Findmysec @ Findmysec @infosec.pub

Posts

12

Comments

222

Joined

1 yr. ago

Simplex, Jabber, Briar?

I'm sure there's something over I2P too

Guys, please move to something using TOR/I2P. I've been saying it for a long time now, but clearnet services are just asking to be taken down.

Unfortunately for Europe though, the US has a massive incentive for something like TOR to function appropriately, because their military uses it too.

TrueNAS is just better QoL for people who don't want to deal with the cli all the time. I don't care so I don't need it. I have a separate k8s cluster anyway so it's pretty much pointless for me other than specific things like the ACLs which the GUI is good at

Ingress controllers like Traefik come across as LB services to IPAM modules like MetalLB (I've never used Kube-VIP but I suppose it's the same story). These plug-ins assign IP addresses to these LB services.

You can assign a specific IP to an instance of an "outward-facing route" with labels. I don't remember technical terms relevant to Ingresses because I've been messing with the Gateway API recently.

MetalLB + map new external IP to sub-domain == profit.

Read some of the other comments: it's not about your control plane. All you need is multiple external IPs which an IPAM module/plug-in can provide (MetalLB, Cilium and maybe Kube-VIP: I've never used it).

Yeah I will make sure to use OpenLDAP/FreeIPA at home. I'd rather play along with RedHat's bullshit than Microsoft's bullshit

FreeIPA?

They took down Tachiyomi?? I can still visit the website though, and the app seems fine

I meant I'm waiting for XFCE to support Wayland haha

If they support wayland I'm in

You should use KVM for games

Do I give a shit? I'll pirate everything I can till the end of time and if I'm feeling generous I'll donate to the artists on band camp or something. Nobody but the smaller artists need my money anyway

Which is why not every provider supports BYOIP

SMR vs CMR and drive speeds

There are providers who are OK with public trackers and don't care about DMCAs.

In principle, torrenting over IPv6 is the same as doing it over IPv4, it's just that there's a lot of IPv6 addresses so you might find it cheaper to buy IPv6. Yes there are some differences in the technology but from purely an operational POV, it's not very different.

The reason I mentioned bringing your own IPs is related to the reason why providers don't like public torrents: it pollutes their IP space and puts their IP ranges on blacklists. But if you bring your own IPs, suddenly the provider (in theory) is safe and doesn't care as much. YMMV of course, send an email to your provider of choice to ask more.

I have seen seedboxes with 3, or maybe 4TB of storage under $10 (don't remember). And that's recent (about a month ago). Yes, unlimited uploads are definitely an issue. Such cases are best combated with buying an IPv6 slot and putting that on a VPS with a provider friendly to such things (they exist at reasonable prices)

I tend to seed rarer stuff till my ratio reaches 10, sometimes 15 on a case-by-case basis

Get an older Antec cade on Ebay, the one with 6 DVD bays. Load it up as a homeserver + seedbox + media burner.

Get a seedbox with storage. About $5-$10 a month can get you quite decent boxes in torrent friendly countries

I guess you could use something like those new immutable distros to move away from state and related vulnerabilities. TBH there are plenty of hardening guides for Debian.

Or you could use any hardened version of Fedora which gets security fixes quicker, and then harden it some more yourself. The good part about Debian is that you are free to use SysVInit, I do not know if you could do that on Fedora. I do not think Systemd is a massive risk (if they have reached Systemd you have many other, bigger problems to think of).

I think I should study some more about Fedora. I run k3s on top and will go through their CISA hardening guide at some point to round things out.