Notices by Jeroen Massar (jeroen@secluded.ch)

For folks running public rsync-able services, might be an idea to shutter them for a wee bit: https://www.openwall.com/lists/oss-security/2025/01/14/3 (CVE-2024-12084 etc)

```
In the most severe CVE, an attacker only requires
anonymous read access to a rsync server, such as a public mirror, to
execute arbitrary code on the machine the server is running on.
```

@bagder if it hurt your ego, it is a bug you will not make again and lesson learnt ;) I tend to read CVEs and more the fixes to learn what classes of bugs are being fixed so to avoid them myself; also do check if similar mistakes have not been made elsewhere if applicable

@jpmens lftp is my go-to ftp tool; curl for fetching from known locations though.

Also, all the kids use usenet, they are shifting more bits there than all the text typed in the early days ;)

@Codeberg when transporting your servers like that, do anticipate for dirt, and worse, rain. Two Ikea blue bags fit great for most servers ;) [one over the top, one over the bottom upwards due to dirt/mud coming from the floor).

At arrival, do acclimatize the server and ensure to reseat many cards; which is why a outer carton box is advised. Good luck with the new toy! -- fellow server-by-public-transport person ;)

@alarig you really need to check out all the VPP articles that @IPngNetworks has been writing ;) -- https://ipng.ch/s/articles/

@alarig @PorCus @IPngNetworks so https://ipng.ch/s/articles/2023/10/21/vpp-ixp-gateway-1.html ? ;)

@dansup @pixelfed per-account & instance ranking and build a trust graph and cluster things. Spambots tend to follow spambots, thus they cluster together, normal people tend to follow the same normal people.... this is a method used many times before (pgp web of trust is one example) it does require knowing the full graph for involved accounts, thus that can be harder. I am sure somebody comes up with a trustrank service that can give out a score; then multiple services and if x/y deprio ;)

@aral the better analogy would be a supermarket chain IMHO

The "shopping mall" are the centralized hosters, people tend to not self-host, let alone on own hardware (I'll excuse hosting in own DC); shopping malls can still have independents... but they all pay rent to a single overlord (Hoster/colocation); the roads are ISPs, which few do on their own... (as at that point it becomes a near full time job ;)

@bagder you do also do happy eyeballs over multiple IPv4 addresses and multiple IPv6 ones right? ;)

And note that Apple published v2: https://www.rfc-editor.org/rfc/rfc8305 MacOS/iOS/etc editions have a lot more tricks to connect to the fastest (latency & bandwidth) place, if you use the right APIs to connect it is even quite simple -- but often not available for glibc ;)

@aral Just being a corporation is enough actually. The goal of corporations is to increase the money/payout for the shareholders, not to do good for the customers or heck the world, let alone to deliver a proper product.... oh and no, non-profits do not count anymore often unfortunately, they just make sure that the money is spent every cycle and often are just a way for tax write-offs for the large corporations...