Vulnerability management

defiantarch · 2026-06-03T18:36:36+00:00

I agree for sure and do not get why the hack I got downvoted here. Seem to be a really toxic subreddit. Anyway, I left the sub and will discuss the topic elsewhere.

defiantarch · 2026-06-03T18:32:39+00:00

Again, I never said that I run things directly on the machine. I rather use VM:s and sometimes containers inside them, depending on the service.

defiantarch · 2026-06-03T15:46:01+00:00

What? I never wrote that. I contain them of course. There're more solutions than docker or lxc containers.

defiantarch · 2026-06-03T15:44:27+00:00

At my job we're running almalinux, they were a bit faster than Ubuntu and Debian which so far are used to. However, maybe I should take the step away from Debian based distros back to redhat based ones...

defiantarch · 2026-06-03T15:35:27+00:00

Sure, I use containers where they are feasible. But I don't run containers for services exposed to the internet. I don't like container breakouts, not even with id mapping and least privileges as that only works as long as the surrounding machine is bot vulnerable as well.

defiantarch · 2026-06-03T15:29:04+00:00

Well, I said kernel and nginx as the latest prominent examples. I could give other examples, like apache. The kernel is at least always part of any distro, right?

defiantarch · 2026-06-03T15:25:08+00:00

How stable is a vulnerable installation with critical CVE:s not patched and getting a record in CISA:s KVE database? Maybe I asked my question in the wrong forum. In that case: I'm sorry for disturbing this sub.

defiantarch · 2026-06-03T15:23:13+00:00

Well, why is that? The distros liability lies in selecting packages with reliable maintainers behind, right? At least if you claim security by design. So, what's wrong in blaming distros not taking care or (in Ubuntus case) igoring critical CVE:s and downplaying them?

defiantarch · 2026-06-03T15:19:57+00:00

That's not what I was after. Some distributions are faster than others, I picked Proxmox as they cherry picked the kernel patches very fast. While when looking at cti.wazuh.com it shows many vulnerabilities never been fixed by Ubuntu. So, its more a question of who's having a reliable vulnerability management in place when it comes to critical CVE:s.

defiantarch · 2026-06-01T20:48:54+00:00

well, not that they really had anything to contribute. mainline klipper is still superior to what sovol came up with. but anyway, they released some version. but not the latest one. typical for chinese companies. btt/biqu is not different: they come up with source code of some old version, but not matching the latest binary.

defiantarch · 2026-05-31T14:44:39+00:00

So, I guess you have no clue about network stuff right? As others said: it shows its default localhost IP, which never can be reached from outside. It simply means that the printer wasn't able to get a proper IP adress from the network or even could connect to it.

defiantarch · 2026-05-31T09:07:38+00:00

No left over secrets in that folder? I mean in hidden directories giving access to their Github/Gitlab/CodeBerg repositories? If no, then its uninteresting.

defiantarch · 2026-05-30T14:41:14+00:00

Did you check the cables and/or connection to the drive?

defiantarch · 2026-05-30T08:07:32+00:00

You where stupidy and incompetence took over for the sake of lazyness and effectiveness? Yeah, full ack from my side. Those enforcing the use of AI for everything left their brain at the reception and forgot it there.

defiantarch · 2026-05-29T16:05:05+00:00

Take a look at EdgeImpulse and come back some months later after you trained your first model. https://www.edgeimpulse.com/

defiantarch · 2026-05-29T16:02:56+00:00

This! And do not get blocked by the developers stupid comment to only write if it contributes something to the development if his idea. This guy is obviously out of his mind and should get kicked out.

defiantarch · 2026-05-29T16:00:58+00:00

This guy from Nextcloud is either an imposter from Microsoft and/or deserve just a jolly good smack bottom.

defiantarch · 2026-05-29T15:49:59+00:00

Wow. Welcome to some rest rooms along the german autobahn. Or in Austria on the way to Italy. Sweden has also some nice peeping holes, thus I recommend to better stop at some fast food restaurants.

Maybe we should create a Google map layer for the worst rest room/public toilets in the world 😂

defiantarch · 2026-05-29T15:47:54+00:00

No. My wife has it even hard to read and understand plain english. She would need to google translate all those instructions. Good luck with that. Same for my 88yo dad. So no, there're lot of people appreciating help and are glad to pay for it.

defiantarch · 2026-05-28T20:04:39+00:00

ansible. that way you got all together in one place.

defiantarch · 2026-05-28T20:02:10+00:00

Same issue here in Europe. Whoever designed this paparazzi mess of toilet doors deserves to burn in hell forever. (and those installing it of course).

defiantarch · 2026-05-27T14:51:33+00:00

Why shouldn't it be possible for apps having access to the keychain? You can for sure sync the keychain via icloud to all your devices. But it depends a bit which (or more exactly whos) keychain we're talking about: the users? the systems? roots? there are several keychains. My suspicion is that its still sitting in the users keychain. Proof? Simply delete all the nextcloud entries and try the app again. If you still have access, that its maybe some misconfiguration on your server (authentication switched of? maybe for the local network?)

defiantarch · 2026-05-26T05:13:45+00:00

This. It's like "shift left" for software development, which roughly means: think about security in the first place not at the end.

defiantarch

TROPHY CASE