Fair, I was trying to be cheeky and here you are shutting me up with a compiler level “nope”. Take your +1.

Are you sure? From what I can tell there’s a 5 in 6 chance of catastrophic failure.

About to be 6.0000001% when my Kubuntu download finishes. I’m finally taking the dive boys, linux on main here we go.

The year of the linux phone is almost upon us…

Tape drives will be expensive and likely beyond overkill for this. I’d recommend you grab a blue ray DVD writer and use that instead. The discs are generally shelf stable for 25 years and hold about 50-128GB depending on the disc. Duplicates are cheap, storage is relatively easy, and it doesn’t require constant upkeep/power like a hard drive would. Downsides? They just stopped making the discs, so they’ll grow in cost over time. That’s about it that I can think of.

People are a bad judge of their own skill and overrely on tools and assistants when present. See also: car adas systems making drivers less skillful. More news at 11.

To be fair to bottles, they cité that even their hosting costs are usually barely covered, so I imagine it’s running on a pretty lean/Foss dev budget already.

They’re different in their implementation. Zigbee automesh is more of a centralized router-hub model with self healing relying on routing tables. This caused significant issues for me. Thread is true automesh with all devices acting as a hub in a hub/spoke model, so there’s no centralized routing table to act as a single point of failure.

An important difference between thread and zigbee/wi-fi I’m not seeing mentioned is that all thread devices automesh in a hub/spoke model as long as they’re not battery powered. So your light bulbs, plugs, etc all become extenders and part of a self healing mesh network without a single point of failure. For me it works better than Zigbee for this reason.

Depends on the drive too, I have some insanely loud Ironwolf drives and you would never guess they’re from the same manufacturer as my practically silent Exos X18s.

Looking at the network activity of a pixel device vs an iPhone at rest broke my soul.

I think of it as a lab because it’s my sandbox for me to do crazy server stuff at home that I’d never do on my production network at work, and I think that’s why the name stuck, because back when systems were expensive as heck it was pretty much just us sysadmin guys hauling home old gear to mess with.

Pain gets her hot. I think she’s gonna be fine.

My bad. I misread your previous post, specifically around “I agree with the other guy”. That being said, anyone with a functional device that can compute any amount of monero hashes is a proven target, granted, not specifically.

People like you in this industry are legitimately the reason botnets and significant compromise still exists. “You don’t need to be a genius to do all this additional config to make this thing I’m referring to as secure, secure.” Do you even read your own writings before you hit post? Also your final argument is so slathered in whataboutism I can’t even. Yes, any internet connectivity is going to be less secure than an air gap, but when you’re advising implementations you should keep security posture and best practices in mind. What you’re speaking on is more complex than any one person’s understanding of it due to significant layers of abstraction. Exhibit a? Ssh is not a codebase. It’s a network protocol. The codebase is literally different depending on implementation yet you continue to talk about it as if it’s a single piece of software that has been reviewed and like all ssh shares the same vulns but the software is entirely different depending on who implemented it so you have no real clue what you’re talking about and it’s actually sad people will be misled by your nonsense and false bravado. (https://en.wikipedia.org/wiki/Secure_Shell)

I’ve always disliked IT discussions for reasons like this. Everyone who comments seems to think that the mitigations, security considerations, and security compromises (IE, not caring if your images are leaked online) they’ve made are common knowledge… But, this is a forum advising people on how to configure their home severs for hobbiest use. Best practices should be the mantra, “just raw dog ssh on the internet with your 443/80 port mapping and you’re g2g” [sic] shouldn’t be an acceptable answer to you. If they’d stated that there are security considerations, but they like to implement them and expose ssh to the net for management purposes I’d have nothing to say, but to just advise people who lack that extra experience, without helping them understand why you’re okay doing what you’re doing and what you’ve done to solve for specific issues that the default configuration does not seems unhelpful at best.

Agreed, but best practices are meant to deal with the very rare. They didn’t put the vulnerabilities in the software due to negligence or malice, it’s just an ever evolving arms race with cracks that show up due to layer upon layer of abstraction. Again I’m not saying to never expose ssh to the net, quite the opposite, but as a best practice you should never do it unless you fully understand the risk and are prepared to deal with any potential consequences. That’s just a core tenant of understanding security posture.

🤔🤔🤔🤔🤔

https://arstechnica.com/information-technology/2022/02/after-lying-low-ssh-botnet-mushrooms-and-is-harder-than-ever-to-take-down/

Are we living in the same universe? In mine software doesn’t get patched all the time, in fact it’s usually a lack of patches that lead to any significant system compromise… Which happens time and time again. Also you’re on a thread that is advising hobbiests on how to configure and maintain their personal server, not the engineering meeting for a fortune 500. Yes, you can make ssh very secure. Yes, it’s very secure even by default. In the same regard, new vulnerabilities/exploits will be found, and it remains best practice not to expose ssh to raw internet unless absolutely necessary and with the considerations required to mitigate risk. Ssh isn’t even implemented identically on every device, so you literally cannot talk about it like you are. Idk why you’re arguing against the industry standard for best practices decided by people who have far more experience and engineering time than you or I.

“This race condition affects sshd in its default configuration.” direct quote from the linked article, paragraph like… 3. I linked it so people could read, not speculate.

I linked a relevant vulnerability, but even ignoring that, pragmatically, you feel they’d be targeting specific targets instead of just what they currently do? (That, by the way, is automating the compromise of vulnerable clients in mass scale to power botnets). Any service you open on your device to the internet is inherently risky. Ssh best practices are, and have been since the early days, not to expose it to the internet directly.