Did you really expect them to not collect your usage patterns?

I’m not defending them, I’m saying stop supporting these companies.

I have exactly zero of these automation devices in my house. Wait, that’s a lie, I have one, a temp monitoring device for a freezer - and only because I needed it in a hurry.

I’m currently working on self-hosted solutions with no web-based account.

Simply don’t use these automation devices, it’s very clear they collect your data - why else would they host a web service for it for free, when it could just was easily be self-hosted today.

Lol.

Oh, yea, you’re right. Thanks

Wow, thanks for the heads up.

Looks like it affects dockerd, but not docker desktop.

Any idea of the docker implementation in Proxmox or TrueNAS? (TrueNAS does containers if I remember right?)

Easy PiHole install https://github.com/pi-hole/pi-hole/#one-step-automated-install

Tailscale https://tailscale.com/download/linux/rpi-bullseye

I’ve run TS and PiHole natively on a Pi Zero W, hardly even makes the CPU run, with Syncthing on it too.

Max CPU was 30%, and that was while making config changes.

Also used it as a Subnet Router for TS - so it was routing RDP connections, etc.

https://github.com/pi-hole/pi-hole/#one-step-automated-install

Apparently people run TrueNAS in a VM on Proxmox and it works fine, it’s even supported by both Proxmox and TrueNAS.

I’ve tested both - the virtualization in TrueNAS is rather limited, so I moved over to Proxmox - I need good VM and Container support, in addition to storage management. I’ll probably go the TrueNAS on Proxmox route once I have real storage capability.

Oh, neat. I’ll have to look into it.

Thanks!

Loose, not lose

I’m not seeing anything there that says guests can’t see other guests - quite the opposite.

guests connected to your Hotspot Portal will be isolated from all other networks except the one they are assigned to.

Guests on this network are able to access the internet, and communicate with the UniFi gateway to obtain a DHCP lease and resolve names using DNS

I suppose a switch could be configured to prevent traffic going to other ports, which is how I would assume this would have to be done. This functionality would have to exist in the access point, I guess?

Does UniFi have a feature to isolate devices from each other on the same subnet? Seems like it would require some kind of Layer 2 routing?

Isolated guest networks I get, but isolating guests from other guests on the same subnet/isolated net is what I haven’t seen.

Well, mobile sucks for most stuff, just because of size. I’d prefer to have simpler interface, with (as you mentioned), pre-defined routines/actions.

Or just use ssh, since command line is a lot easier on mobile for stuff like this.

I guess having more pages with fewer objects could make for a better mobile experience.

Tailscale is a mesh network. It’s all encrypted, like a VPN, but not exactly the same thing.

It’s kind of like each member of the network having a VPN connection to every other member of the network.

Tailscale has a neat feature called Funnel, which funnels specified inbound traffic from the internet to a specific resource/service/device.

That traffic is encrypted too, starting from the entry point (which is hosted by Tailscale).

This can be useful for example, for something like Nextcloud, so clients don’t have to run the Tailscale app to get access.

I am worried that there is not really a benefit of doing that, just more noise and energy consumption.

If there wasn’t a benefit, why would people (and pretty much every business) do it?

Guest devices can’t communicate with other guest devices

How do you accomplish this isolation since they’re on the same subnet/broadcast domain? Is it a feature of the hardware you’re using?

Basically all communications, even inside a network, are encrypted

LOL, oh no.

Even internet traffic isn’t encrypted by default.

Sadly TCP/IP isn’t encrypted.

People who say this should be elevated to CVE haven’t dealt with noise vs signal much.

Is it a risk, sure, but as you said it was already “experimental”. Experimental shit means “don’t do this in prod, but only in a proper managed lab”.

That key word: experimental.

Integrating Music, Video (non-movie, non-TV), Audiobooks, E-books, etc, etc, into a single UI is so problematic.

Each app I use is better at part of it.

I like Jellyfin, but it struggles as much as others. I use Mediamonkey for phone sync of Podcasts, music, and some video.

Hats off to all the devs trying to herd these cats.

Yea, get a VPS (Virtual Private Server) and host it there.

Basically VM in the cloud that you use.

https://www.forbes.com/advisor/business/software/best-vps-hosting/

I’ve been building monster machines since… Well, a long time ago - back when cases were one color, and black wasn’t an option yet.

We all dreamt of big towers, numerous hard drives, multiple fans, so we could play whatever game we wanted.

I’m blown away at what we can do today within the volume of a box of tissues, or less, and at a price that is frankly, cheap.