The designation could allow Germany’s intelligence agency to surveil and investigate members of the far-right party. The AfD says it plans to appeal the ruling....
That's a huge part of the reason why it took so long to put out that official classification: They made sure that their classification would hold up in court. No one is served by getting it in a bit earlier, just for it to be thrown out at the first level of court, because someone got a bit lazy on collecting all the evidence and writing up a thorough report.
I think the equivalent would be to let the fox guard the hen house.
And no, it's not about having a scapegoat, it's about putting exactly the wrong person with ... let's say "misaligned incentives" into some position (usually one of power).
Ahead of the European Parliament elections in June, fake news is becoming increasingly prevalent online. DW Fact Check explores four examples of how cybercriminals are spreading disinformation.
That's oversimplifying it. There's a difference between a politician being untruthful of what they promise or some corporation doing some bullshit PR about how much they love cause X and coordinated fake news campaigns to stoke anger and emotions to undermine functioning systems.
The former have to at least try to present with a straight face and can be called on their lies a few month down the line.
The later can make up all manner of bullshit and don't have to hold back, because they have no "public face" other than that piece of fake news. And they don't have to be able to stand up to any amount of journalistic scrutiny because as soon as enough people have read it, it's had its effect: it doesn't matter if it's all proven to be made up after the fact, because the emotions that the initial reaction raised are the whole point: they are not trying to convince anyone about any facts, all they want is to influence emotions and behaviors.
I went with iDrive e2 https://www.idrive.com/s3-storage-e2/ 5 TB is 150$/year (50% off first year) for S3-compatible storage. My favorite part is that there are no per-request, ingress or egress costs. That cost is all there is.
First: love that that's a thing, but I find the blog post hilarious:
We believe this choice must include the one to migrate your data to another cloud provider or on-premises. That’s why, starting today, we’re waiving data transfer out to the internet (DTO) charges when you want to move outside of AWS.
and later
We believe in customer choice, including the choice to move your data out of AWS. The waiver on data transfer out to the internet charges also follows the direction set by the European Data Act and is available to all AWS customers around the world and from any AWS Region.
But sure: it's out of their love for customer choice that they offer this now. The fact that it also fulfills the requirements by the EDA is purely coincidental, they would have done it for sure.
Remember folks: regulation works. Sometimes corporations need the state(s) to force their hand to do the right thing.
StartOS facilitates the entire process of discovering, installing, configuring, and using any variety of open-source software from anywhere in the world without trusting anyone.
Well, except of course the entity that gave you the hardware. And the entity that preinstalled and/or gave you the OS image. And that that entity wasn't fooled into including malicious code in some roundabout way.
like it or not, there's currently no real way to use any significant amount of computing power without trusting someone. And usually several hundreds/thousands of someones.
The best you can hope for is to focus the trust into a small number of entities that have it in their own self interest to prove worthy of that trust.
Like many other security mechanisms VLANs aren't really about enabling anything that can't be done without them.
Instead it's almost exclusively about FORBIDDING some kinds of interactions that are otherwise allowed by default.
So if your question is "do I need VLAN to enable any features", then the answer is no, you don't (almost certainly, I'm sure there are some weird corner cases and exceptions).
What VLANs can help you do is stop your PoE camera from talking to your KNX and your Chromecast from talking to your Switch. But why would you want that? They don't normally talk to each other anyway. Right. That "normally" is exactly the case: one major benefit of having VLANs is not just stopping "normal" phone-homes but to contain any security incidents to as small a scope as possible. Imagine if someone figured out a way to hack your switch (maybe even remotely while you're out!). That would be bad. What would be worse is if that attacker then suddenly has access to your pihole (which is password protected and the password never flies around your home network unencrypted, right?!) or your PC or your phone ...
So having separate VLANs where each one contains only devices that need to talk to each other can severely restrict the actual impact of a security issue with any of your devices.
Note that I suspect you actually want the third one, in which case I suggest you avoid MediaWiki. Not because it's bad, but because it's almost certainly overkill for your use-case and there's way simpler, easier-to-setup-and-maintain systems with fewer moving parts out there.
Oh, I'm 100% there with you on syntax. But having multiple pieces of software that support the same syntax seems useful.
Personally I've turned into more markdown kind of person rather than the traditional wiki syntax. And at least that one gained some level of standardization over time ...
Since most of those are run commercially and don't make their data easily accessible, that'll be a much different process, I assume. You'll basically have to scrape them like any other web site, except you'll specifically be targeting the edit/source view pages. Then find a wiki implementation that has as close a syntax as possible to the one they use (that could be tricky ...) and upload there. So unless you happen to find some code from someone who wanted to do the exact same thing, I'm afraid this would involve quite some programming/scripting.
This may be a simple question, but I could not find resources on that. Does creating a VPN into my home network using my router increase my attack surface? What are the security implications of that in general?
Increase the attack surface compared to what? If you don't allow/enable any access to services inside your network from outside, then by definition you have fewer attack surfaces than if you add a VPN to that empty list.
So trivially the answer is "yes, it adds an attack surface".
But what are the alternatives? If you directly expose each individual service on a dedicated port, for example, then you'd add many more (and usually less well hardened) attack surfaces instead.
So if the comparison is "expose 5 web-based services directly" vs. "expose one VPN like wireguard", then the second option is almost always the clear winner when it comes to security (and frequently also when it comes to ease of setup as well as comfort).
Hi all. I just set-up my first self-hosting server with NextCloud, Immich and a VPN server. I was wondering if there is a tool or layer of tools which would help me monitor my server and the services including running stats, resource usage stats, system logs, access logs, etc?...
I've not found a good solution for actual constant monitoring and I'll be following this thread, but I have a similar/related item: I use healthcheck.io (specifically a self-hosted instance) to verify all my cron jobs (backups, syncs, ...) are working correctly. Often even more involved monitoring solutions do not cover that area (and it can be quite terrible if it goes wrong), so I think it'll be a good addition to most of these.
This isn't specific to just netdata, but I frequently find projects that have some feature provided via their cloud offering and then say "but you can also do it locally" and gesture vaguely at some half-written docs that don't really help.
It makes sense for them, since one of those is how they make money and the other is how they loose cloud customers, but it's still annoying.
Shoutout to healthcheck.io who seem to provide both nice cloud offerings and a fully-fledged server with good documentation.
At a big enough LAN even just getting everyone to change that setting is probably harder than setting up a central cache. Don't underestimate the amount of people that listen to instructions, say sure and then just either not do it, or fail to do it correctly.
I’ve been using some cheap flash drives for things like installing OSs and the like, but now I’ve picked up a Dell Wyse 3040 system to play with which only has 8gb of storage. So I’m installing the OS onto a flash drive permanently (don’t worry, just for messing with, nothing of value will be lost if/when the drive craps...
USB SATA controllers are also very hit-and-miss. There's plenty of really, really bad ones out there. Either missing features, slow, getting hot or all of the above. If you found one that works well, good for you, but I'd avoid most noname brands, unless I had specific knowledge about the product or the very least the chipset they use.
If the only thing I knew about a given law is that those three complained about it I would immediately and wholeheartedly support and endorse that law. It's probably awesome and badly needed.
"Free speech" absolutists don't convince me with their hypotheticals.
Believe it or not: absolute free speech is not the end goal and not as valuable as you all believe.
Forbidding some kind of speech can be okay.
Because not forbidding it creates an awful lot of very real and very current pain. Somehow the theoretical pain that a similar law could create is more important for your argument, than the real and avoidable pain thatthis law is attempting to prevent.
but e.g. American free speech would be nonexistent
And I say that the specific American flavor of free speech is not very valuable at all.
Even if the state apparatus is bloated and needs to be improved, simply firing 10% of your workforce isn't going to magically improve things (especially when done so quickly). You basically can't know if you fire useful people or bloat. And for each "unnecessary" person you fire you also fire someone who was the only one in their department understanding their job and doing their actual work.
I understand your argument and there's some truth to it. But on the other hand exactly these kinds of decisions (joining/leaving the EU/NATO/...) have an incredibly strong possible effect, so them being done only based on the decisions of some politicians that were elected on some promises possibly quite unrelated to that decision has its own set of problems.
I host a few docker containers and use nginx proxy manager to access them externally since I like to have access away from home. Most of them have some sort of login system but there are a few examples where there isn’t so I currently don’t publicly expose them. I would ideally like to be able to use totp for this as well.
I've got the same setup! What I love about authentik is that I can even add a Google login as an authentication method. That severely increases the spouse-acceptance factor, as they don't have to "remember yet another password" or "carry around another thingie". Personally I use a YubiKey anyway, but for others who aren't into it "for fun" or for philosophical reasons reducing the friction as much as possible is paramount.
That example makes sense to me, because it's an alternative to something like hosting a blog on some third party site: generate it statically and host the result somewhere.
That's a great answer if one already has a NAS (which is not unlikely, given the name of the community). But if that's not already present (or desired for other reason) then a simple media-PC with some built-in storage is simpler to set up.
German court upholds AfD 'suspected' extremist status (www.dw.com)
The designation could allow Germany’s intelligence agency to surveil and investigate members of the far-right party. The AfD says it plans to appeal the ruling....
Fake news on the rise leading up to EU election (www.dw.com)
Ahead of the European Parliament elections in June, fake news is becoming increasingly prevalent online. DW Fact Check explores four examples of how cybercriminals are spreading disinformation.
[Repost] Reliable alternatives to AWS Deep Glacier for ~5TB?
Hi everyone,...
Sovereign Computing | Start9 (start9.com)
StartOS facilitates the entire process of discovering, installing, configuring, and using any variety of open-source software from anywhere in the world without trusting anyone.
Should I or should I not use a VLAN? I have trouble understanding the benefits for home use
Hey everyone,...
Closing the thread, I've got a suggestion to kill myself on matrix, you're the worst (sh.itjust.works)
VPN into Homenetwork Security
This may be a simple question, but I could not find resources on that. Does creating a VPN into my home network using my router increase my attack surface? What are the security implications of that in general?
[Question] Self hosted setup for monitoring Self-hosted services?
Hi all. I just set-up my first self-hosting server with NextCloud, Immich and a VPN server. I was wondering if there is a tool or layer of tools which would help me monitor my server and the services including running stats, resource usage stats, system logs, access logs, etc?...
Lancache.net - LAN Party game caching made easy (lancache.net)
Make the most of your network. Get more play for your gamers. Download your games once and serve them out to many people at your LAN....
Do I Need to Harden SSH over Tor?
cross-posted from: infosec.pub/post/10908807...
Looking for the Perfect USB Flash Drive
I’ve been using some cheap flash drives for things like installing OSs and the like, but now I’ve picked up a Dell Wyse 3040 system to play with which only has 8gb of storage. So I’m installing the OS onto a flash drive permanently (don’t worry, just for messing with, nothing of value will be lost if/when the drive craps...
JK Rowling, Joe Rogan and Elon Musk are fuming over Scotland’s hate crime law (www.politico.eu)
It was no April Fool’s joke....
President Javier Milei fires 24,000 government workers in Argentina: ‘No one knows who will be next’ (english.elpais.com)
## Public sector employees denounce that the cuts will put many state functions on hold...
Food price fears as Brexit import charges revealed (www.bbc.com)
The government has revealed how much companies will have to pay to import foods from the EU due to Brexit....
Looking for a reverse proxy to put any service behind a login for external access.
I host a few docker containers and use nginx proxy manager to access them externally since I like to have access away from home. Most of them have some sort of login system but there are a few examples where there isn’t so I currently don’t publicly expose them. I would ideally like to be able to use totp for this as well.
Introducing selfh.st/apps, a Directory of Self-Hosted Software (selfh.st)
Offline alternatives to Roku / Streaming boxes
Hopefully this is the right kind of question for this community, my apologies if not....