is there a good way for a website that has a good reason to worry about #DDoS to allow #Tor access?
something like allowing access to Tor IPs but severely rate limiting them? (just an example, I have no idea if that method is in any way feasible)
or are there really only three approaches: block, allow and CloudFlare?

asking not as a #sysadmin, but as a Tor user who just wants to access the website darn it!

Fascinating and sophisticated MiTM ('man in the middle') at Hetzner (DE) and Linode, targeting Russia's largest XMPP/Jabber (civilian) chat service. The authors of the article make a reasonably compelling case that "this is lawful interception Hetzner and Linode were forced to setup."

notes.valdikss.org.ru/jabber.r…

Excellent mitigation walkthrough here:

devever.net/~hl/xmpp-incident

Sure gets me thinking.

#infosec #sysadmin #forensics

Raspberry Pi is really proud of hiring "a policeman & it's going really great" who "was a surveillance officer for 15 years" and built covert surveillance equipment. RPi dismisses the very thing they're so proud of as "he built lightsabers [as toys]. Chill."). Dear reader, it must be remarked that the concern is not his rad lightsaber toys (which, to be clear, are rad). The concern is that he's got experience in surveillance equipment, and the company is proud to have hired him for it, and proudly blocking everyone who expresses the slightest concern about it instead of being even remotely willing to listen and understand why people are skeeved out, even people who aren't on the ACAB train and are gently voicing concerns with a surveillance cop potentially having the keys to their hardware/software.

This is not the behavior of a company that's concerned about privacy, security, trust, or autonomy, and I don't think this company can or should be trusted to remain federated with instances that want to be welcoming to marginalized people or anti-authoritarians.

Really hate to say it, because I've used and loved RPis for several years now, but if nothing else, please use a different SBC from now on. There are many options out there that aren't so eager to insult you for having concerns about security.

raspberrypi.social/@Raspberry_…

archive in case they delete
archive.ph/8YQqH

#raspberrypi #rpi #surveillance #infosec #sysadmin #fediblock #acab #devops #police #sbc #singleboardcomputer

You might have seen me before on your TL if you receive posts from potate.space, but I might aswell do another #introduction

I'm Denise, a 20yo trans girl into #sysadmin and #DevOps, running my own libre hoster over at 4201337.xyz, with #typescript experience, currently learning #C.

Since I'm in a baby, barely federated instance, reboosts would be appreciated so that I can increase the diversity in my stream :)

Have a nice day ❤

Miaoute - Pédalerie partout, pour toustes

La Miaoute est un petit hébergeur de services libres pour aider les personnes trans et non-binaires à réduire leur dépendance aux grands géants centralisés du numérique.

^4201337.xyz