Don’t know, been rolling with Gentoo for some time now.
I wouldn’t trust “out of the box” support anyway as that would imply trusting microsoft keys.
Calculator Manipulator
Don’t know, been rolling with Gentoo for some time now.
I wouldn’t trust “out of the box” support anyway as that would imply trusting microsoft keys.
I’ve not read all of it, but if you’re referring to the stuff at the beginning - none of those limitations apply to 5700xt.
If you mean something else - then, naturally, I would ask if it actually affects your media in the first place. It might, but I wouldn’t expect that.
It is a good thing!
I mean if you’re keeping the GPU - you can just set jellyfin to use VAAPI and utilise the gpu that way.
Do you know how that works? Is it something like Ubuntu where Canonical uses some sort of chain from Microsoft or do you have to embed the cert they provide into UEFI yourself?
Yes, failing to safeguard keys is fatal, but that applies to everything. But if fs you’re storing keys on is behind luks and they’re readable by root only - you’re as safe enough. There’re also LSMs like selinux that can increase the complexity of attack.
I don’t know about nitrokey specifically, but TPM is an option (not good enough, imo) and a simple luks encrypted usb. You could get some convenience by storing the key to unlock it somewhere on the encrypted root.
In general - you cannot stop a targeted attack no matter what, but staying safe from all the automated ones is doable.
No it can’t. You’re still thinking about github and its built in “forking” mechanism.
There is no federated guthub because git itself is. Just clone the repo - you’re part of the network already!
in case you want to tell me what I have is fine and I don’t need an upgrade
What you have is fine and you don’t need an upgrade 😁
But we’re not looking for fine, are we? :)
I would keep the gpu and get as many cpu cores and ram as my budget allows. Once you cross into “stupid amount of RAM” territory you can start utilising tmpfs for transient things such as jellyfin transcode directory to:
It is a system one has to understand fully, i.e. not like ssh, where you can understand connecting to a remote host without bothering about key pairs, x11 forwading, etc.
I was lucky enough to have figured out Gentoo enough where plugging in secure boot was just extending my own system update script. Admittedly, I don’t know how much other distros fight back.
Yea, I guess that initial total lack of understanding and big headlines has left a long-lasting scar. Admittedly, secure boot could be used to lock a machine down if the ability to turn it off and/or manage the keys yourself was removed.
We’ll get there, eventually :)
The Bootkitty sample ESET found is unable to override a defense, known as UEFI Secure Boot, that uses cryptographic signatures to ensure that each piece of software loaded during startup is trusted by a computer’s manufacturer.
AKA not that big of a deal, yet. An article from another post about this also mentions GRUB explicitly as a requirement as well as PoC using self signed keys, which renders it sort of impossible to abuse.
UKI + your own keys + secure boot is still not broken.
No, comercial IPs are fine. You’ll have trouble with some of them - Digital Ocean is a notorious example - where the provider itself blocks outbound port 25 and there’s nothing you can do. I think DO only does that for new accounts.
I myself am running it on Linode - it did get purchased by Akamai a couple of years ago, so I can no longer blindly recommend it - but so far it’s been working fine. One thing I did recently discover was the ability to request a /56 block on Linode - my pre-assigned IPv6 got blacklisted somewhere as at least the whole /64 and simply generating another IP from the same /64 did not help. Getting a fresh block solved it for me, though, and now I know that if this /56 gets blacklisted - it’s my fault. Unless, of course, I get caught up in a /48… 😳
You won’t be able to host email on a residential IP - all of them are on a permanent blacklist. I understand the money argument - and it’s a real argument - but host your own email is just so cool!
What has worked for me quite well over the last few years was answering the phone without saying anything. Spammers usually are dead silent as it’s just a voice recognition bot waiting for a “hello” or similar and hang up within a couple of seconds if nothing is said. Regular people have “static” most of the time. I’ve had a few recruiters call while having their mic on mute, but they start talking themselves fairly quickly.
Thanks for getting into the specifics!
No, it’s not just EU. Proton mail is the first one I saw, haven’t checked for others.
It is created by the samw dev as pixelfed - wouldn’t be surprised if parts were reused to bootstrap quickly.
Takes half a minute to start playing, which gets annoying real quick when a toddler gets involved with all the short videos.
Random buffering every 10-15 minutes on most 1080p as well as 4k videos.
Random buffering every couple of minutes on certain videos - the whole of the office us
is the last one I remember.
Crappy multi audio track support - some of them play, but most don’t. What was most infuriating at first was jellyfin happily selecting the track I want in UI and then just playing the default one anyway.
The UI is kinda crap - I understand moving on a tv screen is more difficult, but god damn - what jellyfin is doing with arrow navigation is plain masochistic.
When it works - it’s beautiful. But it rarely does so for long enough.
I really want to like it, but it’s doing its best to push me away.
And before you suggest anything - I’ve already tried everything there is to try that’s available on the open internet. Happy to hear something that’s never been posted anywhere, though!
Only commenting on the orc part, but that’s what russians call themselves.