melroy

My ipset hash is full!? I'm using Ubuntu Server and I created a separate fail2ban jail that uses "iptables-ipset-proto6-allports" as their ban action (thus using ipset instead of iptables).

However, today I seem to hit the limit: stderr: 'ipset v7.15: Hash is full, cannot add more elements'.

This can be confirmed by running the ipset -t list command:

Name: f2b-manual
Type: hash:ip
Revision: 5
Header: family inet hashsize 32768 maxelem 65536 timeout 0 bucketsize 12 initval 0xbc28aef1
Size in memory: 2605680
References: 1
Number of entries: 65571

Where the 65571 entries exceeds the maxelem (65536). So what now?? Could I create a banlist in a txt file or something? I just want to ban some large tech corps: https://gitlab.melroy.org/-/snippets/619

Sad story ahead

Today I fully removed Firefox as my main browser. It's banned from all my devices from now onwards. I used Firefox as my only browser since I was 10 years old. Which is 24 years now (24 years!). I loved

Firefox trying to be a good alternative to Chrome, promoting open-source and showing the world that privacy does matter. Sadly not anymore, recently after Mozilla hostile CEO takeover and moving the company forward to an advertisement company. Neglecting privacy. And fully want the other way around, tracking user data sending back to Mozilla. And at the same time Mozilla has also became an ads company just like Google, so there is no difference anymore really. And it only goes down-hill from here.

Furthermore, Mozilla is spending more money in AI companies then in the product Firefox itself. So..

Luckily, there are plenty great Firefox forks! Look into some of them yourself and really pick an alternative rather sooner than later:

• LibreWolf
• Floorp (I went with Floorp, thus far it's great!!!)
• Waterfox
• Mullvad

Just pick one, anything... from above list!

I know, it's sad. It's very sad, after 24 years I didn't went to leave Firefox, but this last moves was the straw that broke the camel's back. I'm out, cya at the fork!

I saw today the infamous pop-up of YouTube again that they will block the video player after 2 more videos if I keep using uBlock Origin. ** Google.

Some people might think you can only use or set environment variable of the service in docker compose eg.:

my-service:
  image: lts-alpine
  environment:
    MY_SECRET_KEY: ${MY_SECRET_KEY}

But the same ${} syntax can be used to set a version of Docker image of PostgreSQL, like in this example below:

my-service:
  image: postgres:${POSTGRES_VERSION:-13}-alpine

If nothing is set, version 13 is the fallback value. Now you can set POSTGRES_VERSION environment via your shell. Or leverage the .env file of Docker:

POSTGRES_VERSION=16

When running: docker compose --env-file .env up, Docker should now use PostgreSQL v16 Alpine as Docker image.

Bonus: The docker-compose.yml filename is an old filename, use compose.yml from now. Same for other Compose files like compose.override.yml.

More info: https://docs.docker.com/compose/environment-variables/set-environment-variables/ and https://docs.docker.com/compose/environment-variables/set-environment-variables/

YouTube starts censoring medical information and content. And only content that "meets WHO guidelines" appears on YouTube. No other medical data.

I found this very dangerous, because people should be able to judge themselves what they want to read or hear about. It's our body and your health. I would like to make my own decisions.

More info: https://support.google.com/youtube/answer/13813322

Lemmy was/is vulnerable for XSS attacks.

Hackers try to inject JavaScript code that tries to steal your (ideally admin) cookie credentials. It seems that the admin account of lemmy.world was compromised this way (MichelleG). Other instances aren't safe either. Which could point to the custom emojis feature in the federate comments, meaning a lot of external instances could be effected by now.

Incorrect escaping of user input data could lead to these issues. Kbin just recently discovered a similar regression issue and which has been solved by now. But it seems that Lemmy was or still is vulnerable to this attack factor.

Mitigation action Lemmy users: You might want to disable JavaScript in the meanwhile.

Mitigation action for Lemmy server owner: Disable custom emoji:

DELETE FROM custom_emoji_keyword;
DELETE FROM custom_emoji;

Clean-up the exploit content:

UPDATE comment SET content = '<REMOVED BY ADMIN>' WHERE content LIKE '%![" onload%';
UPDATE private_message SET content = '<REMOVED BY ADMIN>' WHERE content LIKE '%![" onload%';
UPDATE post SET body = '<REMOVED BY ADMIN>' WHERE body LIKE '%![" onload%';
UPDATE post SET name = '<REMOVED BY ADMIN>' WHERE name LIKE '%![" onload%';

Rotate your JWT secret (invalidates all current login sessions):

UPDATE secret SET jwt_secret = gen_random_uuid();

Note: Even just opening a link to a vulnerable Lemmy instance could allow hackers to steal your cookies or sessions credentials. Therefore I will not share or allow people to share URLs of comprised / vulnerable instances.