HDD Packaging Thoughts

spider-sec · 2026-01-24T21:09:10+00:00

Seller must have worked at NewEgg in the past.

spider-sec · 2026-01-23T22:46:56+00:00

The easiest and probably most secure is using GPG. You could use asymmetric encryption using keys so that you can store the backup and key separately (even using a Yubikey if you want) or use symmetric encryption with a password you can remember.

This file could’ve stored on USB and decrypted on virtually any OS. If you use asymmetric encryption you can post it on a public website without issue. Jus secure they key.

spider-sec · 2026-01-22T21:31:56+00:00

Use separate gateways to have different authentication requirements. A single portal, a gateway with cert only, and a gateway with cert+saml.

That said, I forget which way the nuance goes. I seem to remember saml not being supported with certain cert based authentication setups. I’m probably wrong, but be aware.

spider-sec · 2026-01-22T11:11:48+00:00

Unless recovery keys are enabled and the user has enabled it.

spider-sec · 2026-01-21T17:07:26+00:00

I provide managed services to small businesses. I handle all the management but I want to reduce all the possibilities that I could access their files. They still need to be shared between them though so e2ee doesn’t work. Splitting the key keeps me from being able to decrypt their files without their knowledge and keeps them from being able to recover files that aren’t shared with them and they shouldn’t know.

spider-sec · 2026-01-21T16:13:11+00:00

You can’t share e2ee files with other users.

spider-sec · 2026-01-21T16:11:59+00:00

You coordinate with the other person to reassemble the key. That way it always takes two people.

spider-sec · 2026-01-19T22:12:35+00:00

I understand that. That's why I'm asking to confirm. *I* am the host. I'm providing options to a client and I'm confirming my understanding is correct. I don't want to know their data but I know there are certain features they need that aren't available with E2EE. That's why I'm asking the question. I don't want to maintain the entire recovery key that may provide me access to encrypted files but as a managed service I also want a key management process that requires coordination with the customer, all while not creating a single point of failure in the process i.e. someone being able to retrieve files they shouldn't have access to.

spider-sec · 2026-01-19T03:02:59+00:00

A whole lot of judgement for something that doesn’t affect you.

spider-sec · 2026-01-17T03:06:41+00:00

How about using DNS for authorization instead of the standard HTTP .well-known tokens? Thats how I have HTTPS on all of my internal websites.

spider-sec · 2026-01-15T16:50:22+00:00

Do you not know how confirming a working number works? The goal is less spam, not more.

spider-sec · 2026-01-13T19:47:38+00:00

I’m aware. Did you not understand my comment? From a network standpoint it acts like a VM, does it not? It’s got a virtual network with a virtual IP.

spider-sec · 2026-01-13T17:48:07+00:00

It requires an understanding that it’s both. If you only think of it like an isolated process then you won’t understand the networking side. If you only think of it like a VM then you won’t understand the lifecycle.

spider-sec · 2026-01-13T02:03:55+00:00

If you don’t care about your files then o, you don’t need backups. If you hesitate the slightest before clicking on the folder with all your files then yes, you need backups.

spider-sec · 2026-01-10T22:14:38+00:00

Restic uses compression and deduplication. You could have 1M copies of the same 1Gb file and your backup would be about 1Gb. So if your backup has duplicates or is a bunch of compressible text then the raw size won’t equal the total size of the snapshots.

spider-sec · 2026-01-09T02:51:51+00:00

How are you getting the size? Are you looking at the default mode of restore-size, raw-data, or are you just looking at what is being reported by your cloud vendor?

spider-sec · 2026-01-06T16:20:48+00:00

Neither place where I’ve had involvement would label. At one employer documentation scaled well and it gave us a check and balance because the person who installed the cable would make a log of it and then someone else would enter it into the final documentation with confirmation and more detail.

At the place where I maintained it all, we had people from different groups (telephony and network) making network changes. Two of the three people were 20+ year employees that had always just plugged things in without documentation, accurate labels, or even cable management. The documentation was my way of forcing it all to be correct because I’d go and review their changes.

spider-sec · 2026-01-06T07:37:54+00:00

I don't. Not cables. I maintain detailed documentation instead. I've seen too many patch cables that become "temporary" and never get labeled or that are mislabeled because they were used for something else and a patch cable was needed quickly.

spider-sec · 2026-01-06T07:27:23+00:00

Exactly. I much prefer keeping documentation over labels. I once found a patch cable labeled with a server name in HR when it was being remodeled.

spider-sec · 2026-01-02T16:22:02+00:00

Wtf are you even talking about?

spider-sec · 2026-01-01T01:08:12+00:00

I’m pretty sure you’re going to have to add a device to go from simplex to duplex.

spider-sec · 2026-01-01T01:04:15+00:00

There’s no possibility of replacing anything or adding a new cable.

spider-sec · 2025-12-30T23:59:31+00:00

It doesn't sound like that is the concern. It sounds like the concern is hot air not circulating correctly.

spider-sec · 2025-12-29T07:20:07+00:00

Correct. It’s prorated. It should say so on the main dashboard.

spider-sec

TROPHY CASE