Pika

Pika , 1 day ago (edited 20 hours ago)

I personally will never use nextcloud, it is nice interface side but while I was researching the product I came across concerns with the security of the product. Those concerns have since then been fixed but the way they resolved the issue has made me lose all respect for them as a secure Cloud solution.

Basically when they first introduced encrypting folders, there was a bug in the encryption program, and the only thing that ever would be encrypted was The Parent Directory but any subfolder in that directory would proceed to not be encrypted. The issue with that is that unless you had server-side access to view the files you had no way of knowing that your files weren't actually being encrypted.

All this is fine it's a beta feature right? Except for when I read the GitHub issue on the report, they gaslit the reporter who reported the issue saying that despite the fact that it is advertised as feature on their stable branch, the feature was actually in beta status so therefore should not be used in a production environment, and then on top of , the feature was never removed from their features list, and proceeded to take another 3 months before anyone even started working on the issue report.

This might not seem like a big deal to a lot of people, but as someone who is paranoid over security features, the projects inaction over something as critical as that while trying to advertise themselves as being a business grade solution made me flee hardcore

That being said I fully agree with you out of the different Cloud platforms that I've had, nextCloud does seem to be the most refined and even has the ability to emulate an office suite which is really nice, I just can't trust them, I just ended up using syncthing and took the hit on the feature set

Pika , 1 day ago

It all depends on your threat model, I own my Hardware as well but I'm still not going to use a software that is shown to me that they don't take security seriously but I'm also more paranoid than most

Pika , 1 day ago (edited 20 hours ago)

I'm currently running proxmox on a 32 gig server running a ryzen 5600 G, it's going fine the containers don't actually use all that much RAM and personally I'm actually seeing a better benchmarks than I did when I just ran as a Bare Bones Ubuntu server, my biggest issue has actually been a larger IO strain than anything, because it's a lot more IO heavy now since everything's containerized. I think I easily could run it with a lower amount of ram I would just have to turn off some of the more RAM intensive items

As for if I regret changing, no way Jose, I absolutely love the ability of having everything containerized because I can set things up how I want it when I want it and if I end up screwing something up configuration wise or decide that I no longer need that service I can just nuke the container without having to remember well what did I install on this program so I can remove it and do other programs need this dependency to work. Plus while I haven't tinkered as much in this area, you can hard set what resources you want a lot to each instance, so if you have a program like say a pi hole that you know is never going to use x amount of resources to be able to appropriately work you can restrict what it can do so if something does go wrong with it it doesn't use all of your system resources

The biggest con out of it is probably having to figure out how to do the networking side because every container is going to have a different IP address, I found using a web dashboard is my friend because I can have heimdel tell me where all my services are and I just have to click the icon to bring me to the right IP address, it took a lot of work to figure out how it's operational and how to get it working, but the benefits I've gotten of having it is amazing. Just make sure you have a spare disk to temporarily clone partitions to because it's extremly difficult to use existing disks in the machine. I've been slowly going one at a time copying it over to an external drive nuking the and then reinitializing the disc as part of the proxmox lvm and then copying the data back over onto their appropriate image file.

Pika , 10 days ago

Seconding this, I took the plunge a month or two back myself using proxmox for my home lab. Fair warning if you have never operated anything virtualized outside of using virtualbox or Docker like I was you are in for an ice Plunge so if you do go this route prepare for a shock, it is so nice once everything is up and running properly though and it's real nice being able to delegate what resource uses what and how much, but getting used to the entire system is a very big jump, and it's definitely going to be a backup existing Drive migrate data over to a new Drive style migration, it is not a fun project to try to do without having a spare drive to be able to use as a transfer Drive

Pika , 1 month ago

I see this link posted everywhere for weeks now but like, I've never been able to use it. The US version of it recommends the DGCCRF which is exclusive to France or visitors thereof. It's weird that it doesn't recommend a US branch or have the FTC section at the top

Pika , 1 month ago

yea i figured the reason might be similar to that, too bad the US just doesn't care about consumer rights, I just find it weird they bother mentioning it on the US page if the US can't actually use it

Pika , 2 months ago

I'm surprized as well, like I guess I would understand if it's a no log DNS server but, what else wouldn't have sensitive information.

Pika , 2 months ago

TPM is a good way, Mine is setup to have encryption of / via TPM with luks so it can boot no issues, then actual sensitive data like the /home/my user is encrypted using my password and the backup system + fileserver is standard luks with password.

This setup allows for unassisted boot up of main systems (such as SSH) which let's you sign in to manually unlock more sensative drives.

Pika , 2 months ago

I didn't know there was so many that were so similar, it's really interesting.

Pika , 2 months ago (edited 2 months ago)

I actually think this is a nice feature, not really sure the argument of like "well Capital One isn't a great company anyway so it's not you they're looking after"

So because they're not a good company means that they shouldn't have good features? So should I not benefit from a feature that the bank/lender gives me?

I'm much happier that they're airing on the side of caution and asking me about it then just ignoring it and having me maybe miss it or find out months down the road. Worst case scenario? I get an extra email that I can ignore.

Pika , 3 months ago

Yeah I'm well aware I have myself as do not disturb on most platforms and have already decided it's going to be a lost cause to find any of my Discord servers because more than half of them change their icon and channel names, woohoo 4/1 e.e

Pika , 3 months ago

If they forced separation between chromium and Google I would say go for it, but as it's standing there is way too much power for Google to be like hey nudge nudge do it this way and then they would control the entire ecosystem

With that being said I do still think that there should be some form of competition regardless

Pika , 3 months ago

Thanks for the reminder, just set an event for 11:50 to go DND for 24h

Pika , 3 months ago

I'm tempted to try now lmao I can see it now tempfix3💀

Pika , 3 months ago

Surprise level: 0

I'm not sure how anyone expects any form of privacy from any company Under The Meta umbrella. I would be more surprised to be told that they weren't selling your data to every company that offered to buy it.

I would say this should be ruled out / illegalized but personally I've hit that point where I really don't think we're ever going to have any right to privacy in this country(US), and the government itself benefits far too much from the same privacy Outreach. It will just end up being a slap on the wrist or another pop up saying "Hey by using the site you agree to XYZ" or "by making this account you accept to give away your first born child". But considering the alternative is probably them making the service a subscription based, I'm expecting the majority of their users would prefer it this way.

That being said, Facebook's biggest push right now is all your chats are now end-to-end encrypted, so what this tells me is that either Facebook knew this PR was going to get out there and they wanted to do damage control early, or that Facebook is not doing true end-to-end encryption and that it's still server client encryption between both clients with Facebook holding the shared key.

Pika , 3 months ago

the backup was connected via /media/backups so that's gone too!

Pika , 3 months ago

concidering walmart doesn't sell normal cd players in store but does sell record players, I'm not surprized.

Pika , 3 months ago (edited 3 months ago)

Then the only your valid alternative to that is that you are no longer allowed to license code that is unable to be open sourced at the provider level. What are companies going to do, stop making software because they don't want to open source it? Like there isn't much a company you can do if they just unilaterally decide that this type of Licensing is no longer legal, companies aren't going to just choose to not exist because of it they're still going to exist and they're not going to shut down over the inability to have a closed Source license after abandonment

The worst case scenario is closed Source license libraries might decide to close because they don't need to exist anymore which means that companies would be forced to actually design the software they're working on, but in reality these types of libraries would likely just switch over to an open source support funded tier where they will provide the library is however they're not going to give any support unless they're on that subscription tier like how msps are

Pika , 3 months ago (edited 3 months ago)

I agree, unfortunately without addressing the closed Source libraries in abandoned ware problem the higher issue can't be addressed which is that there is no legal obligation for a company to keep their services active, nor is there an obligation for a company to have a proper phase out of their services they could decide tomorrow to just close up and there's no real restrictions aside from Word of Mouth / PR.

As much as I would love companies being legally required to have a proper transition period into abandonware via the means of allowing the community to self host or modify their existing software, like you indicated it would put companies in a catch-22 in regards to licensing agreements. So I think the licensing issue has to be addressed first

That being said if a proper abandoned where requirement was pushed through without changes to licensing you would likely gain support of companies for the licensing problem as well because of the fact that they're in a catch-22, so at that point they have a personal interest and getting that written to law

Pika , 3 months ago

Can't wait for this to get thrown out.

Like don't get me wrong, it's long overdue, I just do not believe our current system will actually have it be enforced.

Pika , 3 months ago

I wanted to take it, but mobile is so not that sites first or even 8th priority.

Pika , 3 months ago

this is like years too late, I'm not going to mcdonalds for ice cream anymore, especially not now that it's almost 6$ for a mcflurry. l can spend that much buying M&M's and the ice cream myself and grt more than one serving for it

Pika , 3 months ago

I see it the exact opposite, I actively avoid organizations that obnoxiously reach out requesting donation via register and cold calling. If I value the charity I donate but the second it starts being annoying I cease donation period. Even moreso the retail store sponsored ones

Pika , 3 months ago

I don't think banning them but, going the direction the EU did would bd nice, large vehicles require a different class license I've been told

Pika , 3 months ago (edited 3 months ago)

I don't disagree, however I think there's room for both the state and the consumer to benefit from this by restriction who can use them, this being via a license or certification similar to how non-personnel licenses currently, that would restrict the amount of them on the road as it is and it would also increase the money that can go back into the infrastructure,

Now something that I believe needs to be hard banned would be the halogen lights, we just had a three vehicle pile up in my state where two people died, and the current rolling story is that they believe the car that collided head-on with the vehicle that swerved into their Lane was unable to see whether or not the vehicle was in his lane or the other lane due to the fact that the lights on the vehicle were blinding, and honestly I believe that rumor. Those light bulbs are far more hazardous than any lifted vehicles in my opinion

Pika , 3 months ago (edited 3 months ago)

If you are unable to find a charging station at some point halfway across the state you're either being too picky, or blind. I live in the middle of nowhere Maine and I can still find at least one electric vehicle charger per major town. Hell there is three of them in the town next over and it's not even considered one of our highly populated towns. I thought the same that you did until I actually looked up where charging stations are located I was pleasantly surprized

Pika , 3 months ago

An alternative idea that I mentioned on a thread yesterday about vehicles with high bumpers, adjust the license class system to be more strict regarding vehicles. You already have to have extra training in a different license to run transport vehicles or semi trucks you should have to do the same with large vehicles, I'm not saying ban every pickup truck out there because I fully agree that trucks are a hard requirement especially in snow covered States like mine but there is a difference between having a pickup truck and having a monster truck at least in my opinion heavier or taller than low end transport vehicles

Pika , 3 months ago

yea looking at wyoming I can see there is defo a lack of EV stations, it looks like for southern wyoming the longest stretch is between rock springs and Lareme, but that's mostly if you lack the ability to use super chargers. I can see how it would be a pain to use an EV in that case, doable but it would stretch it a little further than i would be comfortable with as well. That being said you would never catch me driving 3 hours one way to visit someone anyway lmao

Pika , 3 months ago

"I miss my Activate windows to continue watermark, my desktop isn't complete without it!" - End User

Pika , 3 months ago

does it still have the "we noticed you are running out of space, turn on cloud to free up device space" nag? I haven't used apple in years but that one drove me crazy

Pika , 3 months ago

that's because they keep going at it from a timeline POV; I believe if they made required work time slots as a limitation against contract work (i.e if you are required to work between x-y daily) this issue would be resolved. There's no real reason for many contract positions to be a static time slot, contractors are supposed to be fully flexible on their own time as long as the end product is correct and within SLA, thd only benefit to fixed scheduling is management level, so I think that would tip the scale onto employee instead of contractor

Pika , 4 months ago

"and you said your name was uncle... Bruce was it? who was your dad again?"

Pika , 4 months ago

I'm glad you added the bottom of that because I 100% was going to ask you where you found that because that looked familiar lmao

Pika , 4 months ago

Many changes start with people posting about it, like it is very likely if this blew up Google would modify the search term to include the help line for both, so I disagree that it is bullshit in that regard regardless of OP's intent

Pika , 4 months ago

I don't visit the comments often, so I can see what you mean cuz a lot of times they can be quite toxic. But I think choosing between having them or not having them, I would choose having them just for the ones that do like the system, cuz I can just easily ignore the comments section. I also felt the same way with the dislike button though and you see what they did with that lmao

Pika , 4 months ago

70$ for a broker fee and you still might not get the domain, whew lol

Pika , 4 months ago

Don't worry, I'm lost with everything loading completely fine. It looks like the kitty is demonic and got sliced by the nails but it's still alive and super happy that he has a friend? It's a little confusing, especially the part where he squished the cats head in

Pika , 4 months ago

Last month, Tesla's chief executive predicted that Chinese automakers will "demolish" global rivals without trade barriers.

it sounds like maybe they should, idk? work on making their own garbage cheaper then? that soley sounds like a competition problem not a consumer problem. As long as the cars meet US safety standards for manufactoror I embrace the competition

Pika , 4 months ago

I'm on the other end of the spectrum, I will never answer a phone call, from work or not, my phone doesn't even ring unless it's from immediate family, I go out of my way to keep it that way. I will not respond unless it's a text, so if they do actually want me to respond or come in it will need to be via some sort of instant message/text

Pika , 4 months ago

The company I work for does that as well for its retail environment, it sounds good on paper but the only thing it's done is all the secondary phones now are ignored until it's a transfer ring. After a certain time of day(when the receptionist goes home) it just won't be answered unless a manager is the one who answers. This is partially due to the lack of training of the secondary and partially of the "no departments ever close" policy so if you answer it you are expected to help even if it's on the opposite side in an area you know nothing about

Pika , 4 months ago

For me the price is the biggest limiting factor, that and it doesn't work around here anyway. it has almost Flagship level price for just a little bit better specs than your everyday $300 phone that you can buy off the shelf.

Pika , 4 months ago

reminds me of discord

Pika , 4 months ago

I mean probally cause the console was an utter failure, I see no diff between my ps4 to my ps5, Supply failed at launch for 3 years, the exclusives have sucked, PS Plus went up on all tiers and features for it have been a roaring dumpster fire this is without taking into concideration the UI revamp sucks. I haven't even had the urge to fire mine up since October.

This compared to the series X that while hasn't had /great/ exclusives either, has well counteracted that downside with a huge gamepass library that connects directly with PC and had the supply to keep up with demand.

Pika , 4 months ago

Fully agree, I didn't think I would use it much either, but the fact that you can make any game suddenly a keyboard and mouse game is a game changer. It opened up the ability to run your strategy and your RTs and your survival games using keyboard and Mouse games like Ark I can't imagine playing with a controller however I can play with my Xbox friends because the fact that I can just play Ark using keyboard and mouse while they play on their console

Pika , 4 months ago

you ordered something? About time I saw that I would just say nvm lol

Pika , 4 months ago

you defo went to a bad 5 guys, I've been to st least 6 different locations and have never been disappointed in the experience

Pika , 4 months ago

I just expanded the existing fail2ban config on the commonly used default ports such as 22, 21 Etc, any requests on those ports get sent into purgatory, so the ip gets blacklisted any connections from it hangs until it times out. It's a super basic setup iptables logs whenever a request is not in the current firewall (last rule in the chain) and then fail2ban reads the log and handles the block. I don't count it as part of the normal setup because they're isolated Because the actual ports the service is on still have the normal rule set but the default port numbers are just an instant if there's activity on it you're gone

Pika , 3 months ago

hot tamales and atomic fireballs are the same way, it used to be really hot, now it's similar to just sweet. same with sour skittles, those used to make you bleed but not anymore, it's more sweet then sour