here too! christian values or something

or didn’t have a defense against a 0 day.

firewalls are not for defending against 0 days. it is about access control, and reducing, sometimes even minimizing access to potentially vulnerable services. firewalls are not an infallible security tool, but there is no such thing either. the reason to use it is to restrict access such that fewer attackers can take advantage of a potential vulnerability.

there are intrusion detection/prevention systems that could do more, but it’s unlikely they will protect against 0 days, because 0 days are undiscovered and unknown issues.

So the vlan doesn’t do anything either way.

it does. its useful to force traffic through a firewall. its for limiting what has access to what. if you wouldn’t use vlans, hosts on the network would not care about your firewall because they can just go straight to the destination.

I’m not sure I understand your argument, but I think what you say is, firewalls are not infallible so they are useless

they can do plenty enough to be worried. maybe they can not harm you physically (for now), but by having access to details of the private lives of people, their conversations, and being able to see how they form their opinions, they can use that information to determine how can they reshape public opinion on topics of their interests. this information can be used by themselves, or they can pass it to an ally, and it could be used to change almost anything, like interfere with elections, or further erode the need for privacy so that people are willingly giving up even more data to them

governments often buy data instead of obtaining the necessary warrants, because its easier and more effective. if they can’t buy it, they have to do it the harder way, and the harder way can be made even harder with legislation

Then I was not sure what you meant by this:

I don’t actually know if this is the right way to calculate it, but if for each disk you count the time separately, and add it together for a combined MTBF, then that is 20 out of the 136 MTBF years.

5 years of drive runtime for one drive. 20 “years” for 4 drives, 40 “years” for 8 drives. I say “years” because the way I mean it is like this: running 4 drives for 10 minutes is 40 minutes of combined drive runtime. running 4 drives for 5 years is 20 years of drive runtime. I think calculating it like this can be compared to MTBF. but again, I’m not totally confident that it really works this way.

All in all, I am at this point only trying to track down and relay what I’m seeing about SAS vs SATA.

I think it might be because SATA drives you normally run across, especially in laptops, are not the enterprise kind, but consumer drives built from cheaper components and simpler designs. and those are lower quality. while SAS drives are always enterprise grade.

but still, in my experience SATA drives can have a long life too. but it may be more unpredictable than enterprise SATA/SAS drives

HP says that SAS is more reliable

could be controller chips and cable quality. but also, SFF-8644 type SAS connector can be used to attach a drive to multiple HBA cards as I heard, maybe even multiple machines, for redundancy

if you allowed that to happen you either did not set firewall rules strict enough, or if the client doing the compromise absolutely had to have access to the vulnerable service then you did everything you could to limit the chance of it happening.

usually the solution to that is to limit who can access what more strictly. dont allow user devices like smartphones on the iot vlan, as any app running on the phone could be doing nefarious things. only allow the iot devices and the home assistant service on the iot vlan, and user devices will only talk to home assistant, something supposedly more secure than whatever iot devices there are.
similarly, don’t allow user devices to access the ip cameras. put the ip cameras on a network where only the NVR software can access them, and user devices will only access the NVR. if you can, don’t put the whole operating system of these services on the iot and ipcam vlans either. this is possible when the services run in containers, because you can pass in only vlan specific interfaces to the containers. if not using containers, you can still use the operating systems firewall to filter incoming traffic.

if you set up proper network filtering, the “if” in “If your firewall couldn’t stop it” will become a pretty big “if”

I’m a repair depot I typically didn’t see drives that live much longer than 17k hours (just under 2 years).

I have a bunch of working drives with 2+ years, and in my area almost everyone still has their system installed on old hard drives

that it would be difficult to project an average lifetime of 20 years

I did not mean an average timeline of 20 years

that when Backblaze mentions consumer vs enterprise drives they are possibly discussing SATA vs SAS.

there are plenty of enterprise SATA drives

This comes from the realization that enterprise workstation drives are still just consumer drives with a part number label on them (seen in Dell and HP Enterprise equipment).

that’s workstation drives. Obviously if your work buys 2 TB wd blue drives they won’t become enterprise drives. enterprise drives include like that of wd red pro, ultrastars, etc, which do use the SATA interface.

does not by default. you still have to disable showing notification details, if you don’t want to turn off history

I understood it as they need a database to hold the notifications you should be shown

that part can just happen in volatile memory

I don’t know about others, but Mattermost sends everything by default. first to mattermost’s server, then from there to firebase/apple. there’s a setting to not send message body, but it’s not set by default

websocket based push notifications is still called push notifications in signal. this is the first time I hear the term “pull notifications”, I don’t think it’s widely used.

this is not about push notifications. signal is smart enough to not send your texts to firebase

but wait a minute! I just remembered something.

isnt it that they couldn’t even send you the plain text message itself through push, because only your device can decrypt it?

The security reason generally doesn’t exist for home labs because most need to setup bridging or you can’t access the devices on the secure vlan at all.

bridging can be set up in a limited fashion. it could happen with a firewall doing routing and filtering

that mathematically does not stand.

if a drive costs 1000 and another 2000, it cannot be that all is worse than each other!

thanks! as you say because tye 5 vs 136 years it does not really matter in our environment, but it probably starts mattering when you have lots of disks.

I don’t actually know if this is the right way to calculate it, but if for each disk you count the time separately, and add it together for a combined MTBF, then that is 20 out of the 136 MTBF years.
But with 30 drives that will be 150 and indicate that you will likely have at least one error of some kind because of using SATA

good question, and I was wrong.

as of this latest commit, push notifications are represented by PushNotification types. the notification message is the 4th parameter in the constructor.

this kind of object is created in PushNotificationManager and PushNotificationScheduler.
out of 6 functions that send a notification, 1 actually sends notifications of messages, and it omits putting in the message part: https://github.com/signalapp/Signal-Server/blob/75948dc6174ed091180aa20c018fa0f353130ee0/service/src/main/java/org/whispersystems/textsecuregcm/push/PushNotificationManager.java#L49

so the signal server does not send {"urgent": true} to firebase, it sends no message, just kind of a ping in my understanding.

cards from the 2000 series are supposed to be used with the newer kind of official driver, that’s supposed to be also more stable than the former one. this driver does not support cards before 2000

I just want a browser, no crypto wallets, no ai assistants, no built-in mail client, no biometric scanning.

3 out of those 4 are not even a thing in firefox

Supposedly SATA controllers are also not built for the abuse I have been throwing them in my machines, and I don’t want to push it.

what makes you say that?

that’s dumb. there are still better and worse prices