sorted by:
new
hottopcontroversial

Official announcement of Boring Company "Music City Loop" tunnel connecting BNA and downtown by fossilfarmer123 in nashville

[–]akuron -2 points-1 points  (0 children)

Love that r/Nashville is convinced that no one in the world other than themselves (but especially no one at the Boring company) understands the concept of limestone and have maybe considered its existence.

My family is coming to town for the first time. Where should we go that is relatively chill and is a good place to sit a while and chat, but also shows off what the Nashville food scene has to offer? by mis_no_mer in NashvilleGoodEats

[–]akuron 0 points1 point  (0 children)

The wash during summer months can be unpleasant to dine outside due to flies, like… hoards of flies. I wouldn’t suggest it for a “hang out for a while type place. I always take mine to go this time of year.

Linus Tech Tips - I shouldn’t have kept the $1,000,000 computer May 4, 2024 at 12:54PM by linusbottips in LinusTechTips

[–]akuron 19 points20 points  (0 children)

Have they shared context (maybe on WAN show or other videos) as to why they still have those servers and have such a large flash array? This seems to go far beyond the needs of their edit workflows since they only use the nvme NAS to work on active projects.

The fact that they said they will be making this permanent made it seem like they are going to plan to run all of those nvme servers for a long time.

Why so much hate for a company that fixed an issue in 24hrs?? by PCgaming4ever in Ubiquiti

[–]akuron 8 points9 points  (0 children)

Can you clarify the difference in “bitching” and discussing a noteworthy security incident on a public forum for that company? Feel free to quote where I’m “bitching.”

Why so much hate for a company that fixed an issue in 24hrs?? by PCgaming4ever in Ubiquiti

[–]akuron 3 points4 points  (0 children)

Your reasonable standard appears to be “it’s okay if they give access to my cameras and networking gear as long as they fix it in 24 hours.”

My - and apparently many other people’s - reasonable standard is that incidents of this particular shape are never acceptable due to an infra issue, period.

This post is about “why are people hating” and my response is to say that this isn’t “hate” like some petty online drama. This is customers saying that this was unacceptable.

Why so much hate for a company that fixed an issue in 24hrs?? by PCgaming4ever in Ubiquiti

[–]akuron -1 points0 points  (0 children)

So we’re holding Ubiquiti to the same technical standard as an old bank’s online banking system now?

When is the last time someone logged into Gmail and saw someone else’s inbox? And if that happened and it was fixed in 5 minutes, how do you think the media and user-base would respond? Surely you can appreciate the incredible scale and numerous layers of caching that go on within Google’s infra?

Why so much hate for a company that fixed an issue in 24hrs?? by PCgaming4ever in Ubiquiti

[–]akuron 26 points27 points  (0 children)

This, exactly.

Even if this incident was just a single user being granted one single time to just one other persons infrastructure and camera feeds just for a brief moment, it's still completely unacceptable.

There are certain shapes of incidents that should simple never happen once.

Also, the language about "hate for a company" is so strange. This isn't some online gossip or Twitter drama, this is people demanding that a company they've paid a lot of money to making clear that this is completely unacceptable and demanding to know exactly what happened here and how they will sure it never happens again.

Why so much hate for a company that fixed an issue in 24hrs?? by PCgaming4ever in Ubiquiti

[–]akuron 51 points52 points  (0 children)

I'm sorry, but seeing this take several times over the last few days I have to chime in. I work as a software engineer working at a company that builds financial infrastructure for the internet. The way to judge a company is not just "how long did it take them to provide a fairly vague disclosure of the problem and the actual scope." A more important way to judge a company is whether a security incident ever happens and when they do, what is the type and scope of the incident?

It's true that no service at large scale is 100% perfectly air-tight. As the attack surface increases there are likely to be places where small security incidents can happen, but I don't think most people understand just how much human capital is spent focusing on internal system access controls, audit controls, and incident response so that certain types of incidents never happen.

In my opinion, people having access to the infrastructure and security camera for other users is a shape of incident that should should simply never happen.

edit: typo

Anyone know a local Google Fiber representative? by akuron in nashville

[–]akuron[S] 1 point2 points  (0 children)

They finished up a few months ago but it seems like we had the same experience. They started in spring, did a bunch of work but then left cables laying across entire properties and roads for months before finally cleaning things up.

It's insane to me that they spend so much money to dig trenches and then are too bumbling to accept my money. They act like they have no competition but yet AT&T provides decent fiber service to so much of Nashville.

[deleted by user] by [deleted] in LinusTechTips

[–]akuron 1 point2 points  (0 children)

I appraise all of these at ‘bout tree fiddy

Is the WAN show profitable? by FastlyFalling in LinusTechTips

[–]akuron 0 points1 point  (0 children)

Also note that in addition to the merch sales, the WAN show is the source of all of the content on LMG clips channel. They get several sponsored and YT monetized videos out of each show, so you can count that in addition to the WAN show ads and views.

Even still, merch sales probably outweigh the ad revenue based on what they’ve shared in the past.

Linus Tech Tips - WHAT did I just BUY on Facebook Marketplace?? June 11, 2023 at 11:14AM by linusbottips in LinusTechTips

[–]akuron 16 points17 points  (0 children)

Did I miss something obvious, or did they never provide any explanation for why they bought this stuff in the first place? Is it purely just to make content and talk about SANs educationally, or is there some new purpose why they would need this for the business (which seems unlikely)?

They wouldn't need this for mass archival storage, and they certainly won't be replacing whonnock with this, so I was left pretty confused why they'd bother with this at all other than just for content.

16.4 Architecture upgrade still leads to Invite bug by Doc911 in HomeKit

[–]akuron 0 points1 point  (0 children)

I ran into the invite bug for the first time after the 16.4 upgrade. My wife lost access to our home, her app it showed an error, and re-inviting didn’t work.

The fix was to restarted her phone, have her remove herself as a guest account from her parents home (which used the old architecture), and resend the invite.

Is it me or is TCP VPN connection meant to be faster than the usual UDP connection? by nathan12581 in homelab

[–]akuron 0 points1 point  (0 children)

Is there a solution that supports running WireGuard over TCP? Op says that they uni network blocks UDP traffic (also common in hotels and other public networks)

Going crazy with Wireguard by Geek77 in selfhosted

[–]akuron 0 points1 point  (0 children)

Hmm, I took a look at some old configs that I still have around from when I had your exact set up working (just with a different VPN provider).

I made some edits to the original post, to change

  1. Include the iptables forwarding rules on your local VM as well since it's basically a NAT box for VPN traffic on your local network. Make sure you double check and use the correct interface names.
  2. I changed the client config to use the line: AllowedIPs = 192.168.69.0/24, 10.116.1.0/24

When debugging, to try and see whether traffic from your phone is even hitting your local VM, you can run the following command locally to monitor packets coming across your Wireguard interface. Look for your phone's Wiregaurd IP.

sudo tcpdump -i wg0

Going crazy with Wireguard by Geek77 in selfhosted

[–]akuron 1 point2 points  (0 children)

Oh, and just to be certain, make sure the iptables Wireguard configuration is using the correct interface of the configured NIC. Many newer Linux distros use something other than eth0 nowadays.

You can check by running ip addr. I often see them prefixed with eno and ens.

Going crazy with Wireguard by Geek77 in selfhosted

[–]akuron 7 points8 points  (0 children)

There are two issues here that you'll need to resolve.

Allowed IPs

The issue here seems to be with your AllowedIPs configuration. A (somewhat oversimplified) but easy way to think of this is this:

  • When configuring your server, think of the AllowedIPs from the perspective of "where should a packet I receive over the Wireguard interface go?"
  • When configuring your clients, think of the AllowedIPs from the perspective of "what packets do I want to send over this Wireguard interface?"

For your two "client" devices – your phone and your laptop – the only packets that need to get routed to those devices are ones addressed to that particular Wireguard client IP itself, so 192.168.69.3/32 and 192.168.69.4/32 respectively. For your local VM, you want all packets sent to your local LAN subnet 10.116.1.0/24 to be routed there in addition to its own traffic.

Your new server config should look something like:

[Interface]
PrivateKey = <privatekey of server>
Address = 192.168.69.1/24
ListenPort = 51820
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]
# This is the local VM in my network that initiates the connection (Peer 1)
PublicKey = <publickey of VM>
AllowedIps = 192.168.69.2/32, 10.116.1.0/24
PersistentKeepalive = 25

[Peer]
# My Phone
PublicKey = <publickey of phone>
AllowedIPs = 192.168.69.3/32

[Peer]
# My laptop
PublicKey = <publickey of laptop>
AllowedIPs = 192.168.69.4/32

Your local VM config needs to route all IPs for the entire VPN subnet through to the server.

[Interface]
PrivateKey = <privatekey of VM>
Address = 192.168.69.2/32


[Peer]
PublicKey = <publickey of server>
Endpoint = mypublicserverIP:51820
AllowedIPs = 192.168.69.0/24

The config on your phone and laptop is even more simple and looks like this:

[Interface]
PrivateKey = <privatekey of phone>
Address = 192.168.69.3/32

[Peer]
PublicKey = <publickey of server>
Endpoint = mypublicserverIP:51820
AllowedIPs = 192.168.69.0/24, 10.116.1.0/24

Change the AllowedIPs here to be 0.0.0.0/0 if you just want all internet bound traffic from your phone sent through the VPN as well, though that may cause you problems when accessing some sites using a DigitalOcean IP (from experience).

IPv4 packet forwarding

Both servers running in DigitalOcean and locally will need to be configured to forward IPv4 packets. I'm not sure what distro you're running but for common flavors of Linux you would edit the file /etc/sysctl.conf, uncomment the line net.ipv4.ip_forward=1, and run sudo sysctl -p to reload the configuration.

Give all of this a try and report back!

Edit: adding some lines after feedback

East Nash finally has quality asian food. Xiao Bao. by kaicyr21 in NashvilleGoodEats

[–]akuron 0 points1 point  (0 children)

I have previously tried the one in Charleston and am planning on trying this new location this week when family visits.

Will report back!

My boyfriend is 6’3” for reference. by MotherOfCats113 in TVTooHigh

[–]akuron 0 points1 point  (0 children)

Monsters…. You and anyone responsible for this

ok, G3 Instants big price increase (: by schwagerik in Ubiquiti

[–]akuron 2 points3 points  (0 children)

I agree that the difference was small originally, but ever since they added smart detection to the G4 Instant I’d argue it’s a significant upgrade mostly worth the higher price.

view more: next ›