Off-and-on trying out an account over at @[email protected] due to scraping bots bogging down lemmy.today to the point of near-unusability.

  • 17 Posts
  • 2.01K Comments
Joined 3 years ago
Cake day: October 4th, 2023
  • tal@lemmy.todaytoSelfhosted@lemmy.worldQuestion for Reasonable Security in New Server SetupEnglish
    5·
    6 hours ago

    change the default SSH port

    Any port scanner — take nmap — is going to turn this up.

    SSH is also trivial to fingerprint as a protocol. Here’s me running netcat to my local SSH instance:

    $ nc localhost 22
SSH-2.0-OpenSSH_10.0p2 Debian-7+deb13u2
^C
$

    It ain’t rocket science to identify an SSH server.

    I personally think that port-knocking isn’t a great idea and just adds hassle and brittleness to something, but I’d do a port-knocking setup before I tried running sshd on a nonstandard port.

    If you honestly don’t trust SSH, then okay, fine, wrap it with a VPN or something with real security so there’s another layer (of course, that raises the issue of whether you trust the VPN software not to have remote exploits). Or have one host that you can reach and bounce from there to another host or something.

    There are ways that I’d say are useful to try and secure an SSH instance. Use keys rather than passwords. Whitelist user accounts that can be connected to remotely.

    But anyone who is likely to be a real risk to your system is going to be able to find an ssh server running on a nonstandard port.

  • tal@lemmy.todaytoGames@lemmy.worldAAA Dominance Is Eroding: 56% of PC Gaming Revenue Now Goes to Games Outside the Top 20English
    5·
    1 day ago

    Yeah, I thought about changing it, but…the problem is that while the base game is playable now for $0, the overwhelming bulk of the game’s content is in expansion packs. Like, I don’t think that people really buy and play just the base game; it’d be more like a demo.

    EDIT: A similar game might be DCS. I mean, yes, technically the base game is free, and you get (checks) a WW2 fighter and a Soviet ground-attack jet. But…basically that acts as a demo, and everyone is going to go out and get at least their favorite aircraft, and most of those aircraft cost about as much as a full-priced video game does. Hell, a couple of them are $80 each.

  • tal@lemmy.todaytoGames@lemmy.worldGame franchises you like, but wish were another genre of video game?English
    4·
    3 days ago

    My main requirement was for the touchpad to actually have physical tactile buttons, fuck that whole solid slab of touch thing, I want 2 proper clicky buttons.

    I’m in the same boat, except I want three for Linux, where the third button is more-useful than in Windows, and there are very, very few laptops that have that any more — a few Thinkpad models. I finally gave up on it, just accepted that I was going to have a laptop without same, though you can get USB touchpads with physical buttons if you want to haul one around (and I keep one in my car for just this reason — sometimes it’s worth hauling out).

  • tal@lemmy.todaytoGames@lemmy.worldGame franchises you like, but wish were another genre of video game?English
    5·
    3 days ago

    I think that part of the problem is that there aren’t that many settings where it makes sense. Descent worked because you were supposed to be on low-gravity asteroids to justify the zero-G environment. That also means that it has to be in space and in the future. It had to be in mines, to justify the scale — most human-created environments are going to be smaller.

    I was playing Starfield and one of the moments there that I was impressed — most of the combat isn’t all that new — was in a zero-G gunfight on a space station (the Almagest or whatever the space casino is), where gunfire was sending objects flying around and riccocheting all over. I was thinking “it’s odd that more games haven’t done zero-G first-person shooters”. But…when you think about how limited the settings are where it really makes sense, I think it’s understandable.

    I mean, I guess you could create a fantasy world and just throw up your hands and say, “it’s all magic” or something, but…

  • tal@lemmy.todaytoGames@lemmy.worldGame franchises you like, but wish were another genre of video game?English
    271·
    3 days ago

    Some games that I like thematically, but don’t enjoy the gameplay on:

    • Elden Ring. If it was more RPG-like, avoided respawning enemies and reliance on learning patterns, I think I’d like it more.

    • Sunless Sea. Neat setting and writing. I don’t like the gameplay — simple combat, not very interesting choices, hunt-the-item stuff.

    • Cyberpunk 2077. This isn’t bad, but I wanted something like a Bethesda game, and I got something like a Grand Theft Auto game. I think that it’d be much better as a Bethesda-like game. Oh, though I never really liked Johnny Silverhand as a character much.

    • Fallout 76 — well, I don’t have a problem with the franchise — but on that particular game, I’d rather it wasn’t an online game, were a single-player open-world RPG. It’s more like that than when it launched, but…

    • To expand on that: a whole slew of games that are really intended to be played multiplayer, but where I only want to play against the computer. I don’t like playing games multiplayer. I would buy an expansion for these that went back and put in some major single-player improvements and good game AI. Carrier Command 2 can be played single-player, but it’s kinda repetitive and not balanced well for single-player teams. Wargame: Red Dragon. I like the game and the setting, but the AI is very difficult to enjoy playing against; just too primitive. Steel Division 2, later in Eugen’s series, really improved on the AI. Defense of the Ancients 2; the whole MOBA genre is really oriented towards playing with real humans.

    • Scanner Sombre. This is a mostly-psychological horror game, where the gimmick is that you can only see something that you’ve scanned with this LIDAR-type gizmo. You’re walking through a cave complex, and the mechanic of things slowly emerging and having to manage your visibility really works in a horror environment. But…the game isn’t really very replayable, and I like replayable games. I wish that someone would basically take the stumbling-around-in-a-cave-with-a-scanner thing and make a different sort of game out of it. (Note: If you play this, I played the Windows version in Proton. The Linux-native build was extremely unstable for me.)

    And just for the hell of it, the opposite — some where I like the gameplay, but not the theme:

    • The Binding of Isaac. I love the action roguelike gameplay. I don’t like the gore/fetus/abuse/scatological stuff all that much. I’ll deal with it, but I’d have liked the game more if it had a different theme.
  • tal@lemmy.todaytoSelfhosted@lemmy.worldProxmox audio for all guests solution?English
    2·
    4 days ago

    so I figured that using pipewire to co-ordinate this would be the easiest way forward, except it turns out that it’s a (GUI) user space process, which doesn’t make sense on a server with no GUI users.

    I’m not entirely sure what you mean by “(GUI) user space process”, but if it’s that it’s a systemd user process (e.g. it shows up when you run $ systemctl --user status pipewire rather than $ systemctl status pipewire, which appears to be the case on my system, where there’s one instance running per user session), then you probably can run it as a systemwide process, where there’s just one always-running process for the whole system. IIRC, PulseAudio could run in both modes. I don’t know if you have concerns about security on access to your mic or something, but that could be something to look into.

    searches

    Sounds like it’s doable. Not endorsing this particular project, which I’ve never seen before, but it looks like it’s possible:

    https://github.com/iddo/pipewire-system

    PipeWire System-wide Daemon Package (Arch Linux)

    This package configures PipeWire, WirePlumber, and PipeWire-Pulse to run as a single system-wide daemon as the root user. This setup is optimized for headless media servers, HTPCs, or multi-user audio environments.

  • tal@lemmy.todaytoTechnology@lemmy.worldD.C. Grand Jury Orders Reddit to Turn Over Data on Anonymous ICE CriticEnglish
    142·
    5 days ago

    You’re not wrong that you’re not safe posting on Reddit, but if this case is any indication you’re not any less safe posting in Reddit than any other site, including Lemmy.

    You can choose the location (and thus legal jurisdiction) of your home instance, but yeah, in general, I think that people need to be aware that server operators on the Threadiverse are probably not going to fight legal battles on your behalf.

    We had someone ask about turning over IP addresses to law enforcement a while back on lemmy.today. The lemmy.today server admin gave what I’d call probably a pretty accurate answer.

    https://lemmy.today/post/7255213

    How will Lemmy Today handle IP subpoenas?

    Lemmy instances are run by volunteers who wants to see a social media network without big tech.

    I dont think you can trust any of those volunteers, including this one, to not comply with law enforcement. Thats not why we are running instances. Its about providing a platform without tracking, ads and algorithms for talking to other people and having a good time.

    Hope that makes sense.

    Use a VPN if you have a reason to. :)

    It linked to a similar question for lemmy.dbzer0.com:

    How will dbzer0 handle IP subpoenas?

    Don’t know man. I’m not making enough in donations to pay for the server costs, never mind hiring lawyers. I’ll deal with this when I have to 😅

    There are platforms more-aimed at providing harder pseudonymity. I’d put Hyphanet fairly high on the list of “a pain in the ass to track a poster down due to technical barriers” list (though that comes with very real performance and latency and suchlike costs).