Does it have to be an overlay or would a regular notification that pops up suffice? Those may be quite easy to write fir your chosen DE.

This is pretty verbatim.

Neat, didn’t think of that!

I can really recommend those cards! They come in several sizes for laptop and desktop. I am not sure about USB. Just make sure you get the regular PCIe version and not the CNVio version (unless you have a compatible Intel Mainboard and somewhat recent processor). They differ in the naming, e.g. AX210/AX211 if I remember that right.

Let’s hope some volunteers pick up the codebase. But it’s a vast number of apps and some will probably be left behind.

Schade drum, benutze ich echt sehr gerne. Besonders die Galerie ist solide.

Oh no, those apps have replaced many of the OEM’ supplied ones on all my devices. I was fed up with constantly changing UIs and all the different feature sets on every device. I thought I had finally found something useful to consolidate on for the long term!

At least the current versions are pretty bug free and will stay.

Gotta love notebooks and their weird and rarely wonderful Wifi-Chips attached via SDIO. Even the intel cards can have problems!

+1 NewPipe Germany

Unlikely, but who knows? Can you try and boot Windows (install iso probably enough)? Or some very old Linux distro? It might just be your monitor becoming weird with age.

Edit: Alsobtry with a laptop or something and see how it goes.

Dangerously close to TempleOS.

Have a look into the logs of nc and see if it complains about a trusted proxy or similar. The ip range within a container network often changes between resstarts and that was a problem for me with my reverse proxy setup.

+1 for MTU and persistent keepalive. The last one helps if the connection is lost after a certain amount of time and does not recover, the first is often the problem when connection is intermittent or just “weird”.

Setting MTU requires knowing the MTU of your connection. Many ISPs provide IPv4 encapsulated in IPv6 protocol (Dual Stack Lite, I believe), meaning that from the regular package size you have to deduct the overhead of the encapsulation and if I remember correctly, also the package overhead for wireguard.

Yeah that made a massive dufference for me. Then again, it was unshielded cable so what did I expect?

But also unshielded so uncoil them entirely and do not lay them next to other data lines. I had so many dropped packages because of that.

A naive implementation of a conversion from displayable IPv4 to 32bit integer IPv4 might look like this:

You have taken the four integer numbers of the IPv4 address from the text input, converted them to an integer and for simplicity sake we will say that they were put into variables a, b, c and d. It is common to just use ‘int’ for numbers and not choose something more fitting like ‘uint8’, so in our case the variables will look like this after assignment:

a: 0 b:0 c:0 d:2130706433

Now let’s declare a 32 bit variable R for our result and initialize it with 0 (or with d to skip a step, but optimization is not the point here).

Let’s work from left to right along the original representation. That means we’ll start with variable a. In an ideal case, only the rightmost 8 bits are set (0-255 decimal). Many will just make that (naive) assumption. We shift it to the left, so that the 8 bits that were previously on the very right are now in the leftmost 8 bit positions of variable a, like this: a<<24.

We are working with 32 bit integer variables and that means that in this first case, any bits beyond the intended 8 bits were “shifted out” to the left and are now gone. There is no problem here yet. We simply OR it to the result variable. The result R now contains the first 8 bits of the IPv4 address and they are correct.

Only when we want to do the same with variable b, c or d is when problems might appear. If we do the same as above with b, we now only need to shift to the second octet to the left: b<<16. If we simply put out shifted b into our result variable R by OR-ing it with the current result, we not only add 8 bits of information to our result, but possibly 16. In this case the input was 0, so nothing bad has happened yet.

We repeat the same for c by shifting it by only one octet: c<<8 and as c is also 0, nothing bad happens when we or it together with the previous result.

Now in the last step is where the (minimal) example from above gives us problems. In this case we do not need to shift at all (d<<0). Remember that our result R is still 0 at this point. If we now OR 0 and 2130706433 together, we just get 2130706433. This last step added 32 bits of information even though we only intended to add 8.

Our converted IPv4 address is valid and some might say we even did a correct conversion, but it is of course not the intuitive result we wanted.

As you can see, an attacker might choose b,c and d as they please to make the notation look irregular, but our conversion simply eats it up and spits out a valid address. That’s why it is important to always work with IP addresses as integer numbers in bit format. Convert first, then filter on that. You never know how somebody may have implemented the conversion and whether they reject odd choices like “0.0.0.2130706433”.

You could of course also prevent stuff like this by making the conversion smarter and have it reject a,b,c,d >256 or something similar, but then you are just putting bandaids on a simple problem with a simple solution. Our conversion had to work with 4 independent numbers in a loop. It’s best to only do that once and use 32 bit integers beyond that.

It’s also about what one eats. I find fatty food to be the worst. It takes so much energy to digest I literally fall asleep at the table.

Nah, it’s easier in pretty much every language. It’s just a 32 bit number that can be compared with a standard “<=” or “=” comparison operator in pretty much every language out there and a single ASM instruction. Writing it as four smaller numbers joined with dots is just how it’s easy to display for humans.

Many make the mistake of thinking that IPv4 addressess are always encoded like that. The address “127.0.0.1” is just 2130706433 in decimal. Some tools even accept misformed addresses like “0.0.0.2130706433”. Security concerns come in to play when a program checks for local addresses by comparing the individual “127”, “0”, “0”, “1” parts (or eg. “192”, “168”, ““, ,””) and allow or deny access based on that for example. Another part of the software will likely just accept a misformed address and a malicious actor can circumvent the filtering from earlier.

Eh, those attempts are just noise anyway. Use proper pubkey auth instead of normal passwords and you’ll be fine. Any key size is probably enough to prevent successful bruteforce attacks. Anything above 2048 and there’s basically no chance for them to guess right within several years of constant trying. Most bots move along quickly as well, they try their predefined list of (common usernames) x (common passwords) and that’s it.

Install endlessh, an ssh tar pit, if you want to make their lives a little more annoying. Use a non-standard port if your OCD can’t stand the slowly filling auth attempt logs.

Someone mentioned Firefox Focus.