Tempiz
1y ago
•
100%
Appreciate the transparency and update. This definitely eases concerns. Thanks!
Tempiz
1y ago
•
100%
Could we get an introduction into who the new team lead is, what their experience is, and maybe some info on the rest of the team? The current repo owner has no information and has only ever worked on Mlem with this user account. Not exactly confidence inspiring from afar.
Tempiz
1y ago
•
60%
Nay
Block them yourself. Defederation is against the principles of the fediverde. If you are looking for an instance that is more isolated, look into Beehaw.org.
Tempiz
1y ago
•
100%
+1 here. If growth slows and donations drop, the instance needs some savings to continue operating, or if another server upgrade is needed with a large capital expense. Not everything is OpEx.
Tempiz
1y ago
•
100%
Spez is just trying to get that bag and run.
Tempiz
1y ago
•
100%
And then they wonder why advertises are avoiding the platform.
Tempiz
1y ago
•
100%
Competing platforms are scary!!!
Tempiz
1y ago
•
100%
“Guys this is a democracy I promise. Just do your jobs and don’t complain, speak out, or vote against anything we say. You guys totally still are stakeholders in this platform though. Please volunteer more of your time so we can monetize your free content. Thanks!” - Reddit Admins
Tempiz
1y ago
•
100%
Reddit mods crave the “power” they get from donating their time and labor to a mega corp.
Tempiz
1y ago
•
100%
I love the irony of him calling Reddit a democracy while also refusing to budge on the API issue. You can’t have it both ways.
Tempiz
1y ago
•
100%
Really enjoying the feeling of a closer community of Lemmy. everyone is working together to build this platform from the ground up.
Tempiz
1y ago
•
100%
Great to hear that there is a dialog open between the admins. Hopefully it is all sorted swiftly. Federating with all of the large instances is important for the continued growth of the platform.
Tempiz
1y ago
•
100%
I’m also on gmail. Haven’t had any issues with it, no real desire to change.
Tempiz
1y ago
•
100%
Cloudflare is still the best domain registrar that I’ve worked with. Doesn’t seem to be going anywhere.
Tempiz
1y ago
•
100%
For sure. It would be interesting if a method to migrate instances was built into the backend of lemmy, but this could potentially cause a lot of headache for instance owners as well. Probably not in the cards, but would solve this problem for sure.
Tempiz
1y ago
•
100%
Yep that’s an uninstall and 1 star review for sure.
Tempiz
1y ago
•
100%
Beehaw definitely had its own standard they try to uphold. Just means choosing your instance is important to your experience.
A buffer overflow vulnerability was found within SSL-VPN in FortiOS leading to unauthorized code execution. Options are either to disable SSL-VPN or upgrade to a patched version.
www.fortiguard.com
A buffer overflow vulnerability was found within SSL-VPN in FortiOS leading to unauthorized code execution. Options are either to disable SSL-VPN or upgrade to a patched version.
cross-posted from: https://sh.itjust.works/post/87144 > Received this QNAP security bulletin this morning. Update your QNAP products! > > > June 14, 2023 - QNAP® had published security enhancement against security vulnerabilities that could affect specific versions of QNAP products. Please use the following information and solutions to correct the security issues and vulnerabilities. > > >Vulnerabilities in Samba > > >Release date: June 14, 2023 Security ID: QSA-23-05 Severity: Medium CVE identifier: CVE-2022-37966 | CVE-2022-37967 | CVE-2022-38023 | CVE-2022-45141 Affected products: Certain QNAP Devices > > >Summary > > >The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba, including vulnerabilities related to RC4 encryption. If exploited, some of these vulnerabilities allow an attacker to take control of an affected system. The following QNAP operating systems are affected: > > >• QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) QES is not affected. > > >Only QNAP devices that run the affected operating systems and also act as a domain controller or AD member are affected. > > >Standalone QNAP devices are not affected by the vulnerabilities. > > >QNAP is currently fixing the vulnerabilities in QTS, QuTS hero, QuTScloud and QVP (QVR Pro appliances). > > >Please check this security advisory regularly for updates and promptly update your QNAP operating system to the latest version as soon as it is available. > > >Recommendation > > >Because RC4 encryption poses a high security risk, we strongly recommend replacing RC4 with the more secure AES algorithm when using a QNAP device as a domain controller or AD member. > > >• When the QNAP device acts as a domain controller, we strongly recommend enforcing AES encryption. > • When the QNAP device acts as an AD member, the encryption method should follow that of the domain controller. We also strongly recommend that the domain controller is configured to enforce AES encryption. Before security updates are available, depending on the AD domain role of your QNAP device, we recommend enforcing AES encryption only or at least allowing both AES and RC4 encryption to mitigate the risks posed by the vulnerabilities.
Received this QNAP security bulletin this morning. Update your QNAP products! > June 14, 2023 - QNAP® had published security enhancement against security vulnerabilities that could affect specific versions of QNAP products. Please use the following information and solutions to correct the security issues and vulnerabilities. >Vulnerabilities in Samba >Release date: June 14, 2023 Security ID: QSA-23-05 Severity: Medium CVE identifier: CVE-2022-37966 | CVE-2022-37967 | CVE-2022-38023 | CVE-2022-45141 Affected products: Certain QNAP Devices >Summary >The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba, including vulnerabilities related to RC4 encryption. If exploited, some of these vulnerabilities allow an attacker to take control of an affected system. The following QNAP operating systems are affected: >• QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) QES is not affected. >Only QNAP devices that run the affected operating systems and also act as a domain controller or AD member are affected. >Standalone QNAP devices are not affected by the vulnerabilities. >QNAP is currently fixing the vulnerabilities in QTS, QuTS hero, QuTScloud and QVP (QVR Pro appliances). >Please check this security advisory regularly for updates and promptly update your QNAP operating system to the latest version as soon as it is available. >Recommendation >Because RC4 encryption poses a high security risk, we strongly recommend replacing RC4 with the more secure AES algorithm when using a QNAP device as a domain controller or AD member. >• When the QNAP device acts as a domain controller, we strongly recommend enforcing AES encryption. • When the QNAP device acts as an AD member, the encryption method should follow that of the domain controller. We also strongly recommend that the domain controller is configured to enforce AES encryption. Before security updates are available, depending on the AD domain role of your QNAP device, we recommend enforcing AES encryption only or at least allowing both AES and RC4 encryption to mitigate the risks posed by the vulnerabilities.
> Just a reminder that Windows 10 21H2 home and pro editions are EoL today. Make sure you get updated to 22H2. > > 22H2 will be the final release of Windows 10, with an EoL of Oct. 14, 2025. > > Enterprise 21H2 still has one year of support which will end June 11, 2024.
Just a reminder that Windows 10 21H2 home and pro editions are EoL today. Make sure you get updated to 22H2. 22H2 will be the final release of Windows 10, with an EoL of Oct. 14, 2025. Enterprise 21H2 still has one year of support which will end June 11, 2024.
With this new community, I figured it would be interesting to get a gauge on if there are any security professionals within the community, and what roles everyone holds? I personally specialize in GRC, but have also worked in network engineering in the past.