Static_Rocket

Static_Rocket , 12 days ago

To me on the security side of things caddy has a feature I have yet to see anywhere else: default reverse proxy headers.

Got something you want to lock down remote js loading on unless it explicitly requests an override? Default the variable to a locked value. The application can override it with it's own header as necessary.

https://caddyserver.com/docs/caddyfile/directives/header

Static_Rocket , 21 days ago

https://docs.docker.com/reference/cli/docker/container/cp/

Static_Rocket , 29 days ago

Good video going over practical pros and cons currently:

https://piped.video/watch?v=s6zcI1GrkK4

Static_Rocket , 1 month ago

I wish nginx had the concept of default header values for reverse proxies...

I mean, you can kind of do it with macros but man...

Static_Rocket , 1 month ago

Well they did a fine enough job pissing off artist and artist aligned consumers. Now it's just all the goofs from crypto happily peddling it like there's no tomorrow.

Static_Rocket , 1 month ago

It was never a flex, it was a cry for help

Static_Rocket , 2 months ago

You just reminded me of the Critic again damn it.
https://piped.video/watch?v=6i7ycxiog40

Static_Rocket , 2 months ago (edited 2 months ago)

All these years and people still haven't gotten the message:

https://www.youtube.com/watch?v=HSWj5_-F9Q4

Static_Rocket , 2 months ago

We're the front line dog. Strike me down so Debian Stable's legacy may live on.

Static_Rocket , 2 months ago

Something something furmark

Static_Rocket , 2 months ago

If you're just looking for RSS -> Push take a look at feedpushr

I use it with gotify without too many issues.

Static_Rocket , 2 months ago

"You're not just wrong, you're so far off I could make this the pivotal piece of a case study in misinterpreting humor"

God damn.

Static_Rocket , 2 months ago

Link to the article: https://en.wikipedia.org/wiki/Electricity_sector_in_Turkey#History

Static_Rocket , 2 months ago

You say that like there a large overhead to containers...

Even in this case that overhead is negligible. Container configs and artifacts are also more portable and easier to backup.

Static_Rocket , 2 months ago (edited 2 months ago)

It depends on what you want. Do you want containers that don't blow away your firewall? Podman is nice, but docker can be configured a little to avoid this. Want things that autostart and don't have issues with entry points that attempt to play with permissions/users? Docker or podman as root is necessary. Want reasonable compose support? Podman now needs a daemon/socket. Want to make build containers and not deal with permission/user remapping at all? Podman is really nice.

Do not attempt to use podman-compose. That app is dead.

Unfortunately if you want to make tools that will be used by other people then you must add docker support. It just owns too much of the market.

Static_Rocket , 2 months ago

Friendlyjordies watchers knowing it would be abc that advocates for this...

Static_Rocket , 2 months ago

They have been around for a little while now. Had one in college ~4 years ago. Upstream kernel support was a little rough but spec wise they were impressive alternatives to the RPi 3B

Static_Rocket , 2 months ago

I'm sure Ubi would still let you purchase it through the online store regardless

Static_Rocket , 2 months ago

I present to you the holy hardware compatibility table:

https://networkupstools.org/stable-hcl.html

Anything not listed there is not worth buying.

Static_Rocket , 2 months ago

Can confirm. Software is trash. Wanted me to connect it to the internet and setup a cloud access account. Like, dude, you're a glorified battery pack I'm not adding a backdoor because you want to tell APC when my warrenty is about to expire so I can get marketing emails.

Static_Rocket , 3 months ago (edited 3 months ago)

0.12kWh / h normally (120W). I'm also running 6 HDDs in raid10 so the spin down time is not optimal.

Static_Rocket , 3 months ago

Correct. I assumed a normalized kWh rating would be better than any instantaneous measurement I had on hand.

Static_Rocket , 3 months ago

Bitwarden does use a local database and syncs. When you authenticate it unlocks the local database and does regular syncing behind the scenes.

I do recommend self-hosting vaultwarden for the primary server though.

Static_Rocket , 3 months ago

I use Feedpushr + Gotify.

Works pretty well, but you may find you have to set up multiple output entries and tags to filter out the useful parts of a post. That and html entries sometimes don't get parsed correctly so you'll end up with tags in what should be a parsed content string.

Static_Rocket , 3 months ago

I don't know man, I've always liked the idea of a project outliving me. Though for the sanity of future engineers I hope that is not the case. Today's solutions are usually just tomorrow's problems.

Static_Rocket , 3 months ago

openbenchmarking.org

Static_Rocket , 3 months ago

Yep. Battery chemistry is a real pain in the ass. Every few years someone spins a wheel and determines the next big thing that everyone needs to do to prevent batteries from dying early. For a while people were told full cycles were healthy for avoiding cell memory. Now more sporadic cycles are being peddled.

Use the device as you need it. If you complete a full cycle, cool; if not, that's fine. Just don't let the damn thing completely die and don't keep it permanently on charge. Those are the common things most people do on accident that can really screw up a cell.

Static_Rocket , 3 months ago

Part of the problem is the game of telephone drops the cell chemistry related to the method almost immediately leading to general consumers applying it as a blanket rule for all batteries

Interesting source though...

Static_Rocket , 3 months ago

I wish more distro's packaged librewolf. I know there's an appimage and such but I prefer native tested packages where possible.

Static_Rocket , 3 months ago (edited 3 months ago)

The most useful quote to those familiar with the linux boot process:

“An attacker would need to be able to coerce a system into booting from HTTP if it's not already doing so, and either be in a position to run the HTTP server in question or MITM traffic to it,” Matthew Garrett, a security developer and one of the original shim authors, wrote in an online interview. “An attacker (physically present or who has already compromised root on the system) could use this to subvert secure boot (add a new boot entry to a server they control, compromise shim, execute arbitrary code).”

If an attack needs root then it doesn't matter. Your box is toast anyway. If you're using http boot without verification then you should have seen a MITM attack coming.

Static_Rocket , 3 months ago (edited 3 months ago)

Something akin to haveibeenpwned.com password hash partial match? Can that even be done with this data?

Edit: You goofs know you can calculate the hash locally and submit it for review without actually exposing your password to them right? That's how bitwarden does it's check. https://www.troyhunt.com/ive-just-launched-pwned-passwords-version-2/#cloudflareprivacyandkanonymity

Ah, but Mozilla isn't even trying to do anything cool like that. They just use onereap and those fuckers look shady. Quotes from their privacy policy: https://onerep.com/privacy-policy#what-data-we-collect-and-how-we-do-that

We use your Personal Information for a number of purposes, which may include the following:

[snip]

• To display advertisements to you.
• To manage our Affiliate marketing program.

There will be times when we may need to disclose your Personal Information to third parties. We may disclose your Personal Information to:

[snip]

• Third-party service providers and partners who assist us in the provision of the Services and Website, for example, (a) those who support delivery of or provide certain features in connection with the Services and Website (e.g. Stripe, a payment services provider; Sendgrid, an email delivery service; HubSpot, a CRM platform, and Sentry, a crash reporting platform); (b) providers of analytics and measurement services (e.g. Google Analytics, ProfitWell etc.); (c) providers of technical infrastructure services (e.g. Microsoft Azure, Google Cloud, and Amazon AWS); (d) providers of customer support services (e.g. Zendesk); (e) those who facilitate conduct of surveys (e.g. Hotjar); (f) those who help to advertise, market or promote our Services and Website (e.g. Mautic, Facebook Ads, Google Ads, Linkedin Ads, Reddit Ads, and Microsoft Ads);

The bastards

Static_Rocket , 3 months ago

I'm still trying to figure out good nftables rules for ipv6 prefix delegation...

Static_Rocket , 3 months ago

The above leans heavily on the idea that the political spectrum is a loop and swaying to either side too heavily incurs bias that eventually warps the initial intention

Because things weren't already confusing enough

Static_Rocket , 4 months ago (edited 4 months ago)

Am I the only one who didn't want another background service so I just wired a local Feedpushr instance to direct entries to my existing Gotify instance?

I mean, it works fine until some asshole puts HTML that their parser can't understand in the content section but then you just need to read between the tags...

Static_Rocket , 4 months ago (edited 4 months ago)

Well, when the game is essentially running in a virtual machine with an address translation layer that scrambles the backing memory every few minutes you're lucky the game even runs. Good luck trying to decipher that hell. A few guys have done it, I remember the one dude ranting on Twitter about trying to crack Borderland's 3 back around launch.

And then the follow up which was that Denuvo was basically adding a ~30fps overhead to the game and everyone was initially blaming the devs for releasing unoptimized garbage.

Gabe had it right, piracy is a service problem. And my motto has always been if the game has some garbage like Denuvo, then you couldn't even pay me to take a copy. Not worth the headache.

Static_Rocket , 4 months ago

Probably not, most of those sensors work by shining an LED light through the skin and monitoring reflection/scatter as a cheap form of photoplethysmography. Anything capable of absorbing that light, like the pigment used in tattoos, will prevent it from working correctly (at least out of the box, there may be some way to adjust for it but I do not think it would be very accurate).

An infrared sensor could work, depending on the ink type. Unfortunately those are more expensive.

Static_Rocket , 4 months ago

I kind of get it. Note apps are normally horribly cumbersome data serialization ecosystems you have to invest a lot of time into before you really feel like its doing anything more than a standard text editor could

Static_Rocket , 4 months ago

FOAM3R can be used to produce multi-functional foam structures for a wide range of applications, including aircraft cabins, in-car air filters ...

Auto shops hate this one simple trick

Static_Rocket , 4 months ago

I need a better programming specific search engine. DuckDuckGo seems like it's gotten worse at code/project searches and will now just assume you misspelled some common word.