Elvith Ma'for

Former Reddfugee, found a new home on feddit.de. Server errors made me switch to discuss.tchncs.de. Now finally @ home on feddit.org.

Likes music, tech, programming, board games and video games. Oh… and coffee, lots of coffee!

I � Unicode!

  • 0 Posts
  • 93 Comments
Joined 10 months ago
Cake day: June 21st, 2024
  • Elvith Ma'for@feddit.orgtoTechnology@lemmy.worldOracle hid serious data breach from customers, now hacker has it up for saleEnglish
    2·
    2 days ago

    At least we’re constantly told to be ready to act to reroll secrets, etc and try to automate the change/deployment of changed passwords and such.

    Depending on the system you’re working with, this may still be a PITA, but at least we do have plans for even the “problematic” systems and we have probably done this a few times. Although maybe not at this scale, tbh.

    So, imagining I were tasked to do that for $hyperscaler in “my” systems… I feel some dread, as even if everything is automated ä, there’s always something that doesn’t go as planned - but at least I know what can be done in which way and which timeframe is realistic (and which parts will be the most sensitive). If you do not have plans, well… Good luck. You’ll need it.

  • Elvith Ma'for@feddit.orgtoGames@lemmy.worldGOG seems to be considering paid membership optionEnglish
    11·
    4 days ago

    I also got this survey and I had the same feeling. It felt more like a patron for their game preservation program with possible features like a members-only-community, interviews or documentation about the preserved games, their publishers/studios and the efforts to keep them running or some kind of loyalty rewards/discount coupons. Maybe even ‘special builds’ like ‘experience the OG version 1.0 of $game’.

    There was one option, that I interpreted like ‘maybe we will put future compatibility updates after purchase (e.g. supporting Windows 12 or whatever) behind the membership’ - but that’s purely my interpretation of a single bullet point style line in that whole several page long survey

  • Elvith Ma'for@feddit.orgtoSelfhosted@lemmy.worldDo I really need a firewall for my server?English
    32·
    11 days ago

    If done correctly, those may only be open from the internet, but not from the local network. While SSH may only be available from your local network - or maybe only by the fixed IP of your PC. Other services may only be reachable, when coming from the correct VLAN (assuming you did segment your home network). Maybe your server can only access the internet, but not to the home network, so that an attacker has a harder time spreading into your home network (note: that’s only really meaningful, if it’s not a software firewall on that same server…)

  • Elvith Ma'for@feddit.orgtoSelfhosted@lemmy.worldDo I really need a firewall for my server?English
    121·
    11 days ago

    Instead of thinking with layers, you should use think of Swiss cheese. Each slice of cheese has some holes - think of weaknesses in the defense (or intentional holes as you need a way to connect to the target legitimately). Putting several slices back to back (in random order and orientation) means that the way to penetrate all layers is not a simple straight way, but that you need to work around each layer.