StarkZarn @ starkzarn @infosec.pub

Posts

10

Comments

74

Joined

2 yr. ago

Ah yes, those examples were helpful and definitely helped inspire this. Glad you found some value in the ramblings. Post 2 will be up soon.

What nice feedback to read. I think you and I are aligned in what this will hopefully become. I really just wanted to start publicly sharing my hobby notes instead of holing them up in a local Joplin file or something, so that's what I'm going to do. We may have similar hobbies though, which sounds like it'll benefit you. Haha.

Excellent! Leave a note somewhere on how it measures up, I can always use more ideas!

Paperless-ngx! https://github.com/paperless-ngx/paperless-ngx

For anyone who reads this post and sees the mention of headscale -- that was the overarching goal here but the blog post started getting long so I decided to chunk it up. As soon as I polish up the headscale writeup I've got drafted and get that posted, I'll drop a link here just in case anyone is interested.

No one has mentioned anything about how CISA -- as gutted as they are -- has stepped up to ensure funding for the next 11 months. CVEs aren't going anywhere.

I thought this was gonna be some animorphs shenanigans from the thumbnail

They place arbitrary limits on home users as well, which is a secondary reason to not use it compared to open source offerings. For instance:

• you are limited to 1Gbps line speed
• you are limited to one week of analytics, with no export option, so you can't even ship them elsewhere
• there are also resource limits that prevent ram and CPU utilization

Suppose it makes sense to use a cybertruck as the hero photo then

Discord isn't free, you're paying with your data. 😅

Ah. Too bad. Sorry, it's been a little while since I shopped for mine.

I use an Amcrest AD-410 for this and it works great. Video is ingested by frigate, and I am using a fork of amcrest2mqtt to monitor for button pushes and receive a notification on my phone. They also have a "chime kit" I think it's called, to hook up to your 24v doorbell unit.

My brother in Christ, scope your sessions... Firefox has containers, chrome has profiles, or hell, just use two different browsers.

I'm not sure you understand what "objectively" actually means... Care to provide your data in support of your objective conclusion?

Ah it's fine, we know they'll be totally fine on their own. I mean, they have their own totally reliable, independent electric grid, right?

It's just an NTP pool. The device is trying to update it's time. Likely it made many other requests to other servers when this one didn't work.

Maintaining up to date lists of anything is a game of whack a mole, so you're always going to get weird results.

If you're actually unsure, pcap the traffic on your pfsense box and see for yourself. NTP is an unencrypted protocol, so tshark or Wireshark will have no problem telling you all about it.

That said, I'd still agree with the other poster about local integration with home assistant and just block that sucker from the Internet.

Ran into a similar conundrum. We use mealie for recipe management and occasionally meal planning, but the shopping list is clunky. We resorted to just making a list on a card in Planks. Not purpose-built, but it has worked rather well for us.

I don't know how you got a picture of me, but I demand it is removed!

Potentially, but precision is important, especially if you're going to make sweeping claims about a topic, acting as an authority.

This is absolutely not what DNSSEC is. DNSSEC provides authenticity of the response, not privacy. You're describing a means of encrypted name resolution, like dns-over-tls, dns-over-https, etc.