• 1 Post
  • 47 Comments
Joined 11 months ago
cake
Cake day: December 7th, 2023

help-circle


  • I’ve had an Android since probably 2012. It has been nice to see the OS become so mature, and security has been getting increasing attention over the last few years. I don’t know iPhone as well, so I will speak more on my experience with Android.

    Brand Families: Many excellent brands exist, but I will really only consider what I think of as the top two - Google and Samsung. I’ve had the Pixel 3, 5, 7 and my girlfriend has had the 4a and 8. The experience on a Google branded phone is, in my opinion, the best way to experience Android. The Samsung phones definitely keep up with the Pixel line, but the UI feels chaotic to me. Pixel Android is clean.

    Work App Experience: My job is in IT for a government contractor, and my email is configured in a Microsoft Intune container. This feature simply does not work in non-stock OS’s, so I wouldn’t count on being able to use Graphene. Play store is required, as the Play Store sets up the secure container. This may sound like a downside, but to me it’s preferable over relying on Microsoft for this. The secure container works excellent and allows me to shut off all of my work apps with one click. If I was ever fired, my job could wipe the container without wiping my personal data. This is a huge benefit to me. Earlier this year we had an employee stealing data and when we issues the remote wipe command to their iPhone it wiped EVERYTHING.

    Play Store: It’s very ad heavy. I typically know what I am looking for before I venture into the Play store.

    **De-Googling: ** I use Firefox Mobile with uBlock (yes it works on mobile) and am working my way towards Proton services (drive, email, password manager, VPN, etc).

    Overall Experience: I own several Android gaming handhelds, an Android audio player, and my Pixel 7. I will probably stick with Android for the foreseeable future. Android is flexible, mature, fast, and secure. My cameras are excellent and really only fall apart when zooming. Newer Pixel phones improve this experience.



  • MSids@lemmy.worldtoSelfhosted@lemmy.worldDitching Spotify and YT Music
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    edit-2
    20 days ago

    Plex is excellent, and even if you prefer the features or interface of Jellyfin, you should never expose any application (Plex, Jellyfin, or otherwise) directly to the Internet. This should be non-negotiable. Plex solves for external access with the mobile/desktop apps and app.plex.tv by brokering client connections into your network without a NAT/PAT on your router or firewall.

    For a music library, even a small one, tracks should have proper metadata applied to them and be stored in directories. Plex provides guidance on this here: https://support.plex.tv/articles/200265296-adding-music-media-from-folders/

    My own strategy: I deviate slightly from Plex’s file and directory naming strategy, but it works perfectly. I start with high quality music, mostly from Bandcamp and process it through Musicbrainz Picard into ALBUMARTIST\YYYY - ALBUMNAME\01 - TRACKNAME.FLAC. Picard sets the metadata and ensures that there is an album cover image also.

    Before moving the organized files to my Plex server, I run them through MP3Tag and overwrite any mismatched artist names with the album artist (getting rid of artist fields with 'feat xxxx artist’s). This is important for when I sync files in Media Monkey to my iPod, since the iPod would break apart albums with multiple artists. My preference is to keep them grouped together.

    Hope this helps good luck 👍. Let me know if you want to know a decent strategy on movie backups also.












  • The costs are definitely a huge consideration and need to be optimized. A few years back we ran a POC of Open Shift in AWS that seemed to idle at like $3k/mo with barely anything running at all. That was a bad experiment. I could compare that to our new VMWare bill, which more than doubled this year following the Broadcom acquisition.

    The products in AWS simplify costs into an opex model unlike anything that exists on prem and eliminate costly and time consuming hardware replacements. We just put in new load balancers recently because our previous ones were going EoL. They were a special model that ran us a about a half-mil for a few HA pairs including the pro services for installation assistance. How long will it take us to hit that amount using ALBs in AWS? What is the cost of the months that it took us to select the hardware, order, wait 90 days for delivery, rack-power-connect, configure with pro services, load hundreds of certs, gather testers, and run cutover meetings? What about the time spent patching for vulnerabilities? In 5-7 years it’ll be the same thing all over again.

    Now think about having to do all of the above for routers, switches, firewalls, VM infra, storage, HVAC, carrier circuits, power, fire suppression.



  • The core features of a WAF do require SSL offload, which of course means that the data needs to be unencrypted with your certificate on their edge nodes, then re-encrypted with your origin certificates. There is no other way in a WAF to protect from these exploits if the encryption is not broken, and WAF vendors can respond much faster than developers can to put protections in place for emerging threats.

    I had never considered that Akamai or Cloudflare would be doing any deeper analytics on our data, as it would open them up to significant liability, same as I know for certain that AWS employees cannot see the data within our buckets.

    As for the captcha prompts, I can’t speak to how those work in Cloudflare, though I do know that the AWS WAF does leave the sensitivity of the captcha prompts entirely up to the website owner. For free versions of CF there might be fewer configurable options.


  • MSids@lemmy.worldtoTechnology@lemmy.worldCloudflare launches a tool to combat AI bots
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    1
    ·
    edit-2
    4 months ago

    Can you educate me on the negatives of Cloudflare?

    My company is on Akamai, who has a pretty solid combined offering of WAF, DNS, and CDN, and yet I still feel like their platform is antiquated and well overdue for a refresh.

    Thinking back to log4j, it was cloudflare who had the automatic protections in place well ahead of Akamai, who we had to ask for custom filters. Cloudflare also puts out many articles on Internet events and increase adoption of emerging best practices, sometimes through heavy shaming.