Friendly reminder that lemmy votes are public
Friendly reminder that lemmy votes are public
Thank fucking god for the EU, for fighting for global digital rights where nobody else does.
This is just an attack that attempts common username/password combinations on ssh, and the article even states that the worm is dime-a-dozen. Unless you have both password auth enabled and an available account with an easily guessable password (and if you have either you should change that), this is nothing to worry about, even with sshd available to the internet.
Sensationalist title.
Get fucked, Russia.
Anyone that uses "woke" as a pejorative really just wants to say the n-word instead, but don't think they can get away with it yet.
He volunteered.
The resolution is actually quadrupled by doubling the value of both axes. In this case going from 1500x1424 (2.1MP) to 3504x3327 (11.7MP) multiplies the total number of pixels by 5.4
With the same level of jpeg compression you'd expect it to jump from 700KB to roughly 4MB. Since both images are the same file format, the rest of the file size difference is likely attributable to less jpeg compression being used in the larger image.
What a cunt
Not having security patches on a system you do things like go to your banking website on is actually a pretty big deal, and I don't think it should be dismissed lightly. Also AV is mostly snake oil, and is in no way an adequate substitute for a properly patched OS.
ssh predates the specification, exists somewhat independently of even the idea of a desktop (not common to see xdg env variables like XDG_CONFIG in a headless environment, for example), and uses the homedir/.ssh directory on both the client and server side of a connection. I think it's less to do with security and more to do with uniformity for something as important as ssh - ssh doesn't need to change to use the xdg spec, and xdg doesn't need to allot anything special for ssh when it's already uniform across the unix spectrum
RIP
powertop is a cool tool that can analyze your machine and provide a list of suggested power optimizations
DNS is what you're looking for. To keep it simple and in one place (your adguard instance), you can add local dns entries under Filters > DNS Rewrites in the format below:
192.xxx.x.47 plex.yourdomain.xyz
192.xxx.x.53 snapdrop.yourdomain.xyz
The Y9 in question here though is slow, fat, and low - max speed of 360kn and a service ceiling of 10,000m. It's a cargo plane with EW stuff on it.
Any proclaimed prioritization of privacy or privacy improvements in stock Android serve only to bring your data more directly under the control of Google at the expense of other entities, so that those other entities must pay Google as a middleman to your data. On stock Android, there is no privacy - Google has access to everything, always.
In my opinion, one step that could reasonably be taken to improve the situation is for Google to go fuck itself, lose every anti-trust suit brought against it, and die.
It's still right to complain and protest about something that is unjust, even when ways to circumvent it exist. Because the next logical policy step is to ban VPNs, as many countries already have, and the solved problem becomes unsolved again.
Ctrl+r was a life-changer when I first learned it.
Incredible campaign ad, 10/10
I was sad to learn Parmesan isn't vegetarian :(
If you're genuinely worried about this, you shouldn't be using untrusted machines for remote access.
Now that's a name I've not heard in a loooong time.
The BBC Historic Farm Series is a collection of docuseries about daily life on English/Welsh farms from the Tudor period to WW2, with each series following a group of people spending a full year on a farm in each period. They show you all the ins and outs of life as it would have been in each era, and it's like traveling back in time, a living museum.
The first series, Tales From The Green Valley, is available in full on archive.org, and is my favorite of the bunch. One episode per month of a year, on a little farm in Stuart-era England. It's lovely.
For donating compute/storage/bandwidth to community archiving, this is a great place to check out: https://wiki.archiveteam.org/
Just my opinion, but I think they're a great project to support.
Altruistic behavior in social creatures improves the fitness of the group, and has positive evolutionary pressure. Strong, cohesive groups pass on their genes, so actually pretty probable!
Apache Guacamole might be a good option. "Clientless" (browser-based), supports various mfa, uses ssh/vnc/rdp on the backend.
However, if the data on that machine is sensitive, or if that machine has access to other sensitive things on your network, I'd suggest caution in allowing remote access from untrusted machines on the wider internet.
I daily a T480 with Debian for work, and I'd recommend it highly. Great performance, battery, build quality, look & feel, etc. We have some 7480s deployed and while they've been solid as well, I much prefer the thinkpad. T series will have better performance and battery than X series, also, so I'd take the T480 over the X1C.
I'd recommend a full battery calibration before running the command one more time, if you haven't already (charge the battery fully, leave it on the charger at 100% for a while, then fully discharge until it shuts itself off, leave it for a bit, then fully recharge while off). If the calibrated values line up with a full:design ratio of ~80%, especially with a 10-year-old battery with almost 700 cycles on it, my take is that's pretty great.
That said, I think the best way to get an accurate feel for the health of an old battery is to put it through one full cycle of normal use and time how long it takes to die.
Heyr himna smiður - a medieval Icelandic hymn, set to music by Þorkell Sigurbjörnsson
If you can find a cheap used micro-form-factor pc with hdmi output (eg thinkcentre m93p), that's a great sustainable way to go. Stick debian on it, get a cheap tiny bluetooth keyboard/trackpad, stream via web browser. Bonus if it's got a dvd player, for the ultimate utilitarian foss htpc.
Best gun-pants ergonomics, tucked in the front
If your firewall can set outbound rules, and you can control DHCP on your network so that you can reliably know the TV's IPv4 address, you can block the TV from reaching beyond the local network there with a "deny all from source address of TV" type rule.
If your router/firewall is handling IPv6 though, it gets a lot more complicated, since the TV could have any number of addresses that change often.
Would you advise your enterprise clients that running Windows unpatched is 'not a big deal as long as you have patched web browsers and AV'? Of course not. Because that's dangerous advice and could even open you up to legal liability.
So why would you advise otherwise to home users, who are often more vulnerable in the first place?
Just part of our standard office package, everyone gets a laptop, dock, and external monitors for their workspace.
Personally I'd do the following:
nvme smart-log /dev/nvme0 and check the "percentage_used" value: if it's near 100% it might die and need replacement soonstress -c 7 to load up 7 of the 8 available cpu threads, make sure the fan spins up good and strong, and watch /sys/class/thermal/thermal_zone0/temp to make sure the cpu temperature stays under ~90-95 degreesOn my own time later, I'd run memtest86+ overnight from bootable usb to check the memory, then install tlp and run tlp recalibrate with the laptop on the charger to recalibrate the batteries
Edit: enjoy the new laptop! I hope it works great for you
Sorry, all of the linux stuff is just specific to my own preferences/environment - if you're more familiar with windows it would be best to just use that for testing. Presumably it will come with windows installed?
If so, put some programs on a normal usb storage device and then install/run them from there.
As for the rest:
When you first turn the laptop on, at the red Lenovo splash screen, press Enter repeatedly to get into the boot menu. Once there, it'll give you a list of options with associated keys to access them - go to "BIOS Setup - F10" (or something similar, not sure of the specifics on the X1C 6th gen). If it prompts you for a password to enter that, it's locked.
To test all the ports, plug your usb stick with the apps on it into each of the usb ports and make sure it shows up in explorer; try the same with an sd card if you have one; plug in to a wired ethernet connection and make sure you have internet access through it (disable wifi at the same time to make sure); plug headphones into the jack and make sure they work; plug into an hdmi display if you have one.
To check battery health, run Command Prompt with administrator privileges, then run powercfg /batteryreport to generate a battery health report
Good luck!
Can't beat an X230 with an i5 for that use case, and you can still find them for around 100 bucks. Swap in an X220 keyboard, maybe a new battery, coreboot it, and in my opinion you've got the perfect laptop. I've daily driven that setup for the last 5 years and it's been great.
I can't speak for all of them, but we've had a couple hundred deployed over the last several years with very few issues. Mine's been solid as a rock.
The usb-c docks, however, are a nightmare, though I gather that's fairly universal.
/dev/sda is the whole raw disk - you typically don't want to directly interact with /dev/sda, unless you are partitioning or overwriting it. There are a few layers between that device and the files:
You'll need to find where that ext4 filesystem is mounted, and run the chown command on that. You can run
lsblkand see a tree of the above hierarchy, with the ext4 filesystem's mountpount shown in the right-hand column.