Dran

King size candy bars, give out 2 to each. Everyone always loved that guy

bill helped his brother jack, off a horse

bill helped his brother jack off a horse

Commas are important, who knew? If only he had paid attention in English class!

Personal computer taken to a company help desk, humans + horses

Hundreds of gigabytes of horse porn, right in a folder on his desktop called “horse”. The thumbnail of the folder made it incredibly clear what the folder was and what was in it, which was made extra clear by the max zoom his desktop icons were set to. (it was like, no joke, almost 1/10th the screen).

Fun fact: that was the day I learned my state doesn’t have mandatory reporting laws for animal abuse, only csam.

Raid is not a backup!

Noooo, you got this backwards. Think about how many times you wanted an extra key for something. Push-to-talk in VoIP apps, extra modifier keys so you don’t have to use double-modifiers… The possibilities are endless!

Standardize more useless keys so I can remap them on every keyboard!

It 100% is part of the character; so is the accent if you didn’t know. He speaks a perfect Midwestern accent when not in character

I guess I should rephrase.

I label a lot of boxes and spice containers but nothing unhinged lol

DYMO Embossing Label Maker

They’re like $9 on Amazon and I label everything. I have 2 myself, and they’re also my go-to for white-elephant parties.

I run ubuntu’s server base headless install with a self-curated minimal set of gui packages on top of that (X11, awesome, pulse, thunar) but there’s no reason you couldn’t install kde with wayland. Building the system yourself gets you really far in the anti-bloatware dept, and the breadth of wiki/google/gpt based around Debian/Ubuntu means you can figure just about any issues out. I do this on a ~$200 eBay random old Dell + a 3050 6gb (slot power only).

For lighter gaming I’ll use the Ubuntu PC directly, but for anything heavier I have a win11 PC in the basement that has no other task than to pipe steam over sunshine/moonlight

It is the best of both worlds.

the best way to learn is by doing!

I just built my own automation around their official documentation; it’s fantastic.

https://www.wireguard.com/#conceptual-overview

https://www.wireguard.com/install/

https://www.wireguard.com/quickstart/

vyatta and vyatta-based (edgerouter, etc) I would say are good enough for the average consumer. If we’re deep enough in the weeds to be arguing the pros and cons of wireguard raw vs talescale; I think we’re certainly passed accepting a budget consumer router as acceptably meeting these and other needs.

Also you don’t need port forwarding and ddns for internal routing. My phone and laptop both have automation in place for switching wireguard profiles based on network SSID. At home, all traffic is routed locally; outside of my network everything goes through ddns/port forwarding.

If you’re really paranoid about it, you could always skip the port-forward route, and set up a wireguard-based mesh yourself using an external vps as a relay. That way you don’t have to open anything directly, and internal traffic still routes when you don’t have an internet connection at home. It’s basically what talescale is, except in this case you control the keys and have better insight into who is using them, and you reverse the authentication paradigm from external to internal.

Talescale proper gives you an external dependency (and a lot of security risk), but the underlying technology (wireguard) does not have the same limitation. You should just deploy wireguard yourself; it’s not as scary as it sounds.

Fail2ban and containers can be tricky, because under the hood, you’ll often have container policies automatically inserting themselves above host policies in iptables. The docker documentation has a good write-up on how to solve it for their implementation

https://docs.docker.com/engine/network/packet-filtering-firewalls/

For your usecase specifically: If you’re using VMs only, you could run it within any VM that is exposing traffic, but for containers you’ll have to run fail2ban on the host itself. I’m not sure how LXC handles this, but I assume it’s probably similar to docker.

The simplest solution would be to just put something between your hypervisor and the Internet physically (a raspberry-pi-based firewall, etc)

I think the debate is about what a reasonable class is. I don’t think that an appendage, or identity for that matter, is a reasonable proxy for capability class. In my mind you really have to go one of two ways.

You either make everything class-less (think UFC 1) where all weights, sizes, abilities, genetics compete for a singular title

Or

You make science-based classes, based around whatever the best proxy for capabilities are (testosterone, chromosomes, height, weight, body fat percentage, some combination of the former, etc)

If you use nothing as a proxy, there would be a lot of people unable to compete but it would at least be unequivocally “fair”. If you use science-based capability classes you would have a wider range of “fair-ish” competitions, but there might be some weird overlap where some men, some women, and those in-between bridge accepted norms.

do you know why they’re illegal? is there some danger to them?

If there are any water pipes through the second half of the house you cannot let those exterior walls reach freezing temperatures. Whatever solution you go with needs to account for the entire space in some capacity.

+1 for cmk. Been using it at work for an entire data center + thousands of endpoints and I also use it for my 3 server homelab. It scales beautifully at any size.

The “problem” is that the more you understand the engineering, the less you believe Intel when they say they can fix it in microcode. Without writing an entire essay, the TL/DR is that the instability gets worse over time, and the only way that happens is if applied voltages are breaking down dielectric barriers within the chip. This damage is irreparable, 100% of chips in the wild are irreparably damaging themselves over time.

Even if Intel can stop the bleeding with microcode, they can’t repair the damage, and every chip that has ever ran under the bad code will have a measurably shorter lifespan. For the average gamer, that sometimes hasn’t even been the average warranty period.