback automatically, and updates semi-automatically. I rely on my server(s), and all from having this idea to having it decently implemented took me a number of months. Just because time for such activities is limited, and getting a complex and intertwined system like this reliably and fault tolerant automated and monitored is simply something else than spinning up a one off service
And they believe all employees actually remember so many wildly different and long passwords, and change them regularly to wildly different ones? All this leads to is a single password that barely makes it over the minimum requirements, and a suffix for the stage (like 1 for boot, 2 for bitlocker etc), and then another suffix for the month they changed it. All of that then on sticky notes on the screen.
I ordered some parts from them a couple weeks ago to build my own custom laptop, and they’re finally on their way and I’m super excited! The article is missing this, but you can order hinges, keyboard (with or without case), trackball/-pad and all these things individually from them, and use them for your own purposes.
It is just mind boggeling how much MNT encourages hacking with their stuff. They even went and made a dedicated logo you can put on things that are made to work with the reform ecosystem / derivatives: https://source.mnt.re/reform/reform/-/blob/master/symbol-for-derived-works/mnt-based-reform.svg
You can also search for the founder Lukas F. Hartmann and find a couple interviews out there.
Ausprobieren würde ich dir auch vorschlagen! Grundsätzlich passt das schon relativ gut zuammen. Nachdem beim E-Bike bei ~25km/h schluss ist, liegt der Schnitt natürlich da drunter. Aber zumindest für mein Gefühl ist es immer noch schnell genug damit es nicht langweilig wird, und Bergauf kommt man dann mit dem Rennrad schonmal ins Hintertreffen wenn man nicht am Akku spart. Ich habe mit meiner Partnerin ne ähnliche Konstellation, nur dass das E-Bike ein (sportlicheres) Lastenrad mit unserem Kind drin ist. Die Länge der Touren fällt dadurch natürlich kürzer aus, weil kein kleines Kind stundenlang ohne Pause da drin sitzen will. Aber auch ohne Kind und auf einem normalen E-Bike wird das für deine angepeilten Längen und Höhenmeter mit einem Akku nicht reichen. Man kann sich aber einfach nen zweiten Akku Besorgen, in eine Fahrradtasche werfen und unterwegs tauschen. Am wichtigsten ist aber dass deine Freundin auch Lust auf so Lange Touren haben muss. Sonst macht man halt kleinere, und möglicherweise will sie irgendwann selber weiter fahren :)
Since you run everything in docker, I guess you have experienced the benefits of containerization. So why not leverage that for your host too?
Fedora IoT is a container-based host that runs on your hardware, with a focus on edge device deployment.
https://fedoraproject.org/iot/ I have it running on two servers as well, and it works great. The only thing I changed is that I layered docker on it instead of using podman, because at the time I had trouble getting my reverse proxy working properly over ipv6
I don’t get your second paragraph. There are many markdown editors, and you can use their inbuilt methods or pandoc to convert that to epub/pdf/whatever. What features are missing from those editors?
Those are symptoms of sitting at that operation point permanently, and they are a of course a concern. What I’m after is that people think that energy gets put in to the battery, i.e. it gets charged, as long as a “charger” is connected to the device (hence terms like “overcharged”). But that is not true, because what is commonly referred to as “charger” is no charger. It is just a power supply and has literally zero say in if, how and when the battery gets charged. It only gets charged if the charge controller in the device decides to do that now, and if the protection circuit allows it. And that is designed to only happen if the battery is not full. When it is full, nothing more happens, no currents flow in+out of the battery anymore. There’s no damage due to being charged all the time, because no device keeps on pumping energy into the cell if it is full.
There is however damage from sitting (!) at 100% charge with medium to high heat. That happens indipendently from a power supply being connected to the device or not. You can just as well damage your cells by charging them to 100% and storing them in a warm place while topping them of once in a while. This is why you want to have them at lower room temperature and at ~60%, no matter if a device/“charger” is connected or not.
(Of course keeping a battery at 60% all the time defeats the purpose of the battery. So just try to keep it cool, charged to >20% and <80% most of the time, and you’re fine)
With something like this, how do you handle the period of time while copying? I mean you can’t really leave it running as it wouldn’t be in a consistent state. A “under maintenance” page instead? Copy to a fresh folder and when done tell the webserver to serve the new location?