• 0 Posts
  • 10 Comments
Joined 1 year ago
cake
Cake day: June 23rd, 2023

help-circle
  • My suggestion, if you’re looking for a new car, is to research where the modem in the car is, and unplug it during the test drive (assuming it’s reachable).

    I unplugged the one in my work truck, 2023 Ford F150. They call it the “Telematics unit” and it’s on the rear cab wall on the right side, hidden behind the sound deadening foam. I did this after it was bought, but if I had known about it before my boss paid it, I definately would have tried it before the test drive to make sure, and I plan to do it if/when I look for a newer car!

    I unplugged every cable coming into it - power, antennas, data, all of them! The only issue that comes up is the center screen on the dash crashes back to the main menu when you try to open the data/wifi settings.

    No other issues so far after almost 5k miles! No warnings, no lights on the dash, nothing! Android auto/carplay even still works! Don’t know yet if the dealer will try to plug the unit back in during the next service, but I intend to raise hell if they try!


  • Except, one viewpoint is objectively not reality. That’s the whole point of this post, one of the two main political opinions hold the beliefs that:

    • ALL trans women and gay men at pedophiles
    • ALL trans men and gay women are just confused and haven’t found the right husband yet
    • Being trans and transitioning turns you into a sad, pathetic mockery of the other gender who is destined to kill themselves from the shame of it all
    • ALL Queer-adjacent children (under 18) are also confused innocents who have been lead astray by evil forces trying to corrupt the new generation

    None of which are true, in case it wasn’t clear. So no, it should absolutely not be left up to the parents to teach, because when that happens, a solid 30% of (American) childeren are “educated” about a complete un-reality that only exists in the minds of hate-filled bigots, and terrifies all us queers back into the closet.


  • Honestly mostly just age related stuff. It spent most of its life leaning against a barn wall, so even though it had low miles when I got it, everything was feeling the age and a lot of maintenance items came due very suddenly all at once. The muffler basically desintigrated one day as I was driving it, had to patch a hole on one side and replace the other entirely. Then it was seals, just about everywhere except the pistons (thankfully), so I’ve had just about everything except the actual engine block out at some point or another.

    Shockingly the fuel system is rock solid after replacing all the rubber bits in the carbeurators. Sometimes I have to use the kick starter in colder weather, but usually I can pop the choke out and the electric start gets it going in 2 cranks.


  • Not sure how loose you define tech, but mine would be my motorcyle, a 1981 Yamaha XS400 that my grandfather gifted me. It’s certainly feeling it’s age, so it requires a lot more effort on my end to keep running than most bikes made this century. It’s not made for modern highway speeds, it’s not happy when I try, so I keep it off the interstate, 50 and under. That said, when the weather’s good, I’ve never had a carbeurated engine start so easily, and it’s a joy to ride!



  • Yes, there has to be a minimal level of trust between the server and devices/users. You’re level of security defines what point the computer decides “yep, that’s good enough, I can trust this is the real user accessing me.” A true, perfectly secure system has no access, it’s a black box that nothing can interact with, because it can only trust itself.

    At some point you have to trust yourself not to mess up too bad, you are the weak point in security, since I’m assuming you’re the only one who’s accessing the system right now.

    I personally use plaintext password files, with appropriately managed permissions (only the owner can see or read the file.) As long as the user login is secure, and root/admin access is secure, I feel comfortable that no one but me can access the credentials. To manage remote access to the system, I use hardware (YubiKey) to store my SSH keys, with a PIN code lock that wipes the keys if entered incorrectly 5 times. I don’t have any government agencies coming after me (as far as i know) so no one has a practical way to extract the keys if the device were stolen off me, and the PIN retry limit prevents brute forcing. I trust myself to manage these hardware keys appropriately.

    *Edit: to add to the “appropriately managed” bit there, each sub system (home automation, file server, media hosting, etc) should be properly containerized or isolated (using different user accounts) so that if one service is compromised, the others are still somewhat protected. *

    Physical access to your server is endgame. If an attacker can physically mess with your system, you’ve lost, and that can only be fixed externally with home security improvements. A skilled attacker doesn’t need your ssh tokens to gain access if they can plug a keyboard into the server itself. I’ve also seen a demo of a neat little kit the feds use to seamlessly move a computer power cord from the wall to a portable battery pack, so they can simply walk out, with the device still powered up, and do what they want to it back at home base (it’s used mainly for raids on various computer fraudsters, but still, it exists, and can be used on you). I trust myself not to do stupid stuff that gets me targeted by a hacker group, or raided by the FBI.

    Something less targeted, like a burglary (not focused on your server), can be protected against by disk encryption. I don’t use any disk encryption, but I probably should. I like the idea other user’s wrote down here, of using a TPM module to store disk encryption keys, so it can detect if the hardware or OS changed between boots and deny decryption. I’d also take it one step further and encrypt the data/password files with an encryption method that requires someone to log in and type a password, that way if someone were to steal the device and power it up elsewhere, the passwords are still safe until you OK it, essentially authorizing unexpected reboots, at the cost of having to log into the server every time it starts (not fun if you’re doing maintenance.) if you do this bit right, you don’t have to trust yourself to do anything but remember the password.

    Sorry about the length there, but security and access management is a complicated topic, so it requires a lot of talking. Hopefully it helped!




  • If you’re mainly using this server for plex, then a 13 series Intel with quicksync will be the way to go, from what I read the newest generation of quicksync is really good for transcodes. That and more RAM, can never have enough ram!

    Is plex transcoding what’s making your server struggle? Even with older gens, I would think using hardware transcodes would keep the cpu load light. At least that’s what I noticed when I dropped an nvidia card into my server (no integrated graphics in my cpu)


  • I am lucky enough to have a second physical location to store a second computer, with effectively free internet access (as long as the data volume is low, under about 1TB/month.)

    I use the ZFS file system for my storage pool, so backups are as easy as a few commands in a script triggered every few hours, that takes a ZFS snapshot and tosses it to my second computer via SSH.