henfredemars

@henfredemars@infosec.pub

This is a secondary account that sees the most usage. My first account is listed below. The main will have a list of all the accounts that I use.

henfredemars@lemmy.world

Personal website:

henfred.me

Dieses Profil is von einem föderierten Server und möglicherweise unvollständig. Auf der Original-Instanz anzeigen

henfredemars , (Bearbeitet )

Precisely. Flatpaks solve an important problem. Perfect should not be the enemy of good.

Binary compatibility is a sad story on Linux, and we cannot expect developers — many of whom work for free — to package, test, debug, and maintain releases for multiple distributions. If we want a sustainable ecosystem with diverse distributions, we must answer the compatibility question. This is a working option that solves the problem, and it comes with minor security benefits because it isolates applications not just from the system but from each other.

It’s fair to criticize a solution, but I think it’s not fair to ignore the problem and expect volunteers to just work harder.

henfredemars ,

Great point! At the end of the day, the apps I want to use will decide which distro I main. Many FOSS fanatics are quick to critique Ubuntu, So they should support solutions that allow our distro to be diverse and use all the killer apps.

henfredemars ,

This doesn’t scale. If I have a bug and my package has about two dozen dependencies which can all be different versions, and the developer can’t reproduce my bug, I’m just screwed. Developers don’t have the time and resources to chase down a bug that depends on build time variables.

Ask me how I know this happens.

henfredemars ,

My workflow always definitely includes multiple weeks to debug random issues with building the tools I need to use. Totally a scalable and good solution to dump this work on the end user.

henfredemars ,

This is the problem those tools try to solve. They package everything else upon which software might depend that can’t simply be linked into a single binary.

henfredemars ,

The devil’s lettuce!

henfredemars ,

Dog: swallows

henfredemars , (Bearbeitet )

Won’t predators just use something else such as readily available open source software, reducing this legislation to a mass surveillance bill to spy on and control regular citizens?

How isn’t this anything more than a license to invade your privacy on this weak-ass premise that maybe you’re a criminal and stupid enough to use Facebook Messenger (or similar)?

henfredemars ,

My WebCam has such low resolution I could argue that that’s anybody in the picture. Go ahead.

henfredemars , (Bearbeitet )

All consumer and enterprise equipment made in the last 10+ years natively support IPv6.

I object to this statement. You can buy name brand routers today that don’t implement it properly. Sure, they route packets, but they have broken stateless auto configuration or don’t respect DHCPv6 options correctly, and the situation is made worse because you don’t know how your ISP implements IPv6 until you try it.

God help you if you need a firewall where you can open ports on v6. Three years ago I bought one that doesn’t even properly firewall IPv6.

I tested a top-of-the-line Netgear router to find that it doesn’t support opening ports and once again doesn’t correctly support forwarded IP DHCPv6, which even if that works correctly, your Android clients can’t use it 🫠 Decades later there’s no consensus on how it should function on every device. This is a severe problem when you are a standard.

The state of IPv6 on consumer hardware is absolute garbage. You have to guess how your ISP implements it if at all, and even then you’re at the mercy of your limited implementation. If you’re lucky it just works with your ISP router. If you’re not, it’s a PITA.

EDITs: spell corrections and clarification.

henfredemars ,

That sounds awesome.

I really like stateless, but it bugs me that the router has to snoop on traffic if you want a list of devices. The good ones will actually do this, but most are blind to how your network is being used with IPv6.

And it really bothers me that Android just refuses to support DHCPv6 in any capacity. Seems like a weird hill to die on. There are too many legitimate use cases.

henfredemars ,

The problem is mainly that IPv4 port forwarding is network address translation, but on IPv6 it’s instead IP forwarding with a firewall rule.

The latter is conceptually simpler, but it’s a different mechanism and one that most home routers don’t bother to implement. This is quite ironic because IPv6 was intended to restore end to end connectivity principles.

Don’t get me wrong; I’m quite happy with the standard. They are very few good implementations of that standard, and given the momentum of its predecessor, implementers just don’t care.

henfredemars ,

Oh my God disgusting. My ISP uses dynamic prefixes also, which reflects a lack of understanding of the most basic IPv6 fundamentals.

henfredemars , (Bearbeitet )

Right, that’s how it should work. Unfortunately that’s not how it actually works most of the time in consumer.

Many devices don’t provide an option in the UI to open an inbound port on IPv6. For example, the latest and most expensive Linksys gaming router blocks all inbound connections and there are no options for different behavior. It doesn’t support opening any ports for v6.

The most recent TP link device I tested for my dad doesn’t even have a firewall. If you know the global IP, you can connect to any port you want.

henfredemars ,

It absolutely can be DHCP. There’s two main ways to do it: stateless auto configuration, and DHCP. Super briefly, you can assign IP addresses the same way you used to if you want, or you can let devices pick their own.

I’m afraid I can’t recommend a great resource, but I really like the Wikipedia article because it’s very precise in its terminology. I appreciate that with learning a new subject. I’m not even that precise here. For example, I use the term IP forwarding more liberally than what it actually means.

henfredemars ,

I've never tried ASUS or UDM. I might have to give that a go. Alas, I can only speak on the selection of what I have tried in the recent past.

henfredemars , (Bearbeitet )

Sadly it’s not an option for example you want WiFi 6. A good chunk of really awesome hardware doesn’t support it.

Of course, it’s always possible to use bridging and multiple devices. That’s what I have now.

Lastly, the original statement supposed that all recent hardware supports IPv6 by default. OpenWRT doesn’t typically fit that description.

henfredemars ,

I know what you mean, but if it’s any consolation, you are in space.

henfredemars ,

How do you know you aren’t alone?

henfredemars ,

My dog barks at walls and is constantly reminding me of the inevitability of our ultimate demise.

I’m sure she hears things.

henfredemars ,

No quarter for traitors.

Now, we should be mindful. Some of these people are misguided or misinformed, but there’s also people who are acting in bad faith. For these, you can’t convince them. They fundamentally disagree with human rights, rights in general, and democracy.

I’m A-OK with making fun of modern day Nazis.

henfredemars ,

Still not using metric I see.

henfredemars ,

My wife used to smuggle a sandwich in her purse for me.

henfredemars ,

Why does this option without specifying a number of threads even exist? It might as well be footgun mode.

henfredemars ,

My man pages specify it’s as many as possible limited only to the number of jobs.

henfredemars ,

Fellow donor! Glad to hear it.

henfredemars ,

I love how I can just casually uninstall the entire desktop and install a new one in a few minutes.

Or I can be a complete madman and keep both.

henfredemars ,

Typically your display manager lets you choose which environment you want from a dropdown menu. It’s responsible for helping you login and taking you to the desktop.

And you can have multiple login screens if you like. I’m not sure why I would typically do this.

henfredemars ,

Password Manager

There will be lots of a useless accounts you have to make in life. Scale yourself. Many such accounts will not be optional. At least this one provides you with some value.

henfredemars ,

Pretty sure that a company that I would otherwise write checks to with my name address and phone number already has the lion’s share of those details. My IP address and operating system are the least of my concern in that case.

Hiding my IP address from the power company seems like a limited improvement.

henfredemars ,

Sure, in general yes. But in reference to the comment, writing a check they would already have my name address and some reference to my bank account details even without the online account, which implies a high degree of trust.

If I need an account to read an article on a website? Then I’m not interested in reading your article.

henfredemars ,

Think of it like trickle down economics. If it hasn’t worked yet, you just need to make sure that the fat cats on top are fed so forcefully and so fast that something starts trickling down eventually.

Just keep going. We will tell you when to stop.

henfredemars ,

Person of principle.

henfredemars ,

I use it if only because my wife won't use passwords on her devices. We aren't even at step one for device security. I'll take what I can get, or what she's willing to work with.

henfredemars ,

Windows is annoying. I like my computer just doing computer stuff. No AI. No Ads. No forced upgrades. No thanks. Just do the computer thing please.

henfredemars ,

OS upgrades vs security updates is a whole different ballgame. We should not confuse the two.

Windows forces major upgrades in many cases, sometimes rendering the device inoperable because OS upgrades carry inherent risks. Forced upgrades are simply irresponsible. We need that consent to let the user back up files beforehand as a bare minimum, even overlooking the ethics side of user consent. Is MS going to fix my parents PC when they break it?

Forced updates? I see the argument, but I have to insist on user consent at all times. By default is okay. Explicitly violating the human’s will seems wrong. Software should serve people. But I can understand the argument even if I don’t agree with forced updates.

henfredemars ,

I’m not so sure about that. FOSS is unlikely to gain a direct profit motive, and if it does, there will necessarily be versions with those features removed. How can you stop me from turning off ads or updates when I control the entire operating system? That’s kind of the whole point of free and open source software—the user is in control. Myself or someone with the appropriate skills can modify the code not to do those things. If that results in a better product, everyone will switch to it, killing those features permanently.

I have no problem with an open source AI if it proves useful, but it will be running on my machine under my terms. In fact, I already have an LLM running entirely locally.

henfredemars ,

I’m not even hiding it in the sense that I’m being sneaky. My spouse just rather not see it in the suggestions!

henfredemars ,

The cloud is just someone else’s computer that you neither own nor control.

henfredemars ,

I’ll wager guess it was something to do with confusing GPT and MBR partitioning. There was a time where some BIOSs and loaders only understood or preferred one over the other, leading to weird incongruences depending on what you’re using to look at the disk. You have to actually overwrite the partition tables to get a clean start.

henfredemars ,

My dog pauses each day to remind me of our shared mortality and inevitable doom.

henfredemars ,

What’s really cool is that content isn’t lost. As soon as those nodes come back, they get to fast-forward through all those queued updates.

henfredemars ,

What does PlayStation 4 have to do with this? Am I getting old?

Is this BoneAppleTea?

henfredemars ,

I literally asked my wife to marry me on the first date and she said yes. Getting right to the point is a woman after my own heart. Neither of us have ever dated before or, naturally, since.

We've been together for ten years.

We are also on the spectrum so that may have been a factor.

henfredemars ,

I'm an elder millennial but you guys are in the same boat. No idea how we're going to afford housing down the line.

  • Alle
  • Abonniert
  • Moderiert
  • Favoriten
  • random
  • haupteingang
  • Alle Magazine
    •