How does Microsoft's implementation work?
Is it possible to log into windows without a Microsoft account using that method?
CubitOom
joined 2 years ago
One of the biggest issues with 2fa is that normally it's either an easily spoofable phone/email or an app locked to a device.
This is why I use a password manager (pass) that is synced across all of my devices (via a private self hosted git for version control) that I can send 2fa QR codes to cameraless devices via screenshots using zbarimg and have every device capable of 2fa verification with the pass-otp extension.
I know this setup is a bit complicated as just dealing with git or importing a gpg key would give most people I know sense of existential dread. I am curious to see what others use for similar functionality.
I would say that if you are going to host it at home then kubenetes is more complex. Bare metal kubernetes control plane management has some pitfalls. But if you were to use a cloud provider like linode or digital ocean and use their kubernetes service, then only real extra complexity is learning how to manage Kubernetes which is minimal.
There is a decent hardware investment needed to run kubernetes if you want it to be fully HA (which I would argue means it needs to be a minimum of 2 clusters of 3 nodes each on different continents) but you could run a single node cluster with autoscaling at a cloud provider if you don't need HA. I will say it's nice not to have to worry about a service failing periodically as it will just transfer to another node in a few seconds automatically.
With a basic understanding of how k8s works and an already running cluster, all one needs to know is how to run a service as a docker file to have it also run in k8s
Well the kubernetes API has all the necessary parts built in mostly, although sometimes you may want to install a custom resource which often comes with complex service installs.
But I think the biggest strength of kubernetes is all the foss projects that are available for it. Specifically external-dns, cert-manager, and istio. These are separate projects and will have to be installed after the cluster is up.
You can also look at the cloud native computing foundation's list of projects. It's a good list of things that work well.
Caution, not all cloud providers support istio. I know that Google's GKS doesn't, they make you use their own fork of it
I would also recommend you avoid helm if possible as it obfuscates what the cluster is doing and might make learning harder. Try to just stick to using kubectl if possible.
I have heard good things about nomad too but I have yet to try it.
You should try out all the options you listed and the other recommendations and find what works best for you.
I personally use Kubernetes. It can be overwhelming but if you're willing to learn some new jargon then try a managed kubernetes cluster. Like AKS or digital ocean kubernetes. I would avoid managing a kubernetes cluster yourself.
Kubernetes gets a lot of flack for being overly complicated but what is being overlooked with that statement is all the things that kubernetes does for you.
If you can spin up kubernetes with cert-manager, external-dns, and an ingress controller like istio then you got a whole automated data center for your docker containers.
Checkout ollama.
There's a lot of models you can pull from the official library.
Using ollama, you can also run external gguf models found on places like huggingface if you use a modelfile with something as simple as
echo "FROM ~/Documents/ollama/models/$model_filepath" >| ~/Documents/ollama/modelfiles/$model_name.modelfile
I've been running Manjaro for about 6 years. I've only had self induced issues.
- I restarted during a GPU driver update
- I only used pacman to do system updates and it kept failing. I needed to use pamac for those round of updates instead.
Arch is a better OS in that you have more control of exactly what it will do. But Manjaro also provides a great experience out of the box with all the major DEs. It really comes down to how much convenience are you willing to trade for control.
For what it's worth, I've only noticed the slower Manjaro repo helping me once when steam fonts broke on the arch repo. So I basically had a warning and was able to switch to the beta version of the steam client to avoid that issue. So the slower Manjaro repo is not a selling point IMO, but the DE tweaks and configurations are.
Pass for personal use is great. Especially if paired with a self hosted private git repo like gitea.
Pass works well on all platforms I've tried, even android and wsl (although I've not tried with iPhone).
In a corporate setting. The biggest questions is going to be if there is already a secret store that has an API. If security will let you roll your own. How is it allowed to be networked. Who are the preferred vendors and is there any enterprise support available.
The best thing about arch is the wiki.
https://wiki.archlinux.org/title/NVIDIA
That said, on a laptop, you will likely need prime, optimus, or bumblebee depending on your CPU/GPU.
I am not an expert, but I try to be pragmatic. Here's what socalgas.com says about the topic.
You're right that natural gas is methane and that leaks are bad. However I think a nuanced view is important here for a few reasons.
Many developed countries have the infrastructure and workforce in place to not just safely deliver methane to buildings as an energy source but also to correct leaks.
Methane can be produced via a variety of sources both at a large and small scale. I've toyed with the idea of making a black soldier fly larvae farm and methane would be a by product
Gas tanks to hold methane have maximum a lifespan of 10 years. However many other methods of storing potential energy have a much shorter maximum lifespan, making methane a decent backup energy source in cases of emergency.
I don't know how good the energy conversion rate of burning methane is but I would be surprised if it is low.
Personally I think we should leverage every option, especially the lower hanging fruit before dismissing these options as being not ideal when the alternative is continuing to do worse.