Beats me, I'm just getting into this now. I started with a Reolink NVR, but it's a piece of crap, so I'm looking for a better alternative.
It looks like either Frigate or Viseron will do what I want. I started setting up Frigate, but realized I should downgrade my Reolink Duo 3 to a Duo 2 before I go too far. The Duo 3 really doesn't offer much better image quality but forces you to use h265 and consumes a lot more bandwidth. Once I stabilize my camera setup I'll get back to setting up both Frigate and Viseron and see what performs better. I like that the pro upgrade of Frigate allows you to customize the model and may make use of that.
It's kind of crazy to see how prevalent MYChevrolet and/or myGMC are. There are more MYChevrolet / myGMC SSIDs than attwifi. I have to think this is because so many people are doing the stumbling from inside of a vehicle.
I can't find a reference now. But from what I remember the logo is supposed to be on top facing the user when plugging a device in. This was part of the standard that defined the size/shape/etc of what USB is.
I would like to sincerely apologize that the autotagger in beets is so fussy. It asks you a lot of complicated questions, insecurely asking that you verify nearly every assumption it makes. This means importing and correcting the tags for a large library can be an endless, tedious process. I’m sorry for this.
Maybe it will help to think of it as a tradeoff. By carefully examining every album you own, you get to become more familiar with your library, its extent, its variation, and its quirks. People used to spend hours lovingly sorting and resorting their shelves of LPs. In the iTunes age, many of us toss our music into a heap and forget about it. This is great for some people. But there’s value in intimate, complete familiarity with your collection. So instead of a chore, try thinking of correcting tags as quality time with your music collection. That’s what I do.
The original CVSS score on Twitter indicated that user interaction was not required. However reading the RCE chain on the page says:
Wait for a print job to be sent to our fake printer for the PPD directives, and therefore the command, to be executed.
If Alice never hits print it seems like a print job will never be triggered. Am I missing something? I'm not questioning evilsocket, I'm trying to check my understanding.
There are also buffer overflows which they detected with fuzzer, which can be turned into RCE without requiring user interaction. But author did not have enough expertise in this area to create actual exploit for these.
It depends on the definition of "interaction". AFAIU Alice doesn't need to print anything supplied by the attacker. It's enough if she prints anything.
I agree that Alice just needs to print anything but that seems like user interaction required. Its also not clear if Alice has multiple printers defined does it matter which printer she selects?
The attacker can replace any and all printers, so not entirely. I'm not sure how the UI part of CVSS is specifically defined, but I think it's at least somewhat fair to call something the user is expected to do unrelated to the attack in any way "no interaction". Otherwise, it's like saying "the user has to power on their device and turn on their Wi-Fi for the attack to work, so it requires user interaction".
The question I had is whether the attacker can enumerate known printers, too. Replacement is a lot more damaging if they don’t have to discover the name of your default printer first.
The interaction question is complicated because there are three modes: the most damaging is when the attacker can trigger the exploit directly, since that’s where we start seeing worms and other untargeted attacks. The next level is where the attacker can exploit something the user normally does - hence the question about default printer replacement since that is something the user has done many times before and thinks of as safe. The lowest level of risk would be if they need to get you to click on a different printer: still bad but nowhere near as easy to exploit on a large scale.
It is quite readable, has a certain softness along with some uniformity to it without all the comedy. I used it for quite a while before settling on Iosevka.
IBM Plex (which I'm currently using) also has the double-story (or Roman) 'a', I like how distinct it is from 'o' and 'q' compared to single-story (or Italic) 'a'.
> I wonder if their setup achieves the same degree of transparency, because afaiui, that's just not possible involving a 802.1Q-compliant (Linux) bridge.
Can you elaborate on what is not transparent about 802.1q bridge in Linux?
I hear you on the system tuning. Whenever I change sysctl variables I always include a comment with what the default was and why the new setting is better. I don't trust sysctl copy pasta w/o decent explanations.
There's a number of "special" Ethernet addresses that a proper Ethernet bridge must never forward. The Linux bridge implements a mechanism to ignore _some_ of these constraints, but not all of them. If you ned that, you can always get to manual patching in https://github.com/torvalds/linux/blob/d42f7708e27cc68d080ac... et al.
reply