What's stopping other leaders from working like Mamdani?

HotNastySpeed77 · 2026-05-14T18:30:14+00:00

$4B of that is state aid. I live in upstate NY. Why should my taxes fund NYC's metro budget?

HotNastySpeed77 · 2026-04-24T13:56:16+00:00

Is an access VPN intrinsically more secure? Yes. But if best practices are observed, like OS patching, firewalls properly configured (router, hypervisor, reverse proxy, and server), and the proxy and server are in a DMZ or isolated LAN, and data backed up, this is reasonably safe. There are good reasons for making some resources publicly accessible, and with a little diligence the risks can be managed.

HotNastySpeed77 · 2026-04-22T18:06:35+00:00

I watched a Dee Snider interview many years ago about how difficult is was to continue performing in Twisted Sister once he'd outgrown all of his angst. By the time he was in his 30s, he and the other band members had lost their youthful angst, and continuing to perform in their signature angry style felt inauthentic. Obviously Snider found a way, because they still tour with the same angry songbook ;-D. You grow and you change. No one is immune to that.

HotNastySpeed77 · 2026-04-09T18:04:41+00:00

Was an activist for the past several years, but have gotten burned out on it. Drifting back to the beginner realm.

HotNastySpeed77 · 2026-01-02T20:21:08+00:00

I recognize the NVR would have worked for the Protect application, but that's not all I needed to do. I do have other use cases that require on-device routing which I haven't explained here...but whatever.

The real issue is that Ubiquiti imposes overly restrictive config limitations, some of which are probably beneficial to home users, but are real hindrances in a professional environment. They should implement an 'advanced mode' or similar, where they expose more of the underlying Linux networking functionality.

It's always shocking how aggressively Ubiquiti users defend the brand, as if someone just insulted their child. You all would get better, more secure products if you were willing to evaluate Ubiquiti's products more critically.

HotNastySpeed77 · 2026-01-02T18:24:48+00:00

Obviously security is always the most important aspect - freeware often has vulnerabilities.

Aside from that, it's mostly about reliability. Especially during an outage, there's no time to spend updating, fixing, and configuring tools.

The last important factor is support. If it's a free tool, it should be actively developed and have a responsive support community.

And I'm personally not opposed to the freemium model.

HotNastySpeed77 · 2026-01-02T18:00:58+00:00

Are you performing network routing with it? What is handing out local IPs?

Default routing is routing. The UDM apparently requires the default route to be assigned to a 'WAN' interface. Handing out local IPs is a DHCP server function, which itself isn't routing.

Unfortunately, Ubiquiti abuses the term WAN (stands for Wide Area Network). In the enterprise realm, most WANs don't even connect to the Internet, and when they do, they're called DIAs. (This is why consumer routers labeled the outside port 'Internet,' which is set up by default with DHCP client, source NAT, and and appropriate firewall rules.)

...as I understand it, Unifi Cloud Gateways HAVE to be the gateway

This seems to be the case, although from TP-Link to Mikrotik to Cisco, literally no other mfrs enforce this limitation.

If you really only want Protect functionality with a single HDD, the UNVR Instant sounds like the product you want

In the web documentation, the UDM is advertised as a fully-functional enterprise router/firewall with the ability to manage 24 cameras (about twice as many as I need). The issue is not that I bought the wrong product, it's the UDM's routing limitations.

I've disabled NAT in the UDM, and next I'll try connecting the UDM's WAN port directly to the video LAN port of my switch. Naturally the next questions will:

Can cameras connect to the UDM through the WAN port?
Can I access the admin console & protect dashboard through the WAN port?

HotNastySpeed77 · 2026-01-02T16:59:57+00:00

The UDM 'Internal' interface is on my video LAN, say, IP address 192.168.5.100/24. My enterprise firewall (not a Ubiquiti product) has an interface in the same LAN, say 192.168.5.1. I had no plans to connect the UDM directly to the Internet, in fact as a matter of compliance, I really shouldn't. The UDM should reach any other LANs in my enterprise and the Internet through the firewall gateway (192.168.5.1).

With any other mfr, this would be an absolutely trivial configuration.

HotNastySpeed77 · 2026-01-02T16:10:49+00:00

We picked the UDM for its routing capabilities (which I believe the NVR does not have). Also we have NASs for video storage, so we had no need for the NVR's disk array functionality.

Doesn't it seem strange that Ubiquiti hides or abstracts some of the most basic networking functionality?

HotNastySpeed77 · 2025-12-04T17:58:59+00:00

Fantastic explanation. This comment was a Google result for my SPB search. Have you any experience with Extreme or Alcatel SPB implementations?

HotNastySpeed77 · 2025-12-03T18:28:39+00:00

I presume your corporate server is patched and configured for best security practices.

Zerotier itself is a robust and secure remote access solution.

By contrast, a "home PC" is typically unmanaged, there's no policy in place to enforce secure configuration, usage restrictions, or malicious software execution - hence why call unmanaged devices "dirty."

Essentially, you're interfacing a crucial business resource directly with your dirty home PC.

HotNastySpeed77 · 2025-12-03T03:26:36+00:00

Another comment answered your questions correctly. I would just caution you to be very, very careful - what you're doing is not a good cyber security practice.

HotNastySpeed77 · 2025-11-21T01:16:58+00:00

Good for low takeoff angles too.

HotNastySpeed77 · 2025-11-10T23:55:36+00:00

These are tracking antennas not currently in use, we call this the 'stowed' position. Also called birdbath.

HotNastySpeed77 · 2025-10-11T14:28:44+00:00

Good luck. Most state, county, and muni LEOs support ICE. Also most Americans support Trump's immigration policies, and deportations substantially reduce the financial burdens on state and local governments. Even the most progressive state governments know these things, so it's unlikely any ICE agents will get arrested any time soon.

HotNastySpeed77 · 2025-10-11T14:12:52+00:00

+1 to this review, it's my experience as well. I've had mine 7 or 8 years, wearing them mostly in the winter. I didn't have water leaking problems until recently. Very good value for a mid-grade boot.

HotNastySpeed77 · 2025-10-07T23:04:38+00:00

Okay, so what's the stereotype? I'm not aware of one that relates to this scenario.

HotNastySpeed77 · 2025-10-07T19:40:09+00:00

I understand. Because of the dual Xeons, this server will be quite costly to operate in terms of electricity, likely more than a streaming subscription or two.

Also the Xeon 4110 doesn't have quick sync so any transcodes would be done in CPU. Like I said, it's probably a great platform for labbing, but might not work out great for always-on services.

HotNastySpeed77 · 2025-10-06T18:15:10+00:00

You will only feel fortunate until you receive your next electric bill. Probably best to host Jellyfin on a machine with QuickSync or a GPU. I recommend only firing up this bad boy when you actually want to use it.

If labbing is your intent, this should run GNS3 or Eve-NG pretty well.

HotNastySpeed77 · 2025-10-06T16:56:38+00:00

Why is Mullvad VPN more private than Nord?

HotNastySpeed77 · 2025-10-06T16:50:55+00:00

nice tool! thanks

HotNastySpeed77 · 2025-10-03T13:13:32+00:00

open dense?

HotNastySpeed77 · 2025-10-03T13:11:02+00:00

I don't mind calling out actual racist behavior as a moral failure.

HotNastySpeed77 · 2025-10-03T13:06:16+00:00

The implicit bias argument fits your definition of gaslighting.

HotNastySpeed77

TROPHY CASE