And for unidirectional we're rapidly approaching 1.2Tb at the top end. 400Gb and 800Gb are becoming pretty standard in the datacenter world. Fiber is wild!
Trainguyrom
joined 2 years ago
I tried Habitica, which at least when I tried it had a free tier or was free. But I found for me it just led to me trying to game it like I do video games (so it was too good at gamifying) and not actually making progress on the things I wanted to make progress on
Y'know what that was terrible writing on my part. Where I put "physical vlan" I just meant specifying each port be a specific vlan rather than a trunk port that has multiple clans on in
I should probably proofread more and write less when tired
Physical wire tapping would be mostly mitigated by setting every port on the switch to be a physical vlan, especially if the switch does the VLAN routing. Sure someone could splice an ethernet cable, which would really only be mitigated by 802.1x like you already said, but every part of this threat model makes zero sense. You ultimately have to trust something (and apparently in OP's case that's a third party VPN provider that charges extra to not block LAN access while connected and they remain entirely on the free tier of)
But at the very least, not trusting everything on the network is a very enterprise kind of threat model, so using standard enterprise practices of network segmentation, firewalling, and potentially MAC-binding and 802.1x if so desired isn't a bad idea, if for no other reason than it might lead to a career in network administration. And honestly I mostly want to get OP to not think of VPNs like a magical silver bullet and see what other tools exist in the toolbox
Wait you're seriously using a free VPN?
Sounds far more likely that either someone misunderstood that residential IPs change frequently/may be shared by multiple subscribers or the ISP made an error when responding to a subpeana and provided the incorrect IP. Unfortunately both are all too common with privacy enforcement
If you really think the ISP router is snooping and can't by bypassed you could simply double-NAT your network with a trusted router and call it a day. Much less VPNing and much less unusual decisions of trust and threat model involved then
But supposing you absolutely do not want to tack on additional costs, then the only solution I see that remains is to set up a private VPN network, one which only connects your trusted devices. This would be secure when on your I trusted LAN, but would be unavailable when awat from home.
Traditionally this would be performed by creating a dedicated network of trusted devices. Most commonly via a VLAN for ease of configuration. Set the switch ports that the trusted devices are connected to to use that vlan and badabing badaboom you're there. For external access using Tailscale or one of the many similar services/solutions (such as headscale, netbird, etc.) with either the client on every device or using subnet routing features to access your trusted network, and of course configure firewalls as desired
I've been trying to call them import taxes because more people should. It simplifies the explanation of what teriffs are greatly
I mean, we already had a cop empty their entire mag into the woods because a walnut fell onto his car
These are the privileged individuals who get good media coverage (read: conventionally attractive young white women) and have wealth and/or connections. Everyone knows that if this is how they're treating the most privileged of people, it's going to be 100x worse for those who aren't as privileged. Covering abuses in the news that are indefensible makes it much harder to ignore the less black and white abuses that are happening every day
view more: next ›
Yeah I've purposely broken some fiber just to learn what kind of stress it can handle. I had to literally fold it over on itself to snap it