Former Reddfugee, found a new home on feddit.de. Server errors made me switch to discuss.tchncs.de. Now finally @ home on feddit.org.
Likes music, tech, programming, board games and video games. Oh… and coffee, lots of coffee!
I � Unicode!
While technically correct, the word Verkehr here does not translate to traffic, but rather belongs to the compound Verkehrsgenehmigung which is roughly a trade permit for selling a plot of land or using it as a collateral on a loan.
I’m currently experimenting if I can convert my stack to rootless podman.
I found in my notes, that
A user-mode networking tool for unprivileged network namespaces must be installed on the machine in order for Podman to run in a rootless environment.
Podman supports two rootless networking tools: pasta (provided by passt) and slirp4netns.
Could this be your problem?
Taken from https://github.com/containers/podman/blob/main/docs/tutorials/rootless_tutorial.md
If done correctly, those may only be open from the internet, but not from the local network. While SSH may only be available from your local network - or maybe only by the fixed IP of your PC. Other services may only be reachable, when coming from the correct VLAN (assuming you did segment your home network). Maybe your server can only access the internet, but not to the home network, so that an attacker has a harder time spreading into your home network (note: that’s only really meaningful, if it’s not a software firewall on that same server…)
Instead of thinking with layers, you should use think of Swiss cheese. Each slice of cheese has some holes - think of weaknesses in the defense (or intentional holes as you need a way to connect to the target legitimately). Putting several slices back to back (in random order and orientation) means that the way to penetrate all layers is not a simple straight way, but that you need to work around each layer.
…But will it run DOOM?
That’s exact why I included it here. There are only few happening per year but it’s such a strange topic and somehow fascinating to watch
Depends on what you are looking for. Some from the top of my head - only English sources:
Phones, etc? Just sync to the mentioned Nextcloud, PC downloads from there and everything gets then into the aforementioned backups.
Homeserver? See “PC” above. With the caveat that some VMs/containers are not in the backup cycle, as they do not store any valuable data besides temp files, etc. For these, only things like docker compose files, custom config, ansible playbooks,… are in my backup.
Somewhat, I read a German news article that explicitly warned that USB transfer will be blocked. I just searched for an English article to post here afterwards, but I didn’t read it. So… yeah, „lost in translation“
So I’d suggest, unless you really really need some obscure feature, Calibre+Kindle is nowadays perfectly fine, and maybe you shouldn’t risk bricking your device.
Uhm… Well about that… You will not be able to transfer books onto you kindle via USB in about a week. Amazon is going to remove that feature from all Kindles next week. The only way to do that may be through the method you described. But how long will they offer that, if they say they are removing the USB feature because of piracy? You cannot pirate books onto your kindle, when you cannot transfer books from outside of Amazon onto it. (Also this is a nice reason for them to block you from buying books anywhere else than on Amazon, of course)
https://www.theverge.com/news/612898/amazon-removing-kindle-book-download-transfer-usb
WELL, I’m not running
kill -9 $PPID
Pretty pretty sudo with —no-preserve-root on top?
Still slowly working my way through TLoZ Echoes of Wisdom. I managed to stay very far away from spoilers. I do make slow progress, as I get always distracted by exploring and trying to get to places that seem reachable but aren’t quite accessible. I’m not 100% sure, as I do not stick to “the obvious route” to get to places, but it feels like I found a few minor skips. LOL
I connected it once, then set it in the router as „enable child protection -> disable internet access“, gave it a static IP address and also blacklisted that address on my pi hole so that DNS won’t work for it. Then I immediately disconnected it. The router recognizes the TV with its MAC address when it gets reconnected and immediately bans internet access when it gets reconnected.
They have no free time in the calendar that fits for all people. We should schedule a few meetings with several sub-groups of those people to commit to a time slot that fits all their calendars or to negotiate with them that they should clear their calendars for us!
Yeah, I’m also using a local resolver. But since I had some problems using another DHCP server (which was probably a problem on my end), so I’m current setting some devices in my FRITZ!box to a fixed IP and then enter that in my DNS server. If I could just skip the second part and tell the FRITZ!Box to just resolve printserver.example.com instead of printserver.fritz.box - that’d be nice. Maybe I should do another try with a DHCP server soon.
I really like them but they do have two downsides for “more advanced” users (or at least for me) - it is a home device as after all.
If you’re an advanced user, there’s plenty of ways around that, though. I just wished that these two thing were to exist in the firmware to have less work with my home infrastructure.
German legalese has
Verkehras a reference toin Verkehr bringenwhich meansput something on the market/put something on circulation.But it’s hard to recognize /learn because
Verkehralmost(?) always meanstrafficoutside of legalese andVerkehrbut really meantraffic