tapdattl

joined 1 year ago
[–] tapdattl@lemmy.world 9 points 6 days ago

Which eventually leads to the Dark Side

[–] tapdattl@lemmy.world 9 points 1 month ago (1 children)

You could self host a web client

[–] tapdattl@lemmy.world 1 points 1 month ago

Well the internet down scenario has only happened once, and I returned home to no internet, booted up my laptop, and could not connect to any of my services since I couldn't reach my control server. I haven't forced the issue to occur by disconnecting my internet and testing connectivity. I just did the lazy thing and connected to the services I wanted via their IPv4 address

[–] tapdattl@lemmy.world 1 points 1 month ago

you're almost certainly routing local network traffic over NetBird instead of using local routes

That's precisely the functionality I want, though. Secure, encrypted, mutually identified traffic should be the only traffic in a zero trust network.

I'm simply trying to create an ingress point into this network for outside access.

[–] tapdattl@lemmy.world 1 points 1 month ago* (last edited 1 month ago) (3 children)

Thanks for your response! I'm completely self-taught, so I'll go ahead and acknowledge knowledge gaps on my end, but how would putting all the nodes in a network cause routing problems or ARP poisoning?

I recognize that what I'm trying to accomplish is a bit overkill for the average home network, and a lot of my reasoning behind my design is purely for learning. My reasoning for putting everything on a mesh network is 2-fold:

  • Providing encrypted, secure, and mutually identified networking between all nodes
  • Creating a centralized source of truth and control -- NetBird runs its own DNS system behind the scenes, which allows all nodes to be addressed by name regardless of location, which interests me because it creates a single point of administration for ACLs, routing, etc. I'm also able to access any node I want across the mesh network as long as I'm connected to it.

I have successfully run this setup previously with the NetBird management console hosted in a VPS, however the issue I ran into was that if internet went down at home, I could no longer access my locally hosted services through the mesh network. I could still access them via IP, since I was on the same LAN, but that defeats my goal of centralized control, mDNS, and a central source of truth that I got via the mesh network.

I have also successfully ran this setup completely local, however I am unable to access it from outside my homelab. For my use case, I think having all components of the mesh network hosted within my homelab is the best design. However now I have to figure out the best way to allow external connections to my management interface. Thus my original question should I use a cloudflare tunnel to my management interface, set up a wireguard tunnel from an externally accessible VPS service pointed to my management interface, or something different?

 

I'm re-setting up my HomeLab and one of the things I'm trying to learn about on this go-around is Zero Trust networking. To accomplish this I am planning on using NetBird's mesh overlay network. I would like all of my services to use the NetBird mesh network at all times, whether they are communicating within my homelab's LAN or I am accessing them from outside via the greater internet.

I have successfully set up the NetBird management interface on a Hetzner VPS, however the issue I run into is if I lose internet access at home, none of my services are able to function as they can no longer reach the management interface. However, if I self host the management interface in my homelab, I am unable to access it from outside my home LAN.

I've identified 2 solutions that could solve this:

  1. Self host the management interface and set up a Cloudflare tunnel to the management interface, which would allow access from outside my home network.

  2. Self host the management interface, then set up a wireguard proxy/tunnel on a VPS that forwards traffic to my management interface (Similar in my mind to option 1, but not relying on Cloudflare)

What are your thoughts? Any other ideas?

I appreciate your comments/criticisms!

[–] tapdattl@lemmy.world 2 points 1 month ago (1 children)

Any recommendations on a FOSS MDM?

[–] tapdattl@lemmy.world 1 points 2 months ago

You have backups?

[–] tapdattl@lemmy.world 13 points 8 months ago

PRECISION-GUIDED weapons first appeared in their modern form on the battlefield in Vietnam a little over 50 years ago. As armed forces have strived ever since for accuracy and destructiveness, the cost of such weapons has soared. America’s gps-guided artillery shells cost $100,000 a time. Because smart weapons are expensive, they are scarce. That is why European countries ran out of them in Libya in 2011. Israel, more eager to conserve its stockpiles than avoid collateral damage, has rained dumb bombs on Gaza. What, though, if you could combine precision and abundance?

For the first time in the history of warfare that question is being answered on the battlefields of Ukraine. Our report this week shows how first-person view (FPV) drones are mushrooming along the front lines. They are small, cheap, explosives-laden aircraft adapted from consumer models, and they are making a soldier’s life even more dangerous. These drones slip into tank turrets or dugouts. They loiter and pursue their quarry before going for the kill. They are inflicting a heavy toll on infantry and armour.

The war is also making FPV drones and their maritime cousins ubiquitous. January saw 3,000 verified FPV drone strikes. This week Volodymyr Zelensky, Ukraine’s president, created the Unmanned Systems Force, dedicated to drone warfare. In 2024 Ukraine is on track to build 1m-2m drones. Astonishingly, that will match Ukraine’s reduced consumption of shells (which is down because Republicans in Congress are shamefully denying Ukraine the supplies it needs).

The drone is not a wonder weapon—no such thing exists. It matters because it embodies big trends in war: a shift towards small, cheap and disposable weapons; the increasing use of consumer technology; and the drift towards autonomy in battle. Because of these trends, drone technology will spread rapidly from armies to militias, terrorists and criminals. And it will improve not at the budget-cycle pace of the military-industrial complex, but with the break-things urgency of consumer electronics.

Basic FPV drones are revolutionarily simple. The descendants of racing quadcopters, built from off-the-shelf components, they can cost as little as several hundred dollars. FPV drones tend to have short ranges, carry small payloads and struggle in bad weather. For those reasons they will not (yet) replace artillery. But they can still do a lot of damage. In one week last autumn Ukrainian drones helped destroy 75 Russian tanks and 101 big guns, among much else. Russia has its own fpv drones, though they tend to target dugouts, trenches and soldiers. Drones help explain why both sides find it so hard to mount offensives.

The exponential growth in the number of Russian and Ukrainian drones points to a second trend. They are inspired by and adapted from widely available consumer technology. Not only in Ukraine but also in Myanmar, where rebels have routed government forces in recent days, volunteers can use 3D printers to make key components and assemble airframes in small workshops. Unfortunately, criminal groups and terrorists are unlikely to be far behind the militias.

This reflects a broad democratisation of precision weapons. In Yemen the Houthi rebel group has used cheap Iranian guidance kits to build anti-ship missiles that are posing a deadly threat to commercial vessels in the Red Sea. Iran itself has shown how an assortment of long-range strike drones and ballistic missiles can have a geopolitical effect that far outweighs their cost. Even if the kit needed to overcome anti-drone jamming greatly raises the cost of the weapons, as some predict, they will still count as transformationally cheap.

The reason goes back to consumer electronics, which propel innovation at a blistering pace as capabilities accumulate in every product cycle. That poses problems of ethics as well as obsolescence. There will not always be time to subject novel weapons to the testing that Western countries aim for in peacetime and that is required by the Geneva Conventions.

Innovation also leads to the last trend, autonomy. Today, fpv drone use is limited by the supply of skilled pilots and by the effects of jamming, which can sever the connection between a drone and its operator. To overcome these problems, Russia and Ukraine are experimenting with autonomous navigation and target recognition. Artificial intelligence has been available in consumer drones for years and is improving rapidly.

A degree of autonomy has existed on high-end munitions for years and on cruise missiles for decades. The novelty is that cheap microchips and software will let intelligence sit inside millions of low-end munitions that are saturating the battlefield. The side that masters autonomy at scale in Ukraine first could enjoy a temporary but decisive advantage in firepower—a necessary condition for any breakthrough.

Western countries have been slow to absorb these lessons. Simple and cheap weapons will not replace big, high-end platforms, but they will complement them. The Pentagon is belatedly embarking on Replicator, an initiative to build thousands of low-cost drones and munitions able to take on China’s enormous forces. Europe is even further behind. Its ministers and generals increasingly believe that they could face another major European war by the end of the decade. If so, investment in low-end drones needs to grow urgently. Moreover, ubiquitous drones will require ubiquitous defences—not just on battlefields but also in cities at peace. Kalashnikovs in the skies

Intelligent drones will also raise questions about how armies wage war and whether humans can control the battlefield. As drones multiply, self-co-ordinating swarms will become possible. Humans will struggle to monitor and understand their engagements, let alone authorise them.

America and its allies must prepare for a world in which rapidly improving military capabilities spread more quickly and more widely. As the skies over Ukraine fill with expendable weapons that marry precision and firepower, they serve as a warning. Mass-produced hunter-killer aircraft are already reshaping the balance between humans and technology in war. ■

[–] tapdattl@lemmy.world 2 points 9 months ago (1 children)

Do you recommend any resources about this? I'd be interested in learning how to implement this.

[–] tapdattl@lemmy.world 1 points 10 months ago (1 children)

While I normally agree on #2, it doesnt really apply to Tailscale. Tailscale isn't completely free, they have a free tier to generate business but it's limited to 3 users per tailnet. Also its cryptographically impossible for them to snoop on your traffic.

[–] tapdattl@lemmy.world 3 points 10 months ago

Can you make the domain somehow personalized to you so you can say its for an online resume to further your education and employability? If you happen to host other personal stuff that won't cost you anything extra, just make sure you have a fancy looking CV at the root.

[–] tapdattl@lemmy.world 1 points 10 months ago

I just set up a security camera for my dad's office: zoneminder running the webcam and tailscale for access anywhere.

view more: next ›