• 0 Posts
  • 534 Comments
Joined 1 year ago
cake
Cake day: June 9th, 2023

help-circle
  • You want your backup functional even if the system is compromised so yes another system is required for that, or through it to the cloud. Important that you do not allow deleting or editing of the backup even if the credentials used for backing up are compromised. Basically an append only storage.

    Most Cloud Storage like S3 Amazon (or most other S3 compatible providers like backblaze) offer such a setting.


  • I doubt that this is the case, whether it is encrypted or not. The complexity and risks involved with decrypting it on the fly is really unrealistic and unheard of by me (have not heard of everything but still)

    Also the ransomware would also need to differentiate between the user and the backup program. When you do differentiated backups(like restic) with some monitoring you also would notice the huge size of the new data that gets pushed to your repo.

    Edit: The important thing about your backup is, to protect it against overwrites and deletes and have different admin credentials that are not managed by the AD or ldap of the server that gets backed up.


  • During that time, your data is encrypted but you don’t know because when you open a file, your computer decrypts it and shows you what you expect to see.

    First time i hear of that. You sure? Would be really risky since you basically need to hijack the complete Filesystem communication to do that. Also for that to work you would need the private and public key of the encryption on the system on run time. Really risky and unlikely that this is the case imho.









  • Power issues can cause problems that the hardware glitches into states it should not be. Changing something in the BIOS or updating it. Hardware defects. OS upgrade fails (Kernel bug causes the network driver to fail) Etc. Etc.

    Those devices are not for the weekly “oh my setup failed” its for the once in 10 years “i am on vacation and the server is not reachable and for some reasons my system crashed and has not rebooted by its own”

    And for below 100€ it’s a no-brainer.





  • And how often. have you said stuff that you have not received advertising for? You will notice it when you get a positive match but not on a negative.

    Data collecting companies can predict/rate your behavior for more then 20 years based. Since then. it has been perfected. They know that you are interested in those topics without having the need to waste resources on recording and analyzing every single audio stream.



  • Wasn’t the CVE fixed in a reasonable time frame? I seriously doubt that the maintainers would have ignored it if it wouldn’t have been discussed so publicly.

    AFAIK, to exploit it, you need network access to CUPS then add the printer and then the client needs to add/select a new printer on the client device and actively print something.

    If CUPS is reachable from the internet, then the system/network is misconfigured anyway, no excuse for ignoring the issue but those systems have other sever issues anyway.




  • Basically, when you do not run server side transcoding and instead rely on client side support you will run from time to time into issues. Jellyfin does not have the ppl to get every client to work with all the different formats on every hardware.

    1080 h264/h265 does not say much about the media format. Those codec differentiate in things like Chroma (4:2:0; 4:4:4, etc) or in color depth like 8 or 10 bit. So not every h264 media file does run on the same hardware. Audio codecs are even more complicated.

    I think since i setup my hardware transcoding I ran into a not playable file once. But depending on the hardware it can be worse. On android TV you may have to play around with the settings.

    I understand that this can be a deal breaker for some ppl.