[-] Ooops@feddit.org 3 points 16 hours ago* (last edited 16 hours ago)

Right-wing morons loudly screaming about all those (mostly imaginary) left extremists (read a few anonymous letters claiming responsibility by "left-wing" groups nobody knows anything about but the name, and with statistics well inflated by claiming every protester (no matter the topic) resisting police brutality is some left-winf extremist) while far-right violence is actually on the rise.

Where have I seen that playbook before? Oh, right... everywhere right-wing populist liars get any power because they all have only exactly one playbook and the end game is always fascism.

[-] Ooops@feddit.org 4 points 16 hours ago

Nobody is saying “Linux is obscure”

How about scrolling up to the exact comment I anwered to? Or -as you seem to be on the exceptional dense side- let me do it for you...

Linux’s “security through obscurity” was never going to last.

As already explained above I did not expect that statement to use the common "long-standing industry term" because -again- it would be utterly insane to claim security through obscurity for something open source.

[-] Ooops@feddit.org 11 points 23 hours ago

... oder wen der deutsche Politik- und Medienzirkus gerne als Täter hätte.

[-] Ooops@feddit.org 15 points 23 hours ago* (last edited 23 hours ago)

Gnome normally brings their simple GNOME Document Scanner (simple-scan), KDE comes with skanlite or skanpage. xsane is an older GTK-based frontend, there's also the GIMP plugin using xsane. NAPS2 is an independent fully-featured frontend. And a lot of dedicated OCR software (including stuff like OCRFeederor Paperwork) also supports sane.

PS: even the basic tools support previews, then letting you select only the specific area you want to scan.

[-] Ooops@feddit.org 2 points 23 hours ago* (last edited 23 hours ago)

Just google the term

Yes, please do.

The actual notion of "security through obscurity" (that will surely come up on Google if their AI bullshittery hasn't screwed up completely...) for Linux is insane because open source is the polar opposite. By that definition proprietary code is actually much more linked to the concept.

The often more unprecise and colloquial usage I thus assumed you were using doesn't apply either, for the reasons I summarised.

So which imaginary definition of "security through obscurity" are you using and assuming that it will come up on Google when none of the real ones makes any sense?

[-] Ooops@feddit.org 6 points 1 day ago* (last edited 1 day ago)

"Erst nach Bestätigung über den Link in der E-Mail können Ihre Antworten in die Auswertung einfließen. Wir nutzen Ihre E-Mail-Adresse lediglich zur Bestätigung Ihrer Antworten und löschen sie nach Abschluss der Konsultation."

Also genau so wie ich in dem Moment, wo ich die Bestätigungsmail erhalten hab... 👍

(PS: Die Mail ging natürlich schnustracks in den Spamfilter und musste erstmal da raus gefischt werden...)

Edit: Hab mir das jetzt mal im Detail angeschaut und Oh, mein Gott...

Noch auffälliger kann man die möglichen Antworten nicht zusammenfassen, um später mit dem Ergebnis die gewünschte Politik rechtfertigen zu können.

Welche Ziele sollten mit der Energie- und Klimapolitik verfolgt werden?

Wettbewerbsfähigkeit der Wirtschaft, z. B. durch neue Klimaschutztechnologien

Nein, nicht "zum Beispiel", sondern ganz explizit statt dem jetzigen Unterstützen obsoleter Auslauftechnologien im Namen der Wettbewerbsfähigkeit

Sicherung von Arbeitsplätzen und Schaffung neuer Arbeitsplätze

Wie wäre es auch hier mit: Nein, kein zwanghafter Erhalt, sondern tatsächlich Schaffung von Arbeitsplätzen in modernen Bereichen. Ach, kann ich nicht auswählen? Tja...

Nach welchen Grundsätzen sollte sich der weitere Aus- und Umbau unseres Stromsystems richten?

Der Netzausbau sollte mit dem Ausbau von erneuerbaren Energien Schritt halten.

Das lässt sich lustigerweise wieder in zwei Richtungen auslegen. Den Ausbau der Erneuerbaren hart genug bremsen, damit das Netz nicht ausgebaut werden muss, also die derzeitige Schnapsidee, kann man damit auch rechtfertigen.

Was sehen Sie beim Ausbau von Wärmenetzen mit hohen Anteilen erneuerbarer Energien als größte Herausforderung an?

Steigende Wärmepreise durch die Nutzung erneuerbarer Energien und von Abwärme

In welcher Welt soll das möglich sein?

Aufwand und Beeinträchtigung durch Baustellen beim Ausbau der Fernwärmeleitungen

Igitt, Infrastruktur! Sowas wollen wir nicht!

Und dazu noch solche Schmakerl wie das hier...

Verhinderung von Extremwettereignissen

Haben die 'ne Zeitmaschine im Keller?

Also das würde zumindest einiges am Verhalten erklären, wenn das hier der "Wie mache ich es möglichst falsch"-Testlauf ist und man danach einfach zurückreisen und es korrigieren will...

[-] Ooops@feddit.org 12 points 1 day ago* (last edited 1 day ago)

"Close ally" my ass... Those vile creatures have no allies, and in this particular case the hatred and lots of personal insults are well documented. For a lack of concepts for normal functioning human beings -because they are none- the only thing these corrupt idiots know and understand is what lie to scream loudly at every moment of their life to get the biggest amount of power and/or money.

[-] Ooops@feddit.org 12 points 1 day ago

You are right. I don't know what your personal definition of "security through obscurity" is as it's very obviously not matching actual reality.

[-] Ooops@feddit.org 4 points 1 day ago

Ich weiß zwar, was 'ne Dystrophie ist, aber ich glaube niemand mag degenerative Störungen...

[-] Ooops@feddit.org 5 points 1 day ago

Glücklicherweise... wäre ja noch schlimmer für Deutschland, wenn die Union nur das eigene Land kaputt macht, statt auch alle unsere Nachbarn mit nach unten zu ziehen.

[-] Ooops@feddit.org 11 points 1 day ago* (last edited 1 day ago)

Wenn die Bevölkerung hinter dem Verbotsverfahren steht, kann die Politik nicht länger Nein sagen.

Kein Grund es nicht trotzdem zu versuchen, aber ich fürchte es werden später eine Menge Leute sehr enttäuscht sein, die an den Spruch geglaubt haben.

Erinnert sich niemand mehr an Millionen wochenlang und zeitgleich auf deutschen Straßen, um gegen den Rechtsruck zu protestieren und die folgende "Fickt euch, uns doch egal! Jetzt erst recht weiter stramm nach Rechts!"-Reaktion, die folgte?

[-] Ooops@feddit.org 69 points 1 day ago* (last edited 1 day ago)

There was never an actual notion of "security through obscurity". LInux runs the complete Internet and most coporate server infrastructure. That's where the actual money is.

People hallucinating that Linux is something obscure simply have no clue and confused their home desktop for real computing. Windows desktops are constantly targeted not because they are -unlike Linux- so wide-spread but because they are already insanely insecure. They are the low hanging fruit where you can cobble together some cheap shit and will still find million of PCs vulnerable. If you want to find a Linux comparison it's definitely not server or desktops but cheap IoT devices not having seen an update (or any security to speak of) for many years.

For reference: We are talking about guests in a virtual pc escaping it's container. That's not something obcure. That's basically all cloud hoster's whole business model, thus the reason Google pays a lot of money for finding such exploits.

35
submitted 1 month ago by Ooops@feddit.org to c/unixporn@lemmy.world

25
submitted 3 months ago* (last edited 3 months ago) by Ooops@feddit.org to c/selfhosted@lemmy.world

As this will -thanks to me being quite clueless- be a very open question I will start with the setup:

One nginx server on an old Raspi getting ports 80 and 443 routed from the access point and serving several pages as well as some reverse proxies for other sevices.

So a (very simplified) nginx server-block that looks like this:

# serve stuff internally (without a hostname) via http
server {
	listen 80 default_server;
	http2 on;
	server_name _; 
	location / {
		proxy_pass http://localhost:5555/;
                \# that's where all actual stuff is located
	}
}
# reroute http traffic with hostname to https
server {
	listen 80;
	http2 on;
	server_name server_a.bla;
	location / {
		return 301 https://$host$request_uri;
	}
}
server {
	listen 443 ssl default_server;
	http2 on;
	server_name server_a.bla;
   	ssl_certificate     A_fullchain.pem;
    	ssl_certificate_key A_privkey.pem;
	location / {
		proxy_pass http://localhost:5555/;
	}
}
#actual content here...
server {
	listen 5555;
	http2 on;
    	root /srv/http;
	location / {
        	index index.html;
   	} 
    	location = /page1 {
		return 301 page1.html;
	}
    	location = /page2 {
		return 301 page2.html;
	}
        #reverse proxy for an example webdav server 
	location /dav/ {
		proxy_pass        http://localhost:6666/;
	}
}

Which works well.

And intuitively it looked like putting Anubis into the chain should be simple. Just point the proxy_pass (and the required headers) in the "port 443"-section to Anubis and set it to pass along to localhost:5555 again.

Which really worked just as expected... but only for server_a.bla, server_a.bla/page1 or server_a.bla/page2.

server_a.bla/dav just hangs and hangs, to then time out, seemingly trying to open server_a.bla:6666/dav.

So long story short...

How does proxy_pass actually work that the first setup works, yet the second breaks? How does a call for localhost:6666 (already behind earlier proxy passes in both cases) somehow end up querying the hostname instead?

And what do I need to configure -or what information/header do I need to pass on- to keep the internal communication intact?

view more: next ›

Ooops

0 post score
0 comment score
joined 2 years ago