If it does not help, try limiting the maximum number of active connections in qbittorrent.

Just make sure any power saving features are disabled. That is, if the 3000km journey to wiggle the mouse is not on your bucket list.

Every time I feel like I finally get kubernetes, somebody surprises me by talking about very specific, complex modern technologies being used to do basically the same thing we’ve been doing for decades by simple tools.

And I always experience the same urge to re-grow a tail and climb a tree.

I use miscale 1 with gadgetbridge. Homeassistant has also autodiscivered it, but I’m hessitant to pair it with 2 different devices so no idea if it actually works.

… is the most upvoted stackoverflow answer.

Gmail offers imap amd smtp access. You have to enable 2FA, and then it will allow you to create account for so called “less secure apps”.

In your place, I’d either continue using gmail directly, or finish the configuration of the self hosted mail server and just use that with any smtp/imap client. I suggest getting a separate domain for testing first, before moving your primary inbox there.

I was honestly surprised by win11. The last time I’ve daily driven a windows machine was the dark ages of 8.1. My expectations were pretty low thanks to the hate people spewed about it online.

What I got was a preinstalled SSH client, easy to install SSH server, customizable terminal app with tabs and nice features related to WSL, The WSL itself! Easy to install and switch between different distros, notepad remembers unsaved work, and it finally has tabs! Explorer? Tabs! Media playback? Windows finally got the media control widget, like a normal OS! A lot of small quality of life bits I was used to on my linux desktop. They’re even working on finally deprecating that mess of a control panel!

The only thing that botheres me, is that the UI is clearly being designed by someone with a football field sized monitor. Luckily scaling it back down is still possible. The same thing plagues gnome as well as some commercial prodiucts I use.

you still need good security configuration of the exposed service.

In a sense that security comes in layers, yes. But in practice, this setup will prevent 100% of bots scanning the internet for exposed services, and absolute majority of possible targeted attacks as well. It’s like using any other 3rd party VPN, except there’s not a central point for the traffic to flow through.

From the attackers point of view, nothing is listening there.

I’ve used a similar setup in the past to access a device behind a NAT (possibly multiple NATs) and a dynamic IPv4. Looking back, that ISP was a pure nightmare.

This is not a guide to hide from the government or ISP. Just a way to tunnel to your home server without publishing the sshd for random strangers. Personally, I’d just publish the ssh and be done with it.

I would rather live without the correlation attacks

The more people using Tor, the less useful targeted disconnects become.

Which is still just as open, but also a massive calling card for anyone trolling around the TOR network

Luckily, it is no longer possible to easily sniff the new v3 addresses by deploying a malicious relay. Any attack to even reveal the existence of a hidden service would require a very specialized setup. And we’re just talking discovery, not the ability to connect and attack the actual service running there.

just connecting to Tor is very much a huge exposure imho

Exposure of what, to whom?

So, this is what people meant, when they’ve called for 3D printing regulations!

Of course security comes with layers, and if you’re not comfortable hosting services publically, use a VPN.

However, 3 simple rules go a long way:

1. Treat any machine or service on a local network as if they were publically accesible. That will prevent you from accidentally leaving the auth off, or leaving the weak/default passwords in place.

2. Install services in a way that they are easy to patch. For example, prefer phpmyadmin from debian repo instead of just copy pasting the latest official release in the www folder. If you absolutely need the latest release, try a container maintained by a reasonable adult. (No offense to the handful of kids I’ve known providing a solid code, knowledge and bugreports for the general public!)

3. Use unattended-upgrades, or an alternative auto update mechanism on rhel based distros, if you don’t want to become a fulltime sysadmin. The increased security is absolutely worth the very occasional breakage.

4. You and your hardware are your worst enemies. There are tons of giudes on what a proper backup should look like, but don’t let that discourage you. Some backup is always better than NO backup. Even if it’s just a copy of critical files on an external usb drive. You can always go crazy later, and use snapshotting abilities of your filesystem (btrfs, zfs), build a separate backupserver, move it to a different physical location… sky really is the limit here.

It has to go with the brain…

If you come from IT, you never really quit. A little parser bug here, a small race condition there, or a fucking baking oven refusing to bake until you tell it what time it is. No hope, no escape.

https://mailcow.email/

I’m not exactly sure what it is that I’ve just seen, but I am mildly aroused.

Not for the men of culture…

Stop using GNOME as default DE

No need to go as far. Just jail everyone working on Adwaita.

They always acted like the are the only ones in town, but while checking the spelling just now, the first result says “Adwaita (from अद्वैत, meaning “one and only” in Sanskrit)” The serious UX designers were a joke to them from the start.

What’s wrong with miracast? Almost every device sold these days has some kind of radio, but no way to talk to each other. Releasing a new standard every few years won’t help much.