Iirc I seem to find whatever was configured dead or no longer the cool choice when I check online.
Whatever it is, I barely touch it and it works great. Very happy.
Iirc I seem to find whatever was configured dead or no longer the cool choice when I check online.
Whatever it is, I barely touch it and it works great. Very happy.
Two pihole servers, one n VM vlan, one on device VLAN with OpnSense delivering them both via DHCP options. I sometimes update lists, like yearly… At best. They’ve been there over 7 years. Calling them robust is correct. The hypervisors are 3 proxmox servers in cluster using ceph. Intrl NUC 3rd Gen. Less than 80w combined with all vms. Also 8 years old no failures but tolerant for it.
Hmm, so, policy in our office is a clean desk. Before you jump to conclusions, it’s because our secured area and office occasionally has people come through that should absolutely not see what information we have on our desks. This requirement is a compliance issue for our continued contracts and certifications.
Our work from home policy hasn’t addressed this issue, but it sounds like it’s a clear gap. Your neighbour coming around for a cup of tea absolutely should not be able to see any work related information.
My assumption is that someone has considered this kind of aspect and had a check to confirm that they’ve done diligence by asking you to reveal your working space. A space the companies sensitive information would be visible. Actually you too should maybe not be looking at your wife’s screen nor materials on her work desk. Depending on the situation.
Either way, policy comes first so perhaps her employment agreement or employee handbook would reveal more.
I ended up reading it on bleeping computer since the linked site looks like an auto tldr bot saved 50% of the words. The important 50% was discarded.
I keep asking the pets for their owners secrets but they don’t tell me? I’ve tried pats, compliments and treats? Am I doing it wrong? How are you getting them to tell you about their owners?
I checked too, it’s not a valid public DNS record, so then the question is, does Oktas internal DNS resolve this. Even if it does, how does okta even sit in this? Are they the identity provider for Twitter? Surely even if it’s identity, it’s got nothing to do with content moderation? So many questions.
A software shouldn’t use passwords for tls, just like before you use submit your bank password your network connection to the site has been validated and encrypted by the public key your client is using to talk to the bank server, and the bank private key to decrypt it.
The rest of the hygiene is still up for grabs for sure, IT security is built on layers. Even if one is broken it shouldn’t lead to a failure overall. If it does, go add more layers.
To answer about something like a WiFi pineapple: those man in the middle attacks are thwarted by TLS. The moment an invalid certificate is offered, since the man in the middle should and can not know the private key (something that isn’t used as whimsically as a password, and is validated by a trusted root authority).
If an attacker has a private key, your systems already have failed. You should immediately revoke it. You publish your revokation. Invalidating it. But even that would be egregious. You’ve already let someone into the vault, they already have the crown jewels. The POS system doesn’t even need to be accessed.
So no matter what, the WiFi is irrelevant in a setup.
Being suspicious because of it though, I could understand. It’s not a smoking gun, but you’d maybe look deeper out if suspicion.
Note I’m not security operations, I’m solutions and systems administrations. A Sec Ops would probably agree more with you than I do.
I consider things from a Swiss cheese model, and rely on 4+ layers of protection against most understood threat vendors. A failure of any one is minor non-compliance in my mind, a deep priority 3. Into the queue, but there’s no rush. And given a public WiFi is basically the same as a compromised WiFi, or a 5g carrier network, a POS solution should be built with strengths to handle that by default. And then security layered on top (mfa, conditional access policies, PKI/TLS, Mdm, endpoint health policies, TPM and validation++++)
Seems like you should submit a change request with your fixes?
Transport layer security should mean this shouldn’t matter. A good POS shouldn’t rely on a secure network, the security should already be built in cyptographically at the network session layer. Anything else would still have the same risk vector, just a lower chance of happening.
In fact many POS systems happily just take a 4g/5g sim card because it doesn’t matter what network they’re on.
Day9. Though I just rewatched a funday Monday from episode 200 or 300 and it was just as amazing and fun as it was back over a decade ago.
I watched newer stuff he still seems to be a great guy.
I know you already got this but here is it again in my own words: don’t watch the news, don’t read social media, make personal connections one on one with people and judge your life by your vision and lens. Most people are judging it through a distorted news or social media centric set of glasses and it sounds hopeless. But when you look at your own family and friends you might just realise they’re better than you think, you’re able to find time to play and connect, you can still work and live with comfort, and your kids can grow up strong and healthy.
Start discarding that which is not truely part of your life, ignore the billionaires, the enshitification and all other forms of uncontrollable and frankly, barely affects you. These societal issues are always painted with someone else’s view point.
When you find something that does directly, without someone else telling you it does, affect you, and you’re in the mentally healthy place to take on that challenge, that’s when you Ave. If you think about it like that, and others did the same, most of our societal problems would be tasked by those who are in positions to do so.
I say this as someone who’s currently on 24/7 standby watching someone kind of like you, but going through depression, going through hopelessness, and going through addiction recovery (with all the slip ups). And their life right now is made, but they’re so busy fixated on issues they can’t either control nor have affects on them. They’ve got a house, it’s part paid off, they’ve got a well paying job, the owners of that job respect and offering pay rises to them, they’ve got a partner, who’s struggling their best to help them. In isolation they’re in luxury. But they get self worked up about other people’s business and societal or global issues. For what good? Stay grounded and self aware. Be thankful to yourself for making it so far already, and see the upward trends over the entire life and not the tiny problems of today.
Some people noted that the Aussie instance post update a few days ago seemed to not show votes on some other instance content. I wouldn’t worry about it, just decide your own view :)
Some people noted that the Aussie instance post update a few days ago seemed to not show votes on some other instance content. I wouldn’t worry about it, just decide your own view :)
My mate started terrarium building.
For very little cost, you can look for second hand fish tanks and go for walks to collect moss, rocks, twigs etc. Weirdly it built more meaning to the more ‘I need to move my body so I’ll go for a walk’.
Now he likes hiking, and collecting moss along the way.
The actual terrariums are gorgeous too.
Tailscale can act as a site to site vpn, but it’s best used as a meshvpn imo with as many things as possible in it.
Why? Because the dynamic dns is so powerful. Every host name automatically is in every other tailscale joined computer automatically. My NAS (Truenas in my case) is just “nas” so to access it it’s just https://nas. Same with my rustdesk server on https://rustdesk. Jellyfin? You guessed it: https://jellyfin.
Why is this cool? I moved my box between other networks and it just works again. No ips changed.
I take it to work. It just works. I keep one server at my parents place? It just works.
But my printer doesn’t have the ability to join the tailnet so I use subnet routing to create a node on that network to act as a NAT router to get to and from that printer.
You can even define exit nodes so if I install tailscale on my parents TV in another state, they can exit their internet via my home which has my IP and therefore Netflix counts it as inside my residence.
Anyway just some considerations. I generally use the subnet routing as a last resort. My 3 node proxmox cluster is all joined and if I took a node to my parents it would literally just work, if slower, as a cluster member. Crazy. Very cool
I’ve used virtio for Nutanix before and not using open speed test, but instead using iperf, gathered line rate across hosts.
However I also know network cards matter a lot. Some network cards, especially cheap Intel x710 suck. They don’t have specific compute offloading that can be done so the CPU does all the work and the host cpu itself processes network traffic significantly slowing throughput.
My change to mellanox 25g cards showed all vm network performance increase to the expected line rate even on same host.
That was not a home lab though, that was production at a client.
Edit sorry I meant to wrap up:
If you want to exclude proxmox you could attempt to live boot another usb Linux and test iperf over the lan to another device.
The active, in active noise cancelling means listening by using microphones then playing the exact inverse of the heard sound to cancel the noise, actively. Opposed to passive, which tries to restrict noise like ear protection by enclosing an ear and adding insulation against noise from getting in.
So no, not white noise, though that’ll sometimes be generated too. You’ll realise quickly most active noise cancelling headphones only listen on the microphones on specific frequencies which is why different settings can allow sound through.
Thieves and murderers the lot of em. Just like my great great granddad before he was shipped here.
Think of this:
You find a computer from 1990. You take a picture (image) of the 1KB memory chip which is on a RAM stick, there are 4 RAM sticks. You are using a DSLR camera. Your image in RAW comes out at 1GB. You project because there’s 8 chips per stick, and 4 sticks it’ll 32GB to image your 4KB of RAM.
You’ve described nothing about the ram. This measurement is meaningless other than telling you how detailed the imaging process is.
I thought this was an onion article.