Your current setting is the “loopback” address. You’re listening for traffic to this address, and the only thing that can send to the loopback is yourself. This is a safe default, it means only the computer running the software can talk to it. Generally 0.0.0.0 listens on all available addresses. If that doesn’t work, use your local / internal ip.
This ui smells like it’s trying to hide the implementation details, but that makes things extremely difficult when troubleshooting
You can reduce doorknob turning dramatically by running on a non-standard port.
Scanners love 80 and 443, and they really love 20, but not so much 4263.
I used to run a landing page on my domain with buttons to either the request system / jellyfin viva la reverse proxy. If you’re paranoid about it, tie nginx to a waf. If you’re extra paranoid, you’ll need some kind of vpn / ip allow-listing
That looks promising. Just keep in mind that this will take a very long time to run. I believe there is a *arr out there that can manage this / show progress, but the name escapes me
Other comments here do a great job pointing to DH key exchange; I’d like to try explaining it with the paint analogy.
You and Youtube need to agree on a “color of paint” (encryption key) without ever sending it over the network.
You and Youtube agree on a common “yellow” in the clear, and you each pick a secret color. Youtube mixes yellow and their secret and sends it to you. This is okay, because un-mixing paint (factoring large prime numbers) is really hard. You add your secret to the mixture, and now you have yellow+Youtube’s secret+your secret.
You mix yellow and your secret and send it to youtube. Youtube adds their secret; now they’ve got yellow+Youtube’s secret+your secret. You both have the final color!
An eavesdropper can’t reconstruct this - everything sent over the network had yellow mixed in, and un-mixing paint can be really hard. Maybe you can guess that green minus yellow is probably blue, but you can’t get close enough to decrypt anything. And what if it’s brown? Is that blue + orange, or is it red + green?
Cryptographers have worked very hard to make the communications secure. I would be more worried about the other end ratting you out - using a relay / proxy / vpn that you trust is a good idea :)
This article is excellent. Very clear and concise. It distills the extreme technicals of radio into something even I can understand, and gives the impacts of each of these features. 10/10
The VPN catches all network traffic and puts it far away - you can’t be on vpn and see local network resources (casting targets) at the same time.
If your vpn has an app, check your settings for something like “local network access”.
Otherwise, start reading about split-tunnels and/or default gateways
The game of Mao begins now.
Even more unusual variants include […] a game which, instead of allowing voting on rules, splits into two sub-games, one with the rule, and one without it.
This sounds insane and delightful
I gave their protocol page a look; it’s extremely in-depth. I have no idea what a vector clock is but now I get to learn. I like how they explain why blockchain isn’t a good fit.
I’m a touch worried about the extensability of the protocol, but I haven’t given it a deep read yet. I very much appreciate the share!
At EoL, corporate security tells the IT department to uninstall it.
Windows works great because MS tapes it back together slightly faster than it falls apart.
When EoL hits, those devices are either trashed, firewalled into oblivion, or assimilated into the kube.
Wanna come configure optimus for me?
I think we’ll see some very cool stuff start to happen once Veilid’s block storage is off the ground
This is pretty huge. Rust support is one of Pulumi’s most requested features. Hopefully azure follows suit.
Yes - the nodes are obsidian pages (markdown files), this view is a napkin-type layout thing that is built in; I haven’t played much with it
You’re running docker inside a vm? Why?
The first thing I would do is learn the 5-layer OSI model for networking. (The 7-layer is more common, but wrong). Start thinking of things in terms of services and layers. Make a diagram for each layer (or just the important layers. Layers 3 and up.)
If you can stomach it, learn network namespaces. It lets you partition services between network stacks without container overhead.
Using a vm or docker for isolation is perfectly fine, but don’t use both. Either throw docker on your host or put them all in as systemd services on a vm.
This will go about as well as broadcom’s acquisition of Symantec (not well).
If you can get rid of vmware, you will have to, and if you can’t, you’ll ship buckets of benjamins to broadcom and in return they might keep your company alive.
Sir, you are a hero. Thank you for your service.
Spread-spectrum audio watermarks will survive multiple re-encodings and are extremely difficult to detect.
Iirc google widevine will embed a device code, and if a pirated copy of some content is found, they will blacklist the gpu’s device code so it can’t receive 4k content anymore. That’s video, but it’s the same idea.
Streaming sites can embed an unhearable data stream into audio signal. It’s possible
That being said, it’s extremely improbable, given the costs to do it at scale.
If you’re part of a large company’s beta program and have access to some unreleased product, maybe worry.
If you grabbed a file from some mega host updown whatever site, don’t worry.
And if you’re still worried, take a sha256 hash and put it into google search. If you get any results that even mention your file’s title, then you’re good.
I recommend 3.5s - they’ll be a little cheaper and a little more readily available. It’s also worth noting that sata drives can plug into your SAS controller, so you can use any and all 3.5” drives that you can find :)
Steam / water doesn’t allow the temperature to get high enough.