If they don’t keep any private data on any computer that trusts their home network/wifi and don’t do taxes or banking on those, there’s no problem.
But if they do, I maintain that the analogy is correct: their unpatched machine is an easy way to digitally get access to their home, just like an unlocked door is to a physical home.
You keep using the word “maintenance”. All I’m worried about is not installing any security patches for months.
The problem that I tried to highlight with my “cherry picking” is:
So unless you have separated this Orange Pi into its own VLAN or done some other advanced router magic, the Orange Pi can reach, and thus more easily attack all your other devices on the network.
Unless you treat your entire home network as untrusted and have everything shut off on the computers where you do keep private data, the Orange Pi will still be a security risk to your entire home network, regardless of what can be found on the little machine itself.
No it is
https://www.pandasecurity.com/en/mediacenter/consequences-not-applying-patches/
And:
You’re allowing for more attack vectors that would not be there if the system were to be patched. Depending on the severity of the vulnerability, this can result in something like crashes or something as bad as remote code execution, which means attackers can essentially do whatever they want with the pwned machine, such as dropping malware and such. If you wanna try this in action, just spin up a old EOL Windows machine and throw a bunch of metasploit payloads at it and see what you can get.
While nothing sensitive may be going to or on the machine (which may seem to be the case but rarely is the case), this acts as an initial foothold in your environment and can be used as a jumpbox of sorts for the attacker to enumerate the rest of your network.
And:
Not having vulnerability fixes that are already public. Once a patch/update is released, it inherently exposes to a wider audience that a vulnerability exists (assuming we’re only talking about security updates). That then sets a target on all devices running that software that they are vulnerable until updated.
There’s a reason after windows Patch Tuesday there is Exploit Wednesday.
Yes, a computer with vulnerabilities can allow access to others on the network. That’s what it means to step through a network. If computer A is compromised, computer B doesn’t know that so it will still have the same permissions as pre-compromise. If computer A was allowed admin access to computer B, now there are 2 compromised computers.
I used to lose my keys all the time. I don’t want to spend so much time looking for my keys, nowadays I mostly just leave them in the front door, I rarely lock it and it works like a champ.
How would you feel about this as an autist who stims? I would be scared that even the most progressive online spaces are normalizing mocking autists for stimming.
We don’t need to use discrimination to mock and hate Elon Musk. There are plenty of valid reasonsto mock him and hate him. His sexism, nazism, willful ignorance about discrimination, inability to have equal relationships with meaningful communication (remember when he told his wife “I’d fire you if you were my employee”?), etc.
Let’s stick to those and not alienate neurodivergents. (Same goes for fat-shaming Elon btw)
Superaffengeile List! Hab nur noch zwei gehört, Unplug Trump und Kruppstahl, beide 10/10 (oder muss ich sagen 1/6)
So $30 is all that you need to delete your Microsoft account? Or is the problem that even if you’d rebuy Minecraft, you’d still need a MS account to play it?
Are you aware of the many Open Source Minecraft-inspired games?
Thanks for the clarification! I should try stuff more, and read less landing pages
Does DuckDuckGo do this as well or is that a better option, privacy-wise?
EDIT: answer is here: https://www.privacyguides.org/en/search-engines/#recommended-providers
If you need to hide IP, you just use a VPN. Duh!
And Qwant is not listed on privacyguides?
Thanks for raising awareness of FOSS Discord alternatives. Revolt certainly is the best looking of all of them.
Last time I looked into this, Revolt’s voice and video chat was “unsupported” for self-hosting while they were working on a complete rewrite. Is this still the case?
The other big FOSS Discord alternative is Synapse-Matrix with the Element X client, but no clue how far along voice and video is over there either.
Then there’s Mattermost, which is more work-oriented and has voice and screen share, but no video calls.
I should host some of this stuff to try it out.
Welcome to Lemmy @destviz@lemm.ee !
What even is an actual cornball…? Genuine question. Never heard of it.
Of course mass surveillance existed long before the US had a fascist president, no one is implying that it didn’t.
It’s just that fascism is a great reminder why no government should have as much power to invade in privacy as the US has. Especially for those who are not subscribed to this community and forgot about that, so share this with them!
I’ve been doing almost all of my gaming on Linux for 2 years now, running a 5800X3D and an RTX 3080.
Why the “almost”? I love to fly flight simulators, mostly DCS World, in VR and am still using an HP Reverb G2 (Windows) headset.
Everything else works without issues on Linux for me. I’ve been sitting on Pop!_OS 22.04 but if I were to install today, I’d go for Linux Mint
Hoezo joodse zaal?
(Dieses sieht aus wie ein Niederländischer Deutscher der zu viel Bier getrunken hat, was für ein Dialekt ist es wirklich?)
There is a reason why NixOS was invented 21 years ago. Reproducible builds are not simple in most packaging build systems.
And at your next job, at an employer who sees the value of FOSS and a nerd with strong Linux-fu!
These days, I’d feel a little bad having a regular payment […] I don’t need any financial support to keep doing this, I’m lucky enough to not need financial support […] The absolute best way to “support the comic” is to introduce more people to it […]
Wonder where you got that idea for Konsi’s personality from 🤔
Honestly, k8s + GitOps at home is my project that I’m just starting this week. I found a community around it (on Discord 🤮) called Home Operations.
Docker Hub sucks and is VERY strict with rate limits. Try ghcr.io or the aws container registry.
GitOps + Renovate
Gives you:
git revertSome stacks that work well with GitOps are:
Mixing them is a LOT of complexity though. Just pick whichever you are most comfortable with. If you want a declarative immutable OS just for running k8s, check Talos Linux.
If you don’t want to deal with GitOps, Nix or k8s, and you don’t need recent versions, just run Debian and set a cronjob for auto updates. Then only deal with potential breaking changes just once every 5(?) years or thereabouts.
Steam Deck and Linux desktop user here.
I wouldn’t prioritize a native Linux binary if I were you. For some of my games that have a native Linux version, I still run the Proton compatibility version instead because it runs better. Proton is insanely well-optimized and adapted to Linux desktops, your own code will have a hard time competing with that.
Just make sure to pick an engine / tech stack that works well with Proton and find one or more testers who run SteamOS or another Linux distribution.