Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)T

TedZanzibar

@ TedZanzibar @feddit.uk

Posts
5
Comments
189
Joined
3 yr. ago

  • I am about to board a flight. What sequence of events would occur if (by chance) for no apparent reason a window got completely smashed out?

    Jump

  • Pedant, but the pressure difference between 1 atmosphere and zero isn't all that great, so explosive decompression wouldn't happen even in the worst case scenario. Rapid yes, explosive no.

    To be explosive you need something like the Byford Dolphin diving bell incident, which was 9 atmospheres to 1 in a fraction of a second.

  • Serving my media library to my TV (local network only), i need suggestions

    Jump

  • Third Plex. It's a bit baffling as to why it's got such a bad rep recently because it performs its core function of serving media incredibly well, is super easy (barely an inconvenience) to setup, and there's apps for every conceivable platform.

    Yes there's a few features locked behind a subscription (though they still sell lifetime passes, often at good discounts) and they're trying to "legitimize" with their ad-backed streaming thing, but the core product of local media server is still very much there, and free, and isn't going anywhere.

  • FBI Warns Americans to Start Using Encrypted Messaging Apps

    Jump

  • Yeah that's cool and all but you're strawmanning. Your original comment, that I hear parroted a lot, is that Telegram is (basically) unencrypted, and regardless of your feelings about the suitability of MTProto (not SSL) that's patently untrue.

    There's no evidence that MTProto has ever been cracked, nor any evidence of them selling or allowing anyone access to their servers and recent headline news backs this up. Whether you choose to trust them with your data is up to the individual to decide. I'm just tired of seeing the "Telegram is unencrypted" claim in every instant messaging thread, made by people who don't know or care to know the difference between encryption and E2E encryption.

    Google, on the other hand, routinely allow "agencies" access to their servers, often without a warrant, and WhatsApp - who you cite as a good example of E2E encryption - stores chat backups on GDrive unencrypted by default. They added the option to encrypt last year but nobody was forced (or possibly even asked?) to turn it on, and to this day no encryption of backups is still the default. And while you might encrypt your backups, can you be sure the same is true for the people on the other end of your chats?

  • FBI Warns Americans to Start Using Encrypted Messaging Apps

    Jump

  • I'm not sure what point you're trying to make? The people that claim "Telegram is unencrypted" seem to be of the belief that literal plaintext is flying over the air for anyone with a mediocum of knowledge to easily intercept, and that's just not true.

    Lacking end-to-end encryption does not mean it lacks any encryption at all, and that point seems to escape most people.

    To take it to its logical conclusion you can argue that Signal is also "unencrypted" because it needs to be eventually in order for you to read a message. Ridiculous? Absolutely, but so is the oft-made opine that Telegram is unencrypted.

    The difference is that Telegram stores a copy of your chats that they themselves can decrypt for operational reasons. It's up to the user to decide whether the additional functionality that comes with this is worth the risk of a hostile agent successfully requisitioning those chats directly from Telegram themselves, rather than just busting through your door and threatening to break your legs if you don't unlock your phone.

    On the other hand, if you fill your Telegram hosted chats with a whole load of benign crap that nobody could possibly care about and actually use the "secret chat bullshit" for your spicier chats then you have plausible deniability baked right in.

  • FBI Warns Americans to Start Using Encrypted Messaging Apps

    Jump

  • Thank you! It winds me up so much when people parrot that claim.

    Telegram is encrypted in transit and encrypted at rest on their servers. At no point is any data stored or transmitted without encryption. Whether you believe their claims of never giving out encryption keys is another matter.

    My view is that if the feds wanted my chat logs that badly they wouldn't go after Telegram, they'd go after me and my device directly, and at that point all bets are off.

  • Your favorite lesser known docker container?

    Jump

  • Webtop. Lightweight Linux VMs but in Docker.

  • Me finding absolutely anybody to blame for my personal problems other than myself

    Jump

  • The episode specifically states that this is the case. She'd been chatting with her elderly mentor about old friends dying off and how it's like they never existed, and she'd been mulling this over at the point at which she was sucked into the bubble causing it to manifest.

    It's always seemed stupid and jarring to me, but I imagine they added it in to help people understand the concept.

  • Expanding Synology

    Jump

  • That's... A lot of storage. I'd say your options are, in no particular order:

    • buy a 12 bay NAS.
    • expansion unit. Do it as a separate volume and shuffle cold data onto there.
    • upgrade the drives.

    Failing that you could just have a bit of a purge? If not straight deleting stuff, move things onto an external drive.

    You could also try deduping. There's a script that'll add any drive to the internal "supported" list and also enable dedupe on mechanical drives. The savings were minimal on mine but you might have more luck. https://github.com/007revad/Synology_enable_Deduplication

  • My HA Instance is ready to take advantage of some very cheap energy.

    Jump

  • I keep thinking about doing something similar as I have an EV, solar, and batteries and Home Assistant to pull it all together but I just can't seem to make the maths work on sites like Octoprice. No matter how much I tweak things it always comes out more expensive than Intelligent Go.

    I do at least have an automation setup to make the most of the 2 hours of free energy tomorrow. Better than nothing!

  • Best HACS Integrations for Home Assistant 2024

    Jump

  • These are really cool, thank you. Added Spook and used it to clean up some broken entities.

  • Help me harden my home server

    Jump
    1. Sure but there's no reason to openly advertise that yours has open services behind it.
    2. Absolutely. There are countries that I'm never going to travel there so why would I need to allow access to my stuff from there? If you think it's nonsense then don't use it, but you do you and I'll do me.
    3. See point 3.

    We all need to decide for ourselves what we're comfortable with and what we're not and then implement appropriate measures to suit. I'm not sure why you're arguing with me over how I setup my own services for my own use.

  • Help me harden my home server

    Jump

  • Yes and no? It's not quite as black and white as that though. Yes, they can technically decrypt anything that's been encrypted with a cert that they've issued. But they can't see through any additional encryption layers applied to that traffic (eg. encrypted password vault blobs) or see any traffic on your LAN that's not specifically passing through the tunnel to or from the outside.

    Cloudflare is a massive CDN provider, trusted to do exactly this sort of thing with the private data of equally massive companies, and they're compliant with GDPR and other such regulations. Ultimately, the likelihood that they give the slightest jot about what passes through your tunnel as an individual user is minute, but whether you're comfortable with them handling your data is something only you can decide.

    There's a decent question and answer about the same thing here: https://community.cloudflare.com/t/what-data-does-cloudflare-actually-see/28660

  • Help me harden my home server

    Jump

  • Admittedly I'm paranoid, but I'd be looking to:

    1. Isolate your personal data from any web facing servers as much as possible. I break my own rule here with Immich, but I also...
    2. Use a Cloudflare tunnel instead of opening ports on your router directly. This gets your IP address out of public record.
    3. Use Cloudflare's WAF features to limit ingress to trusted countries at a minimum.
    4. If you can get your head around it, lock things down more with features like Cloudflare device authentication.
    5. Especially if you don't do step 4: Integrate Crowdsec into your Nginx setup to block probes, known bot IPs, and common attack vectors.

    All of the above is free, but past step 2 can be difficult to setup. The peace of mind once it is, however, is worth it to me.

  • In the era of remakes and remasters, what niche game would you like to see receive the treatment?

    Jump

  • Check out Grip: Combat Racing for a modern take on Rollcage. I haven't played it since early access, though, so I've no idea if it's any good.

  • 🚨🚨🚨DEFINITELY DO NOT DO THIS HIGHLY ILLEGAL🚨🚨🚨

    Jump

  • I do that a lot on my phone but keep forgetting it's a thing on desktop for some reason.

  • Concerns Raised Over Bitwarden Moving Further Away From Open-Source

    Jump

  • Better than using what? All I see is a bunch of stars.

  • This made me so angry, enjoy!

    Jump

  • 4 dollars

  • [Solved] How do I redirect to a /path with Nginx Proxy Manager?

    Jump

  • Yeah that's exactly what I'd done but it was insisting on trying to redirect me to the site on port 4443 for some reason.

    Fixed it in the end by reverting the NPM config to default (no advanced settings) and instead using Pihole's VIRTUAL_HOST=pihole.mydomain.internal environment variable in the Docker compose file.

    Cheers for your help anyway!

  • [Solved] How do I redirect to a /path with Nginx Proxy Manager?

    Jump

  • Just tried this myself and mine does the same thing but I don't have anything set in the custom locations tab. What did you do to resolve it?