FrederikNJS

Dunno… Somehow that seems like a feature to me 😉

deleted by creator

Well… That depends entirely on your threat model…

In my setup, the backup is encrypted locally, and then uploaded to Backblaze. If I leak my encryption key, then yes, Backblaze and any state actor that can compel Backblaze, might be able to read my backup (and the same goes for an encryption vulnerability). But since the connection to access the backup is also authenticated, the rest of the public would not be able to read my backup. If I leak my access credentials, then everyone could get my encrypted backup data, but not be able to decrypt it. Of course if I leak both the access credentials and the encryption key, then yes anyone that obtains both can read my backup.

Many regular people use Microsoft Onedrive or Google Drive, which offers even less protection, but it’s certainly sufficient and well enough protected to keep your dissertation protected.

In most backup services you have the option to choose what gets backed up, and what does not. But sure, it entirely depends on who you want to protect yourself from.

If your main concern is state actors, then yeah… You probably shouldn’t use something like Backblaze. You should keep everything on your own hardware. And convince a friend or some family to have a NAS sitting somewhere that can host your backup destination.

For my case I’m mostly concerned about data continuity (not losing data). But privacy is certainly also a concern, and here I have chosen to believe that the encryption is sound enough, and that my ability to keep my encryption key safe, is sufficient for the data it protects.

Nice to hear… However I haven’t figured out how to get my HTC Vive to behave nicely on Linux…

1. Find online backup service
2. Pay for subscription
3. Install backup software
4. …
5. Still have your data

I use Backblaze myself… But there are many other straightforward and easy backup solutions out there.

If I remember correctly the OP of this network traffic graph figured out that their network equipment were accidentally misattributing the traffic to the washer, and it was actually some other device that had caused the traffic.

Or in some cases ONLY allowing them to reach the Internet. So they can’t access your other devices…

I would frankly prefer a thick accent, and some subtitles… Even AI generated subtitles with a quick proofread pass, is vastly superior to AI voices IMO

To me it’s definitely worth it. Many of my favorite creators are already on there. I get exclusives and early releases, high definition, and no ads. And the nice fuzzy feeling of knowing that my views result in the creator receiving some actual money.

I still use YouTube quite a lot… But I find that I’m using Nebula more and more as time goes by.

Yes. But also entirely ad-free, and with lots of quality creators. And it’s quite a bit cheaper than pretty much any other streaming service.

Yep

I realised a while ago that it’s way cheaper to hunt for second-hand intel NUCs, and the resulting machine is way more powerful… And the RAM and storage is upgradeable, if the NUC didn’t come with plenty of storage or RAM already…

The “routing” can still refer to routing to devices attached via a switch. So no need for a third port to qualify as a router.

https://docs.renovatebot.com/

All my docker images are in code in Github.

Renovate makes a PR when there are image or helm chart updates.

ArgoCD sees the PR merge and applies to Kubernetes.

For a few special cases I use ArgoCD-image-updater.

I have my Firefox configured to force HTTPS, so it’s rather inconvenient to work with any non-HTTPS sites.

Because of that I decided to make my own CA. But since I’m running in Kubernetes and using cert-manager for certs, this was really easy. Add a resource for a self-singed issuer, issue a CA cert, then create an issuer based on that CA cert. 3 Kubernetes resources total: https://cert-manager.io/docs/configuration/ca/ and finally import the CA cert on your various devices.

However this can also be done using LetsEncrypt, with the DNS01 challenge. That way you don’t need to expose anything to the Internet, and you don’t need to import a CA on all of your devices. Any cert you issue will however appear in certificate transparency logs. So if you don’t want anyone to know that you are running a Sonarr instance, you shouldn’t issue a certificate with that in it’s name. A way around that is a wildcard cert. Which you can then apply to all your subservices without exposing the individual service in logs. The wildcard will still be visible in the logs though…

The clause might be stronger, but there’s no EU forces, no EU equipment, no EU AWACS, and no EU command structure, to back up that clause. There’s many individual national militaries, but no dedicated EU military. NATO on the other hand has dedicated forces, equipment, command structure and so on. Logistics wins or loses wars. So even if the clause is stronger, is carries much less weight than NATO.

Being in the EU is however a decent deterrent for most purposes, but maybe not sufficient to deter Russia, China or USA.

In addition people often use VLANs for security segregation. For example you might buy a bunch of cheap Chinese security cameras, but want to ensure that they can’t send anything back to the manufacturer. Then you can make a VLAN with no Internet access for the cameras.