But that means that someone else’s server is used whenever you leave your home network.

I’m pretty sure syncthing does NAT hole punching, so someone else’s server is only used for initial connection, after that, your data goes directly to your devices.

Maybe it was used as some sort of privilege escalation? E.g. NP++ downloads an XML file to %TEMP%, some already present malware modifies it, then GUP downloads a payload and executes it with administrator permissions.

It’s easy enough to add your own secure boot keys, you can even remove the Microsoft keys so that only your OS will boot.

windows server edition which not possible to get if u are not business client and it cost 800$

It probably depends on your uni, but students can get Windows Server licenses for free on Azure Education.

It does DNS already, so why do I need an external DNS server?

You need an external DNS server to access it externally. If you’re happy with internal access only, you can probably set some sort of DNS override in UniFi.

There are things I don’t understand about the machine that also make me think AI, but Google Translate seems to understand so maybe it isn’t?

Edit: Actually I think AI is better than I thought it would be.

This isn’t about Firefox, and there are zero mentions of Firefox in the article. This is about Mozilla screwing over their volunteers by replacing their human written translations, with inaccurate machine translations written by a closed source LLM.

It doesn’t really matter how you setup dynamic DNS and SSL. I prefer to handle dynamic DNS on the router, incase it’s smart enough to refresh the IP after DHCP renews it. I do SSL on a seperate nginx instance, but I run a few other sites; it might be easier to configure it directly on home assistant, but I haven’t tried.

If you want some extra security, I’d look into mTLS, as that establishes some cert based authentication at the TLS layer before HTTP, but it can be complicated to configure.

on these atomic distros where even something like syncthing involves shenanigans to keep active week to week? Ain’t happening.

I don’t see why you couldn’t kexec into a new kernel. kexec will load a kernel into memory from an already running kernel, and jump into it. It’ll suck for the user as they’ll have to semi-reboot everytime they want HDMI 2.1, but it’s easy and doesn’t install anything.

There’s also live patching, but I think that’ll be a bit of work.

Of course the kernel needs to be compiled with those options enabled, but most distros do.

Edit: And they probably won’t work with kernel lockdown/secure boot.

DP has an option to transmit HDMI signals instead, this is what passive adapters use and will still have the same HDMI 2.0 issue. A DP source can be passively adapted to HDMI, but a HDMI source cannot be passively adapted to DP.

You can also get active HDMI adapters which actively convert the signal, and can work with HDMI 2.1. Intel actually has an active converter chip built into their ARC GPUs, and is how they get around this issue.

You’re going to have a hard time trying to get that working over the WAN (if that’s even possible).

Wake on LAN is still encapsulated in an IP packet, so you can send it over the internet, and most WOL clients let you specify an IP. However your router will need to DNAT it to a broadcast address. Some routers have a check box for this (e.g. An ISP provided Technicolor router I have), some let you port forward to broadcast (e.g. Many routers, sometimes with workarounds), and some let you manually configure NAT (e.g. MikroTik routers).

So it is possible, but forwarding public internet traffic to a broadcast address seems like a bad idea, and I wouldn’t recommend it. Why I know this: I used to do this in middle school, and it does work quite well.

Depending on your BIOS and with fast boot, you might need to just hold one of the keys while booting instead of spamming it on boot.

Yep, but it’s required, and also present in every frame sent between your router and the ISP BNG.

I was trying to think of a reason why ASUS would still be showing.

I likely won’t be able to do it in time.

Yeah same. I’m currently overseas and still will be on the 10th. I don’t drink, and I’m born in the earlyish noughties so I can’t provide a very convincing spiel.

I’m also interested in IPv6 related things and Apalrd’s adventures on YouTube has some cool videos on translation mechanisms and stuff. I thought you might be interested.

he was referring to historical data

DHCP can also send a hostname, so it’s possible your ASUS router previously sent its hostname, and then the Pi doesn’t send one. What ever software they use might not clear the old hostname when there isn’t one.

Edit: For example, this is what my current ISP lets me see:

If you just want an IPv6 prefix and don’t need the encryption a VPN provides, you can use an IPv6 broker. Hurricane Electric’s broker is a popular one.

That’s the OPs reply, not the AI.

I don’t know what fedora 43 ships, but version 3.2.0 of nvtop should also give you stats, although it may need sudo for some stuff.

Well, your router is trying, but your ISP isn’t replying, so I’d say you don’t have IPv6 yet.

I have had ISPs where if you send a bunch of DHCP solicits/discovers too quickly, then they stop replying. So maybe disable DHCPv6 for a few hours, and enable it while watching it on the packet sniffer, incase it sends a weird response.

Also it shouldn’t make any difference, but in IPv6/ND change all to bridge; your router looks like it’s advertising itself as a default route to your ISP’s router, and that just seems wrong.