well, we can’t let you out of this, we’re all in this together. Let’s make programming “tidy whites” a thing! XD

https://cdn.cliqueinc.com/posts/302806/kylie-jenner-tighty-whities-paris-fashion-week-302806-1664826983479-image.700x0c.jpg

thinga can still work … you just have to put a shit ton of effort

Host your own cloud, de-google your phone (Recommend /e/OS) run a piehole … etc

It’s basically a full time job

dont forget your programming socks

I wonder where RHEL would fall in that scale?

Who the hell reneges where their CD keys are? That was 20 years ago

to further complicate things … we also use:

• BHP (Brake Horsepower)
• SAE HP (Society of Automotive Engineers)
• WHP (Wheel Horse power)

and a few others (when talking about vehicles at least)

We’re a mess

yes (Inclusive or)

Cuban doctors have restricted travel rights for this very reason … people become doctors because the education it’s free and it’s still s prestigious career.

this is how I know you’ve never lived in cuba

Works for me

No one else knows about iode os?

https://iode.tech/iodeos/

Cybersecurity engineer here, these are all great answers I just wanted to add a couple tidbits.

• Where are the keys stored: In enterprise level security, you never want to store your key in the same system you are securing, so you normally use a “Key manager” or an “HSM” (Hardware security module) These are hardened appliances dedicated to generate keys and store them, then other devices that then use protocols such as KMIP or API calls to retrieve them remotely. The key is encrypted in transfer and never stored permanently in the client that is being encrypted. There’s also a key encryption mechanism … but let’s not goo too far into it. I’ll just mention that there’s usually a data encryption key (DEK) and a Key Encryption Key (KEK) and the DEK is never exposed. HSMs themselves are basically physical key managers that have a tamper proof crypto module built in. Think of them as TPM2 on steroids. If you want to read more about these guys check out the FIPS specification that they’re built to. https://en.wikipedia.org/wiki/FIPS_140-3

• How does the OS know which key to use: It doesn’t There is usually overlay software than handles this part, typically called an “encryption agent” that runs in the kernel space. Even tho most software is based on open source, encryption agents are usually very complex and secretive. My company’s filesystem encryption agent for example embeds 4Kb of metadata on every file with the name of the key that was used to encrypt it to prevent double encryption and help in file restoration. When a file request comes into the OS, we are loaded into the kernel and use a “filter driver” to decide if the file is encrypted or not, and if it’s encrypted, we route the file request to a virtual file system that then pipes it to our software for processing ACLs and decryption. If you want to learn more you can check out this brochure. https://cpl.thalesgroup.com/encryption/transparent-encryption

Happy to answer any questions.

Watch them try to ban raspberry pi now … like they did with the flipper

That’s fucking awesome!

I feel like this woman is about to give a bomb ass obituary so fucking powerful that it’s going to start a revolution https://youtu.be/TaKrm5txGCQ?t=4

You’re probably using revanced or vanced … there was a recent patch, you have to update it.

not the same thing at all, but there’s already been a couple of pretty high profile “prompt injection” malware cases out there.

Interesting,

I’ve automated deployment with SDNET and templates, but the other stuff you’re doing with terraform is more akin “Orchestration” There must be some GUI for terraform that works with proxmox.

I guess you could do the same with expansible and playbooks but it sounds like you’re looking for something with a GUI that does the work for you.

I can’t think of any, but proxmox does have an API … wondering why no one has done this yet …

not sure what the big deal is, I’m running a docker lab with portrainer inside a proxmox LXC

apparently a little american figure called henry flagler … ever heard of US1?