ryokimball

joined 2 years ago
sorted by: new top controversial old
*Permanently Deleted* in c/asklemmy@lemmy.world
[–] ryokimball@infosec.pub 40 points 1 day ago (2 children)

Empathy is like sharing an experience.

Alice is holding a stack of papers, they get a papercut and react (yelp, pull their hand back, maybe suck on the injury). Bob sees Alice's experience and may remember when they had gotten a papercut before or just imagine what that experience is like, and will share in the same feelings (or how Bob would imagine Alice is feeling, anyway). Bob may yelp too, or fidget with their own (uninjured) finger.

Encrypting data on local servers? in c/selfhosted@lemmy.world
[–] ryokimball@infosec.pub 2 points 1 week ago (1 children)

I just bought some PoE hats for my rpis, and have a managed PoE switch; rumor is, this combo basically translates to rPi WoL.

(Not meaning to ignore the rest of your comment, but not in a position to respond fully)

Encrypting data on local servers? in c/selfhosted@lemmy.world
[–] ryokimball@infosec.pub 7 points 1 week ago (3 children)

This has been on my mind, I have yet to do it but the implementation seems trivial.

You can use typical luks full disk encryption with a password. Luks actually has five password slots. Passwords do not have to be actual text, they can be a file or even part of a file.

So my idea is, buy some really cheap, low profile USB flash drives and store some seemingly innocuous data like cat pictures or public domain books, IDK and it doesn't matter what the actual data is. Use full disk encryption and set a regular password, then add a second password that is a file or part of a file that lives on the flash drives, and have it set up to look for that file on boot as an option for unlocking.

Now the disc is fully encrypted but will boot/reboot without interruption as long as the flash drive is installed. You can remove the flash drive when you're feeling paranoid, or even better only install it when you are going to be away for a while. If you leave with the machine having the flash drive but are feeling worried, you can remote into the machine and edit / delete the file or just clear the key slot from Luks.

That's what's been on my mind, anyway. I think the typical suggestion/solution is to just use drop bear and remotely unlock using that, or don't use full disk encryption and selectively encrypt your data instead (partitions or userspace encryption).

I'm not going to proofread this so I hope it makes sense

What to do with a bunch of 3rd Gen i7 PCS in c/selfhosted@lemmy.world
[–] ryokimball@infosec.pub 6 points 1 month ago

Perhaps a good time to mention I have several raspberry pis I could add to the mix.

49
What to do with a bunch of 3rd Gen i7 PCS (infosec.pub)
 

I got a stack of PCS that are very similar if not identical. Third gen i7, 8 gigs of ram, one terabyte hdd, all but one are the same HP model with the same motherboard, etc too. I upgraded the RAM in a few of them, and I have enough spare TB hard drives to put an extra in each. Two have Nvidia GeForce 210 gpus, and the unique one out of the bunch I'll probably throw in a spare RX 570 I have.

But, what to do with them? Easiest answer is probably sell them all for $75 each but that's not what we do here, right? Right now I'm assuming they all support w o l and I can easily set up ansible/awx for orchestration. I'm just looking for some fun experiments, projects, or actual uses for this Tower of PC towers