I don’t have any issues with Xorg honestly, it just works and always has for me. I tried Wayland as a default in plasma and I couldn’t get gaming to work at all, and I had weird issues watching video in the browser. Really odd that it’s a default in kde imho when even the steamdeck is all Xorg (or gamescope. in gamemode.)
Yay! Maybe I’ll give Wayland a chance again when all these issues are ironed out.
I think the author identifies the correct issues but this isn’t an argument against passkeys as a security measure rather their inevitable use by corpos for data harvesting. I hate it too tbqh I’d rather get hacked on some disposable email account with a random username than have to hand over my PII, money and mortal soul to Google for extra sec. At work it’s a different level of shit entirely. We have SSO behind SSO behind SSO, the inept overseas coworkers don’t understand arch of the company they got merged with nor the concept of legal compliance or ISO, they’re running the entire sec programme into the ground to bring it under AD in a way that directly compromises their AD when nothing in any of our orgs even uses windows in any way except theirs where they drink M$ coolaid. If this job wasn’t so comfortable I’d be depressed just thinking about it.
Oh god the lemmings are optimizing posts for engagement. We are approaching peak content
Truly awesome that this hobby is getting coverage! I’m very very lazy when it comes to self-hosting, by far my largest project was moving off Spotify and archiving all my playlists.
Rotating 3 API keys for spotdl and a YTP free trial for that sweet sweet 256kbps AAC then Musicbrainz Picard to label correctly all the music (automatic was nearly almost always wrong), then automating rebuilding the m3u8 playlists followed by the insane work of correcting all the little imperfections. Must’ve taken me like 2-3 weeks of just working on it most of the day.
But the result? A proper offline music library with all my main playlists with each song at the proper position and order in my playlists with the correct (Spotify) metadata using correct versions of the songs in at least 256kbps AAC (and many cases FLAC and where available non-vinyl hi-res).
Tossed on an old dell workstation I got for £50. Hosting navidrome where my JF, Qbittorrent-nox and Immich live. Using symfonium on my phone. Can access remotely via OpenVPN. Couldn’t be happier.
Bot? What’s with the image?
Unauthenticated endpoints aren’t one as far as you can tell.
Download file from Google Drive link
Download OpenVPN app
Pick file in OpenVPN app
Enter password
Share WiFi from phone to TV
Done
Honestly it’s news to me but having read through those most of them are not an issue.
setup a VPN. Pray you don’t have a user on a device that doesn’t have a VPN app that you can work with.
Dafuck kind of a nitpick is this? In what world does OpenVPN not have an application for every device and OS combo out there fully supported? You tryna watch it on a VCR or smth?
What is this?
KDE is getting better and better. I was a die hard gnome but I’m rooting for y’all now. Using KDE daily on every Linux system I own.
deleted by creator
He clearly means the opposite
If you’re running externally, use a cloudflare tunnel.
No ports exposed = no attack surface. This is 99% of security.
HTTPS is provided by CF although only secures comms between your devices to CF, not CF to your Pi, meaning CF can see clear text technically.
If that’s not good enough then use a VPN server like PiVPN and put it on your pi and OpenVPN on your devices. *This has nothing to do with paid VPN Client subscriptions like Tunnelbear or Proton or whatever. *
You will be running a VPN server on your pi to which you will connect from your devices on which you want to watch JF by downloading a device profile to your devices and opening it in the OpenVPN app.
You do not need to pay for anything at all anywhere ever (other than something for DDNS and a domain name), use a strong password and make sure your JF is updated if there’s any CVE. Expose nothing else to the internet.
You don’t even need HTTPS at that point or any certs, a VPN will encrypt your traffic anyway. The only cleartext you’ll have is between your VPN and your JF, and if both are on the pi then the only MITM vector is literally inside your Pi which is unlikely to have any issues.
Another way to do this is sudo su -c 'this is my command’
E.g. change a fan setting on a ThinkPad with:
sudo su -c 'echo "level full-speed" > /proc/acpi/ibm/fan'
So to run a shell you could do all sorts of tricks like:
sudo su -c '/bin/bash -i' and such.
Never know when it comes in handy.
EDIT: Damn, downvoted, any reason why? It works on my machine with a locked root user or one without a PW and I made sure to test it before posting, but I’d love an explanation of why it wouldn’t work if that’s the reason for the downvote. Was just hoping it would be useful to somebody :/
My life is on a bunch of HDDs dug out of failed laptops with SMART errors some of which have already failed in the past, they are duct taped together and shoved inside a drive cage they don’t fit in.
OpenVPN
Pretty fun (and funny) sci-fi story, the open source katana bit gave me unix surrealism vibes but then again what doesn’t these days.
Thanks!
I tried to use Bitwig but I just couldn’t in the end. No single click note delete that I could find out how to do in a reasonable amount of time and the workflow is just different enough to FL to me to irritate, it seemed like really nice software for Ableton-minded folks though.
I caved in and dual booted Windows 10 with all the shite modded out/crippled, for music and for VR gaming.