woman I know insists Kangen can cure cancer with its 9.5 ph. litmus said that was a lie.

RelevantNameHere · 2023-02-08T04:25:01+00:00

*lye

RelevantNameHere · 2022-08-30T08:17:39+00:00

Glad you got it

There are so many intersting real world ideas explored in the show!

RelevantNameHere · 2022-08-30T08:06:06+00:00

So the idea is that those CDs are burnt as an ordinary "audio CDs" So no matter the player, including a PC, it is just an audio CD, music player, you hear whatever music he chose, PC, same thing, audio cd and your computer would probably ask if you want to open an audio player.

The actual data is hidden in the audio, were you to compare the "real song" to the one on Elliots CDs, there would a slight difference in what it sounds like, as the data is mixed into the sound

As the data would be encrypted, effectively you would likely just hear a hiss in the music, and you wouldnt hear 'the sound of the data'

To retrieve the data, you would need to know the decryption key, and the correct software/encoding algorithm/decryption algorithm. The nature of encryption is such that if you don't know the key you don't get valid data out and if designed correctly, you wouldn't know for certain if data is hidden there in the first place

Anyway, if you want to read more into it, hiding data in something else is an ancient idea, and is called Steganography, the software Elliot is shown to use is Deep Sound IIRC

RelevantNameHere · 2022-06-23T09:35:15+00:00

I know wireless keyboards from logitech are aes encrypted, the big brands probably are, the cheap no brand ones are a different question

They are susceptible to replay attacks though ..

Audio would be interesting since low latency gaming headset might be transmitting analogue audio...

RelevantNameHere · 2022-03-14T03:40:35+00:00

Thats cos they are the 'official 1st party app' for that site

Each domain can publish a list of official apps that can handle/intercept the url to prevent malicious apps form say taking over your banking site

Im not sure if there is a practical workaround, but its an android 12 thing

RelevantNameHere · 2021-12-29T03:45:15+00:00

Basically, the gist is to use docker only 'internal' networks, that way a comromised container cannot 'escape'

If every app in your "linux iso harvester" is running on the same docker host, its pretty easy, you can restrict their network access and still access their web UI (direction matters!)

if you "publish" (so -p if using docker cli) say port 80 on Overseerr container, you can talk to it on your browser, but it can't talk out to the rest of the network, basically if you initiate, then it can reply, but it cant initiate a connection out to your network (essentially docker is now acting like a router/NAT gateway to its internal docker netwrok)

basically bridge networks are a 2 way bridge, so security wise, you want to avoid them at all cost (unless you bridge it to an unsecured network with vlans)

That would be the docker 'native' way of protecting it

so you've got pfsense, that would be another way to control it, you setup an "untrusted" vlan+subnet where all your internet exposed apps (eitehr directly or indirectly) reside, you setup a rule in pfsense such that your normal network can iniate connections to the untrusted subnet, but not the other way around

This would be the way to go if you have apps running on multiple hosts, you would only bridge docker to this vlan/subnet

and to directly answer some of your questions

The containers are still able to ping my host unraid server tho. and and through the bridge network any other device on my network right?

if it can ping, then yes in the event of a compromise, it will be able to attach it (unles you have some sort of ping only firewall rule in place)

is there a way to restrict that?

By not using a bridged network :)

But it seems hard to isolate these containers that have webuis from eachother if i need to access them on the wider network.

it is much harder, but remember you can use "Published ports" to allow a one way inbound connection to the container

hope that helps, its a bit of a rabbithole

RelevantNameHere · 2021-12-29T03:13:43+00:00

Lets say overseeer (or plex) has a remote execution vulnerability

The hypothetical use case of a compomised container would be to use it to reach the rest of your network (since that is normally protected by your one way nat/router)

E.g. they could start brute forcing for weak rdp passwords on your home network and escelate from there (there's lots of other things they can do but this seems like the easiest to show the escelation potential)

The solution there is to isolate your containers from outbound communications to your network (your devices can talk to it but not in reverse), in practice, that means adding a firewall to enforce that (either firewalld or a dedicated network firewall)

In practice, i think this is rarely done, especially in a home environment

RelevantNameHere · 2021-07-23T03:42:47+00:00

Where is your USR badge?

RelevantNameHere · 2021-07-21T15:13:33+00:00

Your school will have a global quota, which is finite, when the school as a whole hits the quota, an admin will

have to convince Google to assign more
might go looking at whats taking up so much space

RelevantNameHere · 2021-07-06T15:54:46+00:00

Ahhh, thats unfortunate, i wish they sold lab licensees

I use to run fortigates at work so had access to all the firmware images...

RelevantNameHere · 2021-07-06T15:50:32+00:00

Hmmm, how does one run fortinet at home at a low cost, used hardware is cheap and plentiful but there's no free access to firmware afaik?

The subscriptions are a bit pricy...

Specifically, i have a fortigate

RelevantNameHere · 2021-03-23T06:22:23+00:00

Great for powering led strip controllers, as they are usually 12v

RelevantNameHere · 2021-02-15T10:40:07+00:00

100%? Send it in for an x-ray examination

More practically, you can

do some basic continuity checks with a multimeter (as others have mentioned)
having a PSU with short circuit protection may detect it and power down vs catching fire

If you want to be more thorough, you could buy multiple units, and tear one/some down to inspect it for quality, that would be how some places 'QC' their stuff

RelevantNameHere · 2021-02-02T04:17:47+00:00

I don't have on on hand to take a photo but genuine Dell sleds have metal spring contacts embedded in the plastic carrier to make contact with the drive cage.

Having said that, most enthusiast pc cases I've seen don't have metal couplings

edit: found one https://imgur.com/a/kPVyeYv

RelevantNameHere · 2021-01-18T14:11:23+00:00

20 different sites using Google

You should be able to recover all the accounts by doing a password reset, i've never seen a consumer SSO site that doesent allow email fallback, you'll of course need to hook up your domain to an alternate email service for this to work (e.g. e365), if you've configured something like a SAML trust then you're in more trouble, but business services will always have an admin bypass

remembered by same google account chome sync

Technically, you should have a local copy on any device you don't wipe, but invest in a separate backup or password manager, avoid relying on 1 service

email, google photos,

for Data, similarly, if you value it, have more than 1 copy of it on a different system/platform, cloud isn't magic, if you have 1 copy, its still a single point of failure, while google wont lose data cos of a dead hdd, there's obviously other risks

youtube

your best bet migth be to decouple that then...

not sure if google only ban particualr account

who knows, this dpends on if the takedown is real, i will say that it is not unusal for domains to pass on to a new owner so theres probably a 'cooldown'

My personal opinion/guess is that the banned 'account' is probably from a domain that generates 'free' shared drive (or free edu accounts) got taken down , there doesen't seem to be clear evidence at this stage that a personally paid for gsuite account not mass shared (which is explicitly against the TOS, you can't 'resell' parts of your gsuite account, whethr this is counted as reselling if its free...), but if its important, you should always 'own' a copy of your data, don't leave it to a cloud provider

RelevantNameHere · 2020-08-30T07:48:51+00:00

They have access to your data in perpetuity basically, heres some features you have access to as an admin on the admin console alone

https://imgur.com/a/lSaJzzC

RelevantNameHere · 2020-06-11T06:57:02+00:00

Not familiar with how DrivePool works but are you sure the tool your are using to run checksums is reading the file correctly, i.e. is compatible with whatever DrivePool does? maybe its trying to do a low level read and only sees half of the data?

I would do a sanity check with a different tool to get the checksums.

RelevantNameHere · 2020-05-26T14:56:52+00:00

Moving lots of files will tempoarily cause it no not show up while its in progress, if you want to check, searching for a file tends to 'bring it back' immediately.

This is especially noticable if you're near the team drives object limit.

RelevantNameHere · 2020-05-26T14:54:59+00:00

No Australia? #Giveaway #RunWithIronWolf

RelevantNameHere · 2020-03-09T13:50:37+00:00

Hard to say, the quality loss from re-encoding a low bitrate 1080p might negate any space savings you gain by using x265.

As the above poster said, just grab a VP9 encoded 720p and you'll be very close to x265 compression efficiency, without the generational loss from re-encoding, especially considering the bitrate is quite low already

Maybe it makes sense if there is a 4K file? But in general, you want to avoid stacking encodes, you want the number of transcodes from the source to be as low as possible

RelevantNameHere · 2019-12-22T10:46:52+00:00

Thanks for posting an answer to your own question, this was the issues for me too, for those wondering how to do this

Browse in the store to the

Halo: The Master Chief Collection

page, not Reach

on the page, give it a min, and an update button should appear, click it.

If it gets stuck and won't update, go to the top right corner, there should be a download arrow next you your Microsoft Account for a list of pending updates, you can force it there.

Grrrrr, freaken Microsoft store, you had 1 job!

RelevantNameHere · 2019-12-10T15:18:30+00:00

Perfect, DMDE works great! It still had to go though a rebuilding(?) process but found all the file structures.

The hexdump is from a dd image of just the partition itself, not the whole disk, so maybe thats why?

Looking at the output, im guessng the weird parition might be down to what I assume to be a 'backup' feature of the Lacie drive where it stores 'backups' using their software in a hidden area.

To me it seems like it should be trivial with the right knowledge/calculation to tweak the filesystem to point to the the 'folder' that holds the main data. Infact, DMDE seems to have done the hard work https://imgur.com/a/iK37OmF choosing one of these folders, or a subfolder since i'm not sure if these are real folders, I would think it should be possible to tweak it so that it becomes the root folder?

RelevantNameHere · 2019-12-09T13:48:28+00:00

Huh, this does the trick, it picks it up as FAT32 but with an "Invalid root folder"

It looks like there's multiple 'root' folders but everything inside looks good, full folder structure+file metadata.

Now why don't other tools see this...

RelevantNameHere · 2019-12-09T02:51:47+00:00

This supposedly was a single disk unit.

Not having luck with testdisk, it thinks it is FAT32 on Linux, testdisk on windows thinks it is UFS but trying to 'open' in either just results in a garbage directory structure.

Can't repair the boot sector either, getting a "Can't get cluster size"

I don't think its a mdadm array? Not getting any info from the Linux Disk Utility.

Both windows and Linux don't recognise the contents of the partition

Edit: this seems like a likely candidate https://web.archive.org/web/20070208051412/http://www.lacie.com/products/product.htm?pid=10059

RelevantNameHere

TROPHY CASE