I miss this show. Amazing writing overall

Nice catch. I’ll be sure after do run the real thing

Thanks, managed to have it installed locally bia pocket pal (termux was giving me errors constantly on compile). Out of curiosity, I made a very “interesting” prompt, and frankly I am not even surprised

EDIT: decided to be a little spicier, didn’t fail to amuse me

My plan is to go there at least once a year, so that would work for me

From my experience in the past, ups are done to be constantly on, and as far as I know, usually they have failsafe mechanism in case something is not working as intended. Laptop batteries do not have such extensive protection from what I know. However, if an ups is getting old (around 5 years or so) is probably best to change the batteries (if the model allows it)

That is true, however there are 2 things

• battery of this machine is toast (holds up for half an hour or less)
• as someone mentioned in another comment: unattended laptops with batteries can be actually bad. Batteries on certain cases can leak and cause fires, so for me, if it can work without it great, otherwise I have to drop the idea

I actually have contingencies for this. There is a ups around that I can use. It is good advice for sure, specifically for countries with fluctuations on the electric grid

I am planning after installing Ubuntu server and get some setup done, to actually sit it out and understand how much the fan is going and how I expect this to be an issue. Since my backups are probably going to be once in a week or so, I do not expect the laptop to have a lot of work (for now is just for file backup, no other services in there except tailscale)

At a later stage I will have to design a strategy to access and make sure is OK. Probably I am going to stick to tail scale and make sure no matter what both tailscale and ssh always start. Sure there can be issues but if minimal services can be guaranteed then it should mostly ok

You are not wrong with the vps. Although I am quite worried that my data stays with me no matter what. Not that I have state secrets or anything, but my stuff is my stuff. And to avoid issues with encryption and such, your own device most of the times is king

For sure not :D. I will be installing something such as ubuntu server, so I do not expect this issue (I don’t remember if the laptop has power saving via bios, but need to check)

Thanks for the pointer. Indeed I should probably see first the homelab communities as well

This is a good point actually. I will need to check the laptop can run without battery at all (back in the day I remember this was possible, nowadays I am not sure)

So what you want to do, effectively, is to have different security requirements for different accounts. Correct? And all in the same file.

For now I just want to get a few things out of the way:

• with this strategy, what are you protecting against?
• how likely is this to happen?
• what is your contingency plan?

I believe its good to have different levels of security for different things, but you also have to understand at what cost you need it.

I can propose a different thing altogether: for the very important passwords, like banks and such, use the pepper method. This means, you have on your password manager part of your password, and a small portion is something you know. Example: generate a 25 chars password, and have at the beginning or end, more 5 chars that you know (can be letters and numbers, and can be something you remember every day, like the first letters of your address plus house number).

With this approach, there are a couple of benefits:

• you can still have computacionaly heavy passwords
• if an attacker gets a hold of your open vault and try to login, it will fail since the password is effectively not complete

Biggest downside I see is remembering the pepper always. And make sure is not written anywhere. And of course, yo can always argue it is possible at some point to get the correct password with the base password known. But at this point, thus should give you enough time to change it and thwart the attack. Remember: there is no perfect security solution, only sufficiently good ones that can be usable and effective.

Yes e2e is a different beast. Pgp as an algorithm is actually quite solid, but the amount of effort to make it work on emails is straight up insane. And in the end, subject line does not get encrypted

That would be a fair concern. Until we collectively understand standards should be open and fairly documented for everyone to use, we are going to have a lot of these “standards but not really” pretty much everywhere (but again, we are asking this of people that also do not see security as being on the top list of considerations. I am sure interoperability is not even know to most)

One of the problems I personally see is the reliance on a standard that was done since the dawn of the internet and got stitches all these years.

Emails as a service is useful, and has several properties that make sense to exist. However, it is simply not easy nor intuitive to have encryption on it (and even then, there are limitations).

What we would need on the long run is simply replace email with a common standard that actually encrypts in transit (at very least) with auto negotiated keys on exchange.

But we would need to change the mind of a lot of people to make that a priority… (For better or worse, it is the market that states the incentives and priorities. And it is abundantly clear security is not on the top list)

Never heard of pikvm, it actually looks like a very interesting solution.

From the previous point, what I mean by headless is basically to go the server, yank the GPU, press power button and it just boots.

I’ve tried several times, but bios straight up doesn’t let me go on. I’ve seen in a couple of places some mobos simply refuse to boot without a GPU.

I can see if I can have a decent value for the GPU. If not, I guess it’s doing its job as is. It just feels a waste to have this GPU be used as video for a server.

You are for sure right. I did find gaps on my solution right now which is:

• I have several external disks that only have the information once (some of then quite old).
• if I aggregate all of those in one spot I for sure need more space
• right now the ssds are grouped into a lvm to make a logical volume of 3TB (at the time this was OK since I was testing it out for a while). However, one disk fails and I have a problem on my hands.
• decided to look into ssd prices and my eyes started get watery at how expensive would it be (thus, coming to the realization regarding disk types. Didn’t mention before since my post was getting WAY too long).

Since I get this now, I am trying to understand better the landscape of solutions that can potentially fit.

Thanks for the reply. The breakdown is very good and I can actually see a lot of reasoning on your situation that I also would share (I do not have vast amounts of money to throw at this + only one drive failing and 2 handle the boat sounds about right).

As for the way to do the software raid, I’ve seen MD somewhere before but I honestly forgot. Since people tend to talk about unraid a lot. From my perspective, I would probably go as simple as possible, although I will be studying how effectively MD works.

Great reply :) learned a lot