I just built my own automation around their official documentation; it’s fantastic.
https://www.wireguard.com/#conceptual-overview
I just built my own automation around their official documentation; it’s fantastic.
https://www.wireguard.com/#conceptual-overview
vyatta and vyatta-based (edgerouter, etc) I would say are good enough for the average consumer. If we’re deep enough in the weeds to be arguing the pros and cons of wireguard raw vs talescale; I think we’re certainly passed accepting a budget consumer router as acceptably meeting these and other needs.
Also you don’t need port forwarding and ddns for internal routing. My phone and laptop both have automation in place for switching wireguard profiles based on network SSID. At home, all traffic is routed locally; outside of my network everything goes through ddns/port forwarding.
If you’re really paranoid about it, you could always skip the port-forward route, and set up a wireguard-based mesh yourself using an external vps as a relay. That way you don’t have to open anything directly, and internal traffic still routes when you don’t have an internet connection at home. It’s basically what talescale is, except in this case you control the keys and have better insight into who is using them, and you reverse the authentication paradigm from external to internal.
Talescale proper gives you an external dependency (and a lot of security risk), but the underlying technology (wireguard) does not have the same limitation. You should just deploy wireguard yourself; it’s not as scary as it sounds.
What if he wasn’t speeding, and didn’t dismiss dangerous civil behavior as something he should be allowed to pay 0.0001% of his net worth for and move on without consequence?
We should be one of those countries where civil infraction penalties are calculated based on net worth.
This seems like the closest we’ll ever get to “justice” on the guy who only isn’t in jail right now for beating the shit out of his pregnant girlfriend “because he’s Tyreek Hill”
Fail2ban and containers can be tricky, because under the hood, you’ll often have container policies automatically inserting themselves above host policies in iptables. The docker documentation has a good write-up on how to solve it for their implementation
https://docs.docker.com/engine/network/packet-filtering-firewalls/
For your usecase specifically: If you’re using VMs only, you could run it within any VM that is exposing traffic, but for containers you’ll have to run fail2ban on the host itself. I’m not sure how LXC handles this, but I assume it’s probably similar to docker.
The simplest solution would be to just put something between your hypervisor and the Internet physically (a raspberry-pi-based firewall, etc)
Devil’s Advocate:
How do we know that our brains don’t work the same way?
Why would it matter that we learn differently than a program learns?
Suppose someone has a photographic memory, should it be illegal for them to consume copyrighted works?
It’s fuckin’ art though
I believe it was a musk move that changed the default sort order from “latest first” to “most engaged” as an intentional inconvenience to encourage users to make accounts and log in.
Oracle, SAP, Redhat, all of their customer portals require it for SSO. I’m not saying it should be that way, but it is.
In a world of good-faith, rational actors, it is reasonable to consult experts in the industry you’re about to regulate. In theory, a good-faith adversarial discussion will root out inconsistencies and logical fallacies within the regulation.
Obviously that’s usually not the case in modern politics, but I think the system was designed when it was thought that the average person would be operating in good faith, and in that context it makes sense.
I think you go about it the other way: break data analytics and advertising off from everything else. If every unit has to be self-sufficient without reliance on data collection and first-party advertising I think you fix most of the major issues.
To be clear, an operating system in an enterprise environment should have mechanisms to access and modify core system functions. Guard-railing anything that could cause an outage like this would make Microsoft a monopoly provider in any service category that requires this kind of access to work (antivirus, auditing, etc). That is arguably worse than incompetent IT departments hiring incompetent vendors to install malware across their fleets resulting in mass-downtime.
The key takeaway here isn’t that Microsoft should change windows to prevent this, it’s that Delta could have spent any number smaller than $500,000,000 on competent IT staffing and prevented this at a lower cost than letting it happen.
do you know why they’re illegal? is there some danger to them?
I don’t think it’s so much about thickness, but being super thin presumably means it requires less of a manufacturing process and also less raw materials. Could bring costs down on panels and make them more financially viable for projects.
Is that not the right answer though? It can do timestamps or offsets for audio cropping without re-encoding. He’s on lemmy, cli can’t be that scary
I absolutely would
If someone had some theoretical device that could x-ray, 3d image, and 3d print an exact replica of your car though, that would be legal. That’s a closer analogy.
It’s not illegal to reverse-engineer and reproduce for personal use. It is questionably legal though to sell the reproduction. However, if the car were open-source or otherwise not copyrighted/patented it probably would be legal to sell the reproduction.
Would you support a law that said public healthcare is unavailable to those who choose to smoke? That would seem to be a reasonable compromise.
(with a few extra steps) yes
Wage garnishment, repayment plans, etc. The difference is for you it typically requires litigation before you’re “allowed” to. Technically it’s probably the same for them if someone challenged it, but they have the benefit of litigation costing less than all the paid lump sums, where your proverbial thousand-dollar check would not.
the best way to learn is by doing!