Elvith Ma'for

You wouldn’t download a Starbucks,…

With Cygwin or WSL yes

You state that you did use the install script, but also that you want to run it with docker. Did you follow the instructions in their docker repository? It’s quite easy to get it running - they included a complete docker-compose, a Caddyfile and all you need.

https://github.com/searxng/searxng-docker

Edit, I’m dumb, I misread.

We’re gonna build a firewall and importlib is gonna pay for it!

And a blockchain helps to solve which part of the problem? Some were working on mirroring all data to a git repository. In theory, that allows for easy access on all the data, versioning (with commits) and - through forks and merge requests - collaboration and distribution. Also git is a distributed repository that clones the whole history to your local drive.

https://github.com/MITRE-Cyber-Security-CVE-Database/mitre-cve-database

But with the announcement of the cve foundation, I don’t know whether they will really import all the data in this git repository.

I should send a PR that applies the tariffs randomly and sometimes arbitrarily changes the numbers…

I might even make it so, that it calculates an import deficit by looking at how often your libraries are imported in the codebase of the projects, that the maintainers of your dependencies have vs. the number of imports your code has from them.

I should send a PR that applies the tariffs randomly and sometimes arbitrarily changes the numbers…

I might even make it so, that it calculates an import deficit by looking at how often your libraries are imported in the codebase of the projects, that the maintainers of your dependencies have vs. the number of imports your code has from them.

I mean, I know of a Microsoft product that allows for a batch import of data provided in an Excel file. You need to use their template file. Which, when used, automatically formats all dates the American way, ignoring your locale settings. Depending on which date is first encountered on import (e.g. which date you entered in the first line) then designates whether the whole file is imported with dates read as MM/DD/YYYY or DD/MM/YYYY.

You start your list on January 1st? It will import everything as MM/DD/YYYY then. You start you list on e.g. January 22nd? DD/MM/YYYY it is then. Good luck getting that import running without errors…

git commit -m .:|:;

I’m in this reply and I feel old as fuck now

I mean, you could learn some things from using current LLMs

Came to suggest this. I ran into the same problem when I tried to host Jellyfin at home. Also I was fed up with all those certificate warnings, depending on which device I used. Since I was already using pihole in my home network, I just went and looked at all the DNS plugins for certbot to learn which provider allows for easy DNS challenges. Then I researched a bit and stumbled upon a provider that was running a sale - so I got a domain for less than 5 bucks/year.

I set the public A record to 127.0.0.1 and configured certbot to use their API. This domain is now used internally in my network exclusively and I just added some DNS entries for several subdomains in pihole, so that it works for every device at home (e.g. jellyfin.example.com / dockerhost.example.com / proxmox.example.com / …).

When I’m away, I shouldn’t be able to resolve the domain, and even if DNS were hijacked, the TLS certificate will protect me from connecting to $randomServices. Also my router is less restricted, which means that I can just use it’s VPN server to connect directly to my home network, if I need to access my server or need to troubleshoot things when away.

No, see also this diagram: https://www.digitalberry.fr/wp-content/uploads/2023/02/DNS-challenge-process.png

You use an ACME client (either explicitly with e.g. certbot or a webserver that has a client Iintegrated like Traefik, Caddy,…) to communicate with an ACME server (the CA, e.g. Let’s encrypt). Your ACME client asks for a certificate with a DNS challenge. It gets a code that you/the client needs to publish as a DNS record. Only then the client talks to your DNS provider and tells them to put a specific TXT record on your domain (or onanual mode: the client prints out the value and you need to put it there manually). After your DNS provider published it, your client tells the server to check the challenge and hand you your certificate.

Your DNS provider in this diagram is just that one small rectangle in the lower left.

Note: There’s nothing stopping your DNS provider to just do all of this, generate a certificate for you and providing you with a button in your account where you can download a certificate with a single click. Also if you are at a webhoster and only host a simple page there, they will probably also provide your with a TLS cert with the click of a single button.

I read this as they’re even generating the frames with AI:

The tech demo is part of Microsoft’s Copilot for Gaming push, and features an AI-generated replica of Quake II that is playable in a browser. The Quake II level is very basic and includes blurry enemies and interactions, and Microsoft is limiting the amount of time you can even play this tech demo

While Microsoft originally demonstrated its Muse AI model at 10fps and a 300 x 180 resolution, this latest demo runs at a playable frame rate and at a slightly higher resolution of 640 x 360. It’s still a very limited experience though, and more of hint at what might be possible in the future.

“We’ve talked about game preservation as an activity for us, and these models and their ability to learn completely how a game plays without the necessity of the original engine running on the original hardware opens up a ton of opportunity.”

No, I don’t think that you’re talking about preservation then. Not even game emulation. You’re talking about game hallucination.

The DNS provider needs to provide an API, but not an ACME server.

Your server contacts Lets Encrypt and wants a certificate - say for homeserver.example.com. It tells Let’s Encrypt to use DNS based authentication. Let’s encrypt answers with a challenge code, that you now publish as a txt record with a defined name via your providers API for this (sub)domain. Let’s encrypt then checks the TXT record and if it finds the challenge there, it sends you the certificate.

I already use certbot with my DNS provider, so it should generally be supported. And indeed, O found the docs, where all supported providers are listed.

https://doc.traefik.io/traefik/https/acme/#providers

Does Trafik also allow DNS based challenges with additional certbot plugins, or does it only work by serving a challenge in /.well-known/?

I’ve set up my internal homelab with LE certificates, but if I could get rid of certbot and do this automagically, it’d be nice…

Tech Enthusiasts: Everything in my house is wired to the Internet of Things! I control it all from my smartphone! My smart-house is bluetooth enabled and I can give it voice commands via alexa! I love the future!

Programmers / Engineers: The most recent piece of technology I own is a printer from 2004 and I keep a loaded gun ready to shoot it if it ever makes an unexpected noise.

Security technicians: takes a deep swig of whiskey I wish I had been born in the neolithic.

At least we’re constantly told to be ready to act to reroll secrets, etc and try to automate the change/deployment of changed passwords and such.

Depending on the system you’re working with, this may still be a PITA, but at least we do have plans for even the “problematic” systems and we have probably done this a few times. Although maybe not at this scale, tbh.

So, imagining I were tasked to do that for $hyperscaler in “my” systems… I feel some dread, as even if everything is automated ä, there’s always something that doesn’t go as planned - but at least I know what can be done in which way and which timeframe is realistic (and which parts will be the most sensitive). If you do not have plans, well… Good luck. You’ll need it.