As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their weekend. Did you make any plans? Take a trip? Do nothing at all? Tell us about it!
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
I still mainly use Windows, although I've dual-booted Linux a few times and I have Linux Mint on an old laptop right now. One thing I've never understood about Linux is all the different distributions - their different reputations and why they have them. What is the mechanical difference between using one distribution of Linux and another? Or are the differences usually not mechanical?
For example, Ubuntu and Debian seem to be large families, meaning that a lot of other distributions are based on them (using packages built for them in their package managers at least) as well as being popular distros on their own. But what's different between the two of them, and between each and the other distros based on them? (and what's similar? I gather they all use the Linux kernel at least!)
I also know that people are quite opinionated on their choice of distro, I wondered what reasons people had for their choice. What things are easier or harder for you in your distro of choice? Is it mainly day-to-day tasks that are important or more how the OS works underneath? How much difference does your preferred distro make?
For myself, I've only used Kubuntu (though not much) and Linux Mint, which was mainly for UI reasons, and particularly for the latter, ease of use for someone used to Windows (at least that was what I found years ago when I first looked into it).
Though I doubt I'll ever fully move away from Windows I would like / need to have access to a Linux OS, so maybe this will help me to know what is important to look for. But I also hope it'll be a useful and interesting discussion topic. Also, there are some previous discussions on the latter question so I'd be more interested in learning about the main topic.
also, please do add more tags
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
Whenever i talk about my views in politics people say i'm a lefty.
I want to understand what is this boogeyman called communism that will "take over the world". I live in Brazil and, for the average american, our free health care system is communism. Even some brazilians think it's bad, which baffles me because it helps a lot of people, myself included. Everyone who needs cancer treatment go through it, it's one of the best in the world (for this particular disease at least) and affordable private health care plans won't cover expensive cancer treatment here.
People here often talk about communism being bad, but what really is communism?
I grabbed the Communist Manifesto and Why Marx Was Right to read, but did not start yet since i have to finish the book i'm currently reading.
I never tried to understand these things because they are all over the place and it's a little boring to me, so i'll ask some basic questions here before i go further in this endeavour.
Please, try to answer without anger and pointing fingers. Because every time i read about these topic online, there is fight and everyone says different things and accusations runs rampant.
What exactly is communism in layman terms? Because for me it's all over the place. Everything that seems to care about people is put into the communist basket, but a lot of people call it a dictatorship. ELI5.
Why almost every average citizen (americans and brazilians at least) says it's bad?
My best friend is a school teacher and is a marxist. He says Joe Biden is still a terrible choice, but the only alternative to Trump and he is not a communist at all, but i keep hearing people call him a commie. WTF is he? If possible, ELI5 what he is and what he stands for.
Why there is right x left and no place for something in between? Is there a need to everything be one side or another to work? There is no middle ground in politics? Grabbing aspects from the left and from the right and co-existing in the same government is a problem?
A lot of people really think letting companies run wild and free is good. That the market will regulate itself. I think this is naive, because even now they do some really shady stuff. Just look at Nestle.
Why people say that and is there some truth to this that i can't see? Is regulating companies a communist thing?
People say that communism didn't work when implemented and the other side says that it was not really communism. What is the truth here? It didn't work? if not, why it didn't? If it was not true communism, what it was and why it was not true communism?
Is there a country that is communist today?
What books about the left and the right i should read? Nothing too dense.
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their week. Did you accomplish any goals? Suffer a failure? Do nothing at all? Tell us about it!
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their weekend. Did you make any plans? Take a trip? Do nothing at all? Tell us about it!
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their week. Did you accomplish any goals? Suffer a failure? Do nothing at all? Tell us about it!
This thread is posted daily - please try to post all relevant US political content in here, such as news, updates, opinion articles, etc. Extremely significant events may warrant a separate topic, but almost all should be posted in here.
This is an inherently political thread; please try to avoid antagonistic arguments and bickering matches. Comment threads that devolve into unproductive arguments may be removed so that the overall topic is able to continue.
This topic is part of a series. It is meant to be a place for users to discuss creative projects they have been working on.
Projects can be personal, professional, physical, digital, or even just ideas.
If you have any creative projects that you have been working on or want to eventually work on, this is a place for discussing those.
Hey guys,
I have been flip-flopping back and forth on this idea for a while, and would love some feedback on whether peeps would find this valuable.
Although I still call my self a "software developer" (and try to code daily), for the last 8 years I have ran a small 5-person agency that I started from the ground up, so my role was really CEO/CTO/CFO/Everything-O. My company focused on delivering high-quality custom software. Not brochure websites, and not Wordpress - our niche was internal business software (or as I like to call it "boring software for boring businesses") - and for a client service company we got very high margins of return.
Last year my business was acquired by a larger company which was an amazing result after the time and effort I had poured into it. I have realised I now want to help other developers who want to start their own software agency, or maybe they already have and are looking for hints or advice on certain topics.
So I have started Dev to Agency - a part blog part guidebook for how a full-stack developer can start and successfully run a software development agency, the things to pay attention too (and the things to ignore), and the key-values that I feel helped my business go from nothing, to 7 figures per year, and then to being acquired (if that is a path people would want to take).
I have just published my first couple of posts, About Dev To Agency that is a rundown of what I hope to achieve with this, then a post about My small custom software development agency - which gives an overview of what I built and where I think my articles will add value, and lastly You are the gold standard which covers how I feel an owner/maker should set the businesses standards and practises based of their personal values.
I have never written a blog before (or really done any writing before), so it would be fantastic to get some feedback from the community, and if there are any developers that this could interest then please subscribe on the website.
Cheers,
Chris.
Since I took so long to reply to Tips to use NixOS on a server? by @simao, I decided to create a new topic to share my configs. Hopefully this is informative for anyone looking to do similar things - I'll also gladly take critiques, since my setup is probably not perfect.
First, I will share the output of 'lsblk' on my VPS:
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
vda 253:0 0 180G 0 disk
├─vda1 253:1 0 512M 0 part /boot
└─vda2 253:2 0 179.5G 0 part
└─crypt 254:0 0 179.5G 0 crypt
That is, I use an unencrypted /boot partition, vda1, with GRUB 2 to prompt for a passphrase during boot, to unlock the LUKS encrypted vda2. I prefer to use ZFS as my file system for the encrypted drive, and LUKS rather than ZFS encryption. This is an MBR drive, since that's what my VPS provider uses, though UEFI would look the same. The particular way I do this also requires access through the provider's tools, and not ssh or similar. The hardware-configuration.nix file reflects this:
# Do not modify this file! It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "aes_x86_64" "ata_piix" "cryptd" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "rpool/root/nixos";
fsType = "zfs";
};
fileSystems."/home" =
{ device = "rpool/home";
fsType = "zfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/294de4f1-72e2-4377-b565-b3d4eaaa37b6";
fsType = "ext4";
};
swapDevices = [ ];
}
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).
{ config, lib, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Hardware stuff
# add the following to hardware-configuration.nix - speeds up encryption
#boot.initrd.availableKernelModules ++ [ "aes_x86_64" "cryptd" ];
boot.initrd.luks.devices.crypt = {
# Change this if moving to another machine!
device = "/dev/disk/by-uuid/86090289-1c1f-4935-abce-a1aeee1b6125";
};
boot.kernelParams = [ "zfs.zfs_arc_max=536870912" ]; # sets zfs arc cache max target in bytes
boot.supportedFilesystems = [ "zfs" ];
nix.maxJobs = lib.mkDefault 6; # number of cpu cores
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# boot.loader.grub.efiSupport = true;
# boot.loader.grub.efiInstallAsRemovable = true;
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only
boot.loader.grub.enableCryptodisk = true;
boot.loader.grub.zfsSupport = true;
networking.hostName = "m"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
networking.useDHCP = false;
networking.interfaces.ens3.useDHCP = true;
networking.hostId = "aoeu"; # set this to the first eight characters of /etc/machine-id for zfs
networking.nat = {
enable = true;
externalInterface = "ens3"; # this may not be the interface name
internalInterfaces = [ "wg0" ];
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ 53 25565 ]; # open 53 for DNS and 25565 for Minecraft
allowedUDPPorts = [ 53 51820 ]; # open 53 for DNS and 51820 for Wireguard - change the Wireguard port
};
networking.wg-quick.interfaces = {
wg0 = {
address = [ "10.0.0.1/24" "fdc9:281f:04d7:9ee9::1/64" ];
listenPort = 51820;
privateKeyFile = "/root/wireguard-keys/privatekey"; # fill this file with the server's private key and make it so only root has read/write access
postUp = ''
${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -j ACCEPT
${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.0.0.1/24 -o ens3 -j MASQUERADE
${pkgs.iptables}/bin/ip6tables -A FORWARD -i wg0 -j ACCEPT
${pkgs.iptables}/bin/ip6tables -t nat -A POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o ens3 -j MASQUERADE
'';
preDown = ''
${pkgs.iptables}/bin/iptables -D FORWARD -i wg0 -j ACCEPT
${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.0.0.1/24 -o ens3 -j MASQUERADE
${pkgs.iptables}/bin/ip6tables -D FORWARD -i wg0 -j ACCEPT
${pkgs.iptables}/bin/ip6tables -t nat -D POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o ens3 -j MASQUERADE
'';
peers = [
{ # peer0
publicKey = "{client public key}"; # replace this with the client's public key
presharedKeyFile = "/root/wireguard-keys/preshared_from_peer0_key"; # fill this file with the preshared key and make it so only root has read/write access
allowedIPs = [ "10.0.0.2/32" "fdc9:281f:04d7:9ee9::2/128" ];
}
];
};
};
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
nixpkgs.config = {
allowUnfree = true; # don't set this if you want to ensure only free software
};
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
# Set your time zone.
time.timeZone = "America/New_York"; # set this to the same timezone your server is located in
# List packages installed in system profile. To search, run:
# $ nix search wget
environment = {
systemPackages = with pkgs; let
nvimcust = neovim.override { # lazy minimal neovim config
viAlias = true;
vimAlias = true;
withPython = true;
configure = {
packages.myPlugins = with pkgs.vimPlugins; {
start = [ deoplete-nvim ];
opt = [];
};
customRC = ''
if filereadable($HOME . "/.config/nvim/init.vim")
source ~/.config/nvim/init.vim
endif
set number
set expandtab
filetype plugin on
syntax on
let g:deoplete#enable_at_startup = 1
'';
};
};
in
[
jdk8
nvimcust
p7zip
wget
wireguard
];
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# pinentryFlavor = "gnome3";
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services = {
dnsmasq = {
enable = true;
# this allows DNS requests from wg0 to be forwarded to the DNS server on this machine
extraConfig = ''
interface=wg0
'';
};
fail2ban = {
enable = true;
};
openssh = {
enable = true;
permitRootLogin = "no";
};
zfs = {
autoScrub = {
enable = true;
interval = "monthly";
};
};
};
# Set sudo to request root password for all users
# this should be changed for a multi-user server
security.sudo.extraConfig = ''
Defaults rootpw
'';
# Define a user account. Don't forget to set a password with ‘passwd’.
users.users = {
vpsadmin = { # admin account that has a password
isNormalUser = true;
home = "/home/vpsadmin";
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
shell = pkgs.zsh;
};
mcserver = { # passwordless user to run a service - in this instance minecraft
isNormalUser = true;
home = "/home/mcserver";
extraGroups = [];
shell = pkgs.zsh;
};
};
systemd = {
services = {
mcserverrun = { # this service runs a systemd sandboxed modded minecraft server as user mcserver
enable = true;
description = "Start and keep minecraft server running";
wants = [ "network.target" ];
after = [ "network.target" ];
serviceConfig = {
User = "mcserver";
NoNewPrivileges = true;
PrivateTmp = true;
ProtectSystem = "strict";
PrivateDevices = true;
ReadWritePaths = "/home/mcserver/Eternal_current";
WorkingDirectory = "/home/mcserver/Eternal_current";
ExecStart = "${pkgs.jdk8}/bin/java -Xms11520M -Xmx11520M -server -XX:+AggressiveOpts -XX:ParallelGCThreads=3 -XX:+UseConcMarkSweepGC -XX:+UnlockExperimentalVMOptions -XX:+UseParNewGC -XX:+ExplicitGCInvokesConcurrent -XX:MaxGCPauseMillis=10 -XX:GCPauseIntervalMillis=50 -XX:+UseFastAccessorMethods -XX:+OptimizeStringConcat -XX:NewSize=84m -XX:+UseAdaptiveGCBoundary -XX:NewRatio=3 -jar forge-1.12.2-14.23.5.2847-universal.jar nogui";
Restart = "always";
RestartSec = 12;
};
wantedBy = [ "multi-user.target" ];
};
mcserverscheduledrestart = { # this service restarts the minecraft server on a schedule
enable = true;
description = "restart mcserverrun service";
serviceConfig = {
Type = "oneshot";
ExecStart = "${pkgs.systemd}/bin/systemctl try-restart mcserverrun.service";
};
};
};
timers = {
mcserverscheduledrestart = { # this timer triggers the service of the same name
enable = true;
description = "restart mcserverrun service daily";
timerConfig = {
OnCalendar = "*-*-* 6:00:00";
};
wantedBy = [ "timers.target" ];
};
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It‘s perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.09"; # Did you read the comment?
}
Edit: Also, the provider I use is ExtraVM, who has been excellent.
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their weekend. Did you make any plans? Take a trip? Do nothing at all? Tell us about it!
This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!
This brief covered a unique attack vector, information on a broad campaign using DNS attacks, a case relating to technology law, and a few advisories that either stuck me as important or curious.
What happened last night can happen again ~ fortune
Topics:
This particular exploit is interesting. It takes advantage of the fact that many different characters look alike to mislead people from their desired domain to a malicious one. I wonder what practices could help avoid this issue. The obvious step is to be concious of limiting the links that you click on from websites like Tildes, Hacker News, Reddit, or where anywhere can share a link with you via text. For example, if you see a Reddit thread about PayPal where someone includes a link to the PayPal Customer Service Center... Don't click it, just Google "PayPal Customer Service". This will be far safer in ensuring that you're going to the domain that you meant to!
Another thing to note is the importance of realizing how your trust online and how that changes your behavior. I know that I have a general sense of trust for people here that removes a lot of doubt when it comes to clicking random stuff you all share here. That trust could potentially work against you.
"The internationalized domain name (IDN) homograph attack is a way a malicious party may deceive computer users about what remote system they are communicating with, by exploiting the fact that many different characters look alike"
"The registration of homographic domain names is akin to typosquatting ~ Wikipedia, in that both forms of attacks use a similar-looking name to a more established domain to fool a user. The major difference is that in typosquatting the perpetrator attracts victims by relying on natural typographical errors commonly made when manually entering a URL, while in homograph spoofing the perpetrator deceives the victims by presenting visually indistinguishable hyperlinks."
IDN homograph attack ~ Wikipedia
The article covered is a few months old, but still relavant as ever. The U.S. government alongside private security personnel issued information of a complex system that allowed suspected Iranian hackers to obtain a huge amount of email credentials, sensitive government and corporate information. The specifics of how this attack occured are not publicly available but Cisco's Talos research has a write up of how DNS Attacks work, the relavant snippets are below.
"Talos said the perpetrators of DNSpionage were able to steal email and other login credentials from a number of government and private sector entities in Lebanon and the United Arab Emirates by hijacking the DNS servers for these targets, so that all email and virtual private networking (VPN) traffic was redirected to an Internet address controlled by the attackers."
"Talos reported that these DNS hijacks also paved the way for the attackers to obtain SSL encryption certificates for the targeted domains (e.g. webmail.finance.gov.lb), which allowed them to decrypt the intercepted email and VPN credentials and view them in plain text."
"A Deep Dive on the Recent Widespread DNS Hijacking Attacks" ~ Krebs on Security
The balance between allowing autonomy and protecting our collective interests comes to my mind. This seems like a worthy example of when stopping people from victimizing others overshadows the benefits of free action.
"Law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands have seized this week the web domains and server infrastructure of three VPN services that provided a safe haven for cybercriminals to attack their victims."
"... described the three as "bulletproof hosting services," a term typically used to describe web companies that don't take down criminal content, despite repeated requests."
"According to the US Department of Justice and Europol, the three companies' servers were often used to mask the real identities of ransomware gangs, web skimmer (Magecart) groups, online phishers, and hackers involved in account takeovers, allowing them to operate from behind a proxy network up to five layers deep."
Law enforcement take down three bulletproof VPN providers ~ Zdnet
Debian, DSA-4824-1 chromium security update. Source
Arch, CVE-2020-25637 libvirt. Source
CentOS, CESA-2020-5437, Important CentOS 7 kernel. Source
RedHat, RHSA-2020:5665, Important: mariadb:10.3 security, bug fix, and enhancement update. Source
Windows, If you know of a good tracker for Windows securities advisories, please let me know. I was considering just drawing from the Microsoft Security Response Center Blog.
Topics: Attack Surface Management, Active iMessage exploit targetting journalists, Academic research on unique EM attack vectors for air-gapped systems.
Any feedback or thoughts on the experience of receiving and discussing news through this brief or in general are welcome. I'm curious about this form of staying informed so I want to experiment. (Thanks again for the suggestion to post the topics as comments.)
This concept is about ensuring that your network is equipped to handle the many issues that arise from accommodating various "Servers, IoT devices, old VPSs, forgotten environments, misconfigured services and unknown exposed assets" with an enterprise environment. Some of the wisdom here can be applied better think about protecting our personal networks as well. Outdated phones, computers, wifi extenders, and more can be a foothold for outside attackers to retain persistant access. Consider taking steps to migigate and avoid potential harm from untamed devices.
Consider putting certain devices on the guest network if your router supports doing so and has extra rules for devices on that network so they can't cause damage to your other devices directly.
"A report from 2016 predicted that 30% of all data breaches by 2020 will be the result of shadow IT resources: systems, devices, software, apps and services that aren’t approved, and in use without the organization’s security team’s knowledge. But shadow IT isn’t the only area where security and IT teams face issues with tracking and visibility."
Attack Surface Management: You Can’t Secure What You Can’t See ~ Security Trails
Mobile spyware is continuing to evolve and tend towards professional solutions. Recently this technology has been abused to conduct espionage on journalists of major networks. Where once these exploits typically required some mistaken click from the user, new developments are allowing their activities without any trace or requiring interaction from the target.
"NSO Group’s Pegasus spyware is a mobile phone surveillance solution that enables customers to remotely exploit and monitor devices. The company is a prolific seller of surveillance technology to governments around the world, and its products have been regularly linked to surveillance abuses."
"In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The personal phone of a journalist at London-based Al Araby TV was also hacked."
"The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, and one operator SNEAKY KESTREL that we attribute to the United Arab Emirates."
"More recently, NSO Group is shifting towards zero-click exploits and network-based attacks that allow its government clients to break into phones without any interaction from the target, and without leaving any visible traces."
Besides this potential exploit the article mentions past research done by Guri and his team which is worth checking out, like:
LED-it-Go - exfiltrate data from air-gapped systems via an HDD's activity LED
AirHopper - use the local GPU card to emit electromagnetic signals to a nearby mobile phone, also used to steal data
MAGNETO & ODINI - steal data from Faraday cage-protected systems
PowerHammer - steal data from air-gapped systems using power lines
BRIGHTNESS - steal data from air-gapped systems using screen brightness variations
"Academics from an Israeli university have proven the feasibility of using fans installed inside a computer to create controlled vibrations that can be used to steal data from air-gapped systems."
Academics steal data from air-gapped systems using PC fan vibrations ~ Zdnet
"Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident."
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their week. Did you accomplish any goals? Suffer a failure? Do nothing at all? Tell us about it!
When you click in a tag in a tildes group, you see the topics that have been posted in that group with that tag according to your filters. There's also a link to go back to normal viewing. I think an option to see that tag in all groups would be a neat addition, even if not particularly important. Thoughts?
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their weekend. Did you make any plans? Take a trip? Do nothing at all? Tell us about it!
This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!
I built a link sharing website where you connect to users that share your interests. When you upvote a link - you connect to other users who upvoted that link and LinkLonk shows you what else these users upvoted.
The more in common you have with another user the more prominently their other recommendations appear on your list.
The intuition is that the more useful your past recommendations have been for me, the more I can trust your future recommendations.
This is how trust works in meatspace - we keep track of how positive our experiences have been with other people and use that track record to decide who we can trust in the future.
Except that mechanism does not work online. It just does not scale to the numbers of users we interact with. We can remember around 150 other people (the Dunbar number). Beyond that our builtin trust mechanism breaks down. We revert to more coarse and primitive trust mechanisms such as tribalism and mistrust in everyone.
While we cannot personally keep track of every user on a platform - that is what computers are good at.
That is the idea behind LinkLonk. You don't need to remember the names of users who you can trust (in fact there are no usernames on LinkLonk). You simply upvote content that was useful to you and LinkLonk constantly keeps track of how useful every other user has been and ranks new content accordingly.
Another important part of trust is that if you misplace your trust in someone and they let you down then you need a mechanism to stop trusting them.
This is what the downvote button is used for: when you downvote an item, LinkLonk reduces your “trust” in other users that upvoted it. As a result, you will see less content from those users.
The above describes the basic idea. There are a couple more concepts:
Give it a try at: https://linklonk.com/register with 'tildes' as the invitation code. The invitation code can be used multiple times and I will keep it active for a few days. After that please DM me to get a fresh code.
I’m posting this on Tildes in part because I like the group of people that Tildes has attracted. And I also feel the topics of trust systems, content curation and moderation are relevant to Tildes and to its users (see: https://docs.tildes.net/future-plans#trustreputation-system-for-moderation).
What do you think?
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their week. Did you accomplish any goals? Suffer a failure? Do nothing at all? Tell us about it!
This topic is part of a series. It is meant to be a place for users to discuss creative projects they have been working on.
Projects can be personal, professional, physical, digital, or even just ideas.
If you have any creative projects that you have been working on or want to eventually work on, this is a place for discussing those.
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their weekend. Did you make any plans? Take a trip? Do nothing at all? Tell us about it!
This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their week. Did you accomplish any goals? Suffer a failure? Do nothing at all? Tell us about it!
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their weekend. Did you make any plans? Take a trip? Do nothing at all? Tell us about it!
This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!
I always enjoy Amos' writing, he does a great job of walking through topics in depth and explaining each step of the way. It looks like he's starting a new series to work through all of this year's Advent of Code problems, which will probably be a good read for people interested in Rust (whether you already have experience with it or not).
Only the first day is up so far, but the overall series page is here, and individual links:
I'll update this post with new links as the new parts come out, and possibly bump it occasionally.
Hello! If you've clicked on this I'd like to start off by apologizing for the title! I'm in a bit of a strange headspace right this moment as I try to digest some thoughts thrown my way today. I'm currently coming at this from the personal lens of myself, but I think there are some larger questions/generalizations that could be made and might be helpful for others.
Ok, so for some background I am a "straight" man. My previous partners have all been women, with the exception of one who identified as female when we were dating, and my current partner is non-binary but female-presenting and has identified as such the entirety of the time we have been dating. I have previously viewed myself as straight and an ally to my partner and the lgbtq+ community. Today, I was having a long conversation with my cousin about his experiences coming out of the closet and with homophobia in our family. I mentioned at one point that I didn't feel comfortable making some assumptions/statements since I am straight and not a member of the community. He (very politely) brought up that, at least strictly technically speaking, the fact that I am dating someone who is non-binary means we are not in a heterosexual relationship and that I am not technically straight, more likely being bi or pan (if we could lets not turn this into the bi vs pan debate which I know is a controversial topic but not really what I'd like to focus on). He also made a point to stress that these are all technical definitions and that gender and sexual identity are very personal and if I don't feel that it describes me then it isn't for him to decide I'm wrong. This made me a bit uncomfortable. It made me uncomfortable because while he's right, it feels wrong. I feel like if I began identifying as pan/bi, it would come off as a straight white male looking for a way to put himself in the position of being oppressed or marginalized for woke points. I don't know if it is because the college I went to was full of dudes like this, constantly looking for ways to be the victim, but its just something I feel deep in my bones. I don't really know though. I feel like if someone came up to me and described my life as their own and told me they identified as pan/bi I would agree and support them, but I won't extend that to myself. I don't know if its just a lifetime of assuming I was straight is why this is or if the term is actually wrong.
I guess to summarize/generalize, I'll put some reallly fucking loaded questions where I know the 'real' answer is "It is a deeply personal thing and will vary by person to person because the LGBTQ+ community isn't a monolith with all the same ideas" but I'm hoping maybe writing all this out and reading some of the results will help me color, process and digest my thoughts.
What/where would you put the line between straight and not straight (if anywhere). I know personally while I like to keep an open mind, I do heavily preference female-presenting people, whether they be trans, nb, or identify as a woman. But is that openness to dating someone who doesn't identify as a woman enough for me to be not-straight? I want to say yes, I don't think you need to date someone of a different gender to be not-straight. My cousin is bi but has exclusively dated men. I wouldn't tell him he isn't bi.
I am very uncomfortable with this question but do you feel there is a degree of "not-straight" you need to be to be an active part of the queer community. To kind of explain my thoughts on that: From an outside perspective, no one that hasn't been told my partner is nb would question if we said we were a straight couple. I've never and probably will never feel fear or be oppressed based on my sexuality. I dunno. I just feel really weird. like I'm inserting myself into a community I've always identified as an ally of but been an outsider to.
Anyway, sorry for this rant. I know the two questions are really loaded and I honestly feel like I know the answer to both of them. But just because i know the answer doesn't change how conflicted I feel and so I guess I'm just trying to work through some of the thoughts and conflicts.
I also want to take a second to note: I am actively talking with my partner about these thoughts and feelings. This is an ongoing discussion in our household, I am just looking for more perspectives and views to help me see things from different angles and work through my thoughts and feelings. Helping me through this is absolutely not the responsibility of anyone on Tildes and I don't want it to seem like I am putting that pressure on the community.
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their week. Did you accomplish any goals? Suffer a failure? Do nothing at all? Tell us about it!
This topic is part of a series. It is meant to be a place for users to discuss creative projects they have been working on.
Projects can be personal, professional, physical, digital, or even just ideas.
If you have any creative projects that you have been working on or want to eventually work on, this is a place for discussing those.
Basically the title. I'm not going to navel-gaze too much here because it's not that much of a complex problem.
Currently, as it stands, if a submission is older than x days (where x may be 3, but I'm not sure), new comments in that submission will no longer cause Tildes to bump the thread to the top of the list in activity view. Additionally, after 2 weeks, a note will be appended to the comment posting view indicating community standards around commenting on older threads.
The scenario I'm seeking to solve is where one submission covers an event of some duration longer than a few days—where Tildes users feel repeated or recurring submissions are not warranted. My example is this thread about a YouTube video series that was released in three parts, but all discussion has been placed in that submission, presumably because no one has felt that duplicating a post for each new part of the series is worthwhile.
Perhaps if a certain proportion of comments occur within a timeframe, after the submission has been aged out of the sliding window where new comments cause a bump in activity, a bump should still be allowed, but should require more than 1 comment to trigger said bump?
There's some fairly good discussion in that thread that feels wholesome enough that it could be exposed again to the wider Tildes community—because right now everyone interested in that thread is operating under the implicit assumption that to read and participate about this topic, they have to remember to go back to thread y.
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their weekend. Did you make any plans? Take a trip? Do nothing at all? Tell us about it!
This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their week. Did you accomplish any goals? Suffer a failure? Do nothing at all? Tell us about it!
As we did last year, I've set up a temporary sub-group that we can use for this year's Advent of Code at ~comp.advent_of_code
Some discussion and solutions were starting in this thread, but it will be easier to organize inside a devoted sub-group, and also makes it simpler for people to both find and avoid the relevant topics.
If you posted solutions in that topic, please move them into the threads for Day 1 and Day 2.
I automatically subscribed everyone that commented in or voted on that original topic, as well as everyone that posted a comment in any of last year's topics, but nobody else. So if you're interested in participating in Advent of Code or discussing it, please subscribe to the sub-group. Posts from the sub-group won't be shown to logged-out users by default either, so any logged-out users that want to observe will need to visit the sub-group directly (or you're welcome to email me and request an invite so you can register and subscribe).
I've also set up scheduled posts to happen automatically as each day's puzzle unlocks.
As part of a weekly series, these topics are a place for users to casually discuss the things they did — or didn't do — during their weekend. Did you make any plans? Take a trip? Do nothing at all? Tell us about it!
This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!
