sylver_dragon

You could try using Autopsy to look for files on the drive. Autopsy is a forensic analysis toolkit, which is normally used to extract evidence from disk images or the like. But, you can add local drives as data sources and that should let you browse the slack space of the filesystem for lost files. This video (not mine, just a good enough reference) should help you get started. It’s certainly not as simple as the photorec method, but it tends to be more comprehensive.

A what now?
I’m just here to read memes and rant about crap no one else cares about. I can’t be arsed to dig into all the random profile crap the developers poured hours of blood, sweat and tears implementing.

If the only place you are seeing this sort of behavior is Reddit, it’s not worth worrying about. If you are so obsessed with what other people are doing on Reddit that you feel the need to ask about it on Reddit/Lemmy, it’s probably time turn off your devices and go touch grass. Always remember the Greater Internet Fuckwad Theory. People with pseudo-anominity say a lot of stupid stuff.

I can think of a couple of reasons off the top of my head.

You don’t say, but I assume you are working on-site with your work system. So, the first consideration would be a firewall at your work’s network perimeter. A common security practice is to block outbound connections on unusual ports. This usually means anything not 80/tcp or 443/tcp. Other ports will be allowed on an exception basis. For example, developers may be allowed to access 22/tcp outbound, though that may also be limited to only specific remote IP addresses.

You may also have some sort of proxy and/or Cloud Access Security Broker (CASB) software running on your work system. This setup would be used to inspect the network connections your work system is making and allow/block based on various policy settings. For example, a CASB might be configured to look at a domain reputation service and block connections to any domain whose reputation is consider suspect or malicious. Domains may also be blocked based on things like age, or category. For this type of block, the port used won’t matter. It will just be “domain something.tld looks sketchy, so block all the things”. With “sketchy” being defined by the company in it’s various access policies.

A last reason could be application control. If the services you are trying to connect to rely on a local program running on your work system, it’s possible that the system is set to prevent unknown applications from running. This setup is less common, but it growing in popularity (it just sucks big old donkey balls to get setup and maintain). The idea being that only known and trusted applications are allowed to run on the system, and everything else is blocked by default. This looks like an application just crashing to the end user (you), but it provides a pretty nice layer of protection for the network defenders.

Messing with the local pc is of course forbidden.

Ya, that’s pretty normal. If you have something you really need to use, talk with your network security team. Most of us network defenders are pretty reasonable people who just want to keep the network safe, without impacting the business. That said, I suspect you’re going to run into issues with what you are trying to run. Something like SyncThing or some cloud based storage is really useful for businesses. But, businesses aren’t going to be so keen to have you backing their data up to your home server. Sure, that might not be your intention, but this is now another possible path for data to leave the network which they need to keep an eye on. All because you want to store your personal data on your work system. That’s not going to go over well. Even worse, you’re probably going to be somewhat resistant when they ask you to start feeding your server’s logs into the businesses log repository. Since this is what they would need to prove that you aren’t sending business data to it. It’s just a bad idea all around.

I’d suspect Paperless is going to run into similar issues. It’s a pretty obvious way for you to steal company data. Sure, this is probably not your intention, but the network defenders have to consider that possibility. Again, they are likely to outright deny it. Though if you and enough folks at your company want to use something like this, talk with your IT teams, it might be possible to get an instance hosted by the business for business use. There is no guarantee, but if it’s a useful productivity package, maybe you will have a really positive project under your belt to talk about.

FreshRSS you might be able to get going. Instead of segregating services by port, stand up something like NGinx on port 443 and configure it as a reverse proxy. Use host headers to separate services such that you have sync.yourdomain.tld mapped to your SyncThing instance, office.yourdomain.tld mapped to your paperless instance and rss.yourdomain.tld mapped to FreshRSS. This gets you around issues with port blocking and makes managing TLS certificates easier. You can have a single cert sitting in front of all your services, rather than needing to configure TLS for each service individually.

I’ll extend the truffle hate to all mushrooms. If I wanted food covered in fungus, I would have waited for it to start rotting.

Theoretically you could hit replacement rate by making everyone a millionaire but I don’t know how that could work.

I doubt this would work. Financially, my family is towards the middle of that chart now. We were lower when we had our first kid and only a bit improved when we had our second. And honestly, it was pretty touch and go whether or not we would have the second. Our first was a handful as a baby and it left us wondering if we could handle a second. Thankfully, he calmed down a lot (or we just got used to the new normal) by the time he was pushing 18 months. After we had the second one though, I fully embraced the “cut my nuts off” solution to birth control (vasectomy). I don’t regret that choice at all. None of that was ever about finances. It was simply about the fact that raising children is hard and takes a lot of time.

Ultimately, I think the decline in birth rates isn’t about finances or selfishness, it’s just a change in social norms. Society has spent decades training people to the “nuclear family”. Movies, TV, and other media has pushed the “2 kids and 1.5 dogs in a home in the suburbs” for so long, that people internalized it. So, folks who do want to have kids shoot for that. Having 4 or 5 kids is now seen as an oddity, rather than the norm.

There is also a much better acceptance of women as something other than a walking womb to be filled. We no longer look at an unmarried woman in her 20’s or 30’s as some sort of spinster to be shunned. Sure, negative stereotypes still exist (e.g. Crazy cat lady); but, it’s much rarer for fathers to be selling off their 16 year old daughters to 40 or 50 year old men as child brides to be kept barefoot, pregnant and in the kitchen for the next 30+ years of their life. Women are expected to have full lives now, which may or may not involve raising children. As one might expect, many have taken full advantage of that and simply chose to not have any. This move from what amounts to sexual slavery to being treated as an actual person is going to mean there are fewer women having children and many of them delaying until they are actually old enough to make an informed decision about it.

Depending on which version of Sleeping Beauty you’re reading, this isn’t that far off.

Replace the screen, maybe? And now you have an extra laptop.

Sadly, yes a lot of organizations didn’t get the memo. But this really is the current guidance. In NIST 800-63B Section 5.1.1.2:

Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.

I deal with this sort of thing pretty regularly for the company I work for. We get threat intelligence from several vendors when they see our users show up in “dumps”. Basically, threat actors will package up stolen credentials in a large zip file and make that available (usually via bittorrent) for anyone to download. Security vendors (e.g. Mandiant, which Google bought) download those dumps and search for accounts associated with their customers and send out these warnings when they find one. On the customer side, if the breach was recent we’ll force a password reset and warn the user about the breached password, with a recommendation to change their password on the affected site and also change any passwords which might be similar elsewhere.

Why do we force the password reset, even when it wasn’t the account for our business which was breached?
There’s a couple reasons for this. First off, people still reuse passwords all the fucking time. Maybe this victim didn’t, but we have no good way validate that. Second, even without direct reuse, folks like to have one main password that they apply slight variations to. They might use “Hunter 42!” at one site and then “Hunter 69*” at another. This isn’t smart, attackers know you do this and they have scripts to check for this. Lastly, if an organization is following the latest NIST guidance, you’re not changing your password on a regular cadence anymore. With that is the expectation that passwords will be rotated when there is a reason to suspect the credentials are compromised. Ya it’s annoying, but that’s part of the trade-off for not having to rotate passwords every six months, we pull the trigger faster on forced rotations now.

If you get one of these, consider it a good time to think about how you come up with and store passwords. If you are re-using passwords, please turn off your computer/device and don’t come back to the internet until you have thought about what you have done. If you aren’t already using one, please consider a password vault (BitWarden or KeePassXC make great, free choices). These will both help you create strong passwords and also alleviate the need to memorize them. Just create a strong master passphrase for the vault, let it generate the rest of your passwords as unique, long (12+ character) random junk, and stop trying to memorize them (with the exception of your primary email account, that gets a memorized passphrase).

Ya, I actually run both uBlock Origin and NoScript in my browser on my phone and personal machine (desktop). On my work laptop, those are a no-go. So, I get the full ads experience on my work machine when traveling.

I run Pi-Hole in a docker container on my server. I never saw the point in having a dedicated bit of hardware for it.
That said, I don’t understand how people use the internet without one. The times I have had to travel for work, trying to do anything on the internet reminded me of the bad old days of the '90s with pop-ups and flashing banners enticing me to punch the monkey. It’s just sad to see one of the greatest communications platforms we have ever created reduced to a fire-hose of ads.

Go for it. It’s already broke, even if you make the problem worse, it won’t functionally change what you are planning to do with it (throw it away). Do be careful around any capacitors, @Nollij@sopuli.xyz made a very good point about discharging them carefully. I took a hit off a capacitor for the flash in a disposable camera some years ago and was certainly shocking.

This sort of thing is just awesome. I really wish there was more information on repairing these sorts of electronics out there and accessible to non-electricians. I do get that sometimes it really does take someone with a lot of specialized knowledge and training to troubleshoot and fix things like this. But, even basic, “look for X and try Y” type stuff for us plebes to make the attempt. Sure, we’ll fail as often as we succeed, but even that would save a lot of electronics from the scrapheap.

Fixed my monitor rather than tossing more e-waste in the landfill. Replaced a couple blown caps and it’s running like a champ again.

The big ones for me were a frequent, sudden, urgent need to pee and getting up multiple times a night to pee. I also drank a copious amount of water. Like, the whole “eight glasses a day” thing which used to be popular was confusing to me, as I’d drink that much in the first couple hours of the day. I finally went in to the doctor and got a blood test and my A1Cs were well over the “welcome to Diabetes Land” number. With diet, exercise and drugs I’m well controlled now and caught it early enough that I still have good feeling in my feet. Given my family history, and all the shit I ate in my younger days, it’s not really a surprise. I just have to be more careful now, but I have discovered an enjoyment of climbing because of it.

Really, if you have any family history of diabetes, start visiting your doctor on an annual basis and getting a blood test. It’s simple, and catching it earlier is good for preventing problems with neuropathy in your feet.

Wait, I’m conscious enough to have questions? So, now what?

The one argument for a multi-magazine setup would be ammo versatility. E.g. One magazine holds FMJ or the like for soft targets while the second holds armor piercing for hard targets or explosive/incendiary for anti-material. It’s not a great argument for it, and it’s probably why we don’t see it all that often. But, the good idea fairy is a regular visitor to the arms manufacturing industry.

Ya, AI as a tool has it’s place. I’m currently working on documentation to meet some security compliance frameworks (I work in cybersecurity). Said documentation is going to be made to look pretty and get a check in the box from the auditors. It will then be stored in a SharePoint library to be promptly lost and ignored until the next time we need to hand it over to the auditors. It’s paperwork for the sake of paperwork. And I’m going to have AI spit out most of it and just pepper in the important details and iron out the AI hallucinations. Even with the work of fixing the AI’s work, it will still take less time than making up all the bullshit on my own. This is what AI is good for. If I actually care about the results, and certainly if I care about accuracy, AI won’t be leaned on all that much.

The technology actually it pretty amazing, when you stop and think about it. But, it also often a solution in search of a problem.