tiller

joined 1 year ago
[–] tiller@programming.dev 9 points 11 months ago* (last edited 11 months ago) (8 children)

Without talking about the resources it would require, youtube could totally only serve the ad until it has been "watched". And no amount of sponsor block or similar software would help. These software only work because youtube allow you to navigate the video. If they decide that you have to fully download a 30s ad video, and that you can't ask for the video for the first 30s, then you wouldn't be able to do anything (or at the very max, just hide the ad and wait 30s on a blank screen).

[–] tiller@programming.dev 1 points 1 year ago* (last edited 1 year ago)

Well, to be honest if someone has access to my Wi-Fi, I'd consider that I've already lost. As soon as you're on my lan, you have access to a ton of things. With this setup I'm not trying to protect against local attacks, but from breaches coming from the internet

[–] tiller@programming.dev 0 points 1 year ago (3 children)

I'm not well versed in ARP spoofing attack and I'll dig around, but assuming the attacker gets access to a "public" VM, its only network adapter is linked to the openwrt router that has 3 separated zones (home lan, home automation, dmz). So I don't think he could have any impact on the lan? No lan traffic is ever going through the openwrt router.

 

Dedicated wifi for automation allows me to have devices such as Xiaomi Vaccuum, or security camera not phoning home. OpenWRT with good firewall rules completely isolate my "public" containers/VMs from my lan.

Server was built over time, disk by disk. I'm now aiming to buy only 12TB drives, but I got to sacrifice the first two as parity...

I just love the simplicity of snapraid / mergerfs. Even if I were to loose 3 disks (my setup allows me the loss of 2 disks), I'd only loose data that's on these disks, not the whole array. I lost one drive once, recovery went well and was relatively easy.

I try to keep things separated and I may be running a bit too many containers/vms, but well, I got resources to spare :)