cantankerous_cashew

joined 1 year ago
[–] cantankerous_cashew 1 points 4 months ago

As an added layer of security, you can set the phone to self-destruct by going to Settings > FaceID & Passcode > Erase Data. If someone enters the incorrect passcode more than 10 times, the phone will erase itself. Assuming a 6 digit passcode, there are 1 million possible combinations. An attacker would have an effective 1 in 100,000 chance (.001%) of guessing your passcode correctly

[–] cantankerous_cashew 3 points 4 months ago* (last edited 4 months ago)

Personally I like the way that this is implemented; makes it easy to download hidden media files onto my Mac. Anyways, if you’re worried about nudes/pr0n being seen by unauthorized parties, I wouldn’t recommend stashing them in your photos library anyways. There are vault-type apps in the App Store that masquerade as note/calculator apps (Calculator# comes to mind) which are more suited to addressing OP’s use case.

 

I've been using Cloudflare tunnels in my homelab. I'm wondering how well they resist subdomain discovery/enumeration by bots/malicious actors. I’m aware that security through obscurity isn’t a real strategy, but I am curious about this from a purely academic standpoint. Aside from brute force guessing, are there any other strategies that could be used to find the subdomains of services tunneled through cloudflare?

[–] cantankerous_cashew 4 points 4 months ago

yup it was founded in Moscow and they moved their headquarters to Cyprus. They’ve been open and honest about the whole process.

[–] cantankerous_cashew 7 points 4 months ago (2 children)

It would appear that this is indeed the same ghostery that sold its users out to the highest bidder.

I recommend using AdGuard which is free and doesn’t have such serious privacy issues:

also there’s no need to pay, the free tier is more than sufficient

[–] cantankerous_cashew 3 points 5 months ago (1 children)

Wow I had no idea that this existed for such a long time. I've clearly been living under a rock... 😅

[–] cantankerous_cashew 4 points 5 months ago

Seconding AdGuard. Also, there’s no need to pay, the free tier is more than sufficient. Links for convenience:

[–] cantankerous_cashew 2 points 7 months ago

gluetun bundles a control server on port 8000 which you can query for the port number (don't worry about openvpn being in the url path, it still works with Wireguard). In my bash script (running on the host system), I use curl to retrieve the forwarded port number and then do a POST with that data to the API of my qbt client which is running in another container on port 8080.

[–] cantankerous_cashew 5 points 7 months ago

There’s a reason why most providers don’t allow that feature anymore

Yes, cheese pizza

It’s said that port forwarding is a security risk

Says who? Assuming a fully patched system/client and a properly configured firewall/network, I'd love to hear more about these "risks".

Also, qBitTorrent works just fine without it.

Only if you don't care about seeding

[–] cantankerous_cashew 7 points 7 months ago (5 children)

Based. I use gluetun with qbt and ProtonVPN (with port forwarding). Despite this being a tricky config, it was still pretty easy to setup. Can share bash scripts if anyone is interested.

[–] cantankerous_cashew 1 points 7 months ago

I’m personally a big fan of bore. It’s easy to setup/use and there’s a free public instance operated by the developer.

[–] cantankerous_cashew 1 points 7 months ago

Here's a link to the PR for anyone who's interested

[–] cantankerous_cashew 8 points 8 months ago

Allegedly Tim Cook does the same thing. Can't imagine what he'd be doing 16h a day, but I've heard he's almost always at Apple Park

view more: next ›