They said that it does not represent their values
jeansburger
joined 2 years ago
Do you have space for a 1000mm server rack and can just buy some 13th or 12th gen Dell servers?
You literally can't go wrong with what every enterprise has used and subsequently decommissioned. You're likely not going to hit the bottleneck that an enterprise would. The servers are relatively cheap and reliable.
Just look on ebay, it's cheaper to buy without hard drives because you're just going to get better (and larger ones) anyway.
The 12th gen servers are dirt cheap and if you want something more "modern" the 13th gen will do fine they're just more expensive. You get a ton of cores and RAM available for whatever needs doing and management is pretty easy.
If you need storage R730xd has plenty of drive capacity and good raid performance. If you need GPUs for you can get the upgrade kit for the R730 and slap an old NVIDIA card(s) in there to hook up to plex. If you just need raw compute in a small package R630 is probably the ticket.
I'd recommend either getting a dedicated machine for your router or a server with more than 2 ports. Just because putting it in a hypervisor gets tricky when you need physical ports for lan segmentation. Depending on what you need you may need to find a 1u that has 4 ports. A switch that can do VLANs allows you to have a "router on a stick" but you really should break out your WAN from your LAN.
All of these run Proxmox perfectly well and are well supported. You can setup a cluster with a few machines and be able to easily create a Celph array or do HA if needed or you want to play around with it. They also have the ability to have 10Gig ethernet if you really need it/want it.
I have four dell 11th gen machines that all run Proxmox and it's solid, easily able to use all of the storage I have across the machines. I run Plex and multiple services off of VMs and containers.
I'd be more shocked if they weren't on PEDs, because it's Russia and the Olympics...
You're aware that you can send whatever traffic you want over any port right? Using 123/udp for NTP is just convention. A light bulb that is updating its time over Tor is suspect. TP-Link would have their own infrastructure or use public pools to update the device's time.
It's been hacked, the light bulb is likely part of some botnet or under an attacker's control directly. Which is why it's sending that much data continuously. IoT/smart devices don't send a lot of data in this sort of volume as most of the time they're idle and maybe send a heartbeat or status update every once in a while to prove they're alive.
This is what is called an indicator of compromise or IoC, it's some behavior or pattern that can be used to determine what is happening or who is the one doing the attacking.
Likely OP would need to do some analysis to be able to get attribution unless it's a very well known botnet actor in which case attribution is fairly straightforward.
It's definitely been popped. Rip.
They have beaten this dead horse enough. There's only so many ways you can make "Something Era shooter" without it literally being the same game with different skins.
The amount of money that comes out with each swing is drying up. Maybe they shouldn't have tried to extract every last dollar out of their players and their IP and let it end on a high note.
You'd think, but then again they probably ripped some open source repo off Github that had more features than necessary. Then proceeded to not turn any of those off, hack in their own features that aren't very optimized because the board has like 4 gigs of storage and who cares. Finally bake in some firmware blobs for other components that probably allow them to figure out what sports you play or what pets you have so they can sell that info so other companies can show you ads.
Add all that together and you probably have a firmware image that's like a gig.
Due to the hacked in features, they probably need to release patches frequently or add new "features" nobody asked for. It probably also has a phone-home "feature" so it can automatically update itself because you obviously need the "Defunkifier" setting on your washer right now.
It wouldn't supprise me if it the amount of network traffic from something like a "smart" washer was a few gigs a day because it's constantly looking for new updates or sending whatever other telemetry data it's collected to the mothership.
IANAL; However Usually the contracts have a severability clause, meaning even if some parts of that contract are null and void the rest of it stands minus the parts that are illegal. Does that mean those clauses are also null and void depending on locality? Again IANAL, but I believe it's pretty settled contract law at least in the US.
Yes that drive should work, as long as it's not a SATA M.2 SSD it should be compatible with the Yellow.
Yes there is! Great you have a strong, randomly generated password. There's no collateral damage (you're having your password manager generate the passwords right?) So your other accounts are safe, you only have to rotate one password.
Well what happens for instance if someone really wanted access to your account? Say it's a bank, a social media account, or maybe it's just a game account for an MMO that's super high value, you have a long and strong password, but let's say the service's security wasn't quite up to snuff or you got phished and gave your password by accident (these things happen, it's not your fault).
This is where 2FA comes in, if someone manages to break your password the attacker needs your phone, your security key, your fingerprint, etc... To prove to the service they're you. By having 2FA on the account you're increasing your defense in depth for your account. If you didn't have it your account is as good as gone as soon as an attacker cracks or gets your password.
It acts as a second lock that needs to be picked in order to take over your account.
I personally add 2FA to all of my accounts I can, the highest security ones get added to my hardware token. The ones I don't need as high security go into my password manager (which has 2FA enabled but only available via my hardware key).
Additionally as often as possible I try to use a unique email address for each service (simplelogin, addy.io, or similar, + based email addresses are easily bypassed) they all forward to my email but now you have to guess my email for the service (my own private domains, so not shared with anyone else) and what mailbox it ends up in. As a bonus you can disable emails that are sending spam or see who got breached based on the email.
Again defense in depth, a long secure password is great but that's only relying on a single lock. By having 2FA you're doubling your security so to speak by requiring that extra key in order to access your accounts.
It's the South of the North