Have thought about creating this exact type of thing. I will be checking this out next week, and seeing what else might be out there though. One service I see that’s missing is parameter store, but if I actually needed it I’m guessing it would be pretty easy to add unless there’s a reason for not also including it.
Parameter store should be straightforward, I wasn't actually even aware of it existing.. And yes, the more the merrier! Just make up some non-interfering URI scheme (I would probably use awspm://) that won't be reasonably used as an environment variable as is.
As for as a general reason to use it over SSM is that it’s free for like under 10k values but it’s not secure by default since it also allows non-encrypted values to be stored. AFAIK you can use basic encrypted values with it the same as SSM, but for more advanced uses there are differences.
I don’t know about timemachine but I have some anecdotal experience with Dropbox and ransomware. Essentially one person’s computer was infected which encrypted all the files for everyone in Dropbox. Because Dropbox had versioning on the files I was able to restore all the files back to the point before they were encrypted after removing and wiping the infected machines.
So if timemachine has versioning then maybe then you probably have some options, I’m not sure I’d call this being “safe” from ransomware.
I would imagine the amount of time someone spends “investigating” a port like 3306 is the amount of time it takes for the existing automated software to run a check to see if the mysql server is vulnerable. So unless the service on 3306 is able to spoof a vulnerable mysql server, they don’t care if it’s real or not. They just care if their tool reports a vulnerable service.
Unless they are specifically targeting that system my assumption would be that they are just looking for open ports for known services, then if found checking if exploits work or not, and if not move on. I could very well be wrong but from a practical standpoint I can’t imagine this service mattering to someone that is running a program to scan for open ports with vulnerabilities.
I might just be regurgitating the article, but isn't the point that it can massively increase the time and effort it takes to scan a system for valid vulnerabilities?
What I’m saying though is that if I were running a script like this, unless I’m targeting a specific ip, I would just be scanning known ports for known vulnerabilities. I wouldn’t be scanning every single port.
I can’t speak for OP but usually the issue with #3 for me is that the other criteria it needs to meet is that it works with whatever other integration I want. I remember when I looked the TP-Links were a good option but you just needed internet to set it up. Afterwards it just went on a vlan without internet. The camera needs to support Scrypted/Frigate for my use case but depending on needs for PTZ, Wi-Fi, resolution, night vision, etc, I may or may not be able to find one at a reasonable price that doesn’t require internet access for setup. TP Link makes good cameras at a good price but they require internet access to setup, so any camera that falls into #3 will get compared to a TP Link in #2
I tried this and had too many issues with other devices. I finally just bought a Brother laser printer with built in AirPrint that worked fine for many years but lately it seems to disconnect once in awhile. Current fix for that has been a smart switch that I programmed to just power cycle the printer twice a day.
Eventually I’ll just upgrade to a newer one with color and hopefully better AirPort support, but I’m glad cups and AirPrint works alright since I haven’t tried it in a few years. The issues your wife is experiencing though are likely the same ones that led me to just get a printer that supports it and from what I read at the time Brother has the best AirPrint support (purely anecdotal)
The most egregious problem that I've found is a GhostScript issue with transparent elements in PDFs that makes the printing process take way too long (and use 100% CPU) to start.
The validation on the form page doesn’t require a valid url but when you hit submit the validation fails if the url is incorrect. When you click back to go correct it you can’t fix it because the submit button is still spinning.
Also requiring a title for a url doesn’t seem necessary, just use the domain as the title or the url itself if it’s empty.
Sorry don’t have any other feedback I stopped there.
Love the feedback. You're the second person (that I've seen) whose mentioned what a bad user experience it is to fill out everything and then get told that you have an invalid url. I'm trying to use very minimal javascript but this seems like a good place to add a little extra.
Still would be nice to just put in website.com and have it assume I mean https://website.com
- If a title is required maybe offer the option to just set the title as an emoji or something. This is definitely just my personal feedback I could be an outlier here.
- Once I submitted the email went to spam. I assume there’s not much you can do here other than become more established.
- After clicking the confirm link I’m taken to a page that says my changes have been confirmed and saved. I’d expect messaging along the lines of your page has been created along with a link to my page. Screenshot: https://www.dropbox.com/scl/fi/leus6ntppsf9yihe6i1sb/Lynx.Bo...
- At this point the only way I found to get to my page is just to type in what I assumed was the url format into the browser: lynx.boo/username
Wrote the feedback as I went through it. Once I see the page itself I understand why a title is required and an emoji might not make sense. Love the super clean layout and simplicity though, I will keep this tool in mind.
I’ve only used this so far to quickly create a local git repo for backing something up and it seems very promising. The interface felt nearly identical to GitHub as far as creating a repo, ssh key, and pushing an existing repo to it.
If I need to know the current age I don’t need to know the past ages of someone