Sure, if you have exactly one client that can access the server and you can ensure physical security of the actual network, I suppose it is fine. Still, those are some severe limitations and show how limited the ancient NFS protocol is, even in version 4.
NFS is bulletproof.
For it to be bulletproof, it would help if it came with security built in. Kerberos is a complex mess.
If someone compromises the host system you are in trouble.
Not only the host. You have to trust every client to behave, as @forbiddenlake already mentioned, NFS relies on IDs that clients can easily fake to pretend they are someone else. Without rolling out all the Kerberos stuff, there really is no security when it comes to NFS.
archival strength USB NVME drive,
Does such a thing exist? Ordinary flash storage is pretty bad at keeping its content when powered off for a long time, due to how flash memory works. I’d be curious about such drives.
Thanks, I think the risk here is that there may not be hardware to read it.
M-Disc DVDs are readable by ordinary DVD drives. So you could simply put a USB DVD drive alongside those backup M-Discs on the shelf.
The script appears to be missing the #! line. Without that, it is unclear which interpreter should be used for executing the script.
or a domain with a random string of characters so no one could reasonably guess it? Does it matter?
That does not work. As soon as you get SSL certificates, expect the domain name to be public knowledge, especially with Let’s Encrypt and all other certificate authorities with transparency logs. As a general rule, don’t rely on something to be hidden from others as a security measure.
Then I don’t understand what your point is. A CPU on its own without a system isn’t of any use. Since there were no motherboards allowing you to use that much RAM, the point about the CPU supporting it is moot as far as I am concerned.
While technically true, the P4 did support PAE, in reality you couldn’t really make use of it on consumer hardware for most of its lifetime. No ordinary socket 478 mainboard with DDR1 memory supported more than 4 GB of RAM. With socket 775 more RAM was possible, but that socket is “only” ~20 years old.
Besides that, there were other even newer systems that supported only 4 GB of RAM, like some Intel Atom mainboards with a single DDR2 socket. Same with Via C3 mainboards.
I’m using a DuckDNS domain with caddy as reverse proxy, but it appears that the domain is defaulting to port 80 no matter how I set up the config. I can’t specify a port number in DuckDNS as far as I can tell.
A domain or DNS in general has nothing to do with ports. DNS is primarily used so that you don’t have to remember IP addresses.
kWh is a unit of power consumed. It doesn’t say anything about time and you can’t assume any time period. That wouldn’t make any sense. If you want to say how much power a device consumes, just state how many watts (W) it draws.
How would ZFS snapshots help in a situation like this, where you have accidentally formatted your drive?
Unless you require the dynamic features of Wordpress, you could have a look at some of the static site generators out there (such as Hugo). Having a static site would reduce the attack surface considerably. Also due to the shenanigans happening with Wordpress at the moment, I would be weary of using it.
About SSL, what others have already mentioned, SSL certs are available for free these days, thanks to letsencrypt.
Why? Even 1080p is more than what is usually needed for such a KVM solution. It is not like this is meant for doing remote work on a computer or anything like that.
It lets you remotely control a server as if you were sitting in front of a screen and keyboard directly attached to it.
Perhaps the hard dependency was a mistake, but not them moving more and more code to their proprietary library. It appears that their intent is to make the client mostly a wrapper around their proprietary library, so they can still claim to have an open source GPLv3 piece of software. What good is that client if you can only use it in conjunction with that proprietary library, even if you can build it without that dependency?
Thanks, I haven’t seen that one before, but I’d really prefer an open source application.
BitWarden already has lots of clients.
Does it? I’d be very much interested to know. I’ve been looking for other clients before, because I didn’t like the sluggishness of the Electron client, but couldn’t find any usable clients at all. There are some projects on Github, none of which seemed to be in a usable state. Perhaps I have been missing something.
This is being blown a bit out of proportion though. All they are saying is the official SDK may have some non-free components going forward. So what? It’s a private company, they can do what they want. Or the community can just fork it and move forward with a free one if they want, but it’s just not going to be in the official BitWarden clients. Hardly news or a big deal.
Nobody said that they can’t do that (although people rightfully questioned that their changes are indeed comatible with the GPLv3). I very much disagree that this isn’t a big deal, though.
When you use a typical 74 Wh (“20000 mAh”) power bank, you can expect more than 12 hours of runtime, if your average power draw stays at or below 5 W. Of course you aren’t going to do much transcoding with a Pi in any case, but multiple concurrent streams shouldn’t be much of an issue.
You can easily mirror Github wikis as well. You just need to add
.wiki.gitto the repo URL. That way you can clone the wiki just like any other Git repo.