prof

joined 2 years ago
sorted by: new top controversial old
The end of Windows 10 is approaching, so it's time to consider Linux and LibreOffice in c/technology@lemmy.world
[–] prof@infosec.pub 1 points 6 hours ago (1 children)

If you're behind a conventional router they still do NAT afaik.

Per default your IPv6 address should be an internal one if it's enabled.

The end of Windows 10 is approaching, so it's time to consider Linux and LibreOffice in c/technology@lemmy.world
[–] prof@infosec.pub 8 points 16 hours ago

Yeah, we managed to recreate that in a lab. Those old OS's are super vulnerable.

The end of Windows 10 is approaching, so it's time to consider Linux and LibreOffice in c/technology@lemmy.world
[–] prof@infosec.pub 27 points 19 hours ago (6 children)

EOL means no more security updates, which means attack vectors don't get patched.

If you keep using a Windows installation (or any OS for that matter) that isn't patched regularly you are very likely to be victim to some malicious actor eventually. It's not manual hacking anymore, it's bots scraping the whole internet exploiting known vulnerabilities completely automated.

The risk is much lower if you're in a home network with NAT, where your PCs IP is not publicly reachable, but if you communicate with any webservices you're still vulnerable.

As example. If you nowadays put a Windows XP machine live on the internet with a public IP, it will be compromised within minutes.

So yeah. Good call switching to Mint, but please don't use unpatched Windows.

Help : Self-Hosting RSS Feed for my blog (pls) in c/selfhosted@lemmy.world
[–] prof@infosec.pub 6 points 1 month ago

I use Hugo for static site generation and it makes the RSS stuff for me.

Obsidian is now free for work - Obsidian in c/technology@lemmy.world
[–] prof@infosec.pub 1 points 3 months ago (1 children)

I don't necessarily like a few takes in the comments here.

Vibes wise the Obsidian team seems to be great and they don't seem to have shown any reason why I should distrust them. I love FOSS but gifting others my work doesn't put food on my table, so in that sense they need to have a lucrative business model which they seem to have established.

I could use SyncThing, Git or other solutions to do synchronisation between my devices but I choose to buy their Sync offer, since I want to support them (they also have EU servers, which need to be GDPR compliant by law afaik).

The closest comparison I could make is NextCloud. NextCloud open sources their software, but they sell convenience. Sure, you could self host it, but paying them to do so for you may be more attractive. In comparison Obsidian is not really complicated to set up or maintain. It's literally just a MD-editor. So the only convenient thing to sell is synchronisation if you don't want to put a price tag on the software.

If they open source all their code, some tech wizard will implement a self hosted obsidian sync server with the same convenience as theirs in a day, and the company will lose their revenue stream.

We've all been burned by tech bros in one way or another, but I think it's ok for people to profit off of their IP. And they seem to be doing so with a positive vision. Feel free to let me eat my words if they ever go rogue, but that's my 2 cents.