tal

I would note that, to pick two examples:

ExpressVPN appears to have California-based exit nodes:

https://www.expressvpn.com/vpn-server/us-vpn/san-francisco-vpn

NordVPN appears to have California-based exit nodes:

https://nordvpn.com/servers/usa/sanfrancisco/

You can effectively choose the state law under which you want to access the Internet.

looks at Ohio meaningfully

Yeah, I saw, but it’s an interesting topic.

Is your concern compromise of your data or loss of the server?

My guess is that most burglaries don’t wind up with people trying to make use of the data on computers.

As to loss, I mean, do an off-site backup of stuff that you can’t handle losing and in the unlikely case that it gets stolen, be prepared to replace hardware.

If you just want to keep the hardware out of sight and create a minimal barrier, you can get locking, ventillated racks. I don’t know how cost-effective that is; I’d think that that might cost more than the expected value of the loss from theft. If a computer costs $1000 and you have a 1% chance of it being stolen, you should not spend more than $10 on prevention in terms of reducing cost of hardware loss, even if that method is 100% effective.

Wikipedia: Mantrap (snare)

Mantraps that use deadly force are illegal in the United States, and in notable tort law cases the trespasser has successfully sued the property owner for damages caused by the mantrap. There is also the possibility that such traps could endanger emergency service personnel such as firefighters who must forcefully enter such buildings during emergencies. As noted in the important American court case of Katko v. Briney, “the law has always placed a higher value upon human safety than upon mere rights of property”.[5]

EDIT: I’d add that I don’t know about the “life always takes precedence over property” statement; Texas has pretty permissive use of deadly force in defense of property. However, I don’t think that anywhere in the US permits traps that make use of deadly force.

Setting aside Trump, I have no idea why people who can apparently be mostly reasonable about, say, cars subscribe to utterly batshit insane views about diet and health and buy into all kinds of snake oil.

I’m not saying that there’s no magical thinking with cars — “my magical fuel additive” or whatever — but I have seen more utterly insane stuff regarding what someone should eat or how to treat medical conditions than in most other areas.

It’s also not new. You can go back, and find people promoting all kinds of snake oil when it comes to health. Some of my favorites are the utterly crazy stuff that came out when public awareness of radiation was new, and it was being billed as a magic cure for everything.

I get that not everyone is a doctor or a dietician. But you’d think that any time you see someone promoting something as a fix for a wide, unrelated range of conditions, that it should be enough to raise red flags for someone, layman or no.

You might want to list the platform you want to use it on. I’m assuming that you’re wanting to access this on a smartphone of some sort?

Mulvad apparently uses Wireguard. Is there an Android Wireguard client that supports multiple VPNs and toggling each independently?

Note that there is a [email protected].

EDIT: Ah, you posted there.

I think that if I were Google, Meta, and Vodafone, I’d go build an app to measure a phone’s lifetime playing video and then promote that as a benchmark. Things that are the path of least resistance to measure tend to get measured more than those that are a pain to measure.

Thank you kindly, good sir.

For anyone else not familiar with hyperpop:

https://en.wikipedia.org/wiki/Hyperpop

Hyperpop is an electronic music movement and loosely defined microgenre that originated in the early 2010s in the United Kingdom. It is characterised by an exaggerated or maximalist take on popular music, and typically integrates pop and avant-garde sensibilities while drawing on elements commonly found in electronic, rock, hip hop, and dance music.

There were apparently several comic book series done in the Firefly universe. I don’t know whether they’re considered canon or what. I have not read them.

kagis

Apparently yes.

Wikipedia: Serenity (comics)

Serenity is a line of comic books published by Dark Horse Comics from 2005 to 2017. It is a canonical continuation of Joss Whedon’s Firefly television series and the 2005 film Serenity, which are all part of the Firefly media franchise.[1] It was not an ongoing series; rather, it consisted of a number of miniseries and one-shots, released sporadically.

Starting in 2018, Boom! Studios began publishing its own line of Firefly comics.

Wikipedia: Firefly (Boom! Studios comics)

Firefly was an ongoing line of comic books published by Boom! Studios from 2018, set in the universe of the Firefly media Franchise. Written by Greg Pak and illustrated by Dan McDaid, this series submerges into the themes of family, loyalty, identity, and redemption focusing on the early experiences of Malcom Reynolds during the war that shaped his future as captain of the Serenity.[1] It is a canonical continuation of Joss Whedon’s Firefly television series, the 2005 film Serenity, and Dark Horse Comics’ Serenity comics, which are all part of the Firefly media franchise.[2]

That might provide more canon material, if you’re on the hunt for some.

Hmm. Sorry about that. I can see it in Firefox via your home instance’s Web UI, but it’s possible that there’s some other frontend or client that can’t handle it.

EDIT: The vanilla Web UI for Lemmy and PieFed can handle it. Eternity (Android), Interstellar (Android), mlmym (Web), Photon (Web), Voyager (Web), and Alexandrite (Web) cannot. Mbin (using fedia.io) is missing a ton of comments in this thread, including that one, for whatever reason.

I’d also bet against the CMOS battery, if the pre-reboot logs were off by 10 days.

The CMOS battery is used to maintain the clock when the PC is powered off. But he has a discrepancy between current time and pre-reboot logs. He shouldn’t see that if the clock only got messed up during the power loss.

I’d think that the time was off by 10 days prior to power loss.

I don’t know why it’d be off by 10 days. I don’t know uptime of the system, but that seems like an implausible amount of drift for a PC RTC, from what I see online as lilely RTC drift.

It might be that somehow, the system was set up to use some other time source, and that was off.

It looks like chrony is using the Debian NTP pool at boot, though, and I donpt know why it’d change.

Can DHCP serve an NTP server, maybe?

kagis

This says that it can, and at least when the comment was written, 12 years ago, Linux used it.

https://superuser.com/questions/656695/which-clients-accept-dhcp-option-42-to-configure-their-ntp-servers

The ISC DHCP client (which is used in almost any Linux distribution) and its variants accept the NTP field. There isn’t another well known/universal client that accepts this value.

If I have to guess about why OSX nor Windows supports this option, I would say is due the various flaws that the base DHCP protocol has, like no Authentification Method, since mal intentioned DHCP servers could change your systems clocks, etc. Also, there aren’t lots of DHCP clients out there (I only know Windows and ISC-based clients), so that leave little (or no) options where to pick.

Maybe OS X allows you to install another DHCP client, Windows isn’t so easy, but you could be sure that Linux does.

My Debian trixie system has the ISC DHCP client installed in 2025, so might still be a factor. Maybe a consumer broadband router on your network was configured to tell the Proxmox box to use it as a NTP server or something? I mean, bit of a long shot, but nothing else that would change the NTP time source immediately comes to mind, unless you changed NTP config and didn’t restart chrony, and the power loss did it.

I don’t think that the grid frequency is used for PC timekeeping. You have internal timekeeping circuits. AC power stops at the PSU, and I don’t think that there’s any cable over which a time protocol flows from the PSU to the motherboard.

After all, enterprise clients soon realized that the output of most AI systems was too unreliable and too frequently incorrect to be counted on for jobs that demand accuracy. But creative work was another story.

I think that the current crop of systems is often good enough for a header illustration in a journal or something, but there are also a lot of things that it just can’t reasonably do well. Maintaining character cohesion across multiple images, for example, and different perspectives — try doing a graphic novel with diffusion models trained on 2D images, and it just doesn’t work. The whole system would need to have a 3D model of the world, be able to do computer vision to get from 2D images to 3D, and have a knowledge of 3D stuff rather than 2D stuff. That’s something that humans, with a much deeper understanding of the world, find far easier.

Diffusion models have their own strong points where they’re a lot better than humans, like easily mimicking a artist’s style. I expect that as people bang away on things, it’ll become increasingly-visible what the low-hanging fruit is, and what is far harder.

At least some of this is due to the fact that we have really appallingly-bad authentication methods in a lot of places.

• The guy was called via phone. Phones display Caller ID information. This cannot be trusted; there are ways to spoof it, like via VoIP systems. I suspect that the typical person out there — understandably — does not expect this to be the case.

• The fallback, at least for people who you personally know, has been to see whether you recognize someone’s voice. But we’ve got substantially-improving voice cloning these days, and now that’s getting used. And now we’ve got video cloning to worry about too.

• The guy got a spoofed email. Email was not designed to be trusted. I’m not sure how many people random people out there are aware of that. He probably was — he was complaining that Google didn’t avoid spoofing of internal email addresses, which might be a good idea, but certainly is not something that I would simply expect and rest everything else on. You can use X.509-based authentication (but that’s not normally deployed outside organizations) or PGP (which is not used much). I don’t believe that any of the institutions that communicate with me do so.

• Using something like Google’s SSO stuff to authenticate to everything might be one way to help avoid having people use the same password all over, but has its own problems, as this illustrates.

• Ditto for browser-based keychains. Kind of a target when someone does break into a computer.

• Credentials stored on personal computers — GPG keys, SSH keys, email account passwords used by email clients, etc — are also kind of obvious targets.

• Phone numbers are often used as a fallback way to validate someone’s identity. But there are attacks against that.

• Email accounts are often used as an “ultimate back door” to everything, for password resets. But often, these aren’t all that well-secured.

The fact that there isn’t a single “do this and everything is fine” simple best practice that can be handed out to Average Joe today is kind of disappointing.

There isn’t even any kind of broad agreement on how to do 2FA. Service 1 maybe uses email. Service 2 only uses SMSes. Service 3 can use SMSes or voice. Service 4 requires their Android app to be run on a phone. Service 5 uses RFC 6238 time-based one-time-passwords. Service 6 — e.g. Steam — has their own roll-their-own one-time-password system. Service 7 supports YubiKeys.

We should be better than this.

should have been a red flag for someone who literally works in an authentication role.

Maybe. But the point he was making is that the typical person out there is probably at least as vulnerable to falling prey to a scam like that, and that that’s an issue, and that sounds plausible to me. I mean, we can’t have everyone in society (a) be a security expert or (b) get scammed.

The first comment in response is probably the most important bit:

In addition: trust no inbound communications. If something is in fact urgent, it can be confirmed by reaching out, rather than accepting an inbound call, to a number publicly listed and well known as representative of the company.