It’s nothing to do with static assignment of a prefix from my ISP, I have that. It’s to do with static assignment of IP addresses within my own house! Use DHCP and android will not use it; use SLAAC and I have no control over IP addresses and therefore cannot set up sensible firewall rules per device.

Probably helps add a certain gravitas.

You were saying the input size doesn’t matter because you only store the hash which is always the same size. What I’m saying is that the input size really does matter.

You absolutely should set upper limits on all input fields because it will be abused if you don’t. Systems should validate their inputs, passwords included

deleted by creator

You can make a client hash it, but if you don’t reject large inputs to your API a client can send enough data to DOS you anyway.

The resulting hash will always be the same size, but you don’t want to have an unlimited upper bound otherwise I’m using a 25GB blueray rip as my password and your service is going to have to calculate the hash of that whenever I login.

Sensible upper bounds are a must to provide a reliable service not open to DDOS exploits.

Not necessarily. Presumably the change password form requires entering the old and new password at the same time. Then they can compare the two as plain text and hash the old password to make sure it matches, then if so, hash the new password and overwrite it. Passwords stored hashed, comparison only during the change process. A theme on this is checking password complexity rules during the login process and advising to update to something more secure. It’s possible because you’re sending the password as plain text (hopefully over a secure connection), so it can be analysed before computing the hash. This even works if the hash is salt and peppered.

Been running Ubuntu LTS releases on all my server VMs for 8 years and haven’t had a single problem. Absolutely solid as a rock. Fantastic support, loads of guides to do anything. Plus you can get 10years of support as a home user with a free Ubuntu Pro subscription.

I’d honestly just go Ubuntu server LTS and learn to configure it through the terminal. It’s not too difficult to setup. NFS and Samba shares.

If more than 0.1% of people do that I’d be flabbergasted

Use a better search engine.

Those of you who “can’t live without google”, need to get a grip.

Attackers need to access the system kernel to exploit the Sinkclose vulnerability, so the system would have to already be compromised. The hack itself is a sophisticated vector that is usually only used by state-sponsored hackers, so most casual users should take that into account.

So it’s a vulnerability that requires you to.already have been compromised. Hardly seems like news.

I can understand AMD only patching server chips that by definition will be under greater threat. On the other hand it’s probably not worth the bad publicity not to fix more.

I moved from an FX8350 to a R5 5600G a few years ago, having run it for about 9 years. Initially I didn’t think I’d notice much difference, but frankly it’s an entirely different ballgame.

At this point if you use Chrome I think there is something wrong with you.

“Already stable enough”

1. no it isn’t.
2. if fucking should be, it’s been around 15 years!

A big reason for owning a gun is protection of property. No one owns FOSS, so you can’t shoot anyone, and that’s no fun at all.

It started with Emby and pihole. I’m now up to about 30 different services from Vault, email, 3CX, home assistant, firefox, podgrab etc.

I just setup netboot.xyz this evening as an experiment. Is pretty cool.

Yes you can do that. I do with opnsense. The username and passwd are not obvious though - they’re probably not what you use to login to the ISP portal with.

Most ISPs will have a brief FAQ on how to use third party equipment with the basics of what settings are important for your connection. You just need to enter them in to pfsense correctly. Also, sometimes searching for “<ISP_name> pfsense” can find useful blogs and articles.

It’d be nice if email clients automatically checked for public keys for any email you enter in the To fields. With a nice prompt that keys have been found to Encrypt the message with. It doesnt sound too difficult and it could lead to much wider adoption of secure emails.

Unfortunately most people get their email free because companies like reading it and stopping that means it might become a paid for service. Something I’m happy to pay for, but many wouldn’t be.