It’s PKI, public key infrastructure. It’s secure so it’s used in many applications. Including ssh using keys.

Well good news! Time to let yourself love again!

This will be able to do cross site (apps) information collection within other sites (apps) in this profile. The way this works is one of many, and complicated so: https://blog.mozilla.org/en/products/firefox/cross-site-tracking-lets-unpack-that/

The idea of profiles is to stop this behaviour and other behaviours through isolation. Along with other practices makes up a privacy-in-depth (layered) approach. It doesn’t solve everything.

For example if you are in the same house sharing an internet connection, it is possible to say “at least one outstation in this house (IP) are interested in ‘x’ and therefore I should target everyone in that house because people who live together are interested in similar things”. Even if you isolate, you could still teach a data hoarding company like meta you like something simply by them by necessity needing your IP to communicate.

Some people try to say ‘I’ve got a VPS with a VPN to communicate all traffic through’ but that doesn’t add any privacy, your exposed VPS with its IP is an IP only for you and still all collected information about you would be able to be thumbprinted to that IP across many services (eg instagram whatsapp and Facebook). A public VPN provider in this case adds a layer of obfuscation since you can change your IP rapidly and it’s an IP that’s shared with other unrelated users. Which is exactly why many services like reddit are banning access from them under the guise of “oh training data leaks from VPN, and we want to sell it” bs.

Anyway it’s a tough world out there to be private. I’m at an age where after 10 years without Facebook and I never had instagram, everyone knows I’m contactable via sms. It’s not secure, it’s barely private, but I don’t really “chat” except at the pub. So that’s where they ask me to visit. Lol.

Giving you an up vote instead of myself leaving a snarky comment.

Fundamentally what the alternative is, is to propose that you remain the sole owner of your privacy at the cost of sharing with advertisers that you have, say, 6 generic topics you’re interested in. Like motorsports. It, with the millions or billions of others looking. The ad tracking currently knows everything about everyone and then works out if motorsports is an effective ad for you individually based on their profile of you.

For me, I’m fine with the current system. For my family though, they’re just using phones and tablets with their default browser, blissfully unaware that there’s no privacy. Then their data gets leaked out.

I know it’s an extreme kind of case, but domestic abuse victims are always my thought when you think of a counter to “well I’ve got nothing to hide”. Those people if they’re unsure about privacy, will err on the side of caution. They stay trapped.

In conclusion, I’d rather move the needle forward for those who are at risk. Those who installing anti-tracking plugins would put at further risk. Where installing odd browsers make them a target. We can find perfection later. Make the Web safer now.

Plenty of people could justifiably take the opposite stance. But even just for my grandparents, they shouldn’t be tracked the way they are. They’re prime candidates for scams, and giving away privacy is one data leak away from a successful scam.

Kind of off topic to what you said I realise. :)

Look, I’d call it fair if the Christian side had the same level applied to it.

I want no religion in my politics thanks. Full stop. Even handed.

We looked at the results from 15,400 psychology undergraduates at one Australian university over eight years (2011–19), and across three campuses.

It’s the same course. It’s there in the article.

I’ve been thinking of running something using second hand usb cameras and raspberri pi 3+ since my switch already has poe and my nas has 40tb.

I have a 3d printer so a wall mount enclosure shouldn’t be hard either.

Was thinking of mounting them on the window frames indoors.

Nvr software like this might work: https://github.com/seydx/camera.ui

Tailscale will allow me to access the Web front end anywhere on my devices. Individually it could hold the RPis too just for remote troubleshooting later if anything happens.

Personally I’d like to reuse as many things that I already own and have no specific reliance on a vendor. If I got a rstp camera later, I wouldn’t need a pi to host the camera. But I’ve got a couple of pis and a couple of usb webcam to start. It won’t work for night mode so I’ll have to make sure the outdoor lights are triggered by motion.

But I’ve not done anything yet this is all how I’ve thought about it in my head. So I’m watching this space to learn more too.

One rich company trying to claim money off the other rich companies using its software. The ROI on enforcing these will come from only those that really should have afforded to pay and if they can’t, shouldn’t have built on the framework. Let them duke it out. I have zero empathy for either side.

The hopeful other side is with a “budget” for the license, a company can consider using that to weigh up open source contributions and expertise. Allowing those projects to have experts who have income. Even if it’s only a few companies that then hire for that role of porting over, and contributing back to include needed features, more of that helps everyone.

The same happens in security, there used to be no budget for it, it was a cost centre. But then insurance providers wouldn’t provide cyber insurance without meeting minimum standards (after they lost billions) and now companies suddenly have a budget. Security is thriving.

When companies value something, because they need to weigh opportunity cost, they’ll find money.

Mac book pro from 2012 still going, not strong, Bluetooth barely works, there’s a dying row of pixels, on the screen, the CPU doesn’t seem to support any modem video codec in accelerated mode, and the speakers were clearly garbage and it doubles how bad the Bluetooth is. But it’s running pop os! And it’s running it fine. I mean as long as you connect via rustdesk to another real machine to do real work. It can’t handle tabs or browser rendering…

Anyway even if i retire it today, it’s outlasted 3 work laptops.

Hold them all to account, no single points of failure. Make them all responsible.

When talking about vscode especially, those users aren’t your mum and dad. They’re technology professionals or enthusiasts.

With respect to vendors (Microsoft) for too long have they lived off an expectation that its always a end user or publisher responsibility, not theirs when they’re offering a brokering (store or whatever) service. They’ve tried using words like ‘custodian’ when they took the service to further detract from responsibility and fault.

Vendors of routers and firewalls and other network connected IoT for the consumer space now are being legislatively enforced to start adhering to bare minimum responsible practices such as ‘push to change’ configuration updates and automated security firmware updates, of and the long awaited mandatory random password with reset on first configuration (no more admin/Admin).

Is clear this burden will cost those providers. Good. Just like we should take a stance against polluters freely polluting, so too should we make providers take responsibility for reasonable security defaults instead of making the world less secure.

That then makes it even more the users responsibility to be responsible for what they then do insecurely since security should be the default by design. Going outside of those bounds are at your own risk.

Right now it’s a wild West, and telling what is and isn’t secure would be a roll of the dice since it’s just users telling users that they think it’s fine. Are you supposed to just trust a publisher? But what if they act in bad faith? That problem needs solving. Once an app/plugin/device has millions of people using it, it’s reputation is publicly seen as ok even if completely undeserved.

Hmm rant over. I got a bit worked up.

My grandpa was part of CSIRO mostly around researching waterways and their effect on ecosystems and stuff in what must have been the 50s-90s. A rode scholar and beautiful person. Intelligent and compassionate. I’ve always been proud of Australia’s CSIRO. In the last twenty years I’m glad he’s not here to see what they’ve done to it.

It was for a while part of our Australian identity. We were engineers and scientists who make rational well informed decisions with often limited resources and an abundance of ingenuity.

That part of the Australian pride I had seems lost to time.

Tailscale can act as a site to site vpn, but it’s best used as a meshvpn imo with as many things as possible in it.

Why? Because the dynamic dns is so powerful. Every host name automatically is in every other tailscale joined computer automatically. My NAS (Truenas in my case) is just “nas” so to access it it’s just https://nas. Same with my rustdesk server on https://rustdesk. Jellyfin? You guessed it: https://jellyfin.

Why is this cool? I moved my box between other networks and it just works again. No ips changed.

I take it to work. It just works. I keep one server at my parents place? It just works.

But my printer doesn’t have the ability to join the tailnet so I use subnet routing to create a node on that network to act as a NAT router to get to and from that printer.

You can even define exit nodes so if I install tailscale on my parents TV in another state, they can exit their internet via my home which has my IP and therefore Netflix counts it as inside my residence.

Anyway just some considerations. I generally use the subnet routing as a last resort. My 3 node proxmox cluster is all joined and if I took a node to my parents it would literally just work, if slower, as a cluster member. Crazy. Very cool

I’ve used virtio for Nutanix before and not using open speed test, but instead using iperf, gathered line rate across hosts.

However I also know network cards matter a lot. Some network cards, especially cheap Intel x710 suck. They don’t have specific compute offloading that can be done so the CPU does all the work and the host cpu itself processes network traffic significantly slowing throughput.

My change to mellanox 25g cards showed all vm network performance increase to the expected line rate even on same host.

That was not a home lab though, that was production at a client.

Edit sorry I meant to wrap up:

• to test use iperf (you could use UDP at 10Gbit and run it continuous, in UDP mode you need to set the size you try to send)
• while testing look for CPU on the host

If you want to exclude proxmox you could attempt to live boot another usb Linux and test iperf over the lan to another device.

Are you trying to use kiosk mode in a way that was never intended? Kiosks being public use terminals like in retail or used for search only terminals at public places?

This sounds like an XY problem to me intuitively since your use case wouldn’t naturally match a kiosk situation.

That’s so cool

I have a feeling it did because I remember watching early rtsp multicast streams of the anime initial D found through winamp in like 1999 at 240p. It’s so long ago that I’m not even sure that’s a correct memory.

Think of this:

You find a computer from 1990. You take a picture (image) of the 1KB memory chip which is on a RAM stick, there are 4 RAM sticks. You are using a DSLR camera. Your image in RAW comes out at 1GB. You project because there’s 8 chips per stick, and 4 sticks it’ll 32GB to image your 4KB of RAM.

You’ve described nothing about the ram. This measurement is meaningless other than telling you how detailed the imaging process is.

They took imaging scans, I just took a picture of a 1MB memory chip and omg my picture is 4GB in RAW. That RAM the chip was on could take dozens of GB!

I don’t know man, I’d prefer light rail than a banananana bus, you know Brisbane style 3 segment bus…