Copy them to the box. Sign them. Copy the cert file off the box back to the requester.

I run easy-rsa on a linux box. Just manually generate CSR’s and sign them via SSH.

And simply trust the CA cert in windows, linux and whatever extra places (normally firefox cert store).

Post the crl.pem to /var/www/html/ and let NGINX use that.

For most things public like plex or whatever i just use letsencrypt. Easy-rsa is really just for internal stuff like my NAS, VPN etc.

The ARR tools are basically a search engine website you host. The interact with a few other tools you have to have access to/pay for. Namely an indexing service and a (for some) a download service. They can use torrents, so you dont HAVE to pay for downloading, but using something like newsgroups is really nice and add reliability and security.

THe “ARR’s” basically then are just a fancy UI and scheduler and just search the indexing service, download the files you want, re-assemble them and copy them to the location you want (often a file share that your media player like Plex or Jellyfin will use).

You can set them to continually look for something too. So for Sonarr, it will auto-download new episodes as soon as they appear in the index. Or if you see a commercial for something upcoming, you can add it and monitor it and as soon as it starts showing up in the indexes it will download.

All the aarrrs. Saturates my isp bandwidth, have no issues with finding stuff, no takedown or piracy warnings…

I have 3.

1. Dakboard above the fridge shows calendar and shared photo album. It also runs bluetooth and serves as a relay for Homeassitant and a few kitchen devices (ie: igrill mini probe for meat).

2. pikvm for a desktop

3. pikvm+ kvm for lab rack esxi servers.

the latter two also run tailscale and allow me to SSH proxy if needed as a back VPN/remote access utility.

There is also a 4th. It runs NUT/UPS tools for their network gear and a mail relay for alerting and also tailscale so I can proxy if necessary.

Since its tailscale etc. Only key based auth is allowed on these boxes.

I saw this graph floating around

https://cdn.mos.cms.futurecdn.net/QKdmNvH8KqrZmnnqRDiz6k-970-80.png.webp

I saw a graph yesterday that put them squarely between the nvidia 4000 and the latest AMD gen in terms of performance. M

Edit: I have bad memory. Here’s the graph. https://cdn.mos.cms.futurecdn.net/QKdmNvH8KqrZmnnqRDiz6k-970-80.png.webp

Ah. That makes sense.

Interestingly the game is downloading for me. I have had it in my library for some time now.

Is it saying its been pulled for new sales only?

For me, this was because the PS4 uses USB 2.0 that caps out at 480 Mbps. It was basically doing checksums of the backup files vs the restored and it just took time, even when the backups I had it running on were a sata SSD.

Would agree. Especially re:Nintendo.

One of my biggest annoyance is when you have multiple switches on a family account. If you use cartridges local co-op (or whatever it is called) requires two copies of the game (a cartridge in each). If you have the downloaded versions/digital download, then any device on the Nintendo account (ie: 2 switches for kids on a family account) can play against each other locally.

I don’t think you can cache/save a cartridge to a device to be able to do their local play feature (ie via ad-hoc connections in a car)

I have backups of my games on a PS4, which is air gapped (because the USB interface took a shot of lighning and no longer works).

I have been able to restore them and play games/saves on this console.

Here: https://www.playstation.com/en-us/support/hardware/ps4-back-up-and-restore-with-external-storage/

FTA:

PS4 console data you can back up Backing up your data regularly is a great way to ensure that important data is saved. You can back up the following types of data saved to a USB drive.

• Games and apps
• Saved data
• Screenshots and video clips
• Settings

All user data saved on your PS4 console (excluding trophies) is included in the backup data. When you restore your backup data, your PS4 console is reset, and all data saved on your console is erased. If you want to return data without restoring your console, use USB extended storage or cloud storage.

I have backups of my PS4, with games downloaded from the PS store that say different.

Heck any Playstation disc games tries multiple times to get you to save it to the HDD.

Not to mention that as long as it’s a digital download, you don’t own the game - you lease it at a flat rate.

not true all the time. Plenty of games once you have the files are easily able to run. KSP is one such example. I can just copy the KSP folder to any computer and play the game.

Its the devs choice to require things like Steam to validate the game etc.

You download them and back them up. What happens if the disc is scratched or your buddy drops a blunt on it?

was likely announced prematurely,

It was announced 5 years ago and there’s still no release date. You can drop the “was likely”, it’s a definitive. It was.

The product was announced 5 years ago. 5.

They the. Said nothing for half a decade. Now starfield is coming out and is shipped from their perspective so he’s on to his next sale. Simple as that. See you in another 5+ years

Honestly the only thing I can think of is the competition recently to hack a satellite, maybe has drawn the ire of some script kids, or rather interest. [1][2][3] I LOT of educational and research stuff is quite open, and often very resistant to change as they value access/transmissibility over security in many cases where theres no real grounds (ie: its not national secrets etc). Some of these datasets are quite large.

Even still basic things like firewalls, key based access etc should be setupo. Heck if its a multi-million dollar instrument airgapping is probably worth its time. But i dunno. Just conjecture on my part.

The competition definately brought some attention [4]

• [1] https://www.newsweek.com/eight-teams-hackers-will-compete-breach-us-satellite-space-1808270
• [2] https://www.afrl.af.mil/News/Article-Display/Article/3341747/hack-a-sat-competition-highlights-on-orbit-hacking/
• [3] https://www.space.com/satellite-hacking-hack-a-sat-competition-winners
• [4] https://www.defenseone.com/threats/2023/08/national-intelligence-office-issues-cyber-warning-government-and-commercial-satellites/389671/

FWIW he says this in the beginning of the video.

I pay 95 for 400/12 and 1.2 TB. Count your blessings.

Yeah. Like I said, i have no idea what the conditions are. Maybe its Cloudflare threatening/applying pressure and LW has been getting smacked with DDOS etc.

But maybe not too. I strikes me as a excuse but honestly i dont know all the details or variable and frankly i dont care all that much.

Yeah im similar. I still use 1080 monitors and just 2 at a regular workspace. Its about the perfect DPI for reading text. Things like 4k just make it harder or you have to bump up the fractional scaling, in which case why the more pixels?

Im fine to keep it to a laptop monitor when im mobile, and 2+laptop monitor for email when at a desk.

Beeper does want you to proxy your iCloud account through a Mac on their network for iMessage. You are logging into your iCloud account through their site. They are in effect using Mac minis in a farm to provide the service based on what I looked into (including self hosting it, but then you can’t use a beeper app, you need your own)

https://help.beeper.com/chat-networks/imessage?from_search=125277302

Text is copied. Media is simply linked back to the original location I believe.

Also dmca just means that the admin has to make a reasonable effort to remove things reported as no compliant. Aka they ban or remove offending posts and they are in the clear.

I’m gonna be honest. And I run my own instance, albeit solo, this content isn’t my concern. It’s the CP/CSAM shit that folks like burggit.moe we’re spreading that got my liability concerns up. The feds go hard on that shit (as they should) and will hold a hosting admin accountable as if they were the ones viewing and reading it.

Dmca is pretty clear cut and toothless. I’ve dealt with it plenty as a network admin. As long as you remove it when notified, you are in the clear. This strikes me as the admins having a political opposition to it and using their made up code of conduct as a reason and when pressed just saying “well liability”.

That said I don’t know where they live and the laws for me may not be the same as someone hosting in Germany, who may go hard on that stuff. So who am I to judge? Just saying dmca isn’t really a concern.

Also they’re hosting provider could just cut them for “abuse” especially if they are already using a lot of resources and if that’s a concern I get it. .

I have NSFW unchecked on my instance, so no porn is ingested/federated. Also because its just me, i have to seek out communities to federate with via search.

I did this via https://lemmyverse.net/communities and changed the linked names to my domain and just ran searchs to start the federation for the specific communities i found interesting.

It does mean things like “Local” is useless and subscribed and all are the same filters since its only stuff i subscribed to.

Occasionally I will browse one of alts on a different instance and check all, or local there and see if theres anything interesting. I have also re-run through the link above here and there to find new communities to join. Those are probably the biggest “pain points” in that it takes more effort to find new communities. But once you start the feed its fine.

I also use different default filters on my alt’s in different instances (ie: ALL:HOT on lemmy.world) or whatnot if im feeling like finding new stuff. But honestly the lemmyverse stuff gets like 99% of the content here, and theres been a dip in participation, so some communities are idling (which just means I dont see anything)

Are you hosting it on personal hardware?

Not currently, though I am considering it. Right now I host mine on a VPS in linode. Though i need to downgrade it, I built it with the expectationg of allowing joins, but recently decided just to keep it private.

Can you just choose any free name for the domain if it’s on your own hardware or do you need to rent one regardless?

This wouldnt work. You not only need to have a routable/real domain name, but the server likely needs access to the internet to allow fro federation, specifically ingress traffic, to work.

Do you keep it active all the time or turn it off for the night/other periods of time where you know you won’t use it?

Mine runs 24/7. Even if i hosted it at home it would be 24/7. Only issue is

1. I already use port 80/443 at home. So i would need to reconfigure NGINX to use a proxy, which could also break federation. I could do that, in fact I am pretty sure the ansible config uses NGINX proxy commands, just that I would have to customize it and Im lazy. I already have stuff on VPS systems in linode (blog, teamspeak etc) so its no biggy to have another one.

2. My internet at home can be flaky. For example I currently dont have power at home and while I normally run on UPS for a time, and can cut to generator when I am home, my network just went into auto-shutdown.

Some games you dont even need a crack or anything, just access to the files.

For example with KSP, you can just clone the game directory anywhere and run it from there. Doesnt even need steam. Heck i copied it over to an M1 macbook once just to test the Macbooks performance…

Thats also how the mod managers like CKAN work with the game.

Excatly why I never opened my instance. With it just being me, i can control what is on it and what is synced. There was too much risk with CP/CSAM type stuff. Heck I didnt even want to risk my linode account (aka they shut my other VPS systems down) due to TOS from shenanigans.

That said, I can still contribute just fine with my own instance and dont have to be involved in these drama defederation actions.

I would encourage anyone that is willing to criticize an instance maintainer for their decisions on risk to just roll out the lemmy-ansible setup and go your own way. If you troll or act in bad faith, you will get defederated. If you act like a reasonable person, no one will even notice. And that way you are in control of uptime, patch cadence, backups etc.

Any company that I have to give my username and password for a third party service (and especially one as important as icloud/imessage) ill take a hard pass.

I have a guy that does this. He puts so much effort in weird mobility solutions (ie: Dual monitors on a rolling table so he can work outside sometimes) or having a setup like this with TV’s, monitors etc all cobbled together.

Would you be surprised to hear hes not the most organized or efficient.

Echo $RANDOM og ai

Possibly. What i was hearing seemed more like some weird DB/code gremlin thing. But I dunno. Literally never run it.

Also i think the deployment type was invovled. Maybe it was a docker specific thing??

I’ve been seeing them everywhere.

Those self service terminal at autozone? Pi’s.

Multiple threads people have mentioned random crashing, DB issues and nonsense/useless log outputs that don’t help find a cause and just require you to restore from backup.

No way I’d consider it for business use.

After the stability issues I’ve heard. I wouldn’t even consider nextcloud for my family at this point.

At this point i just interpret AI to be "we have lots of select statements and inner joins "

No doubt they are probably better overall, especially when considering manufacturing. But I swear parts of my house where built with scraps (or the last guy was just a sociopath) and most of the time I encounter them it’s in some rare ass instance and it just pisses me off.

Last time was when servicing my AC I noticed the breaker was bad (ie wouldn’t reset ). So I had to swap it and by code I needed to swap the box it ran on since it was showing signs. Sure enough 1 of 4 screws holding it to the side of the house is a fuckin Robertson head. So I was neck deep in fixing shit and had to stop and go find my random cup of bit heads out in the shop.

Now I just carry a bit if I can remember it. But it’s hard to find screws sometimes so I just don’t use it to avoid exacerbating my own problems.

What kind of screwdriver though? Torx are superior.

Oh yeah. Of course old tpm (1.2) that was the only key to the Castle isn’t great in the hand of someone with some know how and alligator clips since it communicated in clear text at the bus level so key extraction was possible. But for most folks security model, who cares. If it was a risk the business handled it with a pass phrase and tpm.

Apple does security prettt well and integrated too. Especially for most that don’t care.

Im gonna be honest. I stopped reading here.

There are entire swaths of the world, billions of people, where phones are basically the only gateways to the inter.

I do not recommend using a smartphone for banking. You’re asking for a huge attack surface & it’s reckless. People will do it anyway but to suggest that people should avoid Tor for banking on the basis that you’re assuming they are using a phone is terrible advice based on a poor assumption. Use Tor Browser from a PC for banking. That is the best advice for normies.

again, the article is about “normies” using tor to get it to lose its stigma… The only way it gets de-stigmatized is for “normies” to use it. The way “normies” access things is vastly different. There are risks to that. And its not just banking. Getting your email account hacked because you used it on a malicious exit node for one reason or another is just as bad, if not worse. Tor exit nodes are wholesale more malicious than your ISP.

I dont know why you are getting hyper fixated on specific use cases that were used as broad examples. Banking isnt the point its the general use of TOR and the risk it brings. Forest for the trees my guy.

Have a good one. We’re done here.