Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)S

SayCyberOnceMore

@ Cyber @feddit.uk

Posts
23
Comments
868
Joined
3 yr. ago

  • Where to start with backups?

    Jump

  • Ah, good old dd

    When you have some spare time, take a look at partclone - clonezilla uses it because it only backs up used blocks, not free space, so more efficient.

  • Where to start with backups?

    Jump

  • Interesting.

    Yep, I agree there's 2 types of backups:

    • data
    • OS image

    Out of curiosity, how are you doing the drive imaging?

  • Reproducible alternatives to nextcloud?

    Jump

  • Yep, this is what I did too.

    I found no-one was using the NC interface and just syncing, so stripped right back.

    Stable. Lightweight. Mostly no maintenance (just moving to syncthing-fork)

  • Why isn't using a key file the most common way to log into self-hosted servers?

    Jump

  • I think the point here is that no-one uploads / enters a password/phrase/file.

    Whatever you enter on the keyboard is hashed and the hash is sent. Depending on the protocol, sometimes it's time limited so no-one can record the network traffic and resend the data (replay attack)

    Files (SSH keys, certificates, etc) are checked against a (usually) asymetric key exchange algorithm, so they can only compare what's sent if they have the corresponding key to decrypt the cipher.

    The length of the password (or file) is basically meaningless. It's just how long it'll take someone to guess it (brute-force), but as the saying goes, you don't break into a house through the door, you go through Windows... ie the weakest link.

    In your concept, the weakest link is the meatware: humans. We need ease of use, so, someone will store that file and it'll be compromised, so 64b, 128b or 512b doesn't matter, if they have the file, they're in.

    Now... MFA... Now, that's more like it.

  • Cisco finally fixes max-severity bug under attack for weeks • The Register

    Jump

  • Gotta say... I don't really rate Cisco as a security vendor these days.

    Sure, we'll happily rack up a load of their switches (disabling the call-home feature), but edge protection? I'll pass...

  • What do you guys think? Would this greatly decrease your chances of being hacked?

    Jump

  • Accounts are rarely brute forced these days.

    It's almost always a leaked, unsalted hash table.

    Ñōt göñńå hêlp mùçh

  • Jeff Bezos said the quiet part out loud — hopes that you'll give up your PC to rent one from the cloud

    Jump

  • At least there's no Windows...

  • Learning fixes without looking everything up or having the answer given outright

    Jump

  • Time. And experience.

    I compare this with other skills like growing plants... "keep watering them" is not good advice for cacti...

    A lot of Windows users have to search for solutions which you probably know. And there's still advice out there to "open regedit..." (do you understand the difference between HKLM and HKCU?)

    Windows is like Linux, but someone's taken away all choice: 1 desktop GUI, 1 filesystem (mostly), etc. so there's usually only 1 answer.

    Pressing the volume key should work as it's been the same for decades. Yet, why can't I move the taskbar to the top of the screen in Win11 now?

    You'll get there with Mint Cinnamon, but someone else on Mint Xfce will have to do something different, and learn different things yet you'll still both learn about apt even if you try to only use the gui to update your systems.

    Over time the venn diagram of advice becomes clearer and you find what advice works for you (ie cli vs gui) and you learn why some plants need water and others don't.

  • Homelab hardware choices

    Jump

  • I have a 7530. (Is yours a typo?)

    Yes, those instructions look about right.

    My pfSense box has the username & password, so the router really is just being used as a dumb modem (I used to use Draytek modems)...

    ... but...

    The router's diagnostics will show the DSL details, so you can check if your external connection is ok (ie OSI Layer1), but it will always think it's offline.

    So once you get your OPNSense setup and working, have a look around the Fritz diagnostics and get comfy with what you can / can't see, because when there's a failure you won't know what is really failed.

    Also... write down what you did and how to reverse it, as you (or others) might want to reset it to full router if your OPNSense is down.

  • Homelab hardware choices

    Jump

  • The advice above matches mine.

    I have a home-built pfSense unit and when parts die (not if), then I just replace them with spares I have already waiting... as that box is now critical for you.

    I also have a Fritz in bridge mode with the pfSense doing PPPoE through it, so effectively, the firewall is the first real device on the WAN. Makes things much simpler as the WAN interface has status like packet drops, etc, much easier to diagnose issues.

  • Is there a way to remove the autopopulated dashboards from the sidebar? Not per device.

    Jump

  • Your quirky quest to quit using quizzical words is quite strange...

    I'd expect that a dashboard / sidebar item could be available only if that module was installed - like Integrations for example.

    I use the Energy but not Climate, but in the future I might install it, likewise I might remove an existing one.

    I don't see this as a big problem, but I do agree that automatically adding them can be annoying with multiple phones / tablets / etc.

  • State of the Fin 2026-01-06 | Jellyfin

    Jump

  • Wow.

    Ok, I don't have anywhere near that amount of media, but MythTV takes seconds to rescan ~2TB of videos and maybe a minute to get any missing details like fanart, etc.

    Similar amount for music - but I feed it the files after I've run them through Picard.

    I've not done a complete rescan of eveything for ages, but from memory it's like an hour absolute tops. More like ~30 mins.

    And that's on an underclocked CPU (for quietness).

  • Which open-source operating system(s) installed to all mobile devices (laptop, tablet, phone) would work nicely together like Apple devices do?

    Jump

  • Out of curiosity, which Mint bugs are you seeing?

    I've just upgraded one family laptop to... 22? And about to do another on the weekend... so curious if I should hold off, or hurry up...

  • Reitti v3.1.0: A year of self-hosting my location history (1.1k stars and 46 releases later)

    Jump

  • This looks very interesting.

    I track the family's location with GPS Logger (on Android) and the Home Assistant app on the iPhone user... it's all going to HA at the moment to turn lights on when people get home...

    And I have a separate Immich server.

    So, reading this, I can combine this all together from HA and Immich - or do I need to send the GPS coordinates to this server too?

    I'm also not a container user... skimming the installation section, the instructions appear to be only support docker - are standalone instructions also covered? (I may have missed them...)

    But, this looks really nice.

    I liked thr piechart where you distinguish between walking, cycling, driving, etc, I presume that's done by velocity...? So, do you calculate that or need that data from the phone app?

  • Introducing Hypermind: A fully decentralized, P2P, high-availability solution to a problem that doesn't exist.

    Jump

  • I don't run any containers and this made me consider trying to get the whole infrastructure setup 😁

  • NAS decision paralysis

    Jump

  • Just basic commands will get you most of the way there... lsblk, fsck, etc.

    You can check the formatting and partitioning with something like gparted (a GUI for parted)

    For SMART, use smartctl or gsmartcontrol for a GUI

    Note: external USB enclosures / docks / adapters / etc. rarely pass SMART data, so you'd need to actually plug it into a mobo to check that.

  • NAS decision paralysis

    Jump

  • Linux should see most formats... you might need to install something to read NTFS... but if they're FAT32, most distros have thst installed by default.

    If you can't read them, and there's nothing on there that you need to recover, then just zero them and check them with a full SMART scan, then you'll know if they're reliable before wasting time with a RAID array that keeps chewing up drives.

    But, I don't know of any mobos that'll connect that many drives...

  • NAS decision paralysis

    Jump

  • Are these external USB drives? You can certainly plug those in all over the place, but it's not a scable, long term solution.

    Shuck the drives if they're external and just use them as normal drives

    And you can't daisy chain modern drives in the same sense that old SCSI / PATA drives used to be connected, but you could get a drive bay to fit an existing PC - I had one that put 4x 3.5" drives into a 3 bay 5.25" space... wasn't great but did the job.

    But, you'll want to get the drives into some kinda array - could be a JBOD initially, but you will NEED good backups as any drive failure = total loss of it's files.

    Perhaps backup each drive to... somewhere... create an array and then restore all your data into that new array.

    Total available storage of RAID is less than the total space in all the drives due to checksums, duplication, etc.

  • NAS decision paralysis

    Jump

  • Yeah I want an external drive out of the house, but I feel like that is independent of my decision on how to store data at home. Am I wrong?

    Yes 🙂

    You'll want offsite storage no matter what you build. This protects you from wiping your RAID array (RAID is not a backup), syncing the wrong data and losing files, etc.

    And... imagine your NAS is gone. Make sure you know how to get your (encrypted) data back.

    The first thing I did was backup a small chunk of files and then see that I could restore them to a different laptop.

    Yep, I have Arch with a btrfs RAID array because - for me - ZFS was too needy. I can use standard tools to maintain btrfs.

    It has SMB and NFS shares, powers up & down (when idle) automatically, and syncs our phones and laptops via syncthing (sync is also not a backup)

    Everything is backed up to an online storage provider AND a HDD connected to a RasPi in a family members home (and I reciprocate some of their backups)

    I do have Immich running natively on the NAS (no containers) because all our photos are there, so it made more sense to put it there, but all other functions (Home Assistant, etc) are on a separate device.

  • Selfhosted @lemmy.world
    SayCyberOnceMore @feddit.uk

    Holiday Upgrade Disasters

  • Linux @lemmy.world
    SayCyberOnceMore @feddit.uk

    Backups.. Pull or Push?

  • Linux @lemmy.world
    SayCyberOnceMore @feddit.uk

    Laptop uptime - since suspend

  • Selfhosted @lemmy.world
    SayCyberOnceMore @feddit.uk

    Open Source Developers Are Exhausted, Unpaid, and Ready to Walk Away

    itsfoss.com /news/open-source-developers-are-exhausted/
  • Selfhosted @lemmy.world
    SayCyberOnceMore @feddit.uk

    Any experience of Diode?

  • homeassistant @lemmy.world
    SayCyberOnceMore @feddit.uk

    Today, enjoy your self-hosted home automation

    www.techradar.com /news/live/amazon-web-services-alexa-ring-snapchat-fortnite-down-october-2025
  • cybersecurity @infosec.pub
    SayCyberOnceMore @feddit.uk

    Stumbled on to StormShield - opinions?

    www.stormshield.com
  • cybersecurity @infosec.pub
    SayCyberOnceMore @feddit.uk

    Solar PV vulnerabilities

    www.redhotcyber.com /post/34-000-impianti-solari-a-rischio-hacker-la-sostenibilita-ha-un-lato-oscuro/
  • Selfhosted @lemmy.world
    SayCyberOnceMore @feddit.uk

    Ansible Playbook - How do I reverse engineer a running system?

  • Arch Linux @lemmy.ml
    SayCyberOnceMore @feddit.uk

    OLD System... Upgrade or re-install?

  • homeassistant @lemmy.world
    SayCyberOnceMore @feddit.uk

    Automated Cooling

  • Technology @lemmy.world
    SayCyberOnceMore @feddit.uk

    Vivaldi, now with added VPN

    vivaldi.com /blog/privacy-without-compromise-proton-vpn-is-now-built-into-vivaldi/
  • Technology @lemmy.world
    SayCyberOnceMore @feddit.uk

    Options for "iPlayer will stop working on this device"

  • Selfhosted @lemmy.world
    SayCyberOnceMore @feddit.uk

    Any MythTV Users Here?

  • Selfhosted @lemmy.world
    SayCyberOnceMore @feddit.uk

    NAS vulnerabilities

    www.theregister.com /2024/06/24/mirailike_botnet_zyxel_nas/
  • Arch Linux @lemmy.ml
    SayCyberOnceMore @feddit.uk

    Sanity check: Vivaldi high CPU usage

  • Selfhosted @lemmy.world
    SayCyberOnceMore @feddit.uk

    pfSense DHCP (& DNS) Performance

  • networking @sh.itjust.works
    SayCyberOnceMore @feddit.uk

    pfSense DHCP / DNS performance

  • Selfhosted @lemmy.world
    SayCyberOnceMore @feddit.uk

    Pause alerts during the night

  • Linux @lemmy.ml
    SayCyberOnceMore @feddit.uk

    Desktop Security