It’s usually fine if you stick to a good well-known brand, but there’s some cheaper cameras that are bootleg clones of other brands, that can’t run the latest upstream firmware so they’re stuck on a hacked/modified version of older firmware.

The good Chinese brands, if they do have a hard-coded password, usually make you change it on first login. I’m pretty sure newer Hikvision and Dahua models do this (plus their resellers/rebrands like Amcrest, Lorex, Annke, etc). You need to pay more than the garbage brands, but they’re worth it.

Of course, there’s all sorts of junk on Amazon that don’t follow any sort of standards.

It can get cold if you’re protesting at night, so don’t forget to keep warm by wearing a face covering 😊

Hard-coded default passwords have been illegal in California since 2020, so it shouldn’t be as much of an issue with newer devices. Companies aren’t going to make California-specific versions of their devices, so they’ll often just follow the California standards everywhere.

To be legal in California, the device either needs to have a randomly-generated password unique to that device (can be listed on a sticker on the bottom of the device, or in the manual), or it needs to prompt to set a password the first time you use it.

I still wouldn’t ever expose a camera directly to the internet. Keep it just on your LAN (eg using a VLAN) and VPN in (eg using Tailscale) to connect to it remotely.

There’s a site that lists all the insecure cameras: http://www.insecam.org/

Any camera you expose to the internet with no protection is vulnerable. The issue is just that they’re accessible over the internet without a password.

Follow best practices by keeping your cameras on a separate VLAN that’s isolated from the internet, and you’ll be fine. Use a VPN like Tailscale to view your cameras while away.

Lemmy isn’t anonymous, it’s pseudonomyous.

This doesn’t really work in real life since IPv6 rate limiting is done per /64 block, not per individual IP address. This is because /64 is the smallest subnet allowed by the IPv6 spec, especially if you want to use features like SLAAC and privacy extensions (which most home users would be using)

SLAAC means that devices on the network can assign their own IPv6. It’s like DHCP but is stateless and doesn’t need a server.

Privacy extensions means that the IPv6 address is periodically changed to avoid any individual device from being tracked. All devices on an IPv6 network usually have their own public IP, which fixes some things (NAT and port forwarding aren’t needed any more) but has potential privacy issues if one device has the same IP for a long time.

Most service providers like Vultr provide /64 ip ranges, which provide us with 18,446,744,073,709,551,616 addresses. In theory, we could use IPv6 and rotate the IP address we use for every request, bypassing this ratelimit.

This usually doesn’t work, as IPv6 rate limiting is usually done per /64 range (which is the smallest subnet allowed per the IPv6 spec), not per individual IP.

Thanks. I looked into it a bit more and it looks like they actually want to increase what can be done in userland, to reduce the reliance on kernel mode. That’s still a good solution, if things the anti-cheat code needs to do can be moved into userland.

California Pizza Kitchen?

AFAIK Microsoft have plans to block kernel level anti-cheat on Windows. After the CrowdSec issues last year, they’re rethinking which types of programs should even be allowed to run in kernel space.

Edit: I was wrong. They actually want to increase what can be done in user mode, to reduce reliance on kernel mode code.

My wife totally skipped the “lol so random” phase of absurdist internet memes since she didn’t use the internet at the time, so she doesn’t appreciate things like Badger Badger Badger, Charlie the unicorn, the Llama song, animutations, etc.

It’s useful sometimes though, because sometimes I show her a meme that she ends up loving, and I get to see someone experiencing it for the first time.