• 0 Posts
  • 51 Comments
Joined 1 year ago
cake
Cake day: June 11th, 2023

help-circle

  • Melmi@lemmy.blahaj.zonetoSelfhosted@lemmy.worldZeroTrust Your Home
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    2
    ·
    2 months ago

    When done correctly, the banner is actually a consent banner. It’s a legal thing, not necessarily trying to discourage criminals. It’s informing users that all use will be monitored and it implies their consent to the technology policies of the organization. It’s more for regular users than criminals.

    When it’s just “unauthorized access is prohibited”, though, especially on a single-user server? Not really any point. But since this article was based on compliance guidelines that aren’t all relevant to the homelab, I can see how it got warped into the empty “you no hack” banner.



  • Yes, but only if your firewall is set to reject instead of drop. The documentation you linked mentions this; that’s why open ports are listed as open|filtered because any port that’s “open” might actually be being filtered (dropped).

    On a modern firewall, an nmap scan will show every port as open|filtered, regardless of whether it’s open or not.

    Edit: Here’s the relevant bit from the documentation:

    The most curious element of this table may be the open|filtered state. It is a symptom of the biggest challenges with UDP scanning: open ports rarely respond to empty probes. Those ports for which Nmap has a protocol-specific payload are more likely to get a response and be marked open, but for the rest, the target TCP/IP stack simply passes the empty packet up to a listening application, which usually discards it immediately as invalid. If ports in all other states would respond, then open ports could all be deduced by elimination. Unfortunately, firewalls and filtering devices are also known to drop packets without responding. So when Nmap receives no response after several attempts, it cannot determine whether the port is open or filtered. When Nmap was released, filtering devices were rare enough that Nmap could (and did) simply assume that the port was open. The Internet is better guarded now, so Nmap changed in 2004 (version 3.70) to report non-responsive UDP ports as open|filtered instead.



  • Google destroys their own search engine by encouraging terrible SEO nonsense and then offers the solution in the form of these AI overviews, cutting results out of the picture entirely.

    You search something on the Web nowadays half the results are written by AI anyway.

    I don’t really care about the “human element” or whatever, but AI is such a hype train right now. It’s still early days for the tech, it still hallucinates a lot, and I fundamentally can’t trust it—even if I trusted the people making it, which I don’t.


  • Melmi@lemmy.blahaj.zonetoSelfhosted@lemmy.worldReverse proxy
    link
    fedilink
    English
    arrow-up
    5
    ·
    6 months ago

    It definitely encrypts the traffic, the problem is that it encrypts the traffic in a recognizable way that DPI can recognize. It’s easy for someone snooping on your traffic to tell that you’re using Wireguard, but because it’s encrypted they can’t tell the content of the message.





  • Most things should be behind Authelia. It’s hard to know how to help without knowing what exactly you’re doing with it but generally speaking Authelia means you can have SSO+2FA for every app, even apps that don’t provide it by default.

    It also means that if you have users, you don’t need them to store a bunch of passwords.

    One big thing to keep in mind is that anything with its own login system may be more involved to get working behind Authelia, like Nextcloud.


  • But hey, instead of killing everyone, eugenics could lead us to a beautiful stratified future, like depicted in the aspirational sci-fi utopia of Brave New World!

    I agree with you, ultimately. My point is just that “good for humanity vs bad for humanity” isn’t a debate, there’s no “We want to ruin humanity” party. Most people see their own viewpoint as being best for humanity, unless they’re a psychopath or a nihilist.

    There are fundamental differences in political views as well as ethical beliefs, and any attempt to boil them down to “good for humanity” vs “bad for humanity” is going to be inherently political. I think “what’s best for humanity” is a good guiding metric to determine what one finds ethical, but using it to categorize others’ political beliefs is going to be divisive at best.

    In other words, it’s not comparable to the left/right axis, which may be insufficient and one-dimensional, but at least it describes something that can be somewhat objective (if controversial and ill-defined). Someone can be happy with their position on the axis. Whereas if it were good/bad, everyone would place themselves at Maximum Good, therefore it’s not really useful or comparable to the left/right paradigm.


  • I don’t think that “everyone is inherently equal” is a conclusion you can reach through logic. I’d argue that it’s more like an axiom, something you have to accept as true in order to build a foundation of a moral system.

    This may seem like an arbitrary distinction, but I think it’s important to distinguish because some people don’t accept the axiom that “everyone is inherently equal”. Some people are simply stronger (or smarter/more “fit”) than others, they’ll argue, and it’s unjust to impose arbitrary systems of “fairness” onto them.

    In fact, they may believe that it is better for humanity as a whole for those who are stronger/smarter/more fit to have positions of power over those who are not, and believe that efforts for “equality” are actually upsetting the natural way of things and thus making humanity worse off.

    People who have this way of thinking largely cannot be convinced to change through pure logical argument (just as a leftist is unlikely to be swayed by the logic of a social darwinist) because their fundamental core beliefs are different, the axioms all of their logic is built on top of.

    And it’s worth noting that while this system of morality is repugnant, it doesn’t inherently result in everyone killing each other like you claim. Even if you’re completely amoral, you won’t kill your neighbor because then the police will arrest you and put you on trial. Fascist governments also tend to have more punitive justice systems, to further discourage such behavior. And on the governmental side, they want to discourage random killing because they want their populace to be productive, not killing their own.




  • I disagree. It would be better to set a precedent that using people’s voices without permission is not okay. Even in your example, you’re suggesting that you would have a Patreon while publishing mods that contain voice clips made using AI. In this scenario, you’ve made money from these unauthorized voice recreations. It doesn’t matter if you’re hoping to one day hire the VAs themselves, in the interim you’re profiting off their work.

    Ultimately though, I don’t think it matters if you’re making money or not. I got caught up in the tech excitement of voice AI when we first started seeing it, but as we’ve had the strike and more VAs and other actors sharing their opinions on it I’ve come to be reminded of just how important consent is.

    In the OP article, Amelia Tyler isn’t saying anything about making money off her voice, she said “to actually take my voice and use it to train something without my permission, I think that should be illegal”. I think that’s a good line to draw.


  • Why would a random browser extension take it upon itself to snoop on your traffic to ensure that the websites you’re using can’t be used for illegal things, and then intentionally break it if it detects something it thinks it’s illegitimate? That’s a huge breach of privacy. It’s just malware at that point. It’s not like a court of law would hold your browser extensions responsible for your piracy. That’s like blaming a cup holder because the car was used in a robbery.

    No, I think this is just a bug. Especially since people have reported that the extension breaks other websites too.




  • As far as I’m aware, there’s nothing preventing a PluralKit equivalent from being made for other platforms. In fact, a quick search turned up a WIP Matrix port on github.

    So no, I don’t think this is true. Lack of PluralKit isn’t what’s preventing people from switching en masse. It’s the opposite—lack of people switching means there’s a lack of demand for a PluralKit port in the first place, so even though there is a port people don’t know it exists and thus it doesn’t get as much dev attention.

    It comes down to network effects, ultimately, and just plain inertia. If you’re already on Discord, and all your friends are on Discord, it’s hard to convince you to switch. And being more familiar with the Discord bot ecosystem (like PluralKit) is just one more thing that adds to the inertia.