Why is a hypervisor the best we got? Why would better than a dedicated bare metal server? Why would the attack surface if a hypervisor be smaller than the attack surface without one?

Honest question

Thanks for evaluating! The exploit was explained to me that an unpriviliged user/Programm could use it to get root access on the whole system, which I my mind included the hypervisor. Further reading seems to proof you right, while containers were broken VMs were not.

My point still remains, although weaker: If you know exactly what you are doing you can get a system quite secure, if you are a hobby server owner like me, its not that easy. I would have not know that the use of VMs instead of containers has sooo major security implications, that something so fundamental as ssh could be exploited in such large scales, and clustering would have been needed to avoid being unsafe.

Sure, noone would use an zero day on me targeted, the thing is: I am not working in the field, from publishing of the exploit till learned about it and had the time to patch, there were a few weeks. If in those few weeks someone deploys a tool going for mass and not for single targets, I would probably be infected and added to some botnet, cryptominer or whatever.

If I have a bare metal dedicated server, which has only access to IPs contained in my whitelist on a dedicated opnsense, I have less to wory about. Sure, someone could still find a openbsd/opnsense exploit and get me, but my point is: complex systems break in complex ways, the more complex systems you use, the more attack surface u have, need to know and understand to control and mitigate it.

Not that its impossible, but for a hobbyist who tries to self teach with man pages, tutorials and forums, you can get pwnd in unexpected ways (like because you used a container for dodgy Chinese smart home devices and expected that your production environment would be safe even if one of them was malicious, but in fact you were not, because that would have needed to be a VM. AND: before copy fail was published, users would have probably also told you that containers are safe.

Eternity is really nice

I was going to build my system like that, but recently learned that host client isolation is not as strong as people make you believe.

just a few weeks ago we learned that copy fail (security vulnerability) was on major distros for years until it was fixed, it would allow containers and VMS to infect the host system. Xz utils could also lead to a broken host client separation, as proxmox uses ssh for clustering and the like.

So for really important stuff I am going to have a dedicated physical server or put it in cold storage altogether.

That said, I am by no means an expert so feel free to correct me if I got something wrong.

Hate to be that guy, but brave is spyware packaged as browser, it not running is for the best…

Dude there is someone asking for a “lighting fast browser experience” on specs which will not deliver that for most websites most people use.

An honest reply IMHO is to state what will work and what will not.

You set false expectations when basically telling him “yeah no problem”.

I try to differentiate this picture by showing what caviots there are.

The reality is: if you are a tech savy person, only use a subset of websites, to which most of the popular websites (youtube, Netflix, prime, insta, etc.pp.) don’t belong, you can get something to work. Do I use silicon-valley websites or think they are good? No! But someone who asks such questions is probably not someone who only thinks of HTML only websites and the like when wanting a fast browser.

I try to give honest advise and show that a lighting fast browsing experience is not the same as “you can visit some websites with very light loads and need to close the browser, open terminal and yt dlp, download the video and watch it in a lightweight video player”.

Its not about competition it’s about actually helping the person looking for advice.

He didnt explicitly, but watching media is one of the main things people do in browsers no?

When someone asks about a lighting fast browser experience for his specs, and you say “no problem” one would expect one can use websites, including ones that serve videos no?

Saying yeah, fast browser? no problem! But then referring to yt-dlp for videos is a little misleading no?

I’d don’t think you find most videos on peertube at this point of time, and I’m hesitant if it will run fast with those specs, even considering peertube is less bloated than YouTube.

Where to cache to? The HDD? The two gig ram?

So what site do you use with this Setup to watch HD Videos fast, responsive and without Stutter, lag oder tearing? Cant be youtube

Well thats what op asked for.

And it is “lighting fast” when using modern bloated java script websites? I doubt it

To be real, this Maschine with HDD and 2gig RAM isnt going to be lightning fast at all

Thanks

Can someone explain for us people at work who cant watch a video?

You got mislead my dude. Probably because there’s lot of propaganda for nuclear as it is needed to offload costs of building nuclear weapons, so especially USA, France and China are campaigning hard.

We dont need another finite fossil resource oligarchs can use to control us, we need to change societies habits so it complies with energy production. For the actually relevant parts its easy enough to store the energy. Batteries are not the only possibility, water elevation, hydrogen, pressure cells just to name a few. But even if batteries were the only ones, it’s still worth manufacturing them compared to the costs of managing nuclear waste for timescales longer than human build structures exists.

Did a medieval person know what wages today would be? No Do you know what the nuclear end storage would cost in 1000 years? No But even for the time we can for see, in the best case scenario its an economically bad decission, in the worst case we poison the whole planet to a degree where no human life can exist.

I agree with most of the comment, but it really bothers me people still call nuclear “clean”, it isn’t, its the opposite. Yes no co2, but the effects of burnt nuclear fuel are way worse. Yes the crisis comes slower than the current climate crisis but it last for way longer and is way harder to manage.

Co2 I. The atmosphere in large amounts is bad for humanity, no question, we should stop that, but with co2 we at least have an advanced ecosystem which will bring the co2 levels down relatively quickly on human time scales if we stop emitting before the ecosystem is irreparable damaged, with nuclear we dont. There us exactly one way to get rid of radioactive waste, and that is to wait till it stops radiating by itself, magnitudes longer than it takes for co2 to get absorbed by plants.

Well okay, i would not argue to stop buying Cooper. I wouldn’t even argue against mining uranium in small doses for science, smoke detectors and whatnot.

My point is that extracting stuff from the ground is a big undertaking, especially when trying to do it in a way safe for workers. It is not good for humanity to do that, just to burn it, when there are alternatives.

I doubt that most mines are actually owned by worker cooperatives and progressive states, but even if so, the USA has a history of making sure they get enough of their primary energy source for cheap, even if that means invading countries, murdering union people or straight up installing puppet governments. Also here in the EU, conservatives have a history of blocking any legislation that would force company’s to respect human rights outside of the EU. So a lot of the materials used in Europe are not ethically sourced (clothes, caffe, cacoa, lithium, stone are the ones I know about having lots of child labour and wages far beyond the European minimum wage) I assume if uranium prices go up thanks to lots of demand, people here will buy the cheapest, which probably is not ethically from nations/corporations respecting human rights, as respecting human dignity adds cost.

Depending on a finite recource from other countries is hardly evaded in modern capitalism, but making your primary energy source one, when you have other options is just dumb.

I was pulling a analogy to oil, where the EU is buying from Saudi Arabia for example, a country not really famous for human rights, Russia (same) and america (facist).

Giving the powefull corporations and oil spring/fracking site owners there lots of money every year seldom changes the life of ordinary people there for the better.

Maybe it would all be different with uranium, but I doubt that.

Also I am pretty sure as soon as nuclear waste starts really piling up privileged countries would be pretty fast to get it out of there land and onto some less fortunate nation.

I just think if we want to stop using a finite fossil recource which pollutes our world for a few hundred years its not a good idea to substitute it with a finite fossil resource which pollutes our world for a few thousand years, if we have a cheap, renewables alternative available. Mist sane persons would think that way

The only problem is, USA, France and China really really want to build nuclear bombs, but pushing so much money into it that they can pay it as military expanses is to much even for them. So we have lits of propaganda, that nuclear power is good, or even necessary, so most of the costs can be sold as infrastructure to the voters.

I never in my life have met a person who has a good plan on how to manage nuclear waste in timescales in which societys rise and fall, cultures get started and forgotten, etc. Pp. In a way which is even near practical not to speak of Economically feasable. You think medical people could calculate the wage of someone guarding whatever today? Mining is a tangebale aspect, bad to depend on, but graspable, controlling the waste isnt

Hahaha nuclear has basically no co2 output so its not bad for the climate Dont even need to read further.

Lead is also not bad for your health, because it doesn’t contain cyanide - same level of arguing

Things that produce co2 in large amounts are bad for the environment and need to be abandoned, no question, but that doesn’t mean everything which doesn’t produce co2 is good for the environment lol

I fully agree with you that my ancestors have chosen the path of violence and colonization, which I absolutely condemn and try to make up for in my every day live.

And you are right, I dont know about uranian mines in Chile, nice that its state owned and actually beneficial for the area.

I understand if you argue for nuclear if the mines have developed your region and is actually beneficial to the people from an emotional point of view.

You hit me with an argumentum ad hominem, which is kind of deserved by what the society I live in did to a lot of the world (even if I myself try to fight that, lots of the privileges I have stem from exactly those past oppressions, can’t change that) but its still an argumentum ad hominem, and therefore not really contributing to the matter at hand

Nuclear is bad for humanity, even if I live in Europe.

Bruh

1. Renawbles are capable of generating a ton of energy manageable distances from where they are used in most cases, even for the cases which they are not it is orders of magnitudes cheaper and better for environment if you make green hydrogen, ship it to where its needed and convert it back into current where you need it considered the absurd amounts of time and cost it takes to manage nuclear waste. Not even considering the cost to mine and ship nuclear fuel, build the reactor and safely dispose of it at the end of its lifespan as its miniscule compared to maintain any sort of storage building for a time longer than the time between humanitys first building and now.

2. Mining is mostly done by people living under slave like conditions in poor countries. Even thinking having a energy source which needs to CONTINUOUSLY BURN MINED RECOURCES to keep outputting any energy at all is superior to a energy source which NEEDS MINED RESOURCES ONCE TO CONTINUOUSLY output energy until broken by external forces shows the absurdity of your argument

Solar panels need silicium (literally sand) and bor, apart from some plastics and structural metal and glass. Those are way easier and cleaner to mine then radioactive materials, and bor is needed in really small amounts, AND IT DOESNT GET BURNED, YOU CAN REUSE IT.

3.Thinking that smashing a train against something tells you anything about the properties of a material when exposed to time spans of degradation many orders of magnitude bigger than the time humans even started researching material properties…I dont even know where to start with this “argument” its bs on so many levels