Same, I need too much mental space for it, it’s so engaging that I want to actually have the room to enjoy it. When I do I love it, but when I don’t I kind of don’t want to disrespect it and my enjoyment of it with a half attentive state.
What do you do with Home Assistant?
“Oh well I automate a noise complaint form submission. It’s integrated with my noise level detector and with a custom python lookup for the most recent airplane departure”
(that guy probably)
Tailscale can act as a site to site vpn, but it’s best used as a meshvpn imo with as many things as possible in it.
Why? Because the dynamic dns is so powerful. Every host name automatically is in every other tailscale joined computer automatically. My NAS (Truenas in my case) is just “nas” so to access it it’s just https://nas. Same with my rustdesk server on https://rustdesk. Jellyfin? You guessed it: https://jellyfin.
Why is this cool? I moved my box between other networks and it just works again. No ips changed.
I take it to work. It just works. I keep one server at my parents place? It just works.
But my printer doesn’t have the ability to join the tailnet so I use subnet routing to create a node on that network to act as a NAT router to get to and from that printer.
You can even define exit nodes so if I install tailscale on my parents TV in another state, they can exit their internet via my home which has my IP and therefore Netflix counts it as inside my residence.
Anyway just some considerations. I generally use the subnet routing as a last resort. My 3 node proxmox cluster is all joined and if I took a node to my parents it would literally just work, if slower, as a cluster member. Crazy. Very cool
CCTV footage reportedly showed a welding machine being operated above piles of flammable material, according to The Indian Express newspaper, which cited a government official.
No wonder the owner fled.
Telegram isn’t encrypting chats (only secret chats).
As far as reproducible builds telegram has got instructions and caveats or excuses around builds for the same issues signal does: https://core.telegram.org/reproducible-builds#reproducible-builds-for-ios
Both easily make Android reproducible builds. This Twitter message is a rock being thrown in a glass house, knowing most people who consume Twitter like it’s a firehose, won’t swallow the nuance of the details.
I don’t even, not to complete lengths.
Reasonably sure they mean telegram. Only secret chats are encrypted. Telegrams chat otherwise is basically transport layer encryption.
https://www.wired.com/story/telegram-encryption-end-to-end-features/
Oh one different situation: because I’ve been on the side of supplying logs to cyber forensic analysts as part of cyber insurance post breach, the level of scrutiny will matter. If they find you’re doing something they don’t want on work equipment near or around a cyber incident you’ll be part of the post breach recommendations. As in, what to remediate.
AGPS probably does work though for location. Many work laptops have sim cards for 5g, and that means connectivity permanence and assisted gps from cell tower triangulation.
However I know from testing things like m365 login just accepts the ip location of vpn endpoint.
My advice is it depends: and it mostly depends on the effort of the sysadmin and the level of logs they look into. The timing of the log from your vpn connection and your location. If they own the networks you did connect to, those networks will know where you are.
Use your personal device for personal things. End of story.
Yep though I’m a sysadmin and can feel for that, these consolidated platforms are being used as a straight “you trust this, when I infect you, I’ll use payloads I’ll temporarily host in github because you adjust already block overseas by default expect a bunch of whitelist trusted domains.”.
It’s technically easy to allow a subdomain, but it’s really hard to unblock just a path.
So yeah, what generally happens is the SOC team complains that the new threat is here, and either vendors (had this with fortinet) move the risk rating of github from a 3.5 to a 6 out of 10, I had put the threshold at a default 5, and now it’s being blocked. I wonder why it wasn’t blocked before, well it wasn’t as risky last week as it is now.
Anyway just thought I’d share the IT sysadmin POV.
More to point, using security as an example, we use SentinelOne and azure sentinel. I’ve had a ‘I want to compare crowdstrike and huntress labs’ because I’ve seen really good things with those xdr seim tools. But I got shot down. Why? We can’t deviate our standards. Well, how will we know if the competition is better? Is our choice good? Who knows.
I still don’t know. I sleep easy knowing it’s not my burden though. It’s their fault if they get compromised on an attack that the other vendor would stop.
Penny drop moment of “oh right we have to look at the competing engines to see our own weakness”? Frankly it should be obvious.
“If you know the enemy and know yourself, you need not fear the result of a hundred battles.”
For me it raises really a odd question about their culture too, since only after inshin’s remaster did they add a policy to review developer tools and technology, in a development company.
I’m trying to not read into it any more than that but I can’t help but imagine there were board meetings beforehand going ‘guys our team want to try using unreal’ and some exec going ‘no it’s banned we only use our own propriety code or else we’ll lose our brand and be washed out! All other engines are banned!’.
You realise if it’s saved you can now use features that are built into the software, that get saved, like using ‘track changes’ to accept or discard edits granually. You have file system level version control to choose previous versions, you have an undo feature built in. Three different tools to use.
This is an insane scenario: my software design decision is, despite recovery mechanisms like previous versions, file history, and undo mechanisms, I’m afraid if a cat uses a keyboard I’ll accidentally save changes I don’t want to a word document.
Lol. The only user error was choosing libre office instead of a user friendly software stack that has reasonable defaults and r recovery mechanisms.
I’ve been thinking of running something using second hand usb cameras and raspberri pi 3+ since my switch already has poe and my nas has 40tb.
I have a 3d printer so a wall mount enclosure shouldn’t be hard either.
Was thinking of mounting them on the window frames indoors.
Nvr software like this might work: https://github.com/seydx/camera.ui
Tailscale will allow me to access the Web front end anywhere on my devices. Individually it could hold the RPis too just for remote troubleshooting later if anything happens.
Personally I’d like to reuse as many things that I already own and have no specific reliance on a vendor. If I got a rstp camera later, I wouldn’t need a pi to host the camera. But I’ve got a couple of pis and a couple of usb webcam to start. It won’t work for night mode so I’ll have to make sure the outdoor lights are triggered by motion.
But I’ve not done anything yet this is all how I’ve thought about it in my head. So I’m watching this space to learn more too.