HumanPerson @ HumanPerson @sh.itjust.works

Posts

35

Comments

531

Joined

2 yr. ago

They did say specifically. I think bothers are usually automated attacks.

This was likely a state-sponsored attack. If your SSH isn't exposed to the internet this probably wouldn't have effected you. Also most people run stable distros like Debian on their server, and this particular vulnerability never made it to the stable branch. I would guess that most of the computers you have ever used have backdoors. Even if you run Linux (which may itself have some) you might still have a proprietary UEFI on your motherboard. Something like xz wouldn't effect you because no government really cares what's on your server. Smaller attacks can be avoided through common sense. Some people will expose services that require zero authentication to the internet. Follow basic best practices and you will probably be fine.

Edit: Also remember, google photos once flagged a picture of a child that the child's father had taken for medical reasons as abuse, so self-hosted may not be completely private or secure, but it's better than the alternative.

Is it possible your router has 2.4g and 5g? You could try connecting to whichever one you're not currently on. That is my only guess but there is not a lot to go on in the post. Also I highly doubt the dual boot is relevant here if you were considering that. I'm not that familiar with MX, but you could try booting to a Debian live image to see if it works better there.

Possibly that is the issue. I try every once in a while to see.

Can't help but I totally agree about projects that assume they are the only thing running. That is the reason I don't run nextcloud.

Sorry I don't have an answer but I like the title.

Damn, I wish my server was that "slow."

They are created by "the team behind" an SEO company and their privacy policy doesn't look great. They do use their own indexing though.

FYI about VPNs, they encrypt unencrypted traffic only part of the way. Everything is still unencrypted between the VPN server and the server you are connecting to. Just thought I'd say this because a lot of VPN ads are very misleading about this.

Your right, I'm sold.

I was heavily considering borg but I just looked up rsync and it looks like everything I need. Thank you.

Edit: Actually encryption would also be nice. Is there any way to do that with rsync?

I did this yesterday for my media server on Debian and it was very easy. Use mdadm to create the raid. There are guides online on how that are very easy to follow. You may want to use partitions on the drives as another comment recommended (mdadm supports whole drives and partitions so do whatever you think is best). Next you should have a device /dev/mdX that you can format to your fs of choice. After that just use lsblk to get the uuid of the raid and mount it in fstab like any other drive.

The better option is not to use windows at all, but if you are, I don't think disabling windows defender will stop them from getting whatever they want anyway.

I am disappointed that this does not appear to be a post about building a server into your car.

You are simply wrong about Debian. You can say that old packages are annoying sometimes, that is fair, but they aren't any buggier than other distros. Debian updates include security patches and bugfixes, just not feature updates.

I think Jesus probably did exist, and he was probably a very successful cult leader who may have taken a lot of hallucinogens.

Say GTA without saying GTA.

My high school got us windows laptops but they had i3s and terrible windows defender configs so I swapped out the ssd, installed some ram (reason later), and installed Linux on it. I also exported the old drive image with windows on it into a VM so I can have all their spyware and stuff on it when necessary (hence the RAM). Before important state tests and whatnot I swap the old drive back so they don't think I'm cheating.

Edit: Oxford comma

I agree that it is reasonable for them to work on it for fun, most companies, I'm guessing Microsoft too, make all code written by employees their IP which could be an issue.

Cube virtual desktop switcher. It's pretty great.