  • more specific to a subset of people who have time to bother

    And that subset of people needs to have at least some kind of mindset to learn the viable minimum skills to even start with and a will to learn more and more and more. I’ve done various kinds of hosting as a career for couple of decades and as things change I’m fighting myself if it’s worth my time and effort to keep my home services running or should I just throw money to google/apple/microsoft/whoever to store my stuff and manage my IOT stuff and throw the hardware into recycling bin.

    I have the skill set required for whatever my home network might need up to a point that I could somewhat easily host a small village from my home (money is of course a barrier after a certain point), but I find myself more and more often thinking if it’s worth the effort. My Z-wave setup needs some TLC as something isn’t playing nicely and it causes all kinds of problems with my automations, my wifi network could use a couple of sockets on the walls to work better, I should replace my NVR with something open source to include couple of more cameras around the yard and have better movement recognition and cameras should go to their own VLAN and so on.

    Most of that stuff is pretty basic to set up and configure (well, that z-wave network is a bit of it’s own thing to manage) and it would actually be pretty nice to have all the things working as they should and expand on what I have to make my everyday life even more simpler than it already is. But as there’s a ton of things going on in life I just rather spend few hours gaming from my sofa than tinker with something.

    That’s of course just me, if you get your reward and enjoyement on your network then good for you. Personally I think I’ll keep various things running around, but right now in this place I’m at, the self hosting, home network and automation and all that is more of a chore than a hobby. And I’m pretty sure I don’t like it.

  • Omakoti täälläkin ja pörssissä on oltu jonkin aikaa. Kesäaikaanhan tuo on ollut mukava kun pörssihinta on aivan nollissa, nytkin sahko.tk näyttää että 28vrk keskiarvo on alle 4 senttiä, mutta talvella pitää seurata aika tosissaan että mitä se milloinkin maksaa ja ohjata lämmitystä (osin automatisoidusti) sähkön hinnan mukaan. Ei tuolla ihan ihmeisiin tietysti pysty kun ei talossa varaavaa massaa kuitenkaan ihan älyttömästi ole mihin pistää halpoja watteja talteen, mutta pörssiin siirtyessä silloinen yhtiö tarjosi mukavaa 28 senttiä + verot (tai jotain tuonnepäin) niin valinta oli aika yksinkertainen.

    Pitäisi tieten viitsiä huudattaa noita toimittajia että mihin hintaan saa ihan oikean kiinteän sopimuksen ilman mitään kulutusvaikutuspelleilyä, ne kun on paitsi hemmetin epäselviä laskukaavoiltaan niin myös ainakin uutisoinnin perusteella vaikutuksetkin jää lähinnä myyntitykkien käsienheilutteluksi.

  • I agree with you, nuclear response would make things very difficult with China and their allies, but there’s plenty of traditional firepower available directed to Russia if things escalate to that point and should Russia attack with nukes I don’t think they’ll have a lot of support for their actions from the east. And triggering nuclear response would likely end up in a MAD scenario which is something I think (and hope) no one really wants to see trough.

    But that still leaves a pretty big field to work with traditional ammunition and a skilled pilot from Sweden could still reach Moscow in 20 minutes or so to turn multiple military targets within the city into a rubble. And there’s plenty of airfields closer than Stockholm with equally capable fighter jets. For the ground force, Finns and Estonians could at least in theory reach Moscow in 10-12 hours since majority of troops defending it are already down on some field in Ukraine and our artillery forces move pretty damn fast.

    The amount of destruction Russia could cause is of course still an enormous humanitarian crisis, but even if they could turn Kiyv to wasteland (and kill millions while doing it), it still wouldn’t change the outcome of full Nato response without any bullshit politics limiting on actions if anyone is allowed to strike on the Russian soil.

  • Medvedev found keys for the booze cabinet again? They seem to happily forget the fact that Moscow is well within reach of multiple Nato countries by now. Obviously a ton of things need to change before anyone with a gun is standing on a red square, but Finland, Sweden, Estonia and Poland (among others) are quite capable of hitting the Kreml (in theory, and in practise if needed) with fighter jets in less than 30 minutes. Additionally their ports opening to gulf of Finland are in reach of both Finns and Estonians with traditional artillely, and at least we in Finland are pretty capable and accurate with our hardware.

    So, even if they find some old soviet relic still functional, Nato has multiple options to level multiple cities at Russia before their missile hits the ground. Nuclear attack against Ukraine would of course be a humongous tragedy with terrible price on civil casualties, but I’m pretty confident that it would be the last thing the Russia we currently know would do as a country.

    As far as I know it is the default way of handling multiple DNS servers. I’d guess that at least some of the firmware running around treats them as primary/secondary, but based on my (limited) understanding at least majority of linux/bsd based software uses one or the other more or less randomly without any preference. So, it’s not always like that, but I’d say it’s less comon to treat dns entries with any kind of preference instead of picking one out randomly.

    But as there’s a ton of various hardware/firmware around this of course isn’t conclusive, for your spesific case you need to dig out pretty deep to get the actual answer in your situation.

    have an additional external DNS server

    While I agree with you that additional DNS server is without a question a good thing, on this you need to understand that if you set up two nameservers on your laptop (or whatever) they don’t have any preference. So, if you have a pihole as one nameserver and google on another you will occasionally see ads on things and your pihole gets overrided every now and then.

    There’s multiple ways of solving this, but people often seem to have a misinformed idea that the first item on your dns server list would be preferred and that is very much not the case.

    Personally I’m running a pihole for my network on a VM and if that’s down for a longer time then I’ll just switch DNS servers from DHCP and reboot my access points (as family hardware is 99% on wifi) and the rest of the family has working internet while I’m working to bring rest of the infrastructure back on line, but that’s just my scenario, yours will most likely be more or less different.

  • En minäkään tiedä alkon myymälöiden liiketoiminnasta mitään, mutta sinne on kumminkin viinat, viskit, rommit ja aika paljon muuta jäämässä sen asiantuntemuksen ja muun kanssa. Ihan yhtälailla ainakin paikallisessa alkossa on tarjolla tuplapukkia ja muuta olutta mitä saa siitä viereisestä prismastakin, hintoja en ole vertaillut vaan veikkaan että s-mafia myy halvemmalla.

    Toisaalta jos merkittävä määrä pienempien kuntien alkoista menisi kiinni niin ehkä sitten saataisiin alkoholin etämyynti jotenkin järkeväksi, mutta en taida pidättää hengitystä tuota odotellessa.

  • losing 1380 personnel, but only 1 tank

    That’s what I’ve been following too. And additionally, based on quick’n’rough estimation from wikipedia numbers, artillery reserves are pretty much depleted too, so Russia is fighting on what ever soviet era relics they can refurbish and what they can manufacture/buy. I don’t think they’ll have short of ammunition any time soon, but diminishing numbers of barrels should start to show up on these statistics ‘in the near future’, whenever that might be.

  • My bank uses 6 digit ‘customer number’ (which is set by the bank) and that’s verified with an app and a personal PIN (app shows ‘login attempt ABCD at mm.dd. hh:mm’ where ABCD is shown on login page too) or via SMS OTP (again with ‘ABCD’ verification). And again with personal pin + app or OTP to confirm transactions. The app itself can be protected with a fingerprint or phone pin and every new installation needs to be registered to the system, so I can’t just use my phone app to access my wifes account (or anyone elses) but I still can map multiple accounts (like corporate ones) to the same installation.

    I think that’s pretty reasonable approach.

  • Well, on channel description he clearly states that those are only motorized recreations of suggested perpetual motion machines. But on individual videos that info doesn’t seem to be that readily available, so it’s not totally wrong to say that the whole channel is a lie, but strictly speaking not excactly correct either.

    Some of those gadgets would make a nice desktop toy, obviously with a usb power brick or batteries.

  • Back in the day with dial-up internet man pages, readmes and other included documentation was pretty much the only way to learn anything as www was in it’s very early stages. And still ‘man <whatever>’ is way faster than trying to search the same information over the web. Today at the work I needed man page for setfacl (since I still don’t remember every command parameters) and I found out that WSL2 Debian on my office workstation does not have command ‘man’ out of the box and I was more than midly annoyed that I had to search for that.

    Of course today it was just a alt+tab to browser, a new tab and a few seconds for results, which most likely consumed enough bandwidth that on dialup it would’ve taken several hours to download, but it was annoying enough that I’ll spend some time at monday to fix this on my laptop.

    I mean that the product made in here is not the website and I can well understand that the developer has no interest of spending time for it as it’s not beneficial to the actual project he’s been working with. And I can also understand that he doesn’t want to receive donations from individuals as that would bring in even more work to manage which is time spent off the project. A single sponsor with clearly agreed boundaries is far more simple to manage.

    The threat model seems a bit like fearmongering. Sure, if your container gets breached and attacker can (on some occasions) break out of it, it’s a big deal. But how likely that really is? And even if that would happen isn’t the data in the containers far more valuable than the base infrastructure under it on almost all cases?

    I’m not arguing against SELinux/AppArmor comparison, SElinux can be more secure, assuming it’s configured properly, but there’s quite a few steps on hardening the system before that. And as others have mentioned, neither of those are really widely adopted and I’d argue that when you design your setup properly from the ground up you really don’t need neither, at least unless the breach happens from some obscure 0-day or other bug.

    For the majority of data leaks and other breaches that’s almost never the reason. If your CRM or ecommerce software has a bug (or misconfiguration or a ton of other options) which allows dumping everyones data out of the database, SElinux wouldn’t save you.

    Security is hard indeed, but that’s a bit odd corner to look at it from, and it doesn’t have anything to do with Debian or RHEL.

  • Vähän kaksijakoiset mietteet tuli uutisesta. Alvikanta nousee mm. julkisella liikenteellä, lääkkeillä ja liikuntapalveluilla, jotka varmaan osuu pahimmin sinne köyhimpään kansanosaan ja varsinkin lääkkeissä tuo 4% voi olla tarpeeksi kaatamaan jo valmiiksi hataralla pohjalla olevan talouden esim. työttömillä. Karkkien ja kulttuurin kohdalla varmaan ihan perusteltu nosto, mutta tahtoo kyllä omalla kohdalla sanoa että kulutus vastaavasti pienenee tuon noston verran. Samaten hoitajamitoituksen pienentäminen ja kotitalousvähennyksen lasku osuvat heikommin pärjäävään kansanosaan, joten linja on edelleen tuttu raippaa raipan päälle.

    Eläkkeiden kohdalla sama homma, joskin sille kokonaisuudelle on varmasti pakko jotain tehdä ja sieltä se köyhin pääty joutuu nyt sitten puun ja kuoren väliin. Jää nähtäväksi nouseeko sosiaalipalveluiden tarve kokonaisuudessa isommaksi kuin nyt tehdyt säästöt ja jos näin käy niin lisätäänkö sinne rahoitusta vai pistetäänkö mummot kirjailmellisesti hankeen istumaan.

    Puolustusmenojen kasvu nykyisessä maailmantilanteessa taitaa olla enemmän pakollinen paha. Parempi varautua nyt kuin vasta sitten kun ruskeaa on tuulettimessa ja tuotantoketjut solmussa. Poliisin määrärahalisäys on sitten vähän monitulkintaisempi juttu. En näin kylmiltään osaa sanoa että miten tehokkaasti poliisi nykyiset lanttinsa käyttää, mutta ainakin tien päällä näkee virkavaltaa melkoisen harvoin. Oma (yksittäinen tietysti) esimerkki kertoo, että katsastamattomalla autolla voi ajella kirjaimellisesti melkolailla koko valtakunnan päästä päähän pariin kertaan eikä mitään tapahdu (nykyisen perheenkuljettimen ostin tammikuussa ja pakkasilla pistin vaan korvantaakse että siinähän on kesän yli leimaa, vaan muistikuva oli pari kuukautta huti. Tilanne on nyt korjattu).

    Paljon muutakin analysoitavaa tuossa hyvin kapeassakin jutussa varmaan olisi, varsinaisista yksityiskohdista puhumattakaan, mutta ei tuo nyt isossa mittakaavassa tarkasteltuna varmaan aivan täysi susikaan ole. Sen suhteen tosin olen varsin skeptinen että tällä(kään) kierroksella saadaan valtiontaloutta kovin isosti parannettua ja semmoinen kutina tuossa on että yhteiskunnan turvaverkoissa on yhä enemmän reikiä mihin tippua ja ne montut on entistä syvempiä.

  • If I had to guess, I’d say that e1000 cards are pretty well supported on every public distribution/kernel they offer without any extra modules, but I don’t have any around to verify it. At least on this ubuntu I don’t find any e1000 related firmware package or anything else, so I’d guess it’s supported out of the box.

    For the ifconfig, if you omit ‘-a’ it doesn’t show interfaces that are down, so maybe that’s the obvious you’re missing? It should show up on NetworkManager (or any other graphical tool, as well as nmcli and other cli alternatives), but as you’re going trough the manual route I assume you’re not running any. Mii-tool should pick it up too on command line.

    And if it’s not that simple, there seems to be at least something around the internet if you search for ‘NVM cheksum is not valid’ and ‘e1000e’, spesifically related to dell, but I didn’t check that path too deep.

  • Did they damage that target? Disable it? Destroy it?

    I haven’t seen any public statistics for this, but based on my understanding, if you hit pretty much any modern tank on top hatch or some other weak spot with a javelin it’ll at least disable the tank as it pretty much melts everything inside the crew space/engine bay. Those might be repairable, but most likely not in the location.

    And what Ukrainians will most likely encounter is not a modern tank, but a T-62 or some even older soviet relic, which doesn’t have active armor and those can be stopped with a good throw of molotov cocktail. So, my somewhat uneducated guess would be that every decent hit is a destroyed tank. Of course there’s missed shots, less than optimal impacts and all that, so actual number isn’t 100%, but I’d guess that it’s not far off.

    And for tanks there’s also a guestion if Ukraine can even find anything to shoot at. On Ukrainian reports destroyed tanks have been in single digits per day for quite a while, so either Russia has learned on how to defend their gear or (in my opinion more likely) they just don’t have that many tanks anymore. Obviously across the whole Russia there’s a ton of relics around, starting from T-34’s from WW1, but I guess no one knows how many of those are in condition where they could even move on their own and even if they did it’s guestionable how effective those would be on todays battle field.

    But javelins are still pretty neat hardware and they can easily destroy pretty much anything on the field, the only guestion is if Ukraine can get those close enough to hit anything interesting.