@JaredBusch said in Is Open Source Really So Much More Secure By Nature:

@scottalanmiller said in Is Open Source Really So Much More Secure By Nature:

@Obsolesce said in Is Open Source Really So Much More Secure By Nature:

How do you know how many people are reviewing the source code of the Linux kernel for security vulnerabilities and bugs versus the source code of the Windows OS? I'm not disagreeing with you per se, just the degree of the point.

Well there are three key points here. The first is... we don't care. Open source is equal or better. If zero people externally review the code, that makes it equal. So it doesn't require knowing to know that it is equal or better.

But the second point is, having worked in the enterprise, and just in IT, I've directly worked with massive departments and teams who have very stringent code review processes and are looking at the Linux kernel all of the time. And there are companies pretty much dedicated to just this. As an example, all the big investment banks do this, as do governments, militaries, security firms, researchers, etc. And those are just the big, really obvious ones. There are also firms that test all major open source against automated testing suites both because there is good business in finding bugs in open source, and because it proves your products to sell to vendors.

And thirdly, there are many large companies that all use Linux and need to audit the code for their own use. Examples are IBM, Canonical, Oracle, Microsoft, Google, Amazon, Intel, ARM, etc. All of them depend very heavily on the security of Linux and unlike in closed source, they all have a strong interest in "catching each other" if someone was to miss something.

And that leaves out the people.

I've reviewed bits and pieces of the kernel code. It was related to a video bug and not a security review, but still, I have looked at it.

Cannot say that about your god and savior operating system, Windows.

No not Windows. But I do like Windows 10. At least in my own experience it's been solid the last couple years especially. I'm a fan of Ubuntu equally though, but I use the desktop version less because it doesn't do/support some things I like to do as well or as efficiently as Win10 does.

@JaredBusch said in Mixed HTTPS warnings:

@scottalanmiller you still have not fixed it, and now they are dead.

Why are you still waiting for ML updates and improvements? We all know it's stuck right where it is for the foreseeable future.

@scottalanmiller said in Is Open Source Really So Much More Secure By Nature:

But like 1/100,000th the eyes that Linux gets which is apples to apples.

How do you know how many people are reviewing the source code of the Linux kernel for security vulnerabilities and bugs versus the source code of the Windows OS? I'm not disagreeing with you per se, just the degree of the point.

@scottalanmiller said in Miscellaneous Tech News:

https://mastransky.wordpress.com/2021/01/10/firefox-were-finally-getting-hw-acceleration-on-linux/

Hey, I'll take it! I hope one day more software on Linux will take advantage of hardware acceleration.

Maybe 2021 will be the year of the Linux desktop!

Baby steps!

@scottalanmiller said in Is Open Source Really So Much More Secure By Nature:

@siringo said in What Are You Doing Right Now:

Apparently MS said they weren't concerned as they said their code is now built/evolves similarly to way in which open source code is built/evolves.

This is total and utter BS. Open is built with many eyes on it during the process and after. MS code is not. Everything they do is the polar opposite of being open. They are lying through their teeth.

I think it totally depends on the software. I mean, I do agree there's some B.S. to their statement, but perhaps not the worst in the world.

The simple fact it's open source doesn't mean X number of other people are reviewing all of the source code looking for bugs and security vulnerabilities. It also doesn't even mean X number of people are even using the software.

I am willing to bet that there are more eyes on some closed source Microsoft code than there are on some open source software. I'm willing to bet some open source software source code has only ever been looked at by the creator and nobody else.

Again, I think it totally depends.

@JaredBusch said in Raspberry Pi 4 as IT Workstation:

Your use of the word cheapo implies shit inferior.

One of these is inferior to the other:

But you apparently didn't read or comprehend anything I said earlier. I suppose I have to give you extra special attention and more time so you can understand.

@Obsolesce said in Raspberry Pi 4 as IT Workstation:

Yeah for sure it will work. It's just depending on the type you get (really the only reason I would care to have one), I was thinking the 2k - 3500+ MB/s speeds being limited by the speeds you see with USB3 it's kind of a waste.
On the other hand, if you get a cheapo one, the way it fits together and all is pretty nice.

This means if you want just the storage and a nice fit together and don't care as much about performance (which if you did you wouldn't be using a Pi anyways), then sure! If your entire company uses Pi for desktops then for sure, performance doesn't matter at all and the cheapo m.2s are fine. I like the way it looks, but it's not for me. I was giving my opinion.

No need for your god damn elitism all the time. Go work out your family issues or something instead lol.

@JaredBusch said in Raspberry Pi 4 as IT Workstation:

Samsung, WD, and Crucial are not crap.

Don't you fucking read words anymore?

@JaredBusch said in Raspberry Pi 4 as IT Workstation:

@Obsolesce

@Obsolesce said in Raspberry Pi 4 as IT Workstation:

On the other hand, if you get a cheapo one, the way it fits together and all is pretty nice.

@scottalanmiller said in Raspberry Pi 4 as IT Workstation:

@Obsolesce said in Raspberry Pi 4 as IT Workstation:

@scottalanmiller said in Raspberry Pi 4 as IT Workstation:

@Obsolesce said in Raspberry Pi 4 as IT Workstation:

@JaredBusch said in Raspberry Pi 4 as IT Workstation:

This case: https://www.amazon.com/Argon-Raspberry-Aluminum-Heatsink-Supports/dp/B07WP8WC3V
Witth the m.2 add on: https://www.amazon.com/Argon-Raspberry-Board-Expansion-ONLY/dp/B08MHYWJCP

$25 + $20 = a real sexy workstation case.

m.2 storage connected via USB?

Yes, USB3 is fast enough to do it. It's done a lot. I've got an external of that right here.

Yeah for sure it will work. It's just depending on the type you get (really the only reason I would care to have one), I was thinking the 2k - 3500+ MB/s speeds being limited by the speeds you see with USB3 it's kind of a waste.

On the other hand, if you get a cheapo one, the way it fits together and all is pretty nice.

Considering good SSD M2 drives are around $35, it's a pretty good situation. Not like faster drives would be very noticeable on the RP4.

Dammit, well then I seriously got ripped off when I bought this a couple years ago! Where do you find them for $35?

https://www.amazon.com/Samsung-960-NVMe-512GB-MZ-V6P512BW/dp/B01LXS4TYB

With the newer ones getting 5k - 7k+ MB/s speeds!

@scottalanmiller said in Raspberry Pi 4 as IT Workstation:

@Obsolesce said in Raspberry Pi 4 as IT Workstation:

@JaredBusch said in Raspberry Pi 4 as IT Workstation:

This case: https://www.amazon.com/Argon-Raspberry-Aluminum-Heatsink-Supports/dp/B07WP8WC3V
Witth the m.2 add on: https://www.amazon.com/Argon-Raspberry-Board-Expansion-ONLY/dp/B08MHYWJCP

$25 + $20 = a real sexy workstation case.

m.2 storage connected via USB?

Yes, USB3 is fast enough to do it. It's done a lot. I've got an external of that right here.

Yeah for sure it will work. It's just depending on the type you get (really the only reason I would care to have one), I was thinking the 2k - 3500+ MB/s speeds being limited by the speeds you see with USB3 it's kind of a waste.

On the other hand, if you get a cheapo one, the way it fits together and all is pretty nice.

@JaredBusch said in Raspberry Pi 4 as IT Workstation:

This case: https://www.amazon.com/Argon-Raspberry-Aluminum-Heatsink-Supports/dp/B07WP8WC3V
Witth the m.2 add on: https://www.amazon.com/Argon-Raspberry-Board-Expansion-ONLY/dp/B08MHYWJCP

$25 + $20 = a real sexy workstation case.

m.2 storage connected via USB?

At this point it's likely a more efficient use of time to migrate to a new VM if there's no indication of anything in any logs. Maybe debug logging could shine some light on something like you said, hopefully it does it again when expected, or maybe it won't help at all.... who knows. But being that it can be rebooted all the time, doesn't sound like a LoB service, so yeah, I'd just bring up a new VM and migrate as there is spare time and not waste so much time on further troubleshooting. Before you swap the traffic over to the new one, you can run tests on the new one to see if the same issue exists, too.

@scottalanmiller said in NGINX Just Stop Working:

@NashBrydges said in NGINX Just Stop Working:

Here is the only entry in the NGINX error log for the last time NGINX stopped.

The error log is where it records HTTP errors, not Nginx software errors.

Which is useful for in a case I've seen where the service was started by other means, and showed all addresses were already in use.

@NashBrydges said in NGINX Just Stop Working:

I am running certbot

Is it up to date?

What does error.log say?

Are you running certbot?

@DustinB3403 said in What Are You Doing Right Now:

@Obsolesce said in What Are You Doing Right Now:

@DustinB3403 said in What Are You Doing Right Now:

PoE is so common that only in a few cases have I needed them.

That's what the power brick provides...

No really? I thought it meant Path of Exile

Then your post makes even less sense than I thought.

@DustinB3403 said in What Are You Doing Right Now:

PoE is so common that only in a few cases have I needed them.

That's what the power brick provides...

@scottalanmiller said in Random Thread - Anything Goes:

@Obsolesce said in Random Thread - Anything Goes:

None of us collect games, nor do any of us have a desire to, so this game-specific thing is very subjective.

It is for sure. I'm a collector by nature. To me, video games are like literature and I don't like borrowed literature. I always want it to be something that I own so that I always have guaranteed access to it again or the ability to share with someone. That's very much a "me" thing. So it causes subscription services to be of far less interest to me. I hate the "let's see what's available this month" feeling. I like to know that I own something and can choose to play it whenever, forever.

It's a bit like Netflix perhaps. You use that I thought? That is worth it to many people who don't need to permanently own everything they want to watch.

@scottalanmiller said in Random Thread - Anything Goes:

keep in mind it's for two adults and two kids, all four of which are gamers with different taste in games

Yeah, same-ish here.

@scottalanmiller said in Random Thread - Anything Goes:

you get a total of 100 games to play (something like that), but it's not 100 that you select, it's 100 that they select.

It seems to be ~500 games total at the moment, but that's besides the point. (I'm only doing the $10 subscription for now, and may let it go since I was only really testing it, and will likely get it again once I get the newest xbox... i plan on taking a hiatus sometime soon for about a year to do some much needed things)

None of us collect games, nor do any of us have a desire to, so this game-specific thing is very subjective. It's nice to have so many full games available without truly having to buy them first, and across several platforms, but really, the whole game thing isn't the only factor.