XML is a superior format to Json or yaml or any of those other trendy formats around today. It’s the hill I’m willing to die on because I’m right.

Attackers need to access the system kernel to exploit the Sinkclose vulnerability, so the system would have to already be compromised. The hack itself is a sophisticated vector that is usually only used by state-sponsored hackers, so most casual users should take that into account.

So it’s a vulnerability that requires you to.already have been compromised. Hardly seems like news.

I can understand AMD only patching server chips that by definition will be under greater threat. On the other hand it’s probably not worth the bad publicity not to fix more.

I moved from an FX8350 to a R5 5600G a few years ago, having run it for about 9 years. Initially I didn’t think I’d notice much difference, but frankly it’s an entirely different ballgame.

“Already stable enough”

1. no it isn’t.
2. if fucking should be, it’s been around 15 years!

I’m no expert in JSON, but don’t you lose the ability to filter it before your application receives it all? If you had a reasonable amount of data then in SQL you can add WHERE clause and cut down what you get back so you could end up processing a lot less data than in your JSON example, even with the duplicated top table data. Plus if you’re sensible you can ensure you’re not bringing back more fields than you need.

It started with Emby and pihole. I’m now up to about 30 different services from Vault, email, 3CX, home assistant, firefox, podgrab etc.

I just setup netboot.xyz this evening as an experiment. Is pretty cool.

It’d be nice if email clients automatically checked for public keys for any email you enter in the To fields. With a nice prompt that keys have been found to Encrypt the message with. It doesnt sound too difficult and it could lead to much wider adoption of secure emails.

Unfortunately most people get their email free because companies like reading it and stopping that means it might become a paid for service. Something I’m happy to pay for, but many wouldn’t be.

You can download the public key from the web interface. I then imported it in to gpg with a gpg --import public.asc and then used the above commands to generate the WKD structure.

There’s 2 methods, one uses a subdomain and one doesn’t. Without is called ‘direct’. No special DNS entries required really. I have a wildcard subdomain entry which works for me. Just so long as the key is available over HTTPS using one method.

Just add AND 1=2 to any query for incredible performance gains

I’ve been using it for a few years. Really handy way if avoiding cooperate firewall rules.

XML is all round better than Json.

How’d you set that up with Opnsense fail over? I have an opnsense VM with input straight from the ISPs FTTP box to the NIC on my server. So I can’t fail over to my second proxmox box without swapping the cable over.

Run your own DNS server on your network, such as Unbound or pihole. Setup the overrides so that domain.example.lan resolves to a local IP. Set your upstream DNS to something like 1.1.1.1 to resolve everything else. Set your DHCP to give out the IP of the DNS server so clients will use it

You don’t need to add block lists if you don’t want.

You can also run a reverse proxy on your lan and configure your DNS so that service1.example.lan and service2.example.lan both point to the same IP. The reverse proxy then redirects the request based on the requested domain name, whether that’s on a separate server or on the same server on a different port.

I don’t understand it either. On one hand people say don’t remember addresses, use DNS and on the other DNS relies on static addresses but then every device is “supposed” to have random addresses via SLAAC or privacy addresses. It just doesn’t seem to tie together very well, but if you use them like IPv4 addresses you’re apparently doing it wrong.

RAID IS NOT BACKUP RAID IS NOT BACKUP RAID IS NOT BACKUP

Don’t use Red drives for a NAS!! You need the Red Plus (or is it red pro) disks as they’re CMR.

I’d go for Ultrastar drives personally. There’s a few really good videos online analyzing the backblaze stats for different drives that are well worth watching.

I received so much spam and abuse of my network from .xyz domains that they are fully blocked in every conceivable way from being accessed or accessing my network.

A few people need to get off their horses and come up with and agree to IPv4². It’s exactly the same as IPv4 except there’s 2 more octets of address space - 48bits for addresses*. Job done. You’d see wide spread adoption in under 2 years and then we can forget about it all and move on with our lives safe from the clutches of IPv6.

I don’t give a crap that doesn’t neatly fit into 32 or 64 bit architectures. It’s more than doable at plenty fast speed and it keeps everything manageable.