henfredemars

@henfredemars@infosec.pub

This is a secondary account that sees the most usage. My first account is listed below. The main will have a list of all the accounts that I use.

henfredemars@lemmy.world

Personal website:

henfred.me

This profile is from a federated server and may be incomplete. Browse more on the original instance.

henfredemars,

I think it’s just schoolyard ego here. It makes them feel powerful if they can get to you.

henfredemars,

I use flatpak for virtually everything because sandboxing your applications from each other and from your private data is a great idea to improve your system security. This helps prevent one compromised app from taking actions that affect the rest of your system.

For example, I have the VLC flatpak and used flatseal to revoke internet access because I only use it to play files. If a file tries to exploit VLC, it will not be able to upload any data or communicate with the attacker’s servers. I revoke any permissions my apps don’t actually need.

There are a few exceptions though. I run development and administrative tools directly because I do actually want unrestricted access to the system for these apps.

henfredemars,

Is there a name for processing language this way? I’ve written letters formatted in this manner as a challenge.

henfredemars,

Thank you! That’s a very good place to start. I’m not an expert in linguistics, but a close friend of mine loves to experiment with language in our letters. We will perform interesting transformations to grammar and spelling just to see how it feels to communicate with those rules.

henfredemars, (edited )

It was me. Reinstalled three times a couple days ago because I’m an idiot.

But I’m an idiot who uses FOSS and I rather be dumb in a world of genius than a genius in a world of dumb.

henfredemars,

Hilarious as someone currently crammed into such seat waiting for departure.

henfredemars, (edited )

I went to ask nicely for help from their support department and got a development build for one of their routers. Not only was it an ancient version of OpenWRT with the myriad of unpatched vulnerabilities, but it had absolutely dumb/weird configurations like the Wi-Fi password being a user account password exposed to a patched up SSH daemon with shell /bin/false. Just a whole lot of why and an obvious lack of care put into the software.

Their devices function… Most of the time. That’s about all that’s redeeming.

henfredemars, (edited )

Our anti trust is currently not far from asking nicely to not abuse your market position. Has there been a change to give it some teeth?

With that said, it could be even worse!

Privacy Concerns on Lemmy: A Call for More User Control (github.com)

I’ve been grappling with a concern that I believe many of us share: the lack of privacy controls on Lemmy. As it stands, our profiles are public, and all our posts and comments are visible to anyone who cares to look. I don’t even care about privacy all that much, but this level of transparency feels to me akin to sharing my...

henfredemars, (edited )

I prefer the complete lack of privacy settings because it is open and honest about the reality of what Lemmy is able to provide.

Even if you’re running your own instance, you are necessarily submitting your data to another party. I don’t have to trust the platform as much when my data isn’t private. It’s much easier to engineer a system around that assumption.

If we suppose that anything I submit to Lemmy is submitted to the public, I can’t be misled. My data cannot be leaked because I’m presenting it to the world already. Lemmy is a young social project with many problems to solve, still trying to gain traction and hold on to users and with an uncertain future. In brief: bigger fish to fry.

Maybe privacy controls could be on the list, but I don’t think it addresses the main problems or applications of the platform and creates its own set of issues. Keep it simple and stupid.

henfredemars,

Ask me no questions and I’ll tell you no lies. It asks much less of my instance admins if it’s understood that my information was never private to begin with.

henfredemars, (edited )

“Ugh… another one of them tourists driving down my property values.”

henfredemars,

So, you’re saying I know something.

henfredemars,

One of our dogs has mental issues. She does this all the time, minus the cat.

henfredemars,

Likewise. I downloaded what’s supposed to be every episode. I don’t know how I’m going to find the time to watch all this. Very intimidating.

henfredemars, (edited )

It took me like a week to download what I think is all of them from a decent cable connection. I do intend to watch this but it’s going to take me like a year given that I have a job.

However, I’m very privileged in a sense. I get to watch them for the first time. How many fans would love to rewatch episodes for the first time?

henfredemars,

I’m willing to pay for one, maybe two subscriptions, and ain’t nobody got time to dig for which service has what show to find out season 2 is on some other service entirely.

Piracy provides a better user experience 🤷‍♂️

henfredemars,

A stern reminder that we should all use a password management tool and use unique, unrelated passwords with every service.

henfredemars,

Oh no

How often do you back up?

I was wondering how often does one choose to make and keep back ups. I know that “It depends on your business needs”, but that is rather vague and unsatisfying, so I was hoping to hear some heuristics from the community. Like say I had a workstation/desktop that is acting as a server at a shop (taking inventory / sales...

henfredemars,

I still have drawings I made in MS Paint on Windows 95 when it had just come out, my first text document, and the first report I ever typed in grade school.

Btrfs snapshots of the root volume in RAID1 configuration with 8 hourly, 7 daily, 3 weekly, and automated rsync backups to NAS, with primary and secondary offsite, physically disconnected backups stored in sealed, airtight, and waterproof containers at two different banks prepaid storage and with advanced directive in the event of my demise.

Bit of a hobby really. I acknowledge it’s completely unnecessary. I don’t like to lose data.

henfredemars, (edited )

It’s a cool feature, and I played with it some, but I don’t really see how to use it in a home or small office environment unless you’re willing to subscribe to someone who can generate the live patches for you.

I can certainly generate the patches myself, but it’s much faster to let the maintainer of my distro’s kernel handle shipping new packages and accepting the reboot. My system reboots really quickly.

If high reliability is a concern, I would suggest load balancing or some other horizontally scaled solution such that you’re not impacted by one machine going down. Because they will go down for things other than updates!

henfredemars, (edited )

I literally asked my wife to marry me on the first date and she said yes. Getting right to the point is a woman after my own heart. Neither of us have ever dated before or, naturally, since.

We’ve been together for ten years.

We are also on the spectrum so that may have been a factor.

henfredemars,

That’s going to curdle.

Eww.

henfredemars, (edited )

Met my partner who shares the same mental disorder, the only person I know who could teach me to cope and become a functional adult when I had almost lost all hope.

henfredemars,

You’re sure that there was a crime? You’re fortunate that your bug is consistently reproducible.

henfredemars,

How about this then. While your neighbors are using wine, it attracts more commercial attention to develop the open source projects that you do actually use. It’s so impactful that you measurably benefit directly from its contributions, like optimizations to the Linux kernel.

You don’t have to agree with it, but you cannot deny the increased investment in open source projects it causes.

For a painfully blatant example see: Steam Deck.

Also for the binary blob purists, how do you feel about all that closed source firmware underpinning your pure world? Isn’t it practically impossible to get completely open source firmware down to the silicon? And even then, do you trust the silicon? Are you running everything on FPGAs?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #