• 0 Posts
  • 180 Comments
Joined 1 year ago
Cake day: June 1st, 2023
  • Kata1yst@kbin.socialtoWorld News@lemmy.mlBiden quadruples tariffs on Chinese electric cars
    242·
    2 months ago

    Nope! And most hydrogen is fossil fuel (methane) derived and horribly energy inefficient. At this point it’s green washing at best.

    Edit: adding data:
    Steam-Methane Reforming (SMR) accounts for about 95% of all hydrogen production on earth. It uses a huge amount of heat, water, and methane to produce hydrogen.

    https://en.m.wikipedia.org/wiki/File:SMR%2BWGS-1.png

    For inputs:

    • 6.2MWh of Heat
    • 2.2 tons of Methane
    • 4.9 tons of pure water

    The outputs are:

    • 6 tons of CO2
    • 1.1 tons of H2

    The overall energy in vs energy out is at most 85% efficient. https://www.sciencedirect.com/science/article/abs/pii/S0016236122001867

    Hydrolysis, the main competing method, and the one most touted by hydrogen backers, accounts for about 4% of hydrogen production.
    This method takes in only pure water and electricity, but it’s efficiency is abysmal at some 52%. In every case, a modern kinetic, thermal, or chemical battery will exceed this efficiency.

    Other methods are being looked into, but it’s thermodynamically impossible for the resulting H2 to produce more energy than it takes to create the H2. So at best today we could use H2 as a crappy battery, one that takes a lot of methane to create.

  • Kata1yst@kbin.socialtoLinux@lemmy.mlSystemd Looks to Replace sudo with run0
    3·
    2 months ago

    That’s called ‘privilege escalation’, and replacing system level calls with user level calls is closely watched for and guarded against with many different security measures including SELinux.

    You’ve already outed yourself multiple times in this thread as someone who doesn’t understand how security in the real world works. Take the L and try to learn from this. It’s okay not to understand something. But it’s very important to recognize when that happens and not claim to understand better than someone else.

  • Kata1yst@kbin.socialtoLinux@lemmy.mlSystemd Looks to Replace sudo with run0
    4·
    2 months ago

    I strongly disagree with your premise. Separating authentication and privilege escalation adds layers of security that are non-trivial and greatly enhance resilience. Many attacks are detected and stopped at privilege escalation, because it happens locally before a user can stop or delete the flow of logs.

    If I get into your non-privileged account I can set up a program that acts like sudo

    No you cannot. A non privileged user doesn’t have the access necessary to run a program that can accomplish this.

    And even if they do it’s too late anyway because I’ve just compromised root and locked everybody out and I’m in there shitting on the filesystems or whatever. Because root can do anything.

    Once again, you didn’t privilege escalate, because once you have a foothold (authentication) you don’t have the necessary privileges, so you must perform reconnaissance to identify an exploitable vector to privilage escalate with. This can be any number of things, but it’s always noisy and slow, usually easy to detect in logs. There is a reason the most sophisticated attacks against well protected targets are “low and slow”.

    And if I can’t break into your non-privileged account then I can’t break into a privileged account either.

    You’re ignoring my points given regarding the risks of compromised keys. If there are no admin keys, there are no remote admin sessions.

    These artificial distinctions between “non-privileged” and “superuser” accounts need to stop. This is not good security, this is not zero trust. Either you don’t trust anybody and enforce explicit privilege escalation for specific things, or just accept that you’re using a “super” paradigm and once you’ve got access to that user all bets are off.

    Spoken like someone who has never red teamed or purple teamed. Even admin accounts are untrusted, given only privileges specific to their role, and closely monitored. That doesn’t mean they should have valid security measures thrown away.

  • Kata1yst@kbin.socialtoLinux@lemmy.mlSystemd Looks to Replace sudo with run0
    4·
    2 months ago

    Wouldn’t separate SSH keys achieve the same?

    Separate ssh keys for the user and the admin? Yeah, see point 2, admins should not be remotely accessible.

    Really? How, exactly? Break the ssh key authentication? And wouldn’t that apply to all accounts equally?

    Keys aren’t perfect security. They can easily be mishandled, sometimes getting published to GitHub, copied to USB drives which can easily be lost, etc.

    Further, there have been attacks against SSH that let malicious actors connect remotely to any session, or take over existing sessions. By not allowing remote access on privileged accounts, you minimize risk.

    Forcing a non privileged remote session to authenticate with a password establishes a second factor of security that is different from the first. This means a cracked password or a lost key is still not enough for a malicious actor to accomplish administrative privileges.

    A key is something you have

    A password is something you know

    So, by not allowing remote privileged sessions, we’re forcing a malicious actor to take one more non-trivial step before arriving at their goals. A step that will likely be fairly obvious in logs on a monitored machine.

  • Kata1yst@kbin.socialtoLinux@lemmy.mlNo one is being ‘marooned’ by Debian focus - TrueNAS
    35·
    2 months ago

    “We had a huge chunk of our engineering staff spending time improving FreeBSD as opposed to working on features and functionalities. What’s happened now with the transition to having a Debian basis, the people I used to have 90 percent of their time working on FreeBSD, they’re working on ZFS features now … That’s what I want to see; value add for everybody versus sitting around, implementing something Linux had a years ago. And trying to maintain or backport, or just deal with something that you just didn’t get out of box on FreeBSD.”

    I still hold much love for FreeBSD, but this is very much indicative of my experience with it as well. The tooling in FreeBSD, specifically dtrace, bhyve, jails, and zfs was absolutely killer while Linux was still experiencing teething problems with a nonstandard myriad of half developed and documented tools. But Linux has since then matured, adopted, and standardized. And the strength of the community is second to none.

    They’ll be happier with Linux.

  • Kata1yst@kbin.socialtoSelfhosted@lemmy.world12TB for $80 - serverpartdeals.com
    6·
    3 months ago

    Never ask a man his pay, a woman her weight/age, or a data horder the contents of their stash.

    Jk. Mostly.

    I have a similar-ish set up to @Davel23 , I have a couple of cool use cases.

    • I seed the last 5 arch and opensuse (a few different flavors) ISOs at all times

    • I run an ArchiveTeam warrior for archive.org

    • I scan nontrivial mail (the paper kind) and store it in docspell for later OCR searches, tax purposes etc.

    • I help keep Sci-Mag healthy

    • I host several services for de-googling, including Nextcloud, Blocky, Immich, and Searxng

    • I run Navidrome, that has mostly (and hopefully will soon completely) replace Spotify for my family.

    • I run Plex (hoping to move to Jellyfin sometime, but there’s inertial resistance to that) that has completely replaced Disney streaming, Netflix streaming, etc for me and my extended family.

    • I host backups for my family and close friends with an S3 and WebDAV backup target

    • I run Frigate on a few PoE cameras in the forest behind my house to check out wildlife

    • I use the audio streams from my cameras to check for birdsong, identify birds, and archive and submit the detections to a citizen science website (https://app.birdweather.com)

    I run 4x14TB, 2x8TB, 2x4TB, all from serverpartsdeals, in a ZFS RAID10 with two 1TB cache dives, so half of the spinning rust usable at ~35TiB, and right now I’m at 62% utilization. I usually expand at about 85%

  • Kata1yst@kbin.socialtolinuxmemes@lemmy.worldArch with XZ
    21·
    3 months ago

    Amazingly, for someone so eager to give a lesson in linguistics, you managed to ignore literal definitions of the words in question and entirely skip relevant information in my (quite short) reply.

    Both are widely used in that context. Language is like that.

    Further, the textbook definition of Stability-

    the quality, state, or degree of being stable: such as

    a: the strength to stand or endure : firmness

    b: the property of a body that causes it when disturbed from a condition of equilibrium or steady motion to develop forces or moments that restore the original condition

    c: resistance to chemical change or to physical disintegration

    Pay particular attention to “b”.

    The state of my system is “running”. Something changes. If the system doesn’t continue to be state “running”, the system is unstable BY TEXTBOOK DEFINITION.