sylver_dragon @ sylver_dragon @lemmy.world

Posts

4

Comments

960

Joined

2 yr. ago

Oddly, one of CrowdStrike's selling point is that it provides pretty good EDR for Linux and Mac. If you want crap EDR, which pushes you towards Windows, Microsoft Defender for Endpoint is the ticket.

I do agree with what you are saying, but for a complete beginner, and a very general overview, I didn't want to complicate things too much. I personally run my own stuff in containers and am behind CG-NAT (it's why I gave it a mention).

That said, if you really wanted to give the new user that advice, go for it. Rather than just nit pick and do the "but actshuly" bit, start adding that info and point out how the person should do it and what to consider. Build, instead of just tearing down.

No, but you are the target of bots scanning for known exploits. The time between an exploit being announced and threat actors adding it to commodity bot kits is incredibly short these days. I work in Incident Response and seeing wp-content in the URL of an attack is nearly a daily occurrence. Sure, for whatever random software you have running on your normal PC, it's probably less of an issue. Once you open a system up to the internet and constant scanning and attack by commodity malware, falling out of date quickly opens your system to exploit.

Not saying Windows isn't trash, but considering what CrowdStrike's software is, they could have bricked Mac or Linux just as hard. The CrowdStrike agent has pretty broad access to modify and block execution of system files. Nuke a few of the wrong files, and any OS is going to grind to a halt.

Short answer: yes, you can self-host on any computer connected to your network.

Longer answer:
You can, but this is probably not the best way to go about things. The first thing to consider is what you are actually hosting. If you are talking about a website, this means that you are running some sort of web server software 24x7 on your main PC. This will be eating up resources (CPU cycles, RAM) which you may want to dedicated to other processes (e.g. gaming). Also, anything you do on that PC may have a negative impact on the server software you are hosting. Reboot and your server software is now offline. Install something new and you might have a conflict bringing your server software down. Lastly, if your website ever gets hacked, then your main PC also just got hacked, and your life may really suck. This is why you often see things like Raspberry Pis being used for self-hosting. It moves the server software on to separate hardware which can be updated/maintained outside a PC which is used for other purposes. And it gives any attacker on that box one more step to cross before owning your main PC. Granted, it's a small step, but the goal there is to slow them down as much as possible.

That said, the process is generally straight forward. Though, there will be some variations depending on what you are hosting (e.g. webserver, nextcloud, plex, etc.) And, your ISP can throw a massive monkey wrench in the whole thing, if they use CG-NAT. I would also warn you that, once you have a presence on the internet, you will need to consider the security implications to whatever it is you are hosting. With the most important security recommendation being "install your updates". And not just OS updates, but keeping all software up to date. And, if you host WordPress, you need to stay on top of plugin and theme updates as well. In short, if it's running on your system, it needs to stay up to date.

The process generally looks something like:

• Install your updates.
• Install the server software.
• Apply updates to the software (the installer may be an outdated version).
• Apply security hardening based on guides from the software vendor.
• Configure your firewall to forward the required ports (and only the required ports) from the WAN side to the server.
• Figure out your external IP address.
• Try accessing the service from the outside.

Optionally, you may want to consider using a Dynamic DNS service (DDNS) (e.g. noip.com) to make reaching your server easier. But, this is technically optional, if you're willing to just use an IP address and manually update things on the fly.

Good luck, and in case I didn't mention it, install your updates.

No, because your vote won't encourage investment in flipping the State. I agree that the current duopoly sucks. I was an ardent Bernie supporter and would very much like viable third parties. But, the DNC isn't going to be looking at those third party votes. They need to believe that the Democrats have a chance of winning before they will invest in a State. If all they see are protest votes, then they won't see a viable path to them winning and they will continue to ignore the State.

Ya, it sucks, but we really do need to just keep holding our nose and pulling the lever for the Democrat in the general election.

What’s Next?

Nothing, the answer is nothing.
This is "proposal" has about the same chance of passing Congress as I do of farting diamonds. It's just empty rhetoric to pander to voters. Can't say I blame Biden for putting it out there, elections are all about empty promises. But ya, he may as well be promising unicorns and rainbows for everyone, for all the chances this has of becoming law.

Cleopatra had huge tracts of land. And all of the Romans wanted to plow her fields.
I'm walking about the wheat production of Egypt here, what were you thinking of?

If you are in a deep red state, it will seem that your vote won't matter. Because it mostly won't. However, the way States vote changes over time. The closer the vote totals in a State, the more likely the National Democratic Party is to invest resources into building up and promoting candidates in those States. That sort of thing can shift the needle, if slowly. Keep in mind that California voted Republican from '68 to '88 (source) but shifted over time.

It sucks to vote and feel like you're just pissing in the wind. But, each vote moves the needle just a bit more and maybe, eventually, things will swing.

Did you live in a cheap wood-frame (aka Fire’s Favourite Food) apartment where all the noises echo in the walls and then in our heads?

Yup, and that's been just about the only thing available. I'm sure that some high end places will be decently soundproofed; but, about that "Unless you can continue to be rich" bit, projecting much? Honestly, nothing about a city is attractive to me. I do recognize that we need a lot more mid and high density housing in the cities. And those cities need proper, modern transportation networks and to kick cars out of the city centers. I just have zero desire to live in one. I have a nice little home, out in the sticks, and have every intention of dying out here. I work remotely, so I don't even have to drive in for that. At best, I come play tourist from time to time and that's all the city I want in my life. Y'all can keep them and quit trying to force everyone to live the life you want.

As for demographic issues, birth rates in the US are below replacement level. It's only via immigration that our population is growing. And that's probably a good thing, as a shrinking population has a lot of negative economic consequences. But, we have plenty of room for both people and agriculture. We just waste a lot of it on feed crops and ethanol production.

This sort of issue is why I will never live in a shared space again. I had the neighbor who's girlfriend screamed like a porn star at all hours of the morning. I mean, great for them, but could ya not do it with the windows open at 3am? We also had issues with their sound system rattling the walls. They were pretty polite about that one, but it just kept creeping back up. I suspect it was a bass unit near a wall and it can be hard to understand how much it affects nearby people. Eventually, we moved. Now live in a detached single family home and fuck ever sharing a wall/roof/floor again.

Can't say I'm surprised. Been using Wiz for a short while and it really fills in a lot of gaps left by teams going to "The Cloud". It seems like devs working in cloud environments all forgot that security is a thing and so we get an absolute shit-show of misconfigured containers, networks, K8s clusters, etc. Add to that Google, AWS and Azure all seeming to treat security as an afterthought as well, and organizations need a Wiz or something like it to trawl through the cesspool and point out, "hey, maybe you should update that Wordpress plugin with several known RCE CVEs."

The long and short of the current state of cloud security reminds me an awful lot of the early 2000's view of on-prem security. People just throw up firewalls (excuse me, VPS configurations) and call it a day. Once the attack gets past the edge (and they always get past the edge) visibility and response actions fall off a cliff. We're at a point where we need EDR and NDR for the cloud; but, there isn't much in that space yet. Wiz is one of the options and I can see Google wanting to own a piece of that growing pie.

they get the name from the shape rather than the ingredients

I was under the understanding that the main difference was that quick breads used chemical leavening agents (e.g. baking powder) instead of yeast. Hence the "quick" in "quick bread". Wikipedia (always a source of unblemished truth /s) seems to agree with my understanding.

Not sure this will make a difference for the election. At this point, I suspect that support for gun control/rights is petty well understood and priced into support for the candidates. No one expects Biden to veto gun control legislation and no one expects Trump to sign it. Granted, Trump can be a bit of a wild card sometimes (see: bump stocks reclassification).

That said, this is likely a very hollow promise. Such legislation is almost certainly a dead bill in Congress. And even if it somehow passed, it's likely not going to make it past the current Supreme Court.

At best, this is just empty rhetoric.

I started using Summit and it was good enough that I stuck with it.

"The cloud" continues to be someone else's computer. If you put your data up there, it's no longer your data.

Reddit is (no longer) Fun.
Like others, the API change was the final straw. I used Reddit is Fun (RIF) for years, even paid for the full version, because both the official Reddit app and the mobile web interface were terrible. I was also using the old web interface with the Reddit Enhancement Suite, and that went on "maintenance mode". Overall, Reddit just reached a point that the enshitification was getting to be too much for me to stomach. So, here I am.

alternative post title: how can I grow a thicker skin, so I simply stop caring what my coworkers think or say?

This is really the secret. Many years ago, I learned a wonderful phrase:
Fuck you and the camel that came on you.

Once you learn to adopt that attitude, whatever some idiot says becomes far less important to your life. There will only ever be one person in this world whom you can really control, and that's you. For everyone else, you can either try to convince them of stuff or accept that they aren't worth the effort and move on. The latter option tends to get used a lot more.

If you can, just avoid the shitty coworkers. You won't always be able to; so, when you have to deal with them, just keep the conversations short, professional, to the point, and then excuse yourself. A simple, "sorry, I really need to get back to work" often works wonders. Also, keep work and personal lives separate. Learn to leave work at work, and that includes the people (unless you find someone who is actually worth making a personal friend of). Once you get home, stop thinking about Mr. Shitty McShitface and go do something you enjoy. Work to live, don't live to work.

I would also recommend taking a hard look in a mirror. Sure, you might actually be surrounded by assholes, at the same time if you feel like exploding at people for every idiotic thing which dribbles out of their mouth, then you're probably an asshole too. Stop trying to "fix" or control everyone around you and just accept that you can't. Life gets far easier when you realize that they aren't your problem. If you're doing things right, you should be job hopping every few years anyway. Your pay will stagnate and fall behind if you don't. So, in a couple years, those idiots won't even be around you anymore.

So, how do you "grow a thicker skin"? It's tough and takes practice. But, just keep putting in the effort to not give a fuck . Eventually, it becomes a reflex and you'll find yourself with No More Fucks to Give.

And the best part:
Larian isn't going to get shut down by some shitty vulture capital firm which bought up a ton of studios and then killed them all when times got tough.

While I hate ads as much as the next person, I'm having trouble getting outraged by ads in an app store. "Recommendations" are kinda par for that course. Sure, it would be nice if those "recommendations" actually reflected stuff I was interested in and not just who paid Microsoft the most for ad placement. But, I also aggressively turn off telemetry (and actually don't use Windows at home). So, it's not like I expect useful recommendations anyway.