ccoates wrote:Inversely, I genuinely can't remember the last time a Linux distro upgrade went smoothly for me. I'm sure it's happened, but I can't think of a single instance.
If you have a Steam Deck like you mentioned, it's probably happened a couple times now.
Spoiler:Yes, I'm being cheeky again
Hell, it's happened a couple of times to me since I started writing this post.
I have this pair of first generating QC35s. Lately they've been randomly turning on despite the switch being in the off position. When this happens, I move the switch to the on position and then off again and they turn off, but will turn on Austin about 30 minutes later. If I switch them on again right after turning them off, they don't turn on, but if I wait a few minutes and then switch them on, they turn on properly. Once they're on they seem to stay on fine. The only other odd behavior is that they don't seem to charge properly (the indicator light goes out instead of turning green) from a cable plugged into a device USB port whereas plugged into a power adapter charges fine.
Mostly I'm just confused by why they turn themselves on. Maybe the switch doesn't physically severe the power connection, and whatever sleep mode it puts them in is failing? No idea.
Could they have some type of wake-on-Bluetooth functionality? Have you already tried to do a firmware update or a factory reset if that is possible?
Could they have some type of wake-on-Bluetooth functionality? Have you already tried to do a firmware update or a factory reset if that is possible?
good thoughts, but I should have just googled it because of course it's happened to others. There are thin metal contacts under the switch that eventually get flattened and fail to make proper contact. Guess I just need to unflatten them and should be back in business.
I’m at a hotel/resort. Everyone with me has 1-2 wireless devices like phones and laptops. The hotel has an open wifi network which I would never trust. I have a VPN connection on my devices but the other people have none.
It occurs to me (not for the first time) that I should be able to bring my own wifi router with VPN built in and set it up as a private LAN AP connected to the the hotel wifi. Anyone with me who connects to the router gets a secure connection without their device having to support it.
Last time I looked around I think I found some hack solutions but never did the work. Now I’m thinking about it again. Is this now easy to do?
For now I’ve got people using Cloudflare’s WARP VPN since it’s better than nothing.
Edit: Looks like there are devices like the GL.iNet GL-SFT1200 specifically for this purpose. I’ll dig around more.
Or maybe I can get a wire guard client working on an OpenWRT router.
I have the GL.iNet Slate (a few years old now) for this exact purpose. It works well. I have had little luck with hosting my own VPN and getting any kind of performance out of it, but I think it supports VPN services like Nord etc... At the very least, it lets you mimic your home network (so no changing every device to connect to it) and it has a firewall to block people from attacking your devices.
That's a great idea I hadn't considered for taking my camper to a campground. It would give me better connection if the antenna is mounted outside, plus firewall security even if I don't use a VPN. Thank you in advance for the rabbit hole I am about to go down! 
I have a Firewalla Purple which allows you to use devices from home, remotely, while travelling. They call it a Trusted Lan.
I have never tried this but Firewalla has worked very well for me at home.
I have the GL.iNet Slate (a few years old now) for this exact purpose. It works well. I have had little luck with hosting my own VPN and getting any kind of performance out of it, but I think it supports VPN services like Nord etc... At the very least, it lets you mimic your home network (so no changing every device to connect to it) and it has a firewall to block people from attacking your devices.
Maybe all I really need is to travel with any router that can connect to the Internet through wifi and has firewall features to protect client devices behind it. Then each client device can connect to Cloudflare WARP directly.
Cloudflare WARP works surprisingly well on every device I've tried and is based on Wireguard so the performance isn't terrible. The hotel wifi would be the bottleneck anyways.
It didn't look like the GL.iNet had support for Cloudflare WARP built in. I could take one of my OpenWRT devices and try to get the unofficial Cloudflare WARP stuff to work on it. The official WARP packages don't look like they'd work but maybe if I turned an old laptop into a Linux based wifi AP I could use official packages.
I'm not trying to get around region restrictions or hide what I'm doing so a lot of what paid VPNs use as a selling point doesn't matter to me. I just don't want to be in the open and at risk of attack on open hotel wifi. And for everyone else I'm with I want it to be easy and automatic for them so they don't have to do anything to be secure.
No home VPN server needed as I'm not trying to connect to home devices. Well, except my dev server but I'm already able to tunnel to that securely through an Azure intermediary.
Edit: I've been digging around more into what Cloudflare offers directly. Clearly their free offerings are meant to prove the scale of their paid solutions and encourage you to sub for higher tiers. It looks like their zero-trust teams solution has a zero cost plan for <50 users. I'm curious what hardware it supports if any. If I can leverage this for a small hardware investment (or re-use) I'll give that a try.
It didn't look like the GL.iNet had support for Cloudflare WARP built in. I could take one of my OpenWRT devices and try to get the unofficial Cloudflare WARP stuff to work on it.
The GL.iNet devices run OpenWRT.
pandasuit wrote:It didn't look like the GL.iNet had support for Cloudflare WARP built in. I could take one of my OpenWRT devices and try to get the unofficial Cloudflare WARP stuff to work on it.
The GL.iNet devices run OpenWRT.
Yeah I noticed that when I was digging around. That might make it less useful to me tho since I already have some devices with OpenWRT. No need to buy a GL.iNet if it doesn't offer much on top of base OpenWRT and I already have to plug in Cloudflare WARP support myself.
Yeah if you're buying a GL.iNet device, it's either for the form factor, or if you can't manage installing/configuring OpenWRT yourself and want their "easier" UI. For me, it's the former. I recently bought one to replace a much older portable nano router (now that business travel is happening again and I have use for such a thing).
Nice and small, and I also got the form-fitting protective case for it, so now it's tossed into my travel bag and will be there whenever I need it.
I may or may not flash vanilla OpenWRT on it. We'll see after I travel a bit with it.
Yeah if you're buying a GL.iNet device, it's either for the form factor, or if you can't manage installing/configuring OpenWRT yourself and want their "easier" UI. For me, it's the former. I recently bought one to replace a much older portable nano router (now that business travel is happening again and I have use for such a thing).
Nice and small, and I also got the form-fitting protective case for it, so now it's tossed into my travel bag and will be there whenever I need it.
I may or may not flash vanilla OpenWRT on it. We'll see after I travel a bit with it.
The size/portability is a good selling point. My OpenWRT devices are big home routers with lots of antennas. Kinda portable but not anywhere near as much the GL.iNet devices.
Which model are you using? Are you happy with the speeds?
The GL.iNet GL-SFT1200 is really inexpensive and I doubt it ends up being the speed bottleneck in a hotel. I'll play around with one of my OpenWRT devices first but still consider buying a GL.iNet later.
I went big picked up the Beryl AX. I haven't had a chance to put it through its paces, I can report back on that in a few weeks. But I was encouraged by reports from other users of its performance. It's almost certainly going to be overkill for my needs.
The GL-SFT1200 is definitely priced better and probably is more in line with what I should have spent to solve this problem. 
But I liked the overkill speed, plus sacrificing one of the LAN ports meant an even smaller form factor.
I don't know if any router can do it, but one selling feature of the GL iNet routers is the WAN can be hardwired or WiFi. I have used it in places where a hardwire connection was not possible. The form factor is definitely a plus, it is the size of a credit card (but thicker of course) but because of the size, it won't be the best for performance (though still not bad).
Yeah, you can do that kind of bridge mode with most good wifi router firmwares.
That's one of the reasons I had my old TP-Link nano router, for when I would encounter hotel wifis that had a device limit. Yeah, no, the hell with that.
So, with Google’s brilliant* idea to create a .zip TLD, is there any way to completely block an entire TLD from a browser or router?
So, with Google’s brilliant* idea to create a .zip TLD, is there any way to completely block an entire TLD from a browser or router?
Yes. Adblockers are made to do this.
If you're using a DNS-server adblocker (PiHole, etc), then simply add a wildcard *.zip rule.
pfBlockerNG for pfSense routers has an explicit TLD blacklist area:
Adblockers build into other router software offerings often have something similar.
To block at the browser level, if you're running a browser with the uBlock Origin extension, add a rule that reads:
||zip^
in the My Filters section.
This is also everyone's periodic reminder that, if you're not running Firefox, you should be. Adblockers are an important defense tool, and Google is continuing to work towards weakening and undermining the ability of adblocker extensions to function. Don't use browsers produced by advertisement companies.
Also, if you're an iOS user and you're using the AdGuard app to add content filters to Safari (please do, the Safari content filtering part is free), you can add a custom filter by:
* tapping the shield icon in the bottom icon row
* tapping on Safari Protection (NOT the on/off slider, but the text)
* tap User Rules, then Add a new rule
* enter the rule as: ||zip^$important
Yeah if you're buying a GL.iNet device, it's either for the form factor, or if you can't manage installing/configuring OpenWRT yourself and want their "easier" UI. For me, it's the former. I recently bought one to replace a much older portable nano router (now that business travel is happening again and I have use for such a thing).
Nice and small, and I also got the form-fitting protective case for it, so now it's tossed into my travel bag and will be there whenever I need it.
I may or may not flash vanilla OpenWRT on it. We'll see after I travel a bit with it.
For me it's the latter. I find OpenWRT less intuitive than DD-WRT, but I like GL.iNet's simplified UI.
I have the Slate like Kazar. I have my Asus router working as a VPN server so I can use the Slate as a VPN client to connect to my home network when I'm traveling.
Handy for stuff like streaming media or accessing files on my NAS, or even streaming Hulu or something while abroad.
But you could also use it as a VPN client for NordVPN and those services, too.
I've taken it on several trips, and it's extremely useful for connecting to hotel wifi to share the connection. You can even connect to hotel wifi on your laptop or phone, then clone the MAC address on the travel router.
I even used it on a plane recently because plane wifi makes you pay per device. Of course, since plane wifi is so crappy, that wasn't optimal. But it was good enough for basics.
What I do is my travel router uses the same network SSIDs and passwords as my home network. Which means once I've got that up and running my devices connect to it without any fuss.
I had run into some small issues with it. If I'm using it as a repeater and change hotels, the GL.iNet router sometimes seem to... get stuck? Trying to connect to the previous hotel network and never turns on the wifi. That means you might not be able to access the router to setup the new wifi connection.
When that happens you can just reset it, but IMO the way it should work is it *always* enables the 2.4ghz/5ghz wifi you've setup, regardless of whether it can connect to the network you were repeating.
A second weirder one is at one hotel in Spain, it did NOT like the voltage coming out of the wall socket when I plugged in a USB charger. I'm not sure the technical reason that would be the case, but I ended up running it from a portable battery pack instead, then it worked fine. Plugged it into the wall, it'd blink and not function properly.
Now that I'm back home, or at other hotels? No issues like that at all. And I took it on a trip to Peru and never ran into that.
The Slate is solid, but the models on their site now (like the one Legion has) seem like they're iteratively better with a faster processor and more memory.
So how does something like the Slate compare to (or complement?) a firewall solution like the Firewalla? To me, it appears that the Slate is a router with VPN connectivity (does it have its own VPN network like, say, Nord?), while the Firewalla adds full firewall functionality. Is that right?
OpenWRT (and thus GL.iNet devices) has firewall functionality.
I've never used a Firewalla device, but as far as I can tell, there's no reason to have both of these devices.
Reading through Firewalla's sales pitch, my takeaway is that the main value add there is the easy configuration through the phone app, and wrapping features up into big, important sounding names (eg. switching to OpenDNS servers to utilize their content filtering - something you can do with any router - is put into Firewalla and called "Family Protect". Or there's the option to run a local DNS server with content filtering, similar to Pi-Hole and the like, and that's "Native Family Protect").
Under the hood, these are both just Linux devices utilizing netfilter/iptables to provide firewall, routing, etc.
Thanks Legion! All companies have marketing-speak; I've found the Firewalla to be pretty powerful and useful.
Don't get me wrong, wrapping complicated functionality into an simple toggle with an easy to understand name certainly has value, even if it rubs nerds like me the wrong way because it abstracts away some of the details.
Just from looking at screenshots, Firewalla seems a lot more accessible to people that don't necessarily have a lot of networking knowledge, or people that just want it to be easy and are willing to pay the added premium for it. But again, I'm being judgey from a distance.
It's got a lot of functionality in the default settings, but you can dig deep into it and customize it as well. I like that combination of simplicity in the UI and a very wide range of deep features. It works for network nerds as well as neophytes.
This might be a weird one but just asking cause google failed me.
I moved my PC to a new case and have two ssd. The power to ssd cable can connect to three different ssds. Thing is my new setup is two wide. I have two skip the middle connector and go to the third. For some reason this causes my pc boot to bios every time. If I just hit save and close it continues loading fine. It's just odd.
I was hoping to not get another cable cause getting one that seems right for my case online seems tricky. Wondering if there was a setting or something I could tweak.
Never mind, seems me typing it out gave me an idea. Swapped around the cables so the ssd with my OS would be the first one to boot. Works now.
Usually you can specify boot order in the BIOS Storage section too. But swapping, that was a good idea!
Usually you can specify boot order in the BIOS Storage section too. But swapping, that was a good idea!
Yeah that was my first thought but it actually wouldn't load the second ssd in time before it hit the bios. Like the empty port caused a delay in loading the ssd. Very silly.
Are you using full disk encryption like BitLocker on your recent desktop computers? What performance hit are you seeing on a modern PC if any? Especially on a fast NVMe system drive?
Info online is mixed as expected and I don't really trust most of that info without a clear indication of hardware used. So much of the numbers I found were on ancient hardware.
I've always used BitLocker on work computers and didn't pay attention to or care about performance hit. From some simple before/after tests on my newish personal laptop I didn't see any appreciable difference with a modern-ish NVMe and 12th gen Intel CPU but I also wasn't that worried about it since that machine is more for travel and programming where I value encryption over disk performance.
I'm considering using BitLocker on my desktops now. My main desktop has a newer Ryzen and new NVMe + SSDs. My older desktop has an i7-4770k and some SSDs.
I can certainly just do some perf tests myself with and without BitLocker enabled but I was curious if anyone here knows of a reliable source of perf impact numbers I can consult before I mess around with this on personal desktops.
All I know is that the perf hit is usually limited to single-digit percentages, and is heavily dependent on the the available storage *throughput*.
Pages