• 1 Post
  • 12 Comments
Joined 1 year ago
cake
Cake day: July 3rd, 2023

help-circle



  • I think they don’t take your phone, just scan it. I don’t know how it works with this, but I have a trial for my state’s digital ID app (the app works but isn’t fully implemented as a complete replacement for physical IDs yet), and it has two modes I can put it in which generates a QR code on the screen with my data. One mode for police to scan at traffic stops which has my driver’s license info, and one just called “age verification” which can be presented when buying alcohol which just verifies that I’m over 21. I like the privacy of the second mode, since there’s no reason a liquor store needs to be able to see my home address.




  • How hard is replication across servers with just debian and qemu? I’m honestly not super great on linux knowledge. I’m a Windows sysadmin by trade, with maybe 10-20% linux. I run a few Ubuntu server VMs at home and some RHEL at work. So I’m looking for something as easy to set up and well-documented and supported as possible. Proxmox just seemed like the “industry standard” for selfhosting, but I was also looking at Unraid (which is supposedly better at storage and less good at virtualization) or even ESXI, but I didn’t want to get into the VMWare payment bubble if I needed anything more than a simple host.







  • My school had a web filter to block YouTube and various other sites that they didn’t want students to go to. On the block page, there was a “report site blocked incorrectly” button, as well as a password override for admins to do a one time bypass.

    One of my classmates registered a domain that all it did was log the IP address of whoever visited it. He then attempted to visit the site from class, it was blocked, and he clicked the report button. Later on one of the IT admins reviewed the report to see if the site should be unblocked or not, by visiting the site. My classmate then had the public IP address of the IT admin.

    This IT admin must not have been very good, because he had a password unprotected, open, telnet port pointing to his computer. So we were able to telnet into his PC and poke around. He had an Excel file on his desktop with the web filter override passwords for every school in the district. That Excel file was promptly shared to as many people as who asked for it and we thought wouldn’t rat us out.

    We gloriously had unrestricted Internet for several months before the teachers caught on. We were told that anyone who used this password would be found out, and that the school was going to have a “volunteer” community service day for 4 hours on Saturday, picking up trash around the school. Anyone who attended would be pardoned for using the password, anyone who didn’t attend and who was found out for using the password would have been “punished” (very ambiguously defined). I did not go to the volunteer day, nor was I punished in any way. I do think that it was just a bluff and they didn’t have good enough logging to tell who actually used the password.