3·
17 days agoarchive.today and archive.ph (also .is, .md, .fo, .li, .vn) could be Russian assets.
- 6 Posts
- 166 Comments
Joined 10 months ago
Cake day: March 5th, 2025
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Not sure if I love or hate the name
2·22 days agoI mean he’s correct but should I watch the video…
First of all, most media players are streaming/network capable, they don’t even advertise it. Just feed it the URL.
You can even integrate user/password combos for http simple auth into a direct link. Not the safest; just to avoid people getting wind of a free radio station and overloading your server. Unless that’s you want, but then you should be aware of legal stuff.
On the server side, you can run your own radio station with something like Icecast. That’s its own topic.
If you want to choose what you listen to remotely, you are most likely looking at something Subsonic-compatible (apps exist). People say Navidrome is good. I am currently running jellyfin, it’s not subsonic compatible but apps exist, too.
Rather more so. There are plenty details that make this so much worse.
The device was not an ordinary smart watch made by Apple or Samsung, but a special type that US Immigration and Custom Enforcement (ICE) had mandated the woman wear at all times, allowing the agency to track her. The device was beeping when she entered the hospital, indicating she needed to charge it, and she worried that if the battery died, ICE agents would think she was trying to disappear, the hospital workers recalled. She told them that, just days earlier, she had been put on a deportation flight to Mexico, but the pilot refused to let her fly because she was so close to giving birth.
The woman’s fear only grew from there, according to the hospital workers. Her delivery wasn’t progressing the way the care team hoped, and she needed a C-section, a procedure that requires doctors to use a cauterizing tool to minimize bleeding. To prevent possible burning and electrocution, patients are instructed to take off all jewelry or metals before the surgery. The mandatory watch had no way to be easily removed, nor was information about whether it would be safe to wear during the procedure readily available. Hospital staff didn’t know how to contact ICE to ask what to do. When hospital staff told the woman they might have to cut the smart watch off, she panicked, the workers said.
The same people who compared Covid ID to the nazis yellow badges.
Except, you know, in-group vs out-group.
If crowdsec works for you thats great but also its a corporate product
It’s also fully FLOSS with dozens of contributors (not to speak of the community-driven blocklists). If they make money with it, great.
not exactly a pure self hosted solution.
Why? I host it, I run it. It’s even in Debian Stable repos, but I choose their own more up-to-date ones.
Allow me to expand on the problem I was having. It wasnt just that I was getting a knock or two, its that I was getting 40 knocks every few seconds scraping every page and searching for a bunch that didnt exist that would allow exploit points in unsecured production vps systems.
- Again, a properly set up WAF will deal with this pronto
- You should not have exploit points in unsecured production systems, full stop.
On a computational level the constant network activity of bytes from webpage, zip files and images downloaded from scrapers pollutes traffic. Anubis stops this by trapping them in a landing page that transmits very little information from the server side.
- And instead you leave the computations to your clients. Which becomes a problem on slow hardware.
- Again, with a properly set up WAF there’s no “traffic pollution” or “downloading of zip files”.
Anubis uses a weighted priority which grades how legit a browser client is.
And apart from the user agent and a few other responses, all of which are easily spoofed, this means “do some javascript stuff on the local client” (there’s a link to an article here somewhere that explains this well) which will eat resources on the client’s machine, which becomes a real pita on e.g. smartphones.
Also, I use one of those less-than-legit, weird and non-regular browsers, and I am being punished by tools like this.
All the self hosters in my internet circle started adopting anubis so I wanted to try it. Anubis was relatively plug and play with prebuilt packages
edit: I feel like this part of OP’s argument needs to be pointed out, it explains so much:
All the self hosters in my internet circle started adopting anubis so I wanted to try it. Anubis was relatively plug and play with prebuilt packages
IMO this is largely Debian-specific: this distro seems to hold backward comaptibility in very high regard, so any problem is bound to have a multitude of solutions. In addition, the Debian Wiki is not as well maintained as you-know-whose.
I see nothing untoward here.
Except maybe that last sentence, what “s” are you talking about (fwiw, the man page that comes with an installed package should™ be the ultimate authority)?
At the time of commenting, this post is 8h old. I read all the top comments, many of them critical of Anubis.
I run a small website and don’t have problems with bots. Of course I know what a DDOS is - maybe that’s the only use case where something like Anubis would help, instead of the strictly server-side solution I deploy?
I use CrowdSec (it seems to work with caddy btw). It took a little setting up, but it does the job.
(I think it’s quite similar to fail2ban in what it does, plus community-updated blocklists)Am I missing something here? Why wouldn’t that be enough? Why do I need to heckle my visitors?
Despite all that I still had a problem with bots knocking on my ports spamming my logs.
By the time Anubis gets to work, the knocking already happened so I don’t really understand this argument.
If the system is set up to reject a certain type of requests, these are microsecond transactions of no (DDOS exception) harm.
it’s mentioned in this article
But just regular note taking goes a long way in the legal system.
It always seems so arbitrary to me - anyone could write down anything - but I have noticed this too, at least with work related stuff.
I’m not planning on keeping this job - it runs out before christmas - another “oversight” by my boss: it was supposed to last until next summer, but apparently the company only does contracts until the end of the calendar year? - at first I was pissed, now I’m glad.
If you want to keep this job
I don’t. Never had such a stupid boss, and I’ve had a few weird ones.
I already use this, and I’m not getting a 2nd for this job (it ends before Xmas anyhow). Also see this comment
This is good to hear, and it kinda tracks that IT people know how to take the right steps here.
In the social sector such bets are off, completely. They share photos of work related printouts via WA (because, as I described in my OP, the appropriate web apps don’t work), and nobody even has the know-how to understand why one might object.
Do you not still need a WA account tied to your real phone number, usually created on your primary phone?
Do not participate in workarounds to cover for bad management.
I don’t. But all my colleagues do.
Record everything. Take contemporaneous notes about everything that goes down, and take them for yourself, outside the company network. That way, when you get blamed for something, you can come with receipts.
Recording phone conversations might be prudent.
But most exchange with my boss is via email anyhow, so that’s good.I’m not planning on keeping this job - it runs out before christmas - another “oversight” by my boss: it was supposed to last until next summer, but apparently the company only does contracts for 1 calendar year? - at first I was pissed, now I’m glad.
Thanks for that!
Lemmy.world that i use was though.
So what does that entail - the site was completely down, or images didn’t load?
Would I even notice that in my unaffected instances feed? Just no lemmy.world posts at all, or would it leave empty placeholders?
