Language:
switch to room list switch to menu My folders
Go to page: First ... 9 10 11 12 [13] 14
[#] Mon Oct 25 2021 12:59:27 EDT from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

I know its a bit OT, but that is how my Jetsons run.  They boot off SD then flip root over to whatever huge device i have attached to them ( be it usb, m.2, sata, whatever, all depends on what the carrier board supports )

Gives me more/faster storage, saves the SD from all those writes, and its a real pain in the neck to change booting on these things since they are all 'dev' SOMs and not 'production' SOMs that have built in eMMC.

Mon Oct 25 2021 11:32:01 AM EDT from IGnatius T Foobar
This is like something I did about six years ago when I needed a quick NAS to store offsite backups. I built it on a Raspberry Pi 1B+ and then moved the root partition to a USB-attached hard disk, leaving only /boot on the SD card. It ran that way for about three years before I got a bigger machine and didn't need it anymore.

 



[#] Tue Oct 26 2021 20:34:24 EDT from Nurb432

[Reply] [ReplyQuoted] [Headers] [Print]

Cant go into a lot of detail ( partially i dont know, and what i do know i cant say much beyond that it happened, which is public info.. )  But apparently our health agency got one of their major DBs hacked last week with a huge data leak. Turns out its a commercial package that most, it not all state health department uses across the country.  Several other states got hacked about the same time or just before us.

The US vendor used Chinese contractors, and yes, they added backdoors it turns out.

You would think in this day and age, we would be smarter than this.

 

 



[#] Wed Oct 27 2021 12:16:39 EDT from LoanShark

[Reply] [ReplyQuoted] [Headers] [Print]

The US vendor used Chinese contractors, and yes, they added backdoors
it turns out.

You would think in this day and age, we would be smarter than this.

This is why at my office we're increasingly careful about approving dependencies.

But then somebody in HR wants to use an HRaaS package (like Rippling) that wants admin-level access to all our employee laptops, in the name of automation and security. No thanks.

[#] Wed Oct 27 2021 13:22:26 EDT from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

I'm not even comfortable with our IT department having admin-level access to my laptop, but I have to deal with it. I really wish they'd go full VDI so we wouldn't have to deal with it.

[#] Tue Nov 02 2021 05:07:49 EDT from darknetuser

[Reply] [ReplyQuoted] [Headers] [Print]

2021-10-25 11:36 from IGnatius T Foobar
The best way of beating latency in this case would be for people to


download the already existing Citadel client tunnel its connection

through a tunnel to

Uncensored, but that may be a bit too cumbersome.


And that's exactly what we've settled on.

Telnet tunnel:
d77ompkdxbd6fq6mfxba2ulx46r37jlncvyy5fmvbmhqf4hlmgjq.b32.i2p
Client tunnel:
czesg4qmyrkbybkngoldpcv2ndem4lwo5y2f4paf6e377es43oga.b32.i2p

zelgomer said that using a dedicated Citadel client is working well.

darknetuser, you should try it too. If there is continued success then

perhaps I will see about publishing some sort of standalone trustworthy

build of the client for this purpose.



I will give it a try when I can.

Right now I am pretty pushed up against it for personal reasons and I don't even have a personal computer with which to test your awesome stuff. This, incidentally, it si the reason why you are hearing so little from me as of late.

[#] Thu Nov 04 2021 19:30:52 EDT from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

No worries, and I hope you come out the other side in better shape.

[#] Sat Nov 13 2021 17:22:58 EST from zelgomer

[Reply] [ReplyQuoted] [Headers] [Print]

Finally took a day to make my i2p connection to uncensored a little more convenient. Now my gateway VM has its own bbs@ user which launches the citadel client, so I can ssh to it from any machine and it acts as an i2p bouncer. I think I am happy with this for now.

[#] Sat Nov 13 2021 18:07:06 EST from zelgomer

[Reply] [ReplyQuoted] [Headers] [Print]

And don't try sneaking any crazy connections into the client, because it's also running in a network namespace where any other traffic is routed through tor.
I should have put it in a container but I already have too many OSes to keep up with. So I guess you could spy on my filesystem. Please don't do that.

[#] Mon Nov 15 2021 10:49:23 EST from darknetuser

[Reply] [ReplyQuoted] [Headers] [Print]

2021-11-13 17:22 from zelgomer
Finally took a day to make my i2p connection to uncensored a little

more convenient. Now my gateway VM has its own bbs@ user which launches

the citadel client, so I can ssh to it from any machine and it acts as

an i2p bouncer. I think I am happy with this for now.



That sounds awesome.

I should move my lazy ass and do the same, but my hobby servers are a bit low priority at this point.

[#] Mon Nov 15 2021 10:51:19 EST from darknetuser

[Reply] [ReplyQuoted] [Headers] [Print]

2021-11-13 18:07 from zelgomer
And don't try sneaking any crazy connections into the client, because

it's also running in a network namespace where any other traffic is

routed through tor.
I should have put it in a container but I already have too many OSes

to keep up with. So I guess you could spy on my filesystem. Please
don't do that.



Add pledged() and unveil() support to the client (wehich is trivial to do), then run the client in OpenBSD - and the client will be magically sandboxed.


YOu won't see SELinuxes and AppArmors the same way after trying this.

[#] Fri Nov 19 2021 08:45:32 EST from IGnatius T Foobar

[Reply] [ReplyQuoted] [Headers] [Print]

You don't have to worry about the Citadel client. What's published is what you're running. If I tried any funny business it would be outed pretty quickly.
The next thing we have to figure out is how to make this kind of thing *easy*.

[#] Fri Nov 19 2021 14:42:38 EST from zelgomer

[Reply] [ReplyQuoted] [Headers] [Print]

The next thing we have to figure out is how to make this kind of thing

*easy*.

Well, to be fair, I think it is pretty easy today. Everything about my experience that wasn't easy was self-inflicted because of my own neuroticism.

[#] Mon Nov 22 2021 21:31:51 EST from ParanoidDelusions

[Reply] [ReplyQuoted] [Headers] [Print]

Agreed. The Citadel *is* the easy part - and it has improved since I forced it to run on a Pi 3B+. Tremendously. 

 

Fri Nov 19 2021 14:42:38 EST from zelgomer
The next thing we have to figure out is how to make this kind of thing

*easy*.

Well, to be fair, I think it is pretty easy today. Everything about my experience that wasn't easy was self-inflicted because of my own neuroticism.

 



[#] Sat Nov 27 2021 08:27:55 EST from Nurb432

Subject: mysterium

[Reply] [ReplyQuoted] [Headers] [Print]

Ran across this by random.   Seems interesting. But its not well known. Any opinions?  https://www.mysterium.network/

 

Seems a bit like the interplanetary file system project, but on a blockchain instead of DHT.

 

 



[#] Sat Nov 27 2021 11:33:36 EST from Nurb432

Subject: Re: mysterium

[Reply] [ReplyQuoted] [Headers] [Print]

Actually, reading more, not a fan. Just ignore this :)

Sat Nov 27 2021 08:27:55 AM EST from Nurb432 Subject: mysterium

Ran across this by random.   Seems interesting. But its not well known. Any opinions?  https://www.mysterium.network/

 

Seems a bit like the interplanetary file system project, but on a blockchain instead of DHT.

 

 



 



[#] Sun Nov 28 2021 05:42:30 EST from darknetuser

Subject: Re: mysterium

[Reply] [ReplyQuoted] [Headers] [Print]

2021-11-27 11:33 from Nurb432
Subject: Re: mysterium
Actually, reading more, not a fan. Just ignore this :)
Sat Nov 27 2021 08:27:55 AM EST from Nurb432 Subject: mysterium




Ran across this by random.   Seems interesting. But its not well

known. Any opinions?  https://www.mysterium.network/


As soon as I notice the website of a project has been designed by one of those UX masturbation morons, I send the project to /dev/null.

It is fine if the site is fancy, but if it is so fancy you have to wade through 10 TB of graphics to find a description of 1) what the product is 2) how the product works, then it is not worth my time.

This is specially bad with some security products whose website is aimed at managers. "SecurityNetOfDeath will make your network secure! Engage more customers! Comply with GDPR! Buy now!" But you are not given a single explanation of how they do all those things.

[#] Sun Nov 28 2021 08:54:05 EST from zelgomer

Subject: Re: mysterium

[Reply] [ReplyQuoted] [Headers] [Print]

As soon as I notice the website of a project has been designed by one

of those UX masturbation morons, I send the project to /dev/null.


Thanks. I did the same thing but I didn't want to come across as rude or stupid. I gave it an honest five minutes trying to figure out what it was. All I learned was that it was an "ecosystem," so I guess it's a bundle of several technologies that they're trying to sell (maybe figuratively or maybe not, I'm not sure) as a package.

Five minutes isn't very much time, but it seems like after five minutes I should at least know what I'm getting into. Imagine taking five minutes to read the abstract of a paper and still not knowing what topic the paper is going to cover.

Slight tangent, but I got the same sense from Matrix. It looks interesting to me, but it's way too hard to get to the meat. And once I did get to the meat, it looked a little too "webbish" for me. I don't get why everything has to be so over-built. What ever happened to KISS?

[#] Sun Nov 28 2021 08:58:31 EST from zelgomer

Subject: Re: mysterium

[Reply] [ReplyQuoted] [Headers] [Print]

Five minutes isn't very much time, but it seems like after five
minutes I should at least know what I'm getting into. Imagine taking
five minutes to read the abstract of a paper and still not knowing what

topic the paper is going to cover.

Also I2P and TOR aren't innocent of this, either. I've revisited both websites recently and thought, if I didn't already know what these things were, how in the hell would I learn about them from these websites?? I get that they don't want to be intimidating to non-technical people, but there has to be some middle-ground. These are highly-tecnical subjects. It shouldn't be so hard for me to get past the sock puppet explanation.

[#] Mon Nov 29 2021 10:30:06 EST from darknetuser

Subject: Re: mysterium

[Reply] [ReplyQuoted] [Headers] [Print]

Slight tangent, but I got the same sense from Matrix. It looks
interesting to me, but it's way too hard to get to the meat. And once I

did get to the meat, it looked a little too "webbish" for me. I don't

get why everything has to be so over-built. What ever happened to KISS?



KISS turned into a Linux distribution called KISS Linux. Try it out, and you will either love it or fall down to your knees, tearing your clothes appart and crying at so much nerdiness crammed within the same tarball.

As for Matrix, as far as I know it is just a fancy way of bridging communitation protocols which are unrelated together, so you can have all your IRC, XMPP and the like in the same place. I am not a big fan of the idea, and it is web centric, but you could do much worse :)

[#] Mon Nov 29 2021 10:35:00 EST from darknetuser

Subject: Re: mysterium

[Reply] [ReplyQuoted] [Headers] [Print]

2021-11-28 08:58 from zelgomer
Subject: Re: mysterium
Five minutes isn't very much time, but it seems like after five

minutes I should at least know what I'm getting into. Imagine taking


five minutes to read the abstract of a paper and still not knowing

what

topic the paper is going to cover.

Also I2P and TOR aren't innocent of this, either. I've revisited both

websites recently and thought, if I didn't already know what these

things were, how in the hell would I learn about them from these
websites?? I get that they don't want to be intimidating to
non-technical people, but there has to be some middle-ground. These are

highly-tecnical subjects. It shouldn't be so hard for me to get past

the sock puppet explanation.




The Tor website used to be much better. Back then the logo was an actual onion, instead of an abstrabt representation of an onion, they explained the core ideas and why it was sueful pretty much in the homepage.

The i2pd website at least tries to explain what i2pd and i2p are. It is not super helpful but at least they don't hide behind a shitload of corporate marketing.

Same thing with the official java I2P implementation, really.

Go to page: First ... 9 10 11 12 [13] 14