rufus

Uh yeah, I'm not sure. I've tried summarizing with AI tools. And there is the bot here on Lemmy that summarizes stuff... I never liked any of that. It's really a mixed bag, from pretty okay summaries to entirely missing the point of the original article to bordering on false information. I think we're far from there yet. However, it's a common use-case for AI. Maybe in 1-2 years I can stop being afraid of misinformation being fed to me. Currently, I think the incorrectness of the information still outweighs any potential benefit. The more complicated it gets, thus making you in need of a summary in the first place, the more biased and skewed the results get. So I don't see that happen in the very near future. But we definitely should keep up doing the research and pushing that.

Tagging and organizing is something I'd like an AI for.

I'll just weasel my way out of the capitalization mistakes by saying I'm German... Or by saying I type too much English on the internet...

In this case I did it to stress it and make a point.

I can see the resistors being somewhat a more likely scenario. But it's also a big difference. A mΩ is somewhere in the order of magnitude of what your copper traces have between two (close) components. And such resistors would for example be used as a shunt to measure current. They're made to withstand quite some current and below 10mΩ I don't think there is even a color code available. Footprint might be different, too.

Would that be worth your while? I mean if you're talking about an one year plan here, that'd mean you're making $20 per year off these 20 people. Or $1 per year by handling one customer of yours. Let's say you find 600 people and manage all of that. That'd give you a monthly salary of $50. There is quite some uncertainty to your business model, it is work and you're violating the TOS of your VPN suppliers and committing tax fraud. I'd advise you to do the maths first, before starting with a business like that.

Agree, if you do it, there is no harm in doing it right. However, I grew up with the metric system and I've never seen capitalization of the prefixes being a mistake that happens in the real world. I.e. your ADC can measure up to 500 mV and you instead 'accidentally' put 500 Megavolts through it. That is somewhat unlikely to happen. But then mistakes like that do happen. People wanting to order 500 rolls of toilet paper and getting 500 shipping crates of it. Things like that definitely happen. Especially in combination with computers that just do whatever you typed in. I'd just not call it 'common'.

Thank you very much, I'll try to re-wire my synapses.

Concerning the privacy aspect: I'm really no expert on that. I believe a VPN either provides you with IPv6 and is the solution to both of your problems, or you're circumventing it and making it less secure by introducing a side-channel. I wouldn't do both.

If you want to protect from law-enforcement you have to read the exact terms of your VPN or tunnel broker. There are companies who keep logs and some who don't, some cooperate with lawful interception of your country. I don't know which one to choose. I suppose it's the same with tunnel brokers. And for security: I don't think a VPN or IPv6 tunnel does much for that.

Fair enough. I need someone to provide me with a way on how to remember which one was capitalized and which one small.

I'm somewhat fine with that. But you absolutely have to tell people to keep the discussions to random chatter and the absolute minimum then. (And internal talk maybe, if that's of no interest to the public. Once it gets important or someone asks for advice that could be beneficial to others, the discussion on Discord needs to be interrupted and switch platforms. Or be copied to a Wiki after the fact.

I tried a public tunnel broker and it immediately makes everything super slow. All the connections that grabbed the IPv6 connectivity went from my theoretical 300MBit/s to like 10-20 MBit/s.

The most important downside for me is: I'm looking for some information about an issue I'm having or how to install or configure something and I find none. Because all the people talk behind closed doors and googling etc doesn't help any more. Only solution is to join every Discord and platform before you start using your software and scrolling trough pages of chat messages.

I'd rather google for an error message and then be directed directly to an issue tracker where people discussed that specific problem.

Cloudflare, Pagekite, a cheap VPS with a reverse proxy. Maybe IPv6-only access if your CGNat does that, ngrok, serveo, rathole, sish, a VPN... I also found portmap-io, webhook relay, packetriot and countless other smaller companies. There are quite some tools and services available. And which one is right for you might depend on the exact situation and what you're hosting. I'm not an expert on this. I have an internet connection without a NAT, and additionally a really tiny VPS with a mailserver, a small website and wireguard. I just use that to tunnel through NAT if i need to. But that means I haven't compared all the other services since I don't need them (yet.) I've learned a bit about Cloudflare from this discussion.

Thx for explaining. I think I halfway know what this is about now. I don't think I'm their target group. But I learned something about web application firewalls in the process and that is a good thing. I think I'm going to activate that for some of my private services since it's so easy and look up if there are good ip ban lists. It's a bummer that I don't get to see proper documentation on this, since security is all about exact facts and scenarios. But I guess no answer is also an answer. If they just feed buzzwords to me, either my initial skepticism was warranted, or I'm just not their target audience and they only target enterprise users. Either way I'm better off with my current approach. I appreciate I got to learn something :-)

I tried to look it up but I wasn't very successful. What they do in their free tier keeps being a mystery to me. In the $20/month is the the core ruleset from ModSecurity. I don't need to pay them $20 to deploy that for me, the dataset is free and publicly available. I've just installed it on my VPS... It's only a few lines in Nginx to enable that.

And what you're talking about is $200 a month. I seriously doubt anyone here uses that plan for their homeserver. I wouldn't pay $2400 in a year for it.

I still don't get how that would work. Sure you can filter spam that way. And migitate attacks while the worst wave washes through the net. Or do machine learning and find out if usage patterns change. But how would it extend to 0-days faster than the software gets patched? This sounds more like snake-oil to me. If someone finds a way to inject something into a Nextcloud plugin and change things in the database so they have access... And then they do it to 100 cloudflare customers... How would Cloudflare know? If it's a 0-day, they -per definition- don't know in advance. And they're just WAF, they don't know if a user is authorized by mistake or if they're supposed to have access. And they don't know anything about my database, since it runs on my machine. And they also don't know about the endpoints of the software and which request is going to trigger a vulnerability unless this manifests in some obvious (to them) way. Like 100 machines immediately start blasting spam through their connection and there is one common request in the logfiles. Otherwise all they can do is protect against known exploits. Maybe race the software vendor and filter things before they got patched. I just don't see any substantial 0-day protection that extends to more than "keep your server up to date and don't use unmaintained software." Especially not for the home-user.