if you allowed that to happen you either did not set firewall rules strict enough, or if the client doing the compromise absolutely had to have access to the vulnerable service then you did everything you could to limit the chance of it happening.

usually the solution to that is to limit who can access what more strictly. dont allow user devices like smartphones on the iot vlan, as any app running on the phone could be doing nefarious things. only allow the iot devices and the home assistant service on the iot vlan, and user devices will only talk to home assistant, something supposedly more secure than whatever iot devices there are.
similarly, don’t allow user devices to access the ip cameras. put the ip cameras on a network where only the NVR software can access them, and user devices will only access the NVR. if you can, don’t put the whole operating system of these services on the iot and ipcam vlans either. this is possible when the services run in containers, because you can pass in only vlan specific interfaces to the containers. if not using containers, you can still use the operating systems firewall to filter incoming traffic.

if you set up proper network filtering, the “if” in “If your firewall couldn’t stop it” will become a pretty big “if”

I’m a repair depot I typically didn’t see drives that live much longer than 17k hours (just under 2 years).

I have a bunch of working drives with 2+ years, and in my area almost everyone still has their system installed on old hard drives

that it would be difficult to project an average lifetime of 20 years

I did not mean an average timeline of 20 years

that when Backblaze mentions consumer vs enterprise drives they are possibly discussing SATA vs SAS.

there are plenty of enterprise SATA drives

This comes from the realization that enterprise workstation drives are still just consumer drives with a part number label on them (seen in Dell and HP Enterprise equipment).

that’s workstation drives. Obviously if your work buys 2 TB wd blue drives they won’t become enterprise drives. enterprise drives include like that of wd red pro, ultrastars, etc, which do use the SATA interface.

does not by default. you still have to disable showing notification details, if you don’t want to turn off history

I understood it as they need a database to hold the notifications you should be shown

that part can just happen in volatile memory

I don’t know about others, but Mattermost sends everything by default. first to mattermost’s server, then from there to firebase/apple. there’s a setting to not send message body, but it’s not set by default

websocket based push notifications is still called push notifications in signal. this is the first time I hear the term “pull notifications”, I don’t think it’s widely used.

this is not about push notifications. signal is smart enough to not send your texts to firebase

but wait a minute! I just remembered something.

isnt it that they couldn’t even send you the plain text message itself through push, because only your device can decrypt it?

The security reason generally doesn’t exist for home labs because most need to setup bridging or you can’t access the devices on the secure vlan at all.

bridging can be set up in a limited fashion. it could happen with a firewall doing routing and filtering

that mathematically does not stand.

if a drive costs 1000 and another 2000, it cannot be that all is worse than each other!

thanks! as you say because tye 5 vs 136 years it does not really matter in our environment, but it probably starts mattering when you have lots of disks.

I don’t actually know if this is the right way to calculate it, but if for each disk you count the time separately, and add it together for a combined MTBF, then that is 20 out of the 136 MTBF years.
But with 30 drives that will be 150 and indicate that you will likely have at least one error of some kind because of using SATA

good question, and I was wrong.

as of this latest commit, push notifications are represented by PushNotification types. the notification message is the 4th parameter in the constructor.

this kind of object is created in PushNotificationManager and PushNotificationScheduler.
out of 6 functions that send a notification, 1 actually sends notifications of messages, and it omits putting in the message part: https://github.com/signalapp/Signal-Server/blob/75948dc6174ed091180aa20c018fa0f353130ee0/service/src/main/java/org/whispersystems/textsecuregcm/push/PushNotificationManager.java#L49

so the signal server does not send {"urgent": true} to firebase, it sends no message, just kind of a ping in my understanding.

cards from the 2000 series are supposed to be used with the newer kind of official driver, that’s supposed to be also more stable than the former one. this driver does not support cards before 2000

I just want a browser, no crypto wallets, no ai assistants, no built-in mail client, no biometric scanning.

3 out of those 4 are not even a thing in firefox

Supposedly SATA controllers are also not built for the abuse I have been throwing them in my machines, and I don’t want to push it.

what makes you say that?

that’s dumb. there are still better and worse prices

Also a bit ironic they use gmail lol

and zoom

This mismanagement, among other issues, potentially cost Microsoft a trillion dollars in market capitalization

so far

no idea how are they getting out of this trouble

I don’t know if they actually started injecting it into the video, but even before they did that, they were serving the ads from the same domain.

I wonder how the world would change, if these jack of all trades who invest waste so much time into collecting ideas to fill up their pockets, instead spent more time on actually understanding the ideas they have chosen and build at least a fundamental knowledge.

I am afraid they would be even more dangerous

my reply on another thread: https://sh.itjust.works/comment/24730726