It’s unlikely since it uses the field ID and not the text, so it wouldn’t know which question went with which answer.

It’s so rarely needed to actually use these anyway, that it’s a non-issue IMO. You should never opt to use security questions as they are terrible from a security standpoint. This is just for when they are required by stupid websites.

Most DNS queries are UDP.

I’d do a modified scream test and change old.domain to something like 1.2.3.4. Then run sudo netstat or ss with -tpn, grepping for 1.2.3.4.

Or something like grep -r old.domain /etc.

The back buttons didn’t work with Steam Input (and still don’t with the v1’s).

Yep, that would work fine for the first line of defense. Eventually, you can expand it to copy, replicate, or drive swap the onprem backups offsite somewhere (e.g., cloud, office, or family member) if you want to protect your data from site loss (e.g., house fire).

The only thing missing is a good backup.

If you are storing anything important – especially Immich and Vaultwarden data – you should have a good offsite protection strategy. And even the HASS config should be backed up with versioning because rebuilding from scratch could be painful once you get deep into it.

I’ll let others chime in on possible good backup options because I use Veeam and Azure, which really isn’t in the spirit of this community, and I’d be interested in good open source options myself.

Also, RAID (mirroring) is NOT a backup.

The easiest way that doesn’t affect the main network would be to use a travel router. Its WAN IP would be the private IP it gets from the main network (over wireless since that’s your only option). And it would NAT your network onto that IP and then you can do whatever you want on your network.

I’m not sure if that Mikrotik router will do this but it might. You basically need something that can connect to an SSID and use that interface as its WAN interface. The wireless factor here is really limiting your choices. If you had a wired uplink to the main network you could use any router/gateway/firewall you wanted. You could also use an AP in bridge mode to connect to the main network’s SSID and wire it to the WAN port of any router of your choice.

You don’t really need to use VLANs to separate your network from the main network unless you want to share any of the same layer 2 segments (basically wired Ethernet) while keeping it isolated. But it doesn’t really sound like that applies in your scenario. Of course using VLANs within your network would still make sense if that applies (for example, to separate your server traffic from your IoT traffic).

The Kuva Bramma in Warframe. Just rains cluster bombs.

Yep that’s how I have Syncthing set up. All global and local discovery disabled, no firewall ports open on the clients, no broadcasting, no relay servers. Just syncing through a central server which maintains versioning and where the backups run. Works like a charm.

Not that it’s my first recommendation for security reasons, and I would never do this in prod, but you can just add the self-signed cert to the local trusted root CA store and it should work fine. No reg changes needed.

If you do this, put it in the store of the user running the client, not LocalMachine. Then you just need to make sure you connect as something in the cert’s SAN list. An IP might work (don’t know since I never try to put IPs in the SAN list), but just use a hosts entry if you can’t modify local DNS.

Edit: after reading the full OP post (sorry), I don’t think it’s necessarily the self-signed cert. If the browser is connecting with https:// and presenting a basic auth prompt, then https is working. It almost sounds like there is a 301/302 redirect back to http after login. Check the Network tab of the browser’s dev pane (F12) to see what is going on.

most of those drinks are specifically designed with the ice in mind

Citation Needed

I use it for providing a text summary of YouTube videos that I can parse quickly. Because everything has to be a gorram video these days.

An SSO-like payment system with tracking and revocation is a great idea and would be amazing for us consumers. I’m just not holding my breath waiting for the corpos to implement it.

While nowhere near perfect (far from it, really), as long as the sites you are shopping on are PCI-compliant (most should be), you don’t have to worry too much about a compromised site leaking your payment details for use elsewhere.

Basically just use a password manager and don’t worry about saving credit card (NOT debit card) details in the site as long as they aren’t extra-sketchy.

Same here. Sometimes the same/next day shipping can help in an emergency, but otherwise it’s local if possible, or direct from the vendor if not.

Amazon’s shipping has declined and everyone else’s has caught up to the point it’s not much of a difference anymore.

I disagree. You should not immediately go and replace the OS as soon as you get it.

Most modifications to the root filesystem persist through updates just fine. You simply need to add the relevant exclusions for your customizations. See the Development and Modding section here.

I have a significant amount of modifications to Steam OS, including an encrypted home partition (while excluding the steamapps subdirectory via bind mount) protected by TPM.

The only time an update breaks anything is if the kernel or initramfs updates, requiring me to re-enter the LUKS password and reenroll a new TPM protector. And this is only because they don’t support Secure Boot, so my PCR selection is limited. And I was on the Beta update channel for a while updating almost weekly without issue.

This is like the epitome of the XY Problem.

https://xyproblem.info/

I agree with the first part but vehemently disagree with the third paragraph.

I suspect it varies wildly based on where you live, but in Chicago there absolutely ARE places with waitstaff worth getting a burger from.

Holy shit, I remember being excited for 2.4 because of iptables. That was over twenty years ago.

Yeah, this is FSKAX over 3 years. I have a lot of my portfolio in it and it does well. It’s up 24% over that period.

Then you apply the scientific method and/or research in search of truth.

• https://en.wikipedia.org/wiki/Scientific_method

• https://en.wikipedia.org/wiki/Research

Use a Chromium browser to inspect the cert.

If anyone knows how to get Firefox to show a bad cert before loading the page, I’d love to know.