VPS + VPN is the cheapest option I believe for the services. It doesn’t have to be “elaborated”.

You can port-forward public VPS ports to your private addresses/ports. If you don’t want to use iptables you can use firewalld.

The only “but” will be latency. For gaming it won’t perform as you may need.

• https://major.io/p/forwarding-ports-with-firewalld/
• https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/7/html/security_guide/sec-port_forwarding#sec-Adding_a_Port_to_Redirect

It’s no longer open source. Big Deal in my books.

Vault features are cool. I really like it. But with Hashicorp now there is this big risk of “rug pulling” regarding its license.

The wise thing, in my opinion, is to avoid this company as much as possible.

Parallel Desktop

There are several FOSS alternatives. All of them are more popular that Parallels.

Nobody likes Adobe, nobody wants to work with Adobe. Nobody can avoid Photoshop. That’s just the world we live in and I don’t like it.

This sounds like Stockholm syndrome. You are just too familiar with Photoshop, so using anything else is hard and less efficient.

In photography there is this mantra about “the most important part is right behind the camera”. A good photographer is not a good Nikon user, or good Canon user. A good photographer can deliver decent pictures with a potato camera if needed.

Sure, a potato camera is less efficient for any work that an actual good one. So it’s good to invest in a good brand. But the point is: if you are not capable to make average results with a potato software, the problem is not in the software.

If you’re concerned about security, consider GPG signing your kernel with Libreboot GRUB for an additional layer of verification at boot.

Hey! I had no idea that was possible. I usually encrypt everything but /boot, because it’s easy that way.

I don’t have a “threat model” of someone puting malware in /boot while I’m away of the computer. But it would be nice to know how to prevent that.

Do you have a link of a guide or tutorial for that?

Keys and tokens will be shared securely via singaporean hotels wifi.

If your comments have been federated to other instances, they will be there until they are deleted locally. If someone clicks on your user profile, they will get a DNS error if the domain is no longer there. Images in the comments pointing to you instance will be broken too. Nothing terrible actually happens.

Migrating accounts a la Mastodon is not happening soon in Lemmy.

My advice is: Go on and save some money.

Sorry to read that.

I’ve dded an external drive instead of an SD card once by mistake. I’ve never felt more stupid than that day.

Friends don’t let friends to use snap.

I used to love Ubuntu. But for many reasons, snaps among them, it no longer exists to me. It’s just Mint or Debian if I need something Ubuntu-like.

It’s running NetBSD, isn’t it?

Some security tips:

Firewall should block everything by default, and you start allowing incoming and outgoing connections when you need them or if something fails.

Disable passwords and root access in ssh daemon.

Use fail2ban or something similar to block bots failing to log-in.

Use random long passwords for everything (eg: like databases). And put then in a password manager. If you can remember the database password, it’s not strong enough. If you can remember the admin password for a public web service, it’s weak.

Don’t repeat the passwords. Everything should have its own random long password.

.env files and files with secrets should be readable only by its service user. Chmod them to 400.

Monitor logs from time to time to see if something funny is happening.

Random ports are easy to discover and there are tools to discover what service is behind a port.

It’s annoying for the legitimate user and easy to bypass by an actual attacker.

Also, if you use a random port above 1024 it could be a security issue since any user could star listening if the legitimate process crashes.

See this

Nothing illegal is being discussed.

But I’m happy to talk about Jolly Roger.

https://workaround.org/

Wow! this is exactly what I needed. Although, I didn’t exactly ask for it.

Thank you very much

Thanks to both of you.

I had the hope that DMARC, SPF and DKIM was stuff I could just ignore if not sending email. It seems I was wrong about that.

These news are obviously false. Google is not doing this.

Probably Snapchat or the phone automatically reported something.

I don’t believe the Snapshat app doesn’t use TLS, nor the airport performed some sophisticated man-in-the-middle attack.

I don’t think so.

Trump himself was victim of credential stuffing. And he’s not the only politician or billionaire who has suffered stolen accounts of something.

It’s not FOSS and I don’t see a way to review if what they claim is actually true.

It may be a way to just help to diferentiate legitimate human made work vs machine-generated ones, thus helping AI training models.

Can’t demostrate that fact neither, because of its license that expressly forbids sofware adaptions to other uses.

Edit, alter, modify, adapt, translate or otherwise change the whole or any part of the Software nor permit the whole or any part of the Software to be combined with or become incorporated in any other software, nor decompile, disassemble or reverse engineer the Software or attempt to do any such things

sauce: https://nightshade.cs.uchicago.edu/downloads.html