• 0 Posts
  • 71 Comments
Joined 1 year ago
cake
Cake day: July 24th, 2023

help-circle




  • Huh weird that it would be removed, that’s a fair comment.

    For Web scraping and other activities by so-called “legitimate” companies to varying degrees, this may be the case. But for general bots, they are generally attempting to scan and probe the entire IPv4 range, since it can be exhaustively checked in a reasonable amount of time and the majority of IPs have hosts on them. Enumerating the entire IPv6 space is quite literally impossible without some external list of hosts known to exist, due to the number of hosts. This happens, but it’s a much higher hanging fruit for an attacker so far fewer will bother. So you generally see few to no continuous probes on things like sshd over IPv6 unless you have a domain name. I’m guessing a lot of bots (in botnets) are dumb old technology that doesn’t even have IPv6.

    NAT was always a hacky workaround. And although it effectively ends up functioning as a firewall under normal usage when combined with a typical “drop invalid incoming packets” rule, it was not designed to be a firewall and shouldn’t be assumed to always function as one. A simple accept established, default drop firewall rule should do the trick and should be used on both v4 and v6 regardless of NAT (and probably is on your router already).

    If your goal is privacy in the sense of blending in, you can still use NATv6 and this is a good use case for it. This is what VPNs like Mullvad use. If your goal is privacy in the sense of being more difficult to track across sessions, you can enable IPv6 privacy extensions which essentially generates a new IPv6 address for every connection your device makes. So in this sense it’s more private than IPv4










  • I have a 5900x (zen3), and apparently I got a bit unlucky with the silicon and ended up with a CPU that’s slightly unstable at its stock voltages and stock boost clock. The system would freeze and reboot randomly, and the bios would report an MCE error. This crash could be reproduced with near 100% success by doing sha1 hashing specifically for some odd reason. This is not a Linux issue, it’s a hardware defect.

    It may be an Asus motherboard specific thing, but I found a workaround by going to the bios settings, precision boost overdrive, and increasing the voltage scalar to like 7. Now it’s been two years and I have only ever had it happen once since I changed that, so I’m happy.



  • Facebook may be evil but I don’t think they’re anywhere near “inject malware into global supply chains to push adoption of a public engineering side project that they don’t directly profit from and most executives don’t care about” level of evil. Is it possible? Sure anything is possible, but that is wildly beyond many many more plausible explanations and there’s zero evidence leading us down this path. And why would they go through the trouble of backdooring zstd, which has a highly observed codebase, when they just successfully backdoored lzma because it didn’t have a lot of maintainers?

    While it’s true that zstd is commonly favored for having “good” compression at blazingly fast speeds, which is useful on the web and on servers, Zstd 's max compression setting (zstd --long -19) is actually within about 5% of LZMA’s but faster, so it replaces most use cases of LZMA except when that extra 5% (and that’s not even constant; some inputs are even better on zstd) really does matter at all speed cost


  • The first 3 seem incredibly far-fetched.

    • What exactly does Facebook gain from more people using zstd, other than more contributions and improvement to zstd and the ecosystem (i.e. the reason corporations are willing to open source stuff).
    • Why do you consider zlma to be loved among pirates and hackers and zstd not to be, when zstd is incredibly popular and well-loved in the FOSS community and compresses about as well as lzma?
    • Every person in the world uses both lzma and zstd extensively, even if indirectly without them realizing it.

    I think it’s likey that, of all the mainstream compression formats, lzma was the least audited (after all, it was being maintained by one overworked person). Zstd has lots of eyes on it from Google and Facebook, all of the most talented experts in the world on data compression contributing to it, and lots of contributors. Zlib has lots of forks and overall probably more attention than lzma. Bz2 is rarely used anymore. So that leaves lzma