I’ll assume it’s a typo. for now.

and he had space on a “completely full” disk to save an archive of a 40GB windows folder.

Danke fürs teilen, gleich gespendet😀

ipfwadm ftw

I have to admit it widens the attack surface. Not immensely, but every bit counts.

host key veryfication, right, good point! non-root attacker won’t have your servers key. but thats just on top. so even if you ack the new host key, what could they gain? give you a shell with their permission and wait for you to sudo-tell them their password maybe. until then trying to mimic the system they might not know too much about (whats in /root?)

Chess. (lichess)

I run a small it company. Each month I have to sort all tax relevant documents and hand them to my tax office.

So I download the tx CSV from my accounts. Those get parsed and the relevant invoices get searched in paperless, so I see if something is missing etc with a few minutes of manual work.

I have an paperless account and shared it with my user, but you can also just integrate 2 accounts in one email client.

Guess I should create a sieve filter to look for relevant mails and auto-copy

so everyone can open them… so what? attacker who already gained local access can crash your original sshd and spin up his own one? admittedly a thinkable scenario… but can this even be abused in a pubkey auth scenario?

Old school

Introducing pay-per-slice in 2026, to assure customer satisfaction!

Whenever I come across a post like OP describes, and I check the instance, it’s ml (with a bit of hex in the mix). It seems fair to me to ask this question.

But then I guess the discrepancy is: “90% of a specific kind of users are on this instance”, which is absolutely not the same as “90% of this instances users are of this kind”

I learned from a friend how to dial in with some terminal to create an account like that manually. There were some magic numbers/strings involved, but I can’t remember details. I just remember the com port had to be set to 7n1, not 8n1 like for all other stuff I did

Very interesting read and deep insights into sabotage operations!

git init /

people are still on windows?

If the client was open source, it could be verified by inspecting this source alone. To my understanding, the clients do real end to end encryption. This is the good part. They also have some functionality to re-encrypt the data or export the secret key to let new peers take part, or so i guess. This is how your web browser can also read them after you peer it up. Now there might or might not be a function in the client, where meta can request the private key or re-encryption. This is really hard to figure out without having the source code.

Why not both?

good point, makes the comparison even worse %-)