Cyber

joined 3 years ago
sorted by: new top controversial old
[Tool] Privacy-focused AUR Malware Audit Tool (Atomic Arch Incident) in c/linux@lemmy.ml
[–] Cyber@feddit.uk 1 points 15 hours ago

As long as you're using a slower release cycle, ie something like Debian, then you shouldn't need to be concerned.

I think anyone riding the crest of the wave with Arch (& esp. the AUR) would likely be aware that things break, so, supply chain attacks are likely to be seen here quicker.

I honestly wouldn't be surprised if PPAs had similar issues, but might take longer to be noticed.

Personally, I have a lot of Ansible building my stuff, so actually rebuilding things wouldn't be an issue, but, would I then be installing everything with all the current latest malware...?

[Tool] Privacy-focused AUR Malware Audit Tool (Atomic Arch Incident) in c/linux@lemmy.ml
[–] Cyber@feddit.uk 4 points 1 day ago

Nice. That helped me quickly test my systems, thanks

[Tool] Privacy-focused AUR Malware Audit Tool (Atomic Arch Incident) in c/linux@lemmy.ml
[–] Cyber@feddit.uk 7 points 1 day ago (6 children)

Seems a bit extreme.

Arch Linux AUR Malware Campaign Hits Multiple User-Contributed Packages in c/linux@lemmy.ml
[–] Cyber@feddit.uk 2 points 2 days ago

Well, with the script at least you can follow the actions first, so it's better...just don't run it blindly because 2 minutes ago the attacker just put an additonal line of code in...

The executable / installer is more of a Windows thing and we've seen how that arms race is going... even Microsoft are trying to create a Linux-style repo called Windows Store.

Arch Linux AUR Malware Campaign Hits Multiple User-Contributed Packages in c/linux@lemmy.ml
[–] Cyber@feddit.uk 3 points 2 days ago (2 children)

curl | sh is the worst security front door I've seen

At least check the script first so it's understood

Arch Linux AUR Malware Campaign Hits Multiple User-Contributed Packages in c/linux@lemmy.ml
[–] Cyber@feddit.uk 2 points 2 days ago (2 children)

Me, an Arch user (btw), watching the NPM chaos on any distro...

How can I block websites? in c/linux@lemmy.ml
[–] Cyber@feddit.uk 4 points 2 days ago

DNS... set your system up to use an external DNS provider like OpenDNS where you can select categories to block.

I used this to block adult, gambling, malware, etc at the grandparent's house when the kids were growing up and starting to search the internet for school homework, etc.

If it's done in the router you'll cover all devices and you give someone else the password, so you can't change it.

Libre Closet v0.3 - 2x’d Performance in c/selfhosted@lemmy.world
[–] Cyber@feddit.uk 1 points 2 days ago

“Ask partner out on date, and check their wardrobe to suggest an outfit for the outing”

Yeah, that's probably about right 😁

Libre Closet v0.3 - 2x’d Performance in c/selfhosted@lemmy.world
[–] Cyber@feddit.uk 27 points 2 days ago (5 children)

Yeah, I'm kinda, open wardrobe door, grab what looks about right for today, done.

But.

I can see another use case here...

  • Partner "has nothing to wear"
  • Mentions buying more clothes
  • I open app, scroll, demonstrate how long the scrolling is still going for.
  • Win argument.
  • Purchase beer with saved money
  • (pass some to devs for assisting)
Radicale: Can someone please offer any guidance on usage and security. Om abit lost in c/selfhosted@lemmy.world
[–] Cyber@feddit.uk 3 points 3 days ago (4 children)

... because? ... or, instead, do...?

Radicale: Can someone please offer any guidance on usage and security. Om abit lost in c/selfhosted@lemmy.world
[–] Cyber@feddit.uk 2 points 3 days ago (1 children)

Nice wiki

Didn't know about infCloud... thanks

What to do after getting a domain name? in c/selfhosted@lemmy.world
[–] Cyber@feddit.uk 1 points 3 days ago

No, I was referring to a separate DMZ host...

Physically separate firewall connection, with different firewall policies between internet<--> DMZ than DMZ <--> internal network.

Not a VLAN. VLAN Hopping makes it possible to jump between VLANs, so they should only be consided as an administration tool, not a security mechanism.

But, I agree with you, putting a device on the internet isn't something that anyone should do without understanding the technical issues.

22
Hows Volumio These Days? (feddit.uk)
 

I'm running a <cough, cough> years old instance of Volumio 2 on a Raspberry Pi 3

The security of this is terrible, but it sits in my bedroom with a local USB drive full of music and works absolutely fine with a Nanosound DAC audio preamp hat / board which makes it sound lovely... which I don't want to change (it handles a remote control with power on / off)

When Volumio 3 came along, I wasn't impressed, didn't see the software improving much... it was starting to be more of a pull towards their subscriptions

So, I've left it alone and feel like it might be worth a revisit.

So, how's Volumio 4? Or... should I consider another FOSS product ( has to work with the same hardware).

43
Logseq --> Silverbullet (feddit.uk)
 

TL:DR; Has anyone here successfully migrated their data & workflow from Logseq to Silverbullet?

... wall of text follows ...

I've been using Logseq for a few years and it has been a life saver at work, trying to track the stuff going on - honestly, I'd have burned out if I hadn't found it.

However, I still haven't quite got all the things organised and I feel Logseq's development is taking a different track that I don't want to go down (db, collab, etc)

SilverBullet.md appears to be developing into the solution I'm looking for... although I don't want a server-client architecture, so I'm running it standalone at the moment.

But, the learning curve feels so steep it's tending to curve back on itself... or... I'm just too busy to focus on learning it.

I see how the file structure works, but I don't understand how the templates, journals, etc work (really simple.in Logseq)

It appears to be 1 person developing this with lots of helpers who all seem happy to chip in with some AI generated code in the forum, but no meaty documentation, examples, etc.

If you've read this far... is it worth sticking with? Is there an FAQ I've missed? Any pointers or encouragement...?

44
System Redundancy (feddit.uk)
 

After being home for weeks, I went away for business, the 1st night away there was a brief powercut and the firewall (on a UPS) seemed to get stuck.

So, that's no DNS, DHCP, or connectivity between wifi and LAN... All due to (admittedly aging) hardware issue.

Since then my entire home system has had issues whilst it all settles down.

It made me think about getting some redundancy into the system to handle a single failure.

So,.can you give me any insights into High Availability like CARP (for pfSense), VM failover (on Incus?), mesh wifi, Home Assistant, etc?

Of course there are going to be single points, like ISP line, etc, but seems like something to test out.

71
Holiday Upgrade Disasters (feddit.uk)
 

So, just a light post, I upgraded my Pi4 last night and found the Linux firmware breaks a 32bit install.

I've been meaning to change to 64bit for months, but as it's my DMZ box for torrents, radicale, etc, then it's just finding the right time to convert an adhoc setup into my ansible scripts.

Luckily I had a SD backup from September to get it running again

So, what have you broken over the holidays?

570
Open Source Developers Are Exhausted, Unpaid, and Ready to Walk Away (itsfoss.com)
 

cross-posted from: https://discuss.tchncs.de/post/49194514

17
Any experience of Diode? (feddit.uk)
 

I stumbled across Diode whilst looking for ways to do secure off-site backups (to my own equipment at another house) and it feels like a paid-for TOR (Ok, there is a free option)

I'm looking for any real experience as the site has too much marketing lingo in it:

Every Client is secured with a public/private key self-custody identity

And this doesn't seem very dynamic if I want to change something:

Diode’s Blockchain Name System can be used for Client friendly names

And somewhere on the site it infers unlimited storage...!

So, is the free option worth me looking into, or is it a waste of time?

58
Ansible Playbook - How do I reverse engineer a running system? (feddit.uk)
 

I have a few VMs and PMs around the house that I'd setup over time and I'd now like to rebuild some, not to mention just simplify the whole lot.

How the hell do I get from a working system to an equivalent ansible playbook without many (MANY) iterations of trial & error - and potentially destroying the running system??

Ducking around didn't really show much so I'm either missing a concept / keyword, or, no-one does this.

Pointers?

TIA

1
Vivaldi, now with added VPN (vivaldi.com)
 

Just found my Vivaldi update contained a little more than just bugfixes... it now has Proton VPN built in.

It's actually part of the browser, not an extension, so I'm in two minds whether I like that... or not.

You need either a Vivaldi account or a Proton account, so it's not completely anonymous, but it's a start.

The free-tier of Proton VPN also appears to be bandwidth limited and your exit point is randomised, so... yeah, it's ok...

24
Options for "iPlayer will stop working on this device" (feddit.uk)
 

"On 11th November BBC iPlayer will no longer be available directly on this device."

OK, so, I didn't purchase this particular (Blaupunkt) TV, but as it's my mother's then, well, I'm the one that has to "fix" this.

Personally, I use TVs as a simple screen and watch everything through other devices (Roku, or a Linux PC running MythTV).

I see the BBC website has some links to review sites, but I thought this might be another place to ask for - preferably open source - devices that could be used.

Comments?

45
Any MythTV Users Here? (feddit.uk)
submitted 2 years ago* (last edited 2 years ago) by Cyber@feddit.uk to c/selfhosted@lemmy.world
46 comments fedilink
 

As a long-term MythTV user, I read all the discussion about Plex vs Jellyfin, but I'm still here... recording Live TV, watching films, listening to "me choonz" all on free, open-source software. What am I missing? Any other MythTV users out there?

39
NAS vulnerabilities (www.theregister.com)
submitted 2 years ago* (last edited 2 years ago) by Cyber@feddit.uk to c/selfhosted@lemmy.world
11 comments fedilink
 

Just stumbled across this (overly dramatic?) article and thought I'd just post it here...

It's more to act as a reminder that if you've got a NAS that is serving content to the interwebs, then make sure it's behind a proxy of some kind to prevent weaknesses (ie in the management Web UI) being exposed.

Obvz, this article is pointing to Zyxel, but it could be your DIY home-built NAS with Cockpit: CVE-2024-2947 - just an example, not bashing that project at all.

I've used Squid and HAProxy over the years (mostly on my pfSense box) - but I'd be interested to know if there's other options that I've not heard of

17
pfSense DHCP (& DNS) Performance (feddit.uk)
 

pfSense... Anyone have much experience with the new Kea DHCP server?

I'm using 2.7.2 (Community Edition) on a fairly good Celeron based system that's not heavily loaded, but I have 7 network segments (VLANs and physical interfaces), so I have 7 DHCP pools / configs.

Just adding 1 more static reservation can cause a significant delay when reloading the service and because I register static reservations in DNS, the network loses DNS so I "break the internet" for a short while.

Would Kea fix this?

view more: next ›