frustbox

joined 1 year ago
[–] frustbox@lemmy.ml 17 points 1 year ago

Just SSH. Every public facing piece of software (I.e. a web interface) adds more complexity for misconfiguration or security vulnerabilities.

You can mount you remote filesystem locally and use your local file manager and text editors to manage most tasks. If you use ansible you can make changes to a local configuration and deploy the state to the server without needing to run anything special on the server side. It is especially effective if you also run docker.

And for monitoring I usually just have a tmux with btop running. Which is fine if you don't need long term time series data, then you might want to look at influxdb/grafana - but even those I would run locally behind a firewall, with the server reporting the data to the database.

[–] frustbox@lemmy.ml 1 points 1 year ago

When I saw that there was a pihole update to a new major version I got so excited hoping it would finally support DoH or DoT - nope. So disappointed.

Sticking with Adguard then.

[–] frustbox@lemmy.ml 1 points 1 year ago

One scar away from losing access to your ability to pay …

Biometrics can not really be changed. Except maybe through time or trauma (i.e. age or injury). They can be used to uniquely(?) identify a person - except maybe twins - at the expense of anonymity, which has it's own set of problems.

But because they can not easily be changed they're a terrible security feature. Once they leak, they're unusable and you're hosed. You can't issue a new palm print for your bank account like you could a new chip card and password.

Also, just because you waved your hand over a scanner does not mean that you approve and consent of the transaction. With tap to pay there were ideas of mobile point of sales devices just tapping on peoples backpacks in a crowded area. You don't even keep your biometrics markers in your pocket, they're just out in the open for anyone with a camera. This may be bordering on paranoia, but a few years back (2014) German hackers from Chaos Computer Club took iris scans from Angela Merkel (then Chancellor of Germany) and finger prints of Ursula von der Leyen (then Minister of defense) using nothing but press fotos. Cameras have only gotten better.

TL;DR: Biometrics can be used for identification but should never be used for authorisation.

[–] frustbox@lemmy.ml 6 points 1 year ago

Exactly, and when something crashes in the ocean it might be full off sea weed errr, I mean non-human biologics. And if equipment from foreign nations were recovered of course they'd get reverse engineered.

Knowing how secretive militaries tend to be about their missions … of course the whistleblower gets stonewalled when trying to inquire about it.

I haven't seen a single claim that couldn't be explained with something mundane.

[–] frustbox@lemmy.ml 50 points 1 year ago (2 children)

My interpretation is that it's mostly half-truths.

Do I think governments and militaries around the world have plans for such scenarios? Like retrieving UFOs? Yes, this seems reasonable. Do I think they have run exercises and tested those scenarios for real? Probably, yes. Most likely successfully so. Do I believe that someone with a lot of hearsay could interpret those things as "holy shit, they actually found something"? Yes, yes I do.

Is any of this proof? Nope. Extraordinary claims require extraordinary evidence.

[–] frustbox@lemmy.ml 161 points 1 year ago (4 children)

Capitalism sold us a fairy-tale.

Companies compete for customers, they improve products so it breeds innovation and they also compete for workers, so it gets better for everyone! Except it doesn't.

The reality is quite the opposite. Here's what happens. They want to maximize profits so that the owners of the company get more money. How do you maximize profits?

  • You can advertise, and attract more customers. Alright, but eventually everyone has a widget. Maybe you can poach some customers from a competitor, but ultimately the market is saturated. Things get replaced as they break there's a natural equilibrium. How do you increase profits?
  • You can charge more. Raise the price. That only works so far before you lose customers to your cheaper competition, again you reach an equilibrium. How do you increase profits?
  • You can innovate! Oh yes, that's what capitalism is all about, improve your production, instead of 5 parts that need to be screwed together, now it's just one part that falls out of a machine. You spend less time making each widget so you make more profit. But eventually there just isn't any room to innovate any more. How do you increase profits?
  • You can use cheaper materials. But here again, you bump against an equilibrium, the cheaper materials often break more easily - sometimes that is wanted (planned obsolescence) but your customers will notice the drop in quality and eventually they're not willing to pay as much for your widget any more. How do you increase profits?
  • Well, the last big item on your list: payroll. Do more work with less staff, or in other words pay staff less.

So what you end up with is low quality products, it's a race to the bottom of who can make the crappiest product that the customers are still willing to pay for.

And for the workers? Well, they don't earn much, we outsourced their work to overseas or replaced them with machines and computers. All the money went into the pockets of the owners and now the workers are poor. They're desperate to even find work, any work as long as it allows them afford rent and barely not starve. If one of them has concerns about the working conditions, fire them, somebody else is more desperate and willing to accept the conditions.

So capitalism is destined to make us all poorer. It needs poverty as a "threat" to make you shut up and do your work "you wouldn't want to be homeless, would you?"

The problem is not money itself, it's not stores or being able to buy stuff. That's an economy you can have an economy without capitalism. The problem is that the capitalists own the means of production and all the profits flow up into the pockets of the owners. And often the owners are shareholders, the stock markets, they don't care if a company is healthy, or doing well by their employees, all the stock markets care about is "line go up", and it's sucking the working class dry.

Regulation can avoid some of the worst negative effects of capitalism. Lawmakers can set a minimum wage, rules for working hours, paid time off, health and safety, environmental protection etc. Those rules are often written in blood. Literally, because if not forced by law, capitalism has no reason to care about your (worker or customer) life, only profits.

Oppose that with some ideas of socialism. aka. "The workers own the means of production" This is something some companies practice, Worker cooperatives are great. The workers are the owners, if the company does well, all the workers get to enjoy the profits. The workers actually have a stake in their company doing well. (Technically if you're self-employed you're doing a socialism) Well, that's utopia and probably won't happen, maybe there's a middle ground.

Unions are a good idea. Unions represent many workers and can negotiate working conditions and pay with much more weight than any individual worker can for themself.

Works councils are also a good idea, those are elected representatives of the employees of a company. They're smaller than trade unions, but can still negotiate on behalf of the employees of the company. Sometimes they even get a seat on the board of directors so they have a say in how the company is run.

That's how you can have capitalism but also avoid the worst effects of treating workers and customers badly. Anyway, unchecked capitalism is not a great idea. The USA would be an example of such unchecked capitalism.

Especially when you know that money equals power and the wealthy can buy their politicians through the means of "campaign donations" and now the owners of companies control the lawmakers who write the laws these companies have to abide by … From Europe we look at the USA and are mortified, but let's not make this even more political.

[–] frustbox@lemmy.ml 8 points 1 year ago

People have already mentioned wet towels on your neck but I would add, if you can, cold wraps for your legs: wet towels around your calves.

[–] frustbox@lemmy.ml 21 points 1 year ago (17 children)

Are we really still "both siding" this?

You have one side stating that the current social and economic systems cause a lot of people to suffer and die in poverty - maybe we could change the those systems so that the world becomes more fair and fewer people suffer.

While the other side basically says: people we don't like shouldn't exist. Let's make their lives more miserable.

And you think those two positions are the same?

[–] frustbox@lemmy.ml 1 points 1 year ago (1 children)

That depends on the password manager.

There are password managers that work on your computer and the data never leaves your hardware. KeepassXC for example. The database is just a file on your computer - you are in charge of backing it up, synchronizing it to your other devices (i.e. phone) etc. The database file is fully encrypted so you could share it with a cloud provider like google drive or dropbox, or you could use syncthing which synchronizes files between your devices without cloud storage. If you use cloud storage there's a small risk that the encrypted file gets into the wrong hands (but it is encrypted so it's most likely worthless to any would be hacker).

Some other password managers offer a web service where you can log into a website to see your passwords, and they have mobile apps and browser extensions. These do store your passwords in their cloud - the risk that those get breached is considerably higher. But even there it depends on the implementation details. Bitwarden for example kind of does something similar to keepass, where your "vault" is encrypted locally and then stored on their servers. Even if they get breached, the data would be useless. Lastpass had a breach recently and it turned out that they didn't encrypt everything - so someone with access to the data could determine some details such as which sites a user had accounts on. And apparently some vaults used a weaker encryption so those might be decrypted eventually.

And a lot of password managers are closed source so there's no telling what they may do, just "trust me bro".

If I had to give a recommendation it would be bitwarden - it's open source, it's free although there is a paid plan if you need it and want to support them. It's really easy to use. If you have extreme paranoia (no judgement) then keepassxc - it's also open source and free, it's just a little more effort to set it all up so it doesn't get my first choice.

view more: next ›