irotsoma @ irotsoma @lemmy.blahaj.zone

Posts

0

Comments

203

Joined

6 mo. ago

Well, they have to be accused of something to be detained. Immigration violations of some types don't get a court hearing to be "convicted" of those violations by a judge by default.

What kind of device are you using? There was recently there was a leak that Meta is using technology to have web browsers talk to the Facebook and Instagram apps on your phone without your permission and link your identity to every website you visit that has any Meta plugins. I'm sure other companies are doing the same or similar like Amazon and Google. I've been using GrapheneOS on my Android Pixel phone which isolates apps. There are other ways to do this as well if your phone is unlockable. And I use IronFox web browser wherever possible to reduce the capabilities of the browser to do things without my knowledge. And use ReThink and a pihole to reduce the cross site communication where possible. I also left all Meta platforms, but still am migrating away from Google, Amazon, and some other platforms. And make sure your advertising ID is disabled at the OS level.

Those are where I've found most of the targeted ads were coming from. Not from the IP address alone.

Strongly recommend reviewing the compatibility of apps you can't live without, especially finance ones. And you won't be able to use Google Wallet with tap to pay. Those are often not happy about you having any amount of security or privacy in the name of security, but really usually because they're too lazy, or want to violate your privacy themselves.

I never really used it so it was fine with me. And the few apps I had to dump I mostly found open source alternatives for other than finance ones which I just use the websites instead now.

Really the first issue is your IP address. How does your ISP hand out IP addresses IPv4 and/or IPv6?

If you have an ISP that gives a static block of IPv6 addresses that simplifies things immensely. But also consider that many legacy, monopoly ISPs have not implemented IPv6 for their customers, especially in the US, and so domains without an IPv4 address aren't accessible from people's homes that use those ISPs. But it means you could assign static IPv6 addresses to each service if you wanted to and add subdomains for each. Then you just need to deal with security on that system.

Otherwise you'll likely need to deal with dynamic DNS. If your router and your domain registrar's DNS can work together for DDNS that's ideal. For example, my OpnSense router updates my cloudflare registered domain directly when my ISP changes my IPv4 address (I have one of those ISPs that doesn't assign IPv6 still but I don't have any choice if I want > 5-10Mbps upload speeds).

Then you need to deal with routing. The best way is with a reverse proxy like Caddy or I actually like Traefik a lot because it works well with my complex setup with docker and kubernetes among other things. Basically your router needs to route all the inbound traffic on the appropriate inbound ports to the reverse proxy to it to then route to the appropriate service based on the subdomain and/or port of the request.

Once you route the subdomain to the appropriate service you need to deal with security. Once a service is exposed, it's going to eventually start getting hit by bots trying to access it. Best to implement something like fail2ban to stop them from wasting your processing power with failed logins and 404 errors and such.

I set up separate VLANs for devices that do or don't get filtering with different DNS servers assigned. And I have two different wifi SIDs on my access point for the different VLANs as well as having ports on my primary switch aligned to one or the other VLAN. I did end up having one other switch that has devices from both VLANs in a different area and had to set up one port on the primary switch with a couple of MAC-based filters for assigning the VLAN for just devices on that remote switch, but those are static devices, so that wasn't an issue. I don't attach any other devices to that.

This is the real issue. It's not so much the intentional sale of your info for profit, or, for the majority of people, the threat of surveillance states finding out you're one of their enemies of the month. Most people are hit by criminals using the info to target them. For example, if they know your adult child's information and have samples of their voice data from social media, they can make an AI bot to impersonate them and ask for money. Or, if robbers happen to be targeting a neighborhood, they can use your location information to determine when you aren't home. These are much more complex than most of these scams, though. Most are much simpler, but using some combination of info from social media, security breach data, location data, etc. All of that data is being bought and sold now. Mostly by "legitimate" companies. Things like that are the major consequences for the majority of people.

My servers that have been around for a while get thousands of scans per day. In fact I am going to move away from crowdsec because I exceed the free limits on log entries within the first day of the month usually, sometimes just an hour or so. I mean it still works and blocks stuff, but the web portal is basically useless for any research into what I need to give attention to. That and the fact that you can no longer delete decisions on the web portal with the free account.

As others mentioned Esc during boot. You can also configure this in your grub config so you don't have to hit escape, assuming your distro uses grub. Other boot config options will exist in other systems.

For grub it also depends on the distro as to where it is, but look for /etc/default/grub edit that and on the lone that has GRUB_CMDLINE_LINUX_DEFAULT remove the quiet and splash options. So if it looks like this:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"

change it to

GRUB_CMDLINE_LINUX_DEFAULT=""

Then run "sudo update-grub2" to make it effective.

Icons for pictures, detail view for everything else. Easier to sort in the detail view.

That was a lot of really good info. I've been having to deal with some more complex systemd configurations at work which has gotten me interested in the subject. This was a really good intro and will help a lot in my own self-hosted activities as well as work.

If she has an Android, you can use the DNS blocker in ReThink to do something similar to pihole outside of your LAN. That's what I use. There are others, but ReThink is pretty good and has lots of other stuff it can do as well, or just use the DNS option.

Yeah that can make a difference in some cases. Are they media files? Android tends to do more scanning of those as each is created. You can also set a .nomedia file in the directory that you're unzipping to on order to reduce sone of that, though not sure if the new AI stuff obeys those like Android itself does.

Pixel 9a has some issues with performance, currently. They used older storage tech for the 9 and 9a than other devices and not enough memory for all the "AI" features that are tracking everything you do to make things more convenient. There are a few articles out there related to some ways to improve performance a bit by disabling some background apps that you may not be using. It's also possible future updates from google may fix some of whatever is causing the issues for many users.

But it's not an endemic Android issue, at least not modern versions in my experience. I use GrapheneOS on a Pixel 7 Pro currently and just grabbed a couple of 10+ GB zip files I had on an old dropbox account and unzipped them with the fossify file manager. It was basically instant. Took longer to download them than unzip.

As I mentioned, your best bet is to use ADB or similar and monitor what applications are eating up resources and try to free some up. Especially any apps thrashing the storage or filling memory. That's assuming you have already uninstalled any bloatware and rebooted recently to make sure no bad apps are stuck.

TL;DR: You should have both due to the explicit breaking of the robots.txt contract by AI companies.

AI generally doesn't obey robots.txt. That file is just notifying scrapers what they shouldn't scrape, but relies on good faith of the scrapers. Many AI companies have explicitly chosen not no to comply with robots.txt, thus breaking the contract, so this is a system that causes those scrapers that are not willing to comply to get stuck in a black hole of junk and waste their time. This is a countermeasure, but not a solution. It's just way less complex than other options that just block these connections, but then make you get pounded with retries. This way the scraper bot gets stuck for a while and doesn't waste as many of your resources blocking them over and over again.

Bottleneck is usually storage speed rather than processing power. If you have a device that can use external sd cards and your device supports high-speed cards, that might help, though if the controller for sd cards is slow, that might just end up a worse bottleneck. But that's just a guess and it definitely could be that your memory is not sufficient or background apps are eating up processing, such as crypto-mining malware just as an example. You can check resources over adb while unzipping or try some benchmarks to determine your issue.

Anecdotally, I have no issues on my Pixel 7 Pro and never had issues on past Pixel or Nexus phones I've owned (generally higher end models with plenty of memory and storage space). Pixel devices don't include sd card slots so this is all on internal storage in those cases.

Sure anything is likely to take longer on a phone than on a laptop or desktop, but shouldnt be that significant of a difference unless there's a hardware bottleneck or other apps are using all the resources.

I've used java Scanner objects to do this extremely efficiently with minimal memory required even with multiple parallel searches. Indexing is only necessary if you want to search for information many times and don't know what exactly the search will be. For one time searches, it's not going to be useful. Grep honestly is going to be faster and more efficient for most one time searches.

The initial indexing or searching of the files will be bottlenecked by the speed of the disk the files are on, no matter what you do. It only helps to index because you can move future searches to faster memory.

So it greatly depends on what and how often you need to search and the tradeoff is memory usage, but only for multiple searches of data you choose to index from the files in the first pass.

I use Fedora with KDE and never have issues. Though I no longer have NVIDIA cards in any of my computers. The drivers suck on Linux in general and were the cause of many of my previous issues with Linux overall.

Yeah, companies have abused that to release buggy, incomplete products faster and only make the software stable and feature complete if they make a good profit.

Seems like poor metrics. Need an average across time. Also, if that's the case even with that and with how easy it is for ordinary people to get an account on another server, does that mean we dumped a ton of bots?

They got that idea "ask for forgiveness not permission" pushed to them by capitalist extremists for too long. I despise that concept in any context, whether justifying rape or violating privacy or anything else. But I even see it in TV shows these days portrayed as normal. Gross 🤮