pezhore @ pezhore @infosec.pub

--- GPG Proofs ---

---

Read more

Posts

0

Comments

212

Joined

2 yr. ago

What does your nginx config look like for ssl? It should specify a certificate and key file - that certificate subject needs to match your fully qualified domain name (fqdn). Certificate can have subject alternative names (SAN) for other names and even IP addresses.

For instance, you could have a single certificate for foo.bar with a SAN for just foo and an IP SAN for 192.168.1.30.

Certificates also need to be signed by a certificate authority (CA), and in order for your browser to visit https://foo.bar/ without a warning your browser must trust that CA.

If you did a self signed cert, this is most likely the problem you're running into.

It's important to know that your communication is still encrypted because of SSL, but since your browser doesn't trust the CA (or the subject doesn't match the FQDN) the browser will say it's not secure.

2 BOOBS, 2 FURIOUS.

Get in losers, we're stealing combo vcrs.

I'm confused - what was here before the domain expired? The only thing I'm finding for AZA is the association of Zoos and Aquariums.

Sometimes when I sneeze, my arm hurts.

I'm fairly certain it's not a heart attack.

I've been trying to find some good blogs that offer some fact driven counters to the insanity. So far I just have Where's Your Ed At, I would love to add other ones to my list.

Heck, African American! That’s all you had to say!

Hooooboy. Their comment gets worse the further you read.

God that picture of Barron in the article. What fucking teenager goes into a hairstylist and says, "give me the Gordon gecko"?

Edit: deleting most of my comment because it's a duplicate from the person who answered hours ago, leaving my indexers comment.

Something that you didn't mention, but needs addressing - indexers. Yes, there are free indexers but they're often capped at a certain number of grabs per day. Expect to pay for access to these as well - but some have lifetime memberships at a reasonable price. Get more than one and sabnzbd can prioritize by user-assigned weight. (By the way,these are typically what gets hit by content protection/LE). Indexers provide the nzb files that tell you download client where in the providers' server to find the download bits/bytes.

The *arr stack works wonderfully with Usenet, I think if you go this route, you'll be surprised how little you have to fall back to torrents.

IIRC, he was the designated driver too.

Nope. It looks like it may be my instance - infosec.pub 😟

Man, Voyager has been having issues with images lately. This didn't load with a message:

    
{"code":"validate-width","msg":"Too wide"}

  

Ah, this is a gif - I would have thought that worked across instances, maybe not?

If you haven't yet, check out the latest steamos update - they finally added battery charge limits it won't help a dying battery get better, but it may stave off the demise.

They're also no picnic for people who want kids but can't have them despite years of trying.

Well, looks like the National Institute for the Deaf (NTID) had at one point partnered with Georgia Tech on an app, PopSign, but that download link doesn't work anymore.

Similarly, NTID had a free class, but it got cancelled.

I'm a little surprised there isn't more from the first (and largest) national technical deaf institute....

I love my steam deck. It's the reason why I finally ditched Windows for Linux on my gaming PC.

This past week I got into emulation on it and have been shocked at how well it has been performing.

Oh there's definitely some elder gods involved with programming when I do it.

Yeah, well, about that. https://www.supremecourt.gov/docket/docketfiles/html/public/24a966.html (note this is a preliminary injunction to allow Trump to fire democrat members of a Congressionally appointed bi-partision governing body - just like the Fed).

From the dissent:

The majority closes today’s order by stating, out of the blue, that it has no bearing on “the constitutionality of for-cause removal protections” for members of the Federal Reserve Board or Open Market Committee. Ante, at 2. I am glad to hear it, and do not doubt the majority’s intention to avoid imperiling the Fed. But then, today’s order poses a puzzle. For the Federal Reserve’s independence rests on the same constitutional and analytic foundations as that of the NLRB, MSPB, FTC, FCC, and so on—which is to say it rests largely on Humphrey’s.

The whole opinion (PDF link) is worth reading, but basically SCOTUS just gave a green light to fire independent board members without cause. The Fed absolutely is in danger, even if the majority of the court thinks that for some magical reason the same legal basis that allows the termination of National Labor Relations Board (NLRB) and Merit Systems Protection Board (MSPB) doesn't apply.

There's a great podcast, Main Justice that goes into this better than I possibly can.

We were visiting for about a week and I think it took three separate days, about 20 minutes each day before she felt comfortable doing the VPN stuff herself.

It was definitely painful, but if you're patient, it's doable.

Good luck with whichever option you choose!

Speaking as someone who has recently taken on a far-remote (e.g. about 22 hour drive away) support for a MIL, the best thing you could do is set up a VPN.

1. It works both ways (typically) so you can easily remote in to their system when they're on the VPN for updates/troubleshooting
2. it minimizes the hardware "on-site" at their location
3. Depending on your VPN client, it can have an easy to use GUI, further lowering the barrier if your remote person is tech-inept

For me, I'm still on Plex with a very old lifetime account with my MIL using a dedicated user account - that access is over the Internet. The VPN is to provide access to Overseerr so that she can do things like request specific movies/TV shows without having to email/call.

It's not perfect - one day I woke up to 26 seasons of "Into the Country", but it works fairly well.

I sat down with her one day while visiting about a year or so ago and walked her through connecting to the VPN, then getting to the hosted site, then disconnecting from the VPN - basically running drills and making her take notes until she felt she could do it by herself.