• 0 Posts
  • 97 Comments
Joined 1 year ago
cake
Cake day: June 30th, 2023

help-circle


  • There is anonymity and pseudonymity.

    Do you need your opsec to be resistant to state-level actors (oppressive regime, censorship, illegal activities)? Well then you need to make sure you don’t introduce anything that will deanonomize you.

    Are you trying to be resistant to mass data collection efforts used for profit? Being on the pseudonymity spectrum is a good step.

    Dealing with the latter is like dealing with a bully. Make it not worth their time. They just want to put you in bucket X so they can estimate the most likely way to influence you for reason Y. Pseudonymity is about having multiple aliases that get put into different buckets so their privacy invasive efforts are less effective.


  • sloppy_diffuser@sh.itjust.workstoMemes@lemmy.mlIdk if y'all knew this
    link
    fedilink
    English
    arrow-up
    28
    arrow-down
    1
    ·
    17 days ago

    This is why we trust but verify. Thanks mom for teaching me that cruel lesson of unplugging the phone cord to get me to bed (dial up days). It lasted about a week before I caught on you always came up from the basement before bed.

    I’m so glad you never noticed I swapped my line with the guest bedroom. Also glad that ancient block in the basement could be hand wired.





  • I use immutable nixos installs. Everything to redeploy my OS is tracked in git including most app configurations. The one exception are some GUI apps I’d have to do manually on reinstall.

    I have a persistence volume for things like:

    • Rollbacks
    • Personal files
    • Git repos
    • Logs
    • Caches / Games

    I have 30 days (or last 5 minimum) of system rollbacks using BTRFS volumes.

    The personal files are backed up hourly to a local server which then backs up nightly to B2 Backblaze using rclone in an encrypted volume using my private keys. The local server has a mishmash of drives in a mirrored LVM setup. While it works well for having mixed drives, I’ll warn I haven’t had a drive failure yet so I’m not sure the difficulty of replacing a drive.

    My phone uses the same flow with RoundSync (rclone + GUI).

    Git repos are backed up in git.

    Logs aren’t backed up. I just persist them for debugging and don’t want them lost after every reboot.

    Caches/Games are persisted but not backed up. Nixos uses symlinks and BTRFS to be immutable. That paradigm doesn’t work well for this case. The one exception is a couple game folders are part of my personal files. WoW plugin folder, EvE online layouts, etc.

    I used to use Dropbox (with rclone to encrypt). It was $20/mo for 2Tb. It is cheaper on paper. I don’t backup nearly that much. Backblaze started at $1/mo for what I use. I’m now up to $2/mo. It will be a few years before I need to clean up my backups for cost reasons.

    The local server is a PC in a case with 8 drive bays plus some NVME drives for fast storage. It has a couple older drives and for the last couple years I typically buy a pair of drives on sale (black Friday, prime day, etc). I have a little over 30TB mirrored, so slightly over 60TB in total. NVME is not counted in that. One NVME is for the system, the others are a caching layer (monero node) or temp storage (transcoding as it also my media server).

    I like the case, but if I were to do it again, I’d probably get a rack mountable case.





  • OS: NixOS (high learning curve but its been worth it). Nix (the config language) is a functional programming language, so it can be difficult to grok. Documentation is shit as its evolved while maintaining backwards compatibility. If you use the new stuff (Nix Flakes) you have to figure what’s old and likely not applicable (channels or w/e).

    BYOD: Just using LVM. All volumes are mirrored across several drives of different sizes. Some HDD volumes have an SSD cache layer on top (e.g., monero node). Some are just on an SSD (e.g., main system). No drive failures yet so can’t speak to how complex restoring is. All managed through NixOS with https://github.com/nix-community/disko.

    I run stuff on a mix of OCI containers (podman or docker, default is podman which is what I use) and native NixOS containers which use systemd-nspawn.

    The OS itself I don’t back up outside of mirroring. I run an immutable OS (every reboot is like a fresh install). I can redeploy from git so no need to backup. I have some persistent BTRFS volumes mounted where logs, caches, and state go. Don’t backup, but I swap the volume every boot and keep the last 30 days of volumes or a min of at least 10 for debugging.

    I just use rclone for backups with some bash scripts. Devices back up to home lab which backs up to cloud (encrypted with my keys) all using rclone (RoundSync for phone).

    Runs Arrs, Jellyfin, Monero node, Tor entry node, wireguard VPN (to get into network from remote), I2C, Mullvad VPN (default), Proton VPN (torrents with port forwarding use this), DNS (forced over VPN using DoT), PiHole in front of that, three of my WiFi vlans route through either Mulvad, I2C, or Tor. I’ll use TailsOS for anything sensitive. WiFi is just to get to I2C or Onion sites where I’m not worried about my device possibly leaking identity.

    Its pretty low level. Everything is configured in NixOS. No GUIs. If its not configured in nix its wiped next reboot since the OS is immutable. All tracked in git including secrets using SOPS. Every device has its own master key setup on first install. I have a personal master key should I need to reinstall which is tracked outside of git in a password manager.

    Took a solid month to get the initial setup done while learning NixOS. I had a very specific setup of LVM > LUKS encryption /w Secure Boot and Hardware Key > BTRFS. Overkill on security but I geek out on that stuff. Been stable but still tinkering with it a year later.


  • I saw that documentary. “The Wolf of Wall Street” or something? Maybe that was actually late 80s-early 90s.

    On a daily basis I consume enough drugs to sedate Manhattan, Long Island, and Queens for a month. I take Quaaludes 10-15 times a day for my “back pain”, Adderall to stay focused, Xanax to take the edge off, pot to mellow me out, cocaine to wake me back up again, and morphine… Well, because it’s awesome.



  • sloppy_diffuser@sh.itjust.workstoLemmy Shitpost@lemmy.worldevery damn morning
    link
    fedilink
    English
    arrow-up
    46
    arrow-down
    2
    ·
    1 month ago

    You need downers to ride the uppers and get that perfect drug fueled circadian rhythm going.

    Energy drinks during the day and a nice indica bong/dab rip, edible, or blunt in the evening.

    Warning: If things have escalated to cocaine/meth/adderall to go up and opiates and a handy from the local masseuse to go down, you’re probably riding the rhythm too hard.

    /s please take care of yourself!



  • One of the pirate bay founders created https://njal.la/#home but with the caveat:

    For instance, when you register a domain name in our system, we can register with our own data. We will be the actual registrant of the domain – it’s not an ownership by proxy as found with all other providers. However, you will still have the full control over the domain name. You can either use our information (and our nameservers) or you can go with your custom data. And you can move at any time. Simple, flexible.

    I believe it is required (ICANN?) to have a real entity attached to every domain, even with a proxy for the public whois. They simply offer to be that identity to avoid giving any identifying information, but they will have all claim on it if it came to a legal dispute.




  • sloppy_diffuser@sh.itjust.workstoMemes@lemmy.mlLaptop recommendations
    link
    fedilink
    English
    arrow-up
    10
    ·
    edit-2
    3 months ago

    My work laptop is a Dell Precision. It was a “data science” model that came with Ubuntu. Wiped Dell’s modified Ubuntu and put vanilla Ubuntu on it and now running Nixos. Works great. There was a weird period when using triple monitors with their dock had an intermittent issue on boot where resolutions and monitors were not being detected. Cause was Nvidia drivers. It eventually got resolved and it was easy enough to rollback the drivers to one that worked.