Interests: News, Finance, Computer, Science, Tech, and Living

  • 4 Posts
  • 155 Comments
Joined 2 years ago
cake
Cake day: June 13th, 2023

help-circle

  • flatbield@beehaw.orgtoPrivacy@lemmy.mlCustom Email Domain
    link
    fedilink
    English
    arrow-up
    1
    ·
    19 days ago

    I specifically chose a shared hosting situation so they deal with the issues in this case. I do have a VPS and could have placed it there but I did not want the hassle and it is not something my wife could manage if something ever happened to me.

    As far as unlimited, they do have such a plan but I do not need it. 30 is infinite in my case.




  • flatbield@beehaw.orgtoPrivacy@lemmy.mlCustom Email Domain
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    20 days ago

    Your own domain is not great for privacy though like others have said the registrar can hide your info at least from whois. If you already have a domain lookup the whois record and see what it says. Presumably even with whois privacy your identity is probably discoverable.

    Custom domains are not great for deliverability too. Though mostly mine is fine. Sometimes Yahoo and ATT manged accounts give me delivery issues.

    What your own domain is good for is nice, long term, and portable addresses. Also for many cheap addresses. I get something like 30 email accounts with my basic Namecheap cPanel account for about $25 per year.


  • Ext4 on LVM can do both volume mirroring and snapshots. The is no COW support with ext4 though.

    By the way I use BTRFS with LUKS on my workstation and have for 4 or 5 years. Primarily I like it for the snapshoting. I though I would like COW but frankly very mixed on that especially since there are cases you should not use COW and if you disable COW you loose snapshotting on that file. I have not used the raid capability. One thing I do not like about BTRFS is that I know of no way to track a bad block at the sector level to what file it is in if any. With Ext4 you can.

    Another useful backup tool is restic.









  • Ubuntu should be able to. They even have some sort of kernel hot patching service I have not used.

    If you do not care about kernal updates then most distros should be fine. Just ignore the reboot suggestions.

    Edit: If you do not reboot you might want to make sure critical things are restarted such as you web browser. Or just logout and login again. One hopes the distro appropriately handles service updates but who knows for certain.



  • I am a FOSS guy so I’d just configure Debian or Ubuntu to do most of the server, media center, desktop, and laptop stuff. Smart Phones Google Pixel 8a or another a series flashed with GrapheneOS. For network I would look at PfSense, OPNSense, OpenWrt, or DD-WRT devices. I have DD-WRT devices but have they do not get updates sadly, but there are some vendors that base their devices on DD-WRT. Not sure which ones. ASUS? Buffalo? Is there a list somewhere?

    The other direction is to go more commercial which is probably what you want. Lot of people like Synology products. In particular they have nice NAS products (which actually can run other services too) which should be fine if you just run them on the LAN. If you want to connect while traveling, setup some sort of VPN. Do not expose any of this stuff to the WAN. For network devices I would consider Netgate, I think they have some PfSense firewalls. Some people seem to like Ubiquiti stuff.

    I personally have generally favored Netgear but as I said, I mostly have just re-flashed with DD-WRT but am thinking of doing something different at least with regard to my boundary router. It has gotten so we all need to have our network devices rapidly updated, especially exposed ones like the boundary router.


  • Consider low maintenance materials. Simple roof line, with good landscape drainage away from the house. Metal, ideally stainless steel roof. Triple pane metal clad or fiberglass windows choose by the sun exposure in terms of coatings. Heavily insulated. ERV ventilation. Consider commercial grade doors, and hurricane approved windows, etc. Consider unpainted stucco or another low maintenance exterior. Ground loop heat pumps for heating. Enough electrical capacity for all electric house including eV charging, but with backup power source. Design for no maintenance in the first 50 or 100 years. You might consider a safe room.

    Edit: Might consider hidden and/or locked storage too, a locked filing cabinet at least, or a safe.

    Edit: You might also consider a security, home automation, and house monitoring system but choose carefully. One that you control, not some cloud service.


  • Consider network boxes and structure of net. At a minimum segregate things on different network segments. Guest, IOT, Your Stuff, Wired, Wifi, etc. Your boundary router and everything inside it should be yours and get automatic updates. Ideally two network providers, one fiber, one wireless. Encrypt everything on the net.

    Avoid wifi and bluetooth if you can, but probably you do not want to. If you use them, secure them the best you can. Strong keys, SSIDs that tell nothing, etc. You can set your wifi APs to ignore clients outside of a certain range at least. Also hardwire the APs. Airgap things that really matter. For example Airgap at least some of your backup archives, and take some offsite too. A nice way to do that is host mountable SATA draws on your backup server with high capacity real spinning magnetic disks (no SSD or Flash stuff).

    On systems that matter at least use volume mirroring, or some level of Raid, and do have an UPS. Maybe consider a whole house UPS if your loaded with money. Your network boxes should be on have UPS support too, and at least one of your network providers (starlink, other sat provider, maybe cell or wimax, old style DSL, etc).

    Actual network connectivity, consider how your going to do that. You could route all network traffic though a VPN or Tor, but you may not want to do that. Big downsides too. One could choose to route certain subnets that way though.

    Actively keep everything patched, monitored updated. Remember, less is more. Minimize what needs to be patched, monitored, and updated. Put firewalls on everything and minimize the software and services and attack surface. Treat every device on your net as mostly untrusted.