John  

Today seems like a good day for .

youtube.com/watch?v=rK_7ozvm53

->

1
John  

🚨 🚨 🚨
Heads up folks - has a couple of CRITICAL security vulnerabilities (10/10), one of which could allow for complete account hijacking without any user interaction. That's, uh, not great.

Fortunately we have fixes for all of these vulns; you just need to be sure the updates get applied in your environment.

Go do it. NOW.

about.gitlab.com/releases/2024

1
John  

What a time to be alive!

"Researchers Install Ransomware on Internet-Connected Wrench"

404media.co/dr1llcrypt-researc

1
John  

I am once again urging you not to use `thingadmin` as the password to secure your `thing` account.

And pls pls pls pls pls pls pls enable MFA - even SMS-based MFA is still better than no MFA.

doublepulsar.com/how-50-of-tel

1
John  

I've deployed several new-to-me self-hosted services over the past few days:
- miniflux.app/ for
- immich.app/ for
- github.com/sissbruecker/linkdi for and link sharing

What else am I missing?
/

0
John  

Anyone have a favorite self-hosted aggregator thing?

I'm playing a bit with miniflux.app/ and like it so far, but wondering if there's another killer app I'm not aware of.

1
John  

I threw together a quick Salt state to streamline deploying netdata and proxying it with Tailscale Serve on all of my systems:

runtimeterror.dev/salt-state-n

It's not particularly robust or elegant, but it did the trick for configuring my dozen-or-so minions at once.

0
John  

I put together some quick notes on using some of my favorite features: SSH, Serve, and Funnel.

runtimeterror.dev/tailscale-ss

1+
John  

I just recently discovered netdata (github.com/netdata/netdata) and have started using it for lightweight local monitoring of some of my systems.

It's really slick!

0
John  

+ +

These are my favorite things.

reddit.com/r/Tailscale/comment

0
John  

I've been using for a few months now, and I can't imagine going back to life before Cloaked. Quickly spawning a new identity (working email and phone number along with the usual username+password stuff) for each online account or interaction is liberating. Cloaked lets me control the effective blast radius of my personal data.

Anyhoo, you can currently save a whopping 75% on an annual subscription with the code CYBERCLOAK.

your.cloaked.app/auth/register

0
John  

And there's the post-mortem:

blog.cloudflare.com/post-morte

Should be a good read, as always.

0
John  

Ooh, this is handy - easily connect to / interact with nodes right from the comfort of your window:

marketplace.visualstudio.com/i

/nosanitize

0
John  

Cloudflare is having _a time_ and I can't WAIT to read the after-action blog post!

"Cloudflare is assessing a loss of power impacting data centres while simultaneously failing over services."

cloudflarestatus.com/incidents

1+
John  

I really love it when cloudflare breaks because then we get cool posts like these:

blog.cloudflare.com/1-1-1-1-lo

1
John  

I've been using Cloaked for a few weeks and have been hugely impressed by the product. Being able to create complete identities on the fly for online accounts, signing up for rewards programs, or just establishing contact with new people and companies is kind of liberating. It's awesome having control over who has what information about me. The team really embraces "Privacy by Default" and it's great to see.

techcrunch.com/2023/10/03/cloa

1+
John  

In case you ever find yourself trapped inside a vim session, here are some simple tips:

github.com/hakluke/how-to-exit

1+
John  

is now , the free open-source fork of :

opentofu.org/

I sense a new `tofoyolo` alias in my shell's future...

0
John  

πŸ‘ Don't πŸ‘ sync πŸ‘ MFA πŸ‘ secrets πŸ‘ to πŸ‘ the πŸ‘ cloud πŸ‘

- Don't put them in your password manager, no matter how convenient that may be. In the unlikely event that someone gets into your PW DB you *don't* want to also give them all your MFAs.

- Don't sync them with a third-party app/service, which automatically becomes a priority target.

- And DEFINITELY don't sync them in an already-high-value account, like your Google account.

retool.com/blog/mfa-isnt-mfa/

1+
John  

I put together some quick notes on how I set up a self-hosted instance of ntfy.sh and started using it for easy push notifications from my various servers and other systems.

I'm really impressed by how easy it was to configure and how well and reliably it works. I'll definitely be setting up a gratuitous number of notification hooks for everything I can think of now.

runtimeterror.dev/easy-push-no

0
Show more

John
@[email protected]

cosotech

191

dogsofcoso

184

cosogaming

56

3dprinting

18

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.

Resources

Developers

What is CounterSocial?

Created by potrace 1.15, written by Peter Selinger 2001-2017

counter.social

More…