I recently picked up a pipe. It has all the rituals and escapism of a cigar, without the hour-long commitment.

That being said, sometimes being”occupied” for an hour is part of the appeal. Each has their place ime.

Devops is a meaningful term

Indeed, and good points. How many users do you have? I assume this isn’t just for you, and setting up multiple nfs shares with tailscale access policies isn’t feasible. SMB might be the best play. I’ll have to refresh my memory on file sharing protocols

NFS for storage, tailscale / wireguard for access control?

Put http://0.0.0.0:11473

Your current setting is the “loopback” address. You’re listening for traffic to this address, and the only thing that can send to the loopback is yourself. This is a safe default, it means only the computer running the software can talk to it. Generally 0.0.0.0 listens on all available addresses. If that doesn’t work, use your local / internal ip.

This ui smells like it’s trying to hide the implementation details, but that makes things extremely difficult when troubleshooting

You can reduce doorknob turning dramatically by running on a non-standard port.

Scanners love 80 and 443, and they really love 20, but not so much 4263.

I used to run a landing page on my domain with buttons to either the request system / jellyfin viva la reverse proxy. If you’re paranoid about it, tie nginx to a waf. If you’re extra paranoid, you’ll need some kind of vpn / ip allow-listing

That looks promising. Just keep in mind that this will take a very long time to run. I believe there is a *arr out there that can manage this / show progress, but the name escapes me

Adding - triple check / proofread / rephrase the ai output. Assume the words may be used against you. If your manager is close with whomever reads the feedback, they could ask for “evidence” of any claims. You either need strong evidence, or to avoid any concrete claims. More vague more better / more defensible.

When dealing with children, the “oreo cookie” method works well - start with something nice, offer a “suggestion for improvement”, and then finish with something nice as well.

You’ll want to submit the politically correct version through official channels for traceability. After it’s submitted there, you can give a copy over slack. Don’t let anyone make any claims about what you supposedly said over slack dm. Leave a paper trail.

You’ve already been PIPed, so they have reason to look at you. Play nice and check the boxes; I would do the feedback even if the submission is entirely “yeah it was fine” level bs.

All of the above is playing it safe. Offer to provide additional feedback / “discussion” over a voice call as well, and ask what they’re looking for. If they’re building a case against your former manager, you can be honest.

If they just want “general” feedback, or they want it over text (“no time for a call”), or there are multiple people in the room, or the call is being recorded, then fall back to the politically correct version you already submitted.

Your nuclear button is to claim the PIP was retaliation for (something; you can make this up, just make it realistic), but you don’t press that button unless you’re about to be fired. It makes things extremely complicated.

I really hate office politics, but half of being promoted is knowing how to play this stupid game :(

I don’t do anything interesting. I’ve got the ten workspaces, and win+p to start stuff.

The only interesting thing is win+PrintScrn, which takes a screenshot to /tmp, and then opens it in pinta to crop.

Actually I also have win+z bound to turning off the laptop screen. That’s all I can remember

It is not too hard and you can definitely do it! It’s like a puzzle - you will get stuck at times, but if you keep going then you’ll get there.

APK files are just zip files, so you can unzip it to see its contents. From there, a java de-compiler get you a version of the source code. It will have random variable names and no comments, so it will take some digging to find and reverse the api layer.

Or, who knows, you could get lucky and find an openapi spec file and auth.txt. Worse apps have been developed.

The VPN catches all network traffic and puts it far away - you can’t be on vpn and see local network resources (casting targets) at the same time.

If your vpn has an app, check your settings for something like “local network access”.

Otherwise, start reading about split-tunnels and/or default gateways

I think we’ll see some very cool stuff start to happen once Veilid’s block storage is off the ground

Optimus gets complex quick. You’ll be reading pci bus ids before you know it. Keep the wiki open, go slowly; you got this :)

I have a whole rant on this topic, but the short version:

It’s dentists.

The gnarliest mountain man, who hunts bears with his bear hands, can be brought to his knees with a toothache. The toothache never sleeps, can’t be fought, and always eventually wins. Even basic dentistry is life saving - even another human with a pair of pliers and some moonshine - but I’d much rather have novocaine.

Yes - the nodes are obsidian pages (markdown files), this view is a napkin-type layout thing that is built in; I haven’t played much with it

You’re running docker inside a vm? Why?

The first thing I would do is learn the 5-layer OSI model for networking. (The 7-layer is more common, but wrong). Start thinking of things in terms of services and layers. Make a diagram for each layer (or just the important layers. Layers 3 and up.)

If you can stomach it, learn network namespaces. It lets you partition services between network stacks without container overhead.

Using a vm or docker for isolation is perfectly fine, but don’t use both. Either throw docker on your host or put them all in as systemd services on a vm.

Your network flow is from your server, to your router, to your android phone, to your router, to your chromecast. If that’s all wifi, then every frame crosses the air 4 times, and you’re doing transcoding on the phone in the middle.

Casting sucks.

Spread-spectrum audio watermarks will survive multiple re-encodings and are extremely difficult to detect.

Iirc google widevine will embed a device code, and if a pirated copy of some content is found, they will blacklist the gpu’s device code so it can’t receive 4k content anymore. That’s video, but it’s the same idea.

1. Yes, because:
2. It could
3. And if it does, you probably can’t remove it

Streaming sites can embed an unhearable data stream into audio signal. It’s possible

That being said, it’s extremely improbable, given the costs to do it at scale.

If you’re part of a large company’s beta program and have access to some unreleased product, maybe worry.

If you grabbed a file from some mega host updown whatever site, don’t worry.

And if you’re still worried, take a sha256 hash and put it into google search. If you get any results that even mention your file’s title, then you’re good.