Germany’s problem is not building stuff but corruption.

Our street/sidewalk was opened up f****ing 7 times in the last 3 years for fiber-optic cables. Because if there is money to be spend they will find a way to give it to some buddies for putting the 2nd, 3rd or 10th set of redundant cables into the ground.

Oh, and guess what is not available here… a fiber connection, because actually connecting those cables is not where they can make money. And if they somehow manage this some day… I’ll pay insane prices compared to any other country.

Which is both again caused by corruption, a.k.a. a few big companies and their well-paid lobbyists working hard to be the only option.

“…reduce…”

Sure… 😂

Anthropic Mythos shaping up as nothingburger

AI PR doing AI PR stuff… At this point they will push any outrageous claim about capabilities or spend nearly any amount of money to keep that insane AI bubble from bursting.

A bug in Apple’s notification system allowed extraction even when the message that triggered the notification was deleted.

This means access you any text you got. This means a list of any incoming calls. This means all your appointments that your phone reminded you of.

And instead we get a story about deleted Signal messages, prominently featuring Signal in the thumbnail and picture while failing to mention any of the other implications of that Apple-specific bug.

How is that accurate or even just sane reporting? Either it’s an incredibly stupid take or there is an actual agenda focusing on Signal here. And when I see several of those (including stuff like people falling for phishing attempts and giving away access to their devices being reported as “Hackers getting access to Signal account”) within just a few days I tend to assume the latter.

Wasn’t my point. What’s going on with Signal to tell the story of accessing deleted Signal messages (and multiple other Signal hack/ bug/exploit headlines I’vs seen within a short time frame) when this is exactly zero about Signal?

There was an Apple bug that allowed restoring information from their notification system. So Apple leaked info from Apps that used the notifications. From any App. Why is this talking about Signal? Why not a “Apple patches bug that allowed access to E2E encrypted WhatsApp messages”? Why not “bug that allowed access to your call history even after deletion”? Because those are all equally true. What’s reason we are talking about Signal here.

And to add more context: the exact same was true for the other “Signal bug/hack/exploit” articles I mentioned. No actual connection to Signal at all, yet that was always the story told.

Apple fucks up and leaks all private information that passes through their notification system? “Bug that allowed to read Signal messages!” Idiot fell for phishing attempt and logged into a fake website giving someone else full access to their device? “Hacker managed to access XY’s Signal account!”. I left my door standing wide open when leaving to work and got robbed? “Locked doors don’t actually protect your stuff!”

Those 3 statements are equally stupid. I am pretty sure the third one would trigger you to question either my sanity or if I think you are an idiot and why I would try to convince you that doors are useless. Why don’t the other two?

What actual news did I miss that triggered the half a dozen fake hacked/bug articles regarding Signal I read in the last 48 hours?

If it wast just AI, but the idiotic crawlers everywhere are getting worse by the day it feels.

I still have some ancient RPi running a basic homepage with some reverse proxies. A few weeks ago and after stopping to care about that thing years ago I realized that the access log that was just happily sitting there for years without getting to relevant sizes has suddenly grown by nearly 1GB, most of it in the last 6-8 months because I never bothered to set up logrotate.

But hey… I wanted to test setting up Anubis for quite some time. So now I can watch them run circles in the (still experimental) honeypot feature reading pages and pages of non-sensical babbling 😂

But decades of media has conditioned people to believe that most tech and IT stuff is basically magic, and that seems to nowadays include tech-centric journalists.

So they simply don’t think about actual feasibility and just report omitting details because “look, tech wizard did tech-wizardry”.

Security through obscurity never works, so changing you SSH port does barely anything

… for security that is.

What it does is keep a lot of automated bots from spamming your server. No, they don’t have any chances to get access when key authentification is used (and they won’t try either… most go for the incredible low hanging fruits like admin/admin user/password sets), but they can become a strain on your own ressources.

What actually helps (and is usually configurable with any firewall) is rate limiting access. Just blocking someone’s access for 10 seconds after a failed attempt will make absolutely no difference for you but a big one for those spammers. Now add some incremental increase after multiple fails and you are perfectly set.

PS: 53 is the standard port for DNS when your server operates as such.

PPS: Don’t use it. People should really let that stuff die and exclusively run encrypted DNS (via TLS, HTTPS or Quic…)

What I ask myself here is why I should have unused phones lying around in the first place?

If I somehow think constantly wasting money on a new model just because there is a new number written on its packaging is worth it, I would not actually think in terms of reusing old hardware.

If I am however thinking about using hardware instead of just throwing it away while still functional why wouldn’t I use a phone as anyone else as a phone?

I didn’t have any actual issues with the native install either.

But with [multilib] activated there were dozens and dozens of 32bit libraries pulled alongside their regular version that I didn’t actually need. And I use Wine a lot more than Steam anyway. So once Wine went fully 64bit I decided to get rid of all that legacy multilib 32bit stuff.

Steam via flatpak also works and will do until they, too, fully switch over to WoW64 implementation.

Mainly my normal phone app. But for a long time it’s not sync’d to some google cloud (which would be the default) but a Radicale instance.

I used Nextcloud before but honestly it’s a mess to maintain. So much that I would not suggest it without planning to extensively use a lot of the different available addon functions.

Just for file sharing and caldav/carddav I will pick some simple solutions (like Radicale and Syncthing) over Nextcloud any day.

And to give you a reference to some of the details glossed over…

The anubis instance listening to a socket doesn’t work as described there. Because the systemd service is running as root by default but your web server would need access to the socket. So you first need to harmonise the user the anubis service runs as with the one from your web server with the permissions of the /run/anubis directory.

(see Discussion here for example)

Also having one single setup example in the docs with unix sockets when that isn’t even the default is strange in the first place…

Half the Environmental Variables are just vaguely describing what they do without actual context. It probably makes perfect sense when you know it all and are writing a description. But as documentation for third-person use that’s not sufficient.

Oh, and the example setup for caddy is nonsensical. It shows you how to route traffic to Anubis and then stops… and references Apache and Nginx setups to get an idea how to continue (read: understand that you then need a second caddy instance to receive the traffic…).

PS: All that criticsm reads harsher than it is meant to be. Good documentation needs user input and multiple view points to realize where the gaps are. That’s simply not going to happen with mostly one person.

More than once. But -not actually surprsing by a work in progress by mostly one single person- it’s not actually what I would call well-structured or even coherent. 😅

More than once googled for a detail I didn’t understand and ended up on the issue tracker realizing I’m not alone and some behavior is indeed illogical or erratic.

And then some of it is of course referencing forwarding- and header-information, how it’s handled, where it’s flattened… and as my question should have told you, I don’t even much clue how it is handled normally.

It isn’t webdav per se. It’s the website presented by a webdav server. So there should be no functional difference between this and yet another webserver in a decentralized setup.

Yes I know that I can easily change things around to have the reverse proxy run ignored. I was more interested in the “why it happens” than a practical solution (for that I could just move the reverse proxy one block up…).

Logs of what exactly? I don’t even know where to look. Neither is nginx logging an error, nor is a request ending on an unavailable port and just timing out logged anywhere. How would I set up extensive logging of anything but errors and accesses?

As far as I’m concerned this is not some error but something regarding the details how proxy_pass works, that I don’t understand.

In fact it isn’t even an actual problem per se. I can easily move the reverse proxy up one block so only the actual pages are protected. But the point is that I want to understand why a request that should be routed internally (and is without Anubis in the mix) ends up there. I would suspect some way the default headers are transmitted screwing things up.

I have tried localhost and 127.0.0.1 after initially using the internal 192.168.x.x IP and the behavior is always identical.

Paru, so Pacman & AUR…

With exactly one exception: Steam via flatpak because that’s the single package left that would need 32bit libraries from multilib-repo since Wine finally left those dependencies behind.

I don’t think there is a better “default” because the default has to be the general setting everyone can live with. But that of course also means it’s not particularly good for any use case.

In general desktop users prefer lower values for snappy behavior when switching thorugh different apps (~10 often recommended). People mainly focusing on preformance of the primary running app prefer higher values (which may, depending on setup) include gamers.

Also there is zram/zswap now (basically compressed swap in memory instead of on disk) which is faster than tradittional swap.

But in the end you can only try out values and watch your systems behavior or run benchmarks to find the proper value for you personally,