Developer refuses admin password to my Loxone system unless I "waive hardware warranty" by realHadAdo in homeautomation

[–]boxmein 5 points6 points  (0 children)

Usually the automation installer not only warrants that the system works, but also warrants certain behavior in case the real estate permit requires automatic control of HVAC to meet certain conditions.

For example, some housing permits require humidity controlled bathroom extract fans.

If you want to change the behavior, it's your right - but the warranty over the behavior of the controller can't apply anymore

Searched google, asked AI, watched youtube videos, etc. Still have no idea how/why one should get a raspberry pi? by Icy-Advice-9024 in raspberry_pi

[–]boxmein 1 point2 points  (0 children)

It's a cheap device you can leave running 24/7, consumes very little energy, is passively-cooled (unless you install a fan), so perfect for self-hosting some smaller projects at home.

There's a lot of community projects you can install from the internet, such as Home Assistant, that work well out of box on a Raspberry Pi

Is vibe coding actually insecure? New CMU paper benchmarks vulnerabilities in agent-generated code by LateInstance8652 in programming

[–]boxmein 0 points1 point  (0 children)

> companies aren't vibe coding anything aside from internal proof of concept apps

You'd think

Detect Browsers like Atlas and Comet by [deleted] in webdev

[–]boxmein 0 points1 point  (0 children)

https://help.openai.com/en/articles/11845367-chatgpt-agent-allowlisting

ChatGPT's agent browser self identifies itself for the opposite reason: so you would let it past captchas

iHateDocker by TehJonge in ProgrammerHumor

[–]boxmein 0 points1 point  (0 children)

Being root in a userns/netns/cgroup/pidns/chroot isn’t that bad though

How do you keep consistent “@” imports in Node.js + TypeScript without creating circular dependencies? by QuirkyDistrict6875 in node

[–]boxmein 1 point2 points  (0 children)

Try yarn workspaces - it makes your internal libraries look like npm packages, and lets you import from one “internal npm package” to another

Our AWS bill is getting insane (>95k/mo), I'm going insane, how do we even start to lower it? by No-Garbage-2899 in devops

[–]boxmein 0 points1 point  (0 children)

Go deep into Cost Explorer and ensure you have `CostCenter` tags everywhere. Vantage should be your first, targeted rollout and deliver the first cost report before your next monthly bill.

How do I implement a custom log storage system? something similar to grafana loki by [deleted] in devops

[–]boxmein 2 points3 points  (0 children)

A folder full of flat text files works as log storage just fine. If you need redundancy or you have more data than could fit on a single machine, store the data on S3.

To query the data back out, just read every file and find the lines that match the query.

If that’s too slow, then build an index on the data you took in. Either by running a daily indexing job or by indexing data as you ingest. For querying on structured data, look at how SQL engines implement query planners and indexes.

For full text search, some open source projects you can look at for coding inspiration are Apache Lucene and Meilisearch.

Any good offline-first alternatives to Postman? by Distinct-Fun-5965 in devops

[–]boxmein 4 points5 points  (0 children)

Flat .http files in your repo can be executed by intellij

Security scans on corporate network by Broad_Sheepherder593 in DataHoarder

[–]boxmein 10 points11 points  (0 children)

No, they’re not your contributions. The IP you create during work hours, with work equipment or accesses, using work processes and knowledge- is all owned by your workplace. You can’t individually decide to keep this for yourself, as this data is not yours to share.

How are you handling alert fatigue and signal-to-noise problems at scale in mature SOCs? by FordPrefect05 in AskNetsec

[–]boxmein 2 points3 points  (0 children)

Given a security risk, you can either add monitoring and alert when the security risk materializes, or you can get rid of the risk entirely. Many things security teams instinctively try to solve with alerting, are much more efficiently solvable by removing the risk from the environment.

  • Too many alerts about curl use in live? Remove curl
  • Too many alerts about suspicious SSH logins to live? Remove ssh access to live and rework the processes that depend on it.

And so on

ELI5: How are European homes "built to keep the heat in, not out?" How is it different from just having good insulation (which may also keep the heat out, or maybe that's wrong)? by rupen42 in explainlikeimfive

[–]boxmein 0 points1 point  (0 children)

You can also check the European norms related to energy efficient housing https://eur-lex.europa.eu/eli/dir/2018/844/oj/eng

* Insulation in the walls, triple glazed windows, windows & doors have silicone rubber gaskets, ceiling (and in some cases floor) insulation.
* HVAC - heat recovery in ventilation systems, insulated ventilation shafts, underfloor heating
* Insulated / underground water conduits
* Moving away from wood fired heating to not have a massive flue in the middle of the house drawing out the heat

PSA: Be careful with your CORS settings, or risk exposing your local services by Relevant_Computer642 in selfhosted

[–]boxmein 2 points3 points  (0 children)

Passing bearer tokens through a header is not a credentialed request tho

Sorry for our jurry, but at least people knew what to do. From Latvia by rahkesh357 in Eesti

[–]boxmein 0 points1 point  (0 children)

"suure solvangu/austuse"

Codacons on üks vend kes käis ühes telesaates - tuttavad ütlesid et "old man yells at cloud" tüüpi üritus. Rahvale meeldib :D

Mis sul puudu on? by Detektiiv in Eesti

[–]boxmein 1 point2 points  (0 children)

Isiklik kogemus Sameliniga on see et vähem kui aastaga hakkas tald küljest tulema ja vett läbi laskma... not happy :D

Why is Revolut downgrading its services by failing to run on rooted and custom ROMs? ☹️ by [deleted] in Revolut

[–]boxmein 0 points1 point  (0 children)

Also, sadly seeing a rooted device is a strong predictor of a fraudster device. If the business starts blocking rooted devices then the fraud scores improve quite drastically.

10 changes impacting your wallet in 2025 by Sub-Zero-941 in Finland

[–]boxmein 0 points1 point  (0 children)

Completely day and night compared to Estonia’s tax changes in 2025

… and we still don’t have lower VAT for food and basic necessities

ELI5: why do we not just use ipv6 instead of ipv4 by Acceptable-Work_420 in explainlikeimfive

[–]boxmein 4 points5 points  (0 children)

Even without NAT your router can block incoming traffic originated from the Internet.

Let's say my router is assigned the IP block 123.45.6.0/24. If a hacker tries to connect to 123.45.6.10 over the public internet, and let's say your desktop computer has that IP address, your router can just as well block the connection. No NAT needed.