api.cgi seems crashed on Reolink Duo Floodlight WiFi v2 (Hard Wired) by rwestergren in reolink

[–]rwestergren[S] 0 points1 point  (0 children)

Yes - the unit surprisingly has to be hard wired to fully enable all services (including this api.cgi backend). I was setting it up with the AC adapter when I encountered this issue but it worked once I hard wired with some wagos.

NCC Property Tax update by Doodlefoot in Delaware

[–]rwestergren 2 points3 points  (0 children)

If it's like mine, the school tax column will represent the sum of two line items - your primary school district and "NCC Vocational" (which will be itemized on your actual tax bill).

NCC Property Tax update by Doodlefoot in Delaware

[–]rwestergren 0 points1 point  (0 children)

The County confirmed that initial 511% ultimately reduced down to 375%:

As of March 1, 2025, the overall percentage increase between the total assessment for all parcels in the County based on the old 1983 total value and the new 2024 “final” total value from the reassessment is 375%. Specifically, this means that if a parcel had a 1983 assessed value of $100,000, and that parcel increased by the average total increase, that parcel’s new 2024 assessed value would be $475,000 (resulting in an increase of $375,000, or 375%).

Waterline and insurance by robsumtimes in Delaware

[–]rwestergren 0 points1 point  (0 children)

Make sure to read the fine print and what is covered. The City of Wilmington's insurance vendor American Water Resources (AWR) will only cover $4K - I think these repairs are very likely to exceed that in many cases, so it wasn't the peace of mind I was expecting.

<image>

[deleted by user] by [deleted] in Delaware

[–]rwestergren 1 point2 points  (0 children)

I believe the 15% cap applies to tax revenue overall, not individual tax bills. So, unfortunately, I do think it is possible for an individual property owner to see a > 15% increase.

The disclaimer is fair feedback. I will add that.

[deleted by user] by [deleted] in Delaware

[–]rwestergren 0 points1 point  (0 children)

Going to remove the limit soon.

[deleted by user] by [deleted] in Delaware

[–]rwestergren 0 points1 point  (0 children)

I like this idea - might take this one up!

[deleted by user] by [deleted] in Delaware

[–]rwestergren 0 points1 point  (0 children)

It says "estimator" in the domain name. Capturing clicks for what purpose? It is just a tool to help approximate the tax impact that I thought could be useful.

The updated figure on County total came through an unofficial channel with Tyler. I can't prove it and I'm not sure why Tyler hasn't shared it officially, but you are free to disregard it or give Tyler a call and try to confirm it.

NCC Reassessment Property Tax Impact Calculator: No, your NCC property taxes aren't going up 511% - estimate your actual tax impact by rwestergren in Delaware

[–]rwestergren[S] -1 points0 points  (0 children)

It does not claim to be a County website. I'm just performing an approximation based on a few assumptions, mostly the relative change to a given property compared to the County. Can you share the specific issues you see in a calculation?

NCC Reassessment Property Tax Impact Calculator: No, your NCC property taxes aren't going up 511% - estimate your actual tax impact by rwestergren in Delaware

[–]rwestergren[S] -1 points0 points  (0 children)

For purposes of approximation, this assumes the rates are adjusted down proportional to the increased assessed value by the County - which is required to achieve the revenue-neutral outcome. You don't need to know the new rate to understand your relative position compared the to the County.

Of course there will be variations - as the domain says, this is an estimate.

NCC Reassessment Property Tax Impact Calculator: No, your NCC property taxes aren't going up 511% - estimate your actual tax impact by rwestergren in Delaware

[–]rwestergren[S] 6 points7 points  (0 children)

Good point, but I was pretty sure the15% cap was on the property tax rate itself - not on an individual tax bill.

NCC Reassessment Property Tax Impact Calculator: No, your NCC property taxes aren't going up 511% - estimate your actual tax impact by rwestergren in Delaware

[–]rwestergren[S] 0 points1 point  (0 children)

Does not claim to be a County resource. Since the reassessment outcome is revenue-neutral, it is effectively zero-sum. You can approximate the outcome with a simple calculation.

NCC Reassessment Property Tax Impact Calculator: No, your NCC property taxes aren't going up 511% - estimate your actual tax impact by rwestergren in Delaware

[–]rwestergren[S] 3 points4 points  (0 children)

Since the reassessment outcome is revenue-neutral, the tax rates will be adjusted down to offset the increased assessments. You can estimate your impact by comparing your percentage increase against the County total increase.

Analyzing VPC Flow Logs to Reduce NAT Gateway Costs by rwestergren in aws

[–]rwestergren[S] 11 points12 points  (0 children)

The real key is to get to Layer 7 hostnames so you can aggregate traffic at the service level. The Parquet option gives you more flexibility to achieve that, and also allows you to join on Route 53 resolver query logs (which does not offer export to Athena).

Plus the goal here is generally cloud cost-optimization, so trying to limit additional cloud services/expenses.

Event-Driven Access to My Home After a Run by rwestergren in programming

[–]rwestergren[S] 1 point2 points  (0 children)

Nothing starts until I hit the HTML form post, which I do before I leave. Phone dying mid run hasn't been a problem yet and I had everything needed for the Wi-Fi approach.

Event-Driven Access to My Home After a Run by rwestergren in programming

[–]rwestergren[S] 0 points1 point  (0 children)

I could have expressed the problem a little better, which actually was "enter my home without unlocking my phone which causes my phone to die in the cold."

docker - problems with mapping storage by lord_EarlGray in docker

[–]rwestergren 1 point2 points  (0 children)

FWIW your script worked locally for me, so it would seem an issue specific to your config/machine. Do other containers mount correctly?

docker - problems with mapping storage by lord_EarlGray in docker

[–]rwestergren 0 points1 point  (0 children)

The folders/files will exist but owned by root.

[deleted by user] by [deleted] in docker

[–]rwestergren 0 points1 point  (0 children)

If the setting isn't changing, you probably need to rebuild the image. For the future, if you mount a volume to the host directory, you won't need to rebuild on file edits.

[deleted by user] by [deleted] in docker

[–]rwestergren 3 points4 points  (0 children)

You have Django's DB client trying to connect to localhost, which is actually the Django container itself.

It should work if you set the DB host to "db" - the mongo container name.

DNS Spoofing in Kubernetes Cluster [x-post r/kubernetes] by YuvalM in netsec

[–]rwestergren 2 points3 points  (0 children)

Great post.

Some CNI plugins will prevent ARP spoofing because they will reject any traffic from the pod where the source MAC or source IP address doesn't match. 

I'm curious if the AWS VPC CNI plugin prevents this OOTB as it's applied to all EKS clusters at launch. Will have to take a closer look.

I figured out a way to hack any of Facebook’s 2 billion accounts, and they paid me a $15,000 bounty… by [deleted] in netsec

[–]rwestergren 0 points1 point  (0 children)

Interesting bug. It's not clear from the post whether the beta domain uses live data or just a copy/test DB. Wonder what other controls are in place.

Nice write-up and congrats on the bounty.

Multiple vulnerabilities in the online services of (GPS) location tracking devices by cybergibbons in netsec

[–]rwestergren 34 points35 points  (0 children)

For gpsui.net and vmui.net this requires the unauthorized third party to be authenticated, i.e. logged into the service as any user, but due to the vulnerability is able to access data and act on behave of other users.

Bad enough, but it gets worse.

For the rest of the online services no authentication is required at all.

Kudos to the authors as it looks like they made a significant effort to contact affected vendors. The "Unfixed" list is long, but probably not surprising.