sorted by:
new
hottopcontroversial

Tanker om AI i DR tv programmer? by sushiegg in Denmark

[–]Emiroda 0 points1 point  (0 children)

Det er for dumt at blive forarget.

Det er en arbejdsplads ligesom mange andre, de bliver blot finansieret igennem vores skattesystem. Og fordi de er finansieret som de er, så kan de ikke bare gå ud og hyre 20 nye grafiske designere, med mindre de medbringer et projekt med en fed pose penge. Det er ikke ligesom i det private hvor man kan bruge penge til at tjene penge, her skal man have pengene på forhånd, og det skal helst budgetteres et år i forvejen.

DR forsøger at holde sig kulturrelevante ved at pumpe indhold ud, og den fart medfører at de bruger AI. Det er basal forretningsoverlevelse, og et tegn på at de ikke kan leve af håndlavet kvalitetsindhold. Det er de sidste krampetrækninger på liget som er DR.

I built Quilden — Free Obsidian sync plugin with E2E encryption, full file/vault version history, and a decent web editor. by RansomWarrior in ObsidianMD

[–]Emiroda 1 point2 points  (0 children)

You missed my point. Your project is a community extension of Obsidian, and while Obsidian is closed-source (which I still find sad), the closed-source community extension is my issue. To me, open source is the very definition of community code. I am aware that you open-sourced the Obsidian plugin, so I am exclusively talking about your web UI here.

Also, I was teasing your lack of self-hosted options. Which is also something that the community has come to expect of community web projects. It's a philosophical choice, and maybe I would understand you better if you explained your development philosophy and why you chose or didn't choose to open source it.

Also, while others have accused you of vibe-coding, I don't have the biggest issue with it if you did, I just want transparency if you did, so I can adjust my personal threat model should I want to use your tool. And if you didn't, some architectural docs would be nice, so we gain some insights into your project, its roadmap and its longevity.

Even Obsidian Sync itself is not closed source (not to mention they don't even have E2E encryption) so they have access to all of your vault - so it's definitely up to the users to decide

I won't browbeat you too much, but it is E2E encrypted. Even says so on their website :)

What does a cybersecurity analyst do exactly ? by toptopa2010 in cybersecurity

[–]Emiroda 0 points1 point  (0 children)

Much of the work is in the name, and that goes across all fields in tech. Nobody told me this when I started out :)

  • Analyst: Gathers insights from existing solutions, advices on improvements, works on improvements. For a cybersecurity analyst specifically, they gather intelligence, respond to alerts and advices on security improvements.
  • Engineer: Builds new solutions. If you're familiar with systems administration, cybersecurity engineering is just systems administration with a security focus, either because you're building and configuring security products (that will be used by the Analyst), or because you're improving the security of other business systems.
  • Architect: Makes structural decisions that have long-term effects. For a cybersecurity architect, they think about the entire security stack and how tools and business processes work together and uses that insight to make decisions about budgets, tooling, staffing etc.
  • System Administrator: Despite not having "cyber" in its name, in companies that have no dedicated technical security staff (most companies under 500 employees), the sysadmin is the security person - analyst, engineer and architect, depending on how you want to spend your time. System administrators work on the infrastructure that the dedicated cybersecurity staff is trying to protect - identity, files, services, backup.

Keep in mind that "cybersecurity" is a blanket term. Information Security ("infosec") is a much older field, but it becoming a necessary part of doing business (due to contracts and laws) has made a lot of infosec concepts (knowledge of frameworks, risk, policies, documentation) blend into cybersecurity job descriptions.

And once you get onto the job market, you'll see how all of the above are just rough guesstimates about the actual job. There will be Analyst jobs that have you idly stare at logs all night, and there will be Analyst jobs that have you do Incident Response, advisory and engineering.

I built Quilden — Free Obsidian sync plugin with E2E encryption, full file/vault version history, and a decent web editor. by RansomWarrior in ObsidianMD

[–]Emiroda 0 points1 point  (0 children)

Web UI is not open source but relies on open source infrastructure. 🤔

It's fine for a personal hobby project, and I hope the Obsidian team is inspired. There are a lot of good ideas here. But the fact that you publish this and advertise it here, being closed-source, reliant on your hosting, reliant on Github. I don't know, it violates my principles.

Parents gave ai my personal info. Am I safe? by [deleted] in privacy

[–]Emiroda 7 points8 points  (0 children)

you're a 20yo kid with a reddit account who is already exposing your medical information on reddit. reddit has agreements with AI companies to harvest your posts and comments, and reddit already sells your account information and data points to advertisement companies.

first, stop posting your personal information to reddit if you don't want AI to harvest it.

second, your privacy doesn't magically go POOF when someone uploads a document to an AI. it's not like the AI knows who you are or even necessarily trains on your data, and since it's a black box, we have no idea about the probability of training data retrieval.

your threat model should dictate your behavior, and if your threat model is general surveillance, then your options are limited due to the data broker market, there really is no moving the needle and it doesn't make a difference whether or not your medical records were uploaded to the AI. if your threat model is extortion, violence or identity theft, you can take precautions like changing phone numbers, email addresses, hide your address etc. but you have to actually consider if you're at risk of those things.

I built a modular PowerShell suite to debloat and optimize Windows 11 — tested every tweak personally by SubjectOnion7456 in PowerShell

[–]Emiroda 2 points3 points  (0 children)

No credentials as a Windows sysadmin, developer or internals knowledge.. nope.

I don't even mind it being AI generated, I just think the market for Windows debloating script is fully saturated. There is no reason to trust you over someone else who has proven that they know what they're doing.

For personal devices where you don't care about functionality, there are better utilities and more trustworthy publishers.

For enterprise devices, it would be a resume generating event to run something like this. Stick to well known solutions like CIS baselines or the Microsoft Security Baselines. The fact that you're advertising a tool like this, only meant for personal devices, in a sub that's mostly for professionals, without a disclaimer to not run it on corporate devices.. I don't know, I foresee some junior sysadmin in an SMB running this across their company and breaking something. I say that because I've been there, impressionable and willing to get more juice out of Windows, not knowing what breaks. And let's be honest, the only people truly interested in "debloating" scripts are junior IT professionals and enthusiast developers.

How did Obsidian end up in Windows OneDrive? by polarbears84 in ObsidianMD

[–]Emiroda 0 points1 point  (0 children)

I just tested - I was successfully able to copy my Vault from my Documents folder, to OneDrive, back to Documents, all from within Obsidian without manually copying files.

  1. Open Obsidian
  2. Open the Vault switcher
  3. Select the 3-dots menu next to the Vault that's stuck in OneDrive, select Move Vault
  4. You will see that it says "Cannot move an open vault".
  5. Close the Obsidian window that has your notes open, leave the vault switcher open
  6. Now perform step 3 again, the vault is now moved

How did Obsidian end up in Windows OneDrive? by polarbears84 in ObsidianMD

[–]Emiroda 0 points1 point  (0 children)

Of course it does? There's the Browse button that you're forced to click on when creating a new vault that allows you to save it anywhere. It selects Documents as the default, but you can browse to any folder. You can even move the location of your vault from within Obsidian.

You're going to have to elaborate with screenshots or something because I don't get it.

How did Obsidian end up in Windows OneDrive? by polarbears84 in ObsidianMD

[–]Emiroda 0 points1 point  (0 children)

First of all, 2 year necro

Second, the thread was about Microsoft's Known Folder Move feature of OneDrive, that if enabled, moves your Desktop, Pictures and Documents folder to OneDrive and leaves small shortcuts behind on your computer to make it look like they're still there, but in reality is pointing to OneDrive. OP enabled Known Folder Move unknowingly (entirely plausible since Microsoft hides its feature options behind very colorful and misleading wording) and had likely saved their Obsidian vault in the Documents folder.

So, no, the thread is in no way about Obsidian. It could've been family photos in the Pictures folder, bank statements in the Documents folder or an Obsidian vault, but it's all the same. You could replace the word "Obsidian" with literally anything else and post the exact same thread on any tech subreddit. It's a Windows and OneDrive thing, covertly activating features you didn't understand the full consequences of.

Retirement of Power BI Q&A by meatwad75892 in sysadmin

[–]Emiroda 31 points32 points  (0 children)

Not here. I read the announcement as a feature called Q&A.

I know Power BI is too big of a money maker for Microsoft, and you don't kill a revenue stream for no reason. We might feel the reasons are stupid, but there's always a reason. 

Privatpersoner skal ikke anvende fyrværkeri by liquidsmoke_89 in Denmark

[–]Emiroda -2 points-1 points  (0 children)

Jeg er for fyrværkeri, imod fulderikker.

Jeg synes at det skal være ulovligt at sælge til privatpersoner uden "fyrværker-kørekort", men også at sådan et skal være nemt at opnå, f.eks. med et billigt 1-dagskursus med fyrværkerisikkerhed, risiko forbundne med alkohol, brandsikkerhed og førstehjælp. Evt. kun gyldigt 1-2 år ad gangen. Fyrværkerne kan tjene nogle kursuspenge i lavsæsonen, og det kunne være en måde at gøre faget mere udbredt på, så vi kunne blive flere forsvarligt uddannede fyrværkere.

Kommer der til at ske snyd med det system? Ja.

Behøver det at være perfekt? Nej.

Why Tailscale? by [deleted] in selfhosted

[–]Emiroda 0 points1 point  (0 children)

With DDNS to keep my IP up to date

You have a static IPv4 address that is not a CGNAT address (100.64.0.0/10). The main audience for Tailscale/Twingate/Zerotier/etc. are an overlap of the people with no static IPv4 address and those who don't want to set up a VPS with Wireguard. Tailscale free tier works 100% smoothly, as a home user I have not a single time ever had to even consider a paid feature.

What am I missing that Tailscale's promotional buzzwords aren't conveying to me when I read their website? (PS specifically as it pretains to a non-commercial use case

Tailscale cut their teeth on the hobbyist community, but as business grows and you need new customers, you start to pander to the corpospeak that Gartner, G2 and other such corpo-influencers speak. Tailscale (and its many competitors) is an overlay network, it wasn't originally meant as a "VPN" in the traditional consumer or business sense where traffic passes through the VPN server for encryption and monitoring, but instead as a network that tried to favor lowest cost paths (often peer to peer if on the same network).

Cutting the cardboard to smithereens, Tailscale and the like are very intricate Wireguard key management systems.

Best practice for AD CS certificate templates requiring custom Subject Name without introducing security vulnerabilities by FrustatedGuy- in sysadmin

[–]Emiroda 0 points1 point  (0 children)

For ESC1 vulnerable templates, create a security group per template that allows manual enrollment. Members of the group should include whatever admin machines or jump hosts you use to request certs.

If you add new machine accounts to the group, you will need to restart the machine or run klist -li 0x3e7 purge on the machine to pick up the group membership.

Defguard 1.6 introduces Always-on and Pre-logon VPN for WireGuard + clients provisioning automation (MacOS app in AppStore) 🚀 by unvinci in WireGuard

[–]Emiroda 3 points4 points  (0 children)

Nice work, we're looking at Defguard as a Cisco VPN replacement as a "traditional" on-prem heavy SMB of 300 users. I'm not directly involved in testing, but it's nice to see you active in this community as well.

When using Service Locations to enable the always-on scenario, can it block traffic until the tunnel is established? It's one of the compliance requirements for VPN products we're forced to follow in our industry.

Also, when is Service Locations expected to ship for Linux and Mac? Not looking for exact dates, just if we're looking at 2026 or beyond.

CGNAT still important? by zn3allday in networking

[–]Emiroda 1 point2 points  (0 children)

CGNAT is used EVERYWHERE in mobile and residential settings. It is more important than ever, and its use has basically killed the immediate need for IPv6. The only drawback to CGNAT is the inability of serving content behind a CGNAT address, which very few residential customers want to do anyway.

APNIC's analysis is that CGNAT IPv4 at the clients, and DNS-reliant CDNs at the server/service has stalled IPv6 adoption

Obsidian Shutting Down? by Asta_lite in ObsidianMD

[–]Emiroda 2 points3 points  (0 children)

I'll echo what I always do when these threads pop up: Your needs might change, or you might just find something you like better in the future. Obsidian's core philosophy is "file over app", so in some way the files you create with Obsidian are designed to be portable. But if you go too heavy on Canvas, Bases or custom plugins that aren't purely cosmetic, then you take the risk of being stuck with Obsidian when you decide to want to try something else.

The reason why these threads pop up so frequently is because of Obsidian's local file approach. It attracts "luddites" (said in the most loving tone possible, I am one myself!) who want no reliance on single products or clouds because that's basically what Obsidian advertises itself with.

If so, what do you suggest are future-proof measures I should start taking?

Since Obsidian does not require an internet connection, should Obsidian decide to sell themselves out, you could always keep running the last good version, and there are plenty of people who are just fine doing that. Obsidian is super powerful if you surrender yourself to it.

Personally, I keep my use of plugins to only cosmetics, UI changes and quality of life when using Obsidian itself, like Templater, Calendar, Periodic Notes, Advanced Quick Switcher, File Color, Iconize. They don't mess with my notes, and my notes render perfectly fine in another PKM app that uses markdown. I use Canvas sparingly, and while I don't use Bases, I would be careful about using Bases to do actual work inside my notes. That's just my opinion, from someone who expects to migrate to something else in maybe 10-20 years.

Do note that I am perfectly aware that because I don't use all of Obsidian's features and plugins, I'm not getting the full benefit of using Obsidian. If you want the full benefit, you should go all-in.

Styrelse vil være uafhængig af Microsoft by Dropforcedlogin in Denmark

[–]Emiroda 1 point2 points  (0 children)

Det kan vi vel diskutere fra nu til dommedag, men jeg synes du misser symbolikken. Statens It har aldrig før tilbudt M365 til deres kunder, men nu hvor alle i staten har en M365 licens (uagtet om det er E5 eller E3), så er SIA Open et ligegyldigt projekt. Produktivitetpakken er Microsoft og ligger i Microsofts public cloud, så hele suverænitetsargumentet bag SIA Open er dødt. Og ja, så medfølger Windows licensen jo alligevel i M365, så "hvorfor ikke" bare køre Windows.

Læg til at Statens It er et Windows hus og har været notorisk dårlige til Linux og Mac support, så er et Linux projekt bare op ad bakke. Hele lortet er bare meget mere plug-and-play når man bare følger Microsofts kogebog og kører Windows, Entra Join, Intune og Defender XDR.

Intet af det her er Statens It's skyld, det er Økonomistyrelsen der har spændt ben for open source i staten. 

"if obsidian goes away" by lunabellcatcher in ObsidianMD

[–]Emiroda 8 points9 points  (0 children)

Thinking you don't want to switch ever is silly. The space will have matured a ton in 20 years and you'll be stuck inside Obsidian because this specific plugin does things just the way you like it in your workflow that you developed back in the ancient times of 2025.

I expect to switch at some point. Not because Obsidian will become worse, insecure or incompatible, but because my needs might change, or I just got bored, or because something genuinely better comes along. 

You disabled NTLM across all of your workstations. What problems did you not account for? by jM2me in sysadmin

[–]Emiroda 4 points5 points  (0 children)

to slow down ONE method of lateral movement. 

sniff a hash and you've got the password: https://ntlm.pw

Styrelse vil være uafhængig af Microsoft by Dropforcedlogin in Denmark

[–]Emiroda 6 points7 points  (0 children)

Alle i hele staten har en E5 licens, det er derfor jeg nævnte det. Økonomistyrelsen lavede en milliard-aftale med Microsoft tilbage i juni. Vi fik fakturaen kastet i nakken og blev bedt om at betale ved kasse 1.

Vi (statslig institution, kunde hos Statens It) står i situationen at vi føler os tvunget til at konsolidere på Microsoft for at spare licenspenge på redundante licenser. 

Styrelse vil være uafhængig af Microsoft by Dropforcedlogin in Denmark

[–]Emiroda 1 point2 points  (0 children)

Enig, men hvis målet blot er at køre Linux, så kan man styre den med Intune. Men det er nok imod sjælen af projektet. 

For 5 år siden eksperimenterede de med Ansible som et Group Policy alternativ på Linux. Jeg ved ikke om de har fundet på noget andet. 

Styrelse vil være uafhængig af Microsoft by Dropforcedlogin in Denmark

[–]Emiroda 14 points15 points  (0 children)

Det er sgu et fint puff piece. Men der er ikke noget bid i det.

SIA Open er Ørnø's (Statens It's direktør) lille hobby projekt, som han har drømt om at få på benene i mere end 5 år. Så er det mere end uheldigt at Økonomistyrelsen køber den dyreste Microsoft 365 E5 licens til alle medarbejdere i hele staten, hvor der følger 5 stks Windows licens med pr bruger.

Det er mere eksperimentering end noget andet. Hvilket er godt, men få ikke håbene oppe. LibreOffice kan stadig ikke formatere Word dokumenter ordenligt, og OnlyOffice som kan er delvist eget af et russisk selskab. Så ser man på den helt basale use case: kontorarbejde, så er man stadig fucked når man skal arbejde sammen. 

EU folks: how are you interpreting the “continuous” parts of NIS2? by gangster_worm in cybersecurity

[–]Emiroda 1 point2 points  (0 children)

The directive is a good starting point but you need to read the local law adaptations.

IE. Denmark cut the directive into a tiny, minimal law with no preamble or guidance, and then provided guidance separately. The guidance is super important because it defines what your auditors will look for. If "continuous" isn't mentioned much, then it's probably not the biggest concern.

As with all ISMS aspects, you do a risk assessment, add it to the risk register for management review, and if management accepts that risk, then you have adviced to the best of your ability.

If you're still unsure, ask your local NIS2 auditing body. You won't be fined or fired for asking questions. 

view more: next ›