I'm a beginner. Wondering what is a simple OS that can achieve fast read/write speeds over a 10G network. It would be an 8-12 disk array with a total of >100TB of storage in either Raid 5 or ZFS Z1. All I need is data IO with a simple way to rebuild the pool if a drive fails, no cli. I don't need any other services from storage such as Docker, Nextcloud, etc... Just reliable, fast storage with a user friendly interface. I'd like to be able to achieve 700MB/s read/write. As an example I'm currently using an 8 Bay Thunderbolt DAS in Raid 5 populated with 16TB drives and the above speed is not an issue. Probably will just end up getting a QNAP or something but wanted to ask the community if there was another alternative. My job entails ingesting and playing in real time 2TB of camera footage on a daily basis. Footage is delivered to me on a TB3 external HDD. So it would be attach to a Mac and ingest over the network to this storage.
Cheers

Streamlining User Engagement Across Platforms

When it comes to enhancing user experience in mobile applications, the integration of services across different platforms plays a pivotal role. Particularly, for applications designed to foster collaboration or planning between individuals, ensuring a seamless flow of information is essential. The concept of connecting a mobile application to a web-based survey, without requiring the end-user to perform repetitive actions such as logging in, is a testament to this need. This approach not only simplifies the user's journey but also leverages the power of Firebase to streamline data synchronization and user management.
In the context of a mobile application aimed at planning surprises between two partners, the challenge of maintaining the element of surprise while ensuring effective communication is paramount. The solution involves creating a direct link between the mobile app and a web-based survey, facilitated by Firebase. By embedding user identification within this link, the application can transmit survey responses back to the planner without necessitating any additional input from the partner. This method reflects an innovative use of Firebase to enhance user interaction, making the process of gathering and sharing information as effortless as possible.

Function/Method	Description
fetch()	Used to make network requests to send or receive data.
FirebaseAuth	Handles user authentication in Firebase.
Firestore	Cloud Firestore is a flexible, scalable database for mobile, web, and server development.

Enhancing User Experience with Firebase Integration

Integrating Firebase into your mobile and web applications can significantly enhance the user experience by providing a seamless and efficient way to manage user data and interactions across platforms. The use of Firebase for user authentication and data storage, as demonstrated in the examples, allows for a robust and secure way to handle user information. By leveraging Firebase Authentication, developers can easily implement a login system that supports various authentication methods, including email and password, social media accounts, and more. This flexibility ensures that users can quickly and securely access the application with their preferred method, enhancing the overall user experience.
Furthermore, Firebase's Firestore database offers a powerful solution for storing and synchronizing data in real-time across all connected clients. This feature is particularly useful for applications that require immediate updates, such as the survey responses in the provided example. By storing survey responses in Firestore, the data is instantly accessible to the main planner in the mobile application, allowing for immediate feedback and interaction between the partners. This real-time data synchronization not only improves the efficiency of data management but also contributes to creating a dynamic and engaging user experience, encouraging more active participation from the users.

Authenticating Users with Firebase

JavaScript Example

import { getAuth, signInWithEmailAndPassword } from "firebase/auth"; const auth = getAuth(); signInWithEmailAndPassword(auth, userEmail, userPass) .then((userCredential) => { // Signed in const user = userCredential.user; // ... }) .catch((error) => { const errorCode = error.code; const errorMessage = error.message; }); 

Storing Survey Responses in Firestore

Using Firebase Firestore

import { getFirestore, collection, addDoc } from "firebase/firestore"; const db = getFirestore(); const surveyResponse = { userEmail: 'user@example.com', answers: {...} }; addDoc(collection(db, "surveyResponses"), surveyResponse) .then((docRef) => { console.log("Document written with ID: ", docRef.id); }) .catch((error) => { console.error("Error adding document: ", error); }); 

Advanced Strategies for Firebase Integration

Delving deeper into Firebase integration reveals its vast potential in creating dynamic, scalable applications that cater to a wide range of functionalities. The essence of Firebase goes beyond simple data storage and authentication; it encompasses real-time data synchronization, machine learning capabilities, analytics, and much more. For developers, the appeal of Firebase lies in its ability to provide a comprehensive suite of tools that can be easily integrated into any mobile or web application. This not only streamlines development processes but also enhances the app's performance, providing a seamless experience for the end-users. By utilizing Firebase's real-time database, developers can ensure that data remains synchronized across all clients in real-time, which is crucial for applications that rely on the immediate sharing of information.
Firebase also offers robust analytics features that enable developers to gain insights into user behavior and app performance. These insights can be pivotal in refining app features, optimizing user engagement strategies, and improving overall user satisfaction. Additionally, Firebase's machine learning capabilities, such as Firebase ML, allow for the integration of advanced features like image recognition, text recognition, and more, directly into the app. This opens up new possibilities for app functionalities, making applications more interactive and intelligent. The comprehensive nature of Firebase makes it an invaluable tool for developers looking to build high-quality, feature-rich applications that stand out in the competitive digital landscape.

Frequently Asked Questions on Firebase Integration

1. Question: What is Firebase?
2. Answer: Firebase is a platform developed by Google for creating mobile and web applications. It provides a variety of tools and services to help developers build, improve, and grow their apps efficiently.
3. Question: How does Firebase Authentication work?
4. Answer: Firebase Authentication provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app. It supports authentication using passwords, phone numbers, popular federated identity providers like Google, Facebook, and Twitter, etc.
5. Question: Can Firebase handle real-time data?
6. Answer: Yes, Firebase can handle real-time data through its Realtime Database and Firestore services, allowing for seamless data synchronization across all clients in real-time.
7. Question: Is Firebase free to use?
8. Answer: Firebase offers both free and paid plans. The free plan includes limited but generous amounts of resources and services, while paid plans offer expanded resources for larger or more complex applications.
9. Question: How does Firebase Firestore differ from the Realtime Database?
10. Answer: Firestore is a flexible, scalable database for mobile, web, and server development from Firebase and Google Cloud Platform. Unlike the Realtime Database, Firestore provides richer, faster queries and scales better for larger applications.

Empowering Mobile and Web Integration with Firebase

The exploration of Firebase as a comprehensive solution for integrating mobile and web applications reveals its potential to significantly enhance user engagement and operational efficiency. By leveraging Firebase Authentication, developers can offer a variety of secure login methods, thereby accommodating user preferences and boosting accessibility. Firestore's real-time data synchronization ensures that user interactions, such as survey responses, are immediately reflected across all platforms, enhancing the responsiveness of the application. This immediate data reflection supports a more connected and interactive user experience, encouraging active participation and engagement. Furthermore, the simplicity and effectiveness of Firebase in managing user data and authentication streamline development processes, allowing developers to focus on creating richer, more engaging user experiences. As technology continues to evolve, the integration of Firebase into mobile and web applications stands as a testament to the ongoing pursuit of seamless user interaction and data management in the digital age.
https://www.tempmail.us.com/en/firebase/seamlessly-integrating-surveys-between-mobile-and-web-platforms-using-firebase

Hi,
I would like to deploy my docker-compose solution to a VM on my local network. I don't have a docker image registry.
My dream would be to just docker-compose up -d through SSH without the need for a docker registry.
I tried using this command: docker-compose -H "ssh://{user}@{ip-address}" up -d
but it fails saying: "pull access denied for my-api, repository does not exist or may require 'docker login'"
Is this even possible? I can't find anything googling.
Thanks for your help

Introduction

In today's digital age, IPTV (Internet Protocol Television) has revolutionized how we consume media. With the ability to stream live TV and on-demand content over the internet, IPTV has gained immense popularity among users worldwide. However, with great convenience comes the necessity for robust security measures. Ensuring your IPTV experience is secure is crucial to protecting your personal information and maintaining a seamless streaming experience.

What is IPTV?

IPTV stands for Internet Protocol Television. Unlike traditional television, which relies on cable or satellite signals, IPTV uses the internet to deliver television content. This method allows users to stream live TV channels and on-demand videos through various devices such as smart TVs, smartphones, tablets, and computers.
IPTV works by transmitting data in small packets over the internet, which are then reassembled at the user's end to display the content. This process enables high-quality streaming and interactive features, making IPTV a preferred choice for many.

Why IPTV Security is Important

With the increasing adoption of IPTV, the risks associated with its use have also risen. Unsecure IPTV services can expose users to various threats, including malware infections, unauthorized access, and data breaches. These security issues can lead to severe consequences such as identity theft, financial loss, and compromised personal information.

Common IPTV Security Threats

Malware and Viruses

Malware and viruses are malicious software designed to infiltrate and damage your devices. When using unsecure IPTV services, you might inadvertently download malware that can steal your personal information or disrupt your streaming experience.

Phishing Attacks

Phishing attacks involve deceptive tactics to trick users into revealing sensitive information, such as login credentials or financial details. Cybercriminals often use fake IPTV service emails or websites to lure unsuspecting users.

Unauthorized Access

Unauthorized access occurs when hackers gain entry to your IPTV account without permission. This can result in unauthorized purchases, changes to your subscription plan, or access to your personal information.

Understanding IPTV Security Basics

Importance of Secure Connections

Using secure connections is fundamental to IPTV security. Ensure that the IPTV service provider uses HTTPS (HyperText Transfer Protocol Secure) to encrypt data transmitted between your device and their servers. This encryption prevents unauthorized parties from intercepting your data.

Role of Encryption in IPTV Security

Encryption converts data into a coded format that can only be deciphered by authorized parties. IPTV services that utilize strong encryption protocols protect your streaming content and personal information from cyber threats.

Choosing a Secure IPTV Provider

Factors to Consider

When selecting an IPTV provider, prioritize those that emphasize security. Look for providers with a strong track record of protecting user data, using encryption, and offering secure payment methods. The best IPTV providers will have transparent privacy policies and customer support that can address security concerns promptly.

Red Flags to Watch Out For

Beware of IPTV providers that lack transparency, offer unusually low prices, or have poor customer reviews. These can be indicators of unreliable services that may compromise your security. An IPTV service with a suspiciously low price might cut corners on security measures, leaving your data vulnerable.

Using VPN for IPTV Security

Benefits of Using a VPN

A Virtual Private Network (VPN) enhances your IPTV security by encrypting your internet connection and masking your IP address. This makes it difficult for hackers to track your online activities and access your data. VPNs provide an additional layer of privacy, ensuring that your streaming habits remain confidential.

How to Set Up a VPN with IPTV

Setting up a VPN with your IPTV service is straightforward. Choose a reputable VPN provider, install the VPN software on your device, and connect to a secure server. Once connected, you can safely stream IPTV content without worrying about your data being intercepted. This is especially useful when using popular IPTV services like IPTV Smarters Pro, which may require additional security measures.

Secure IPTV Apps and Devices

Recommended Secure IPTV Apps

Opt for IPTV apps known for their security features. Apps like Kodi, VLC Media Player, and Plex offer robust security options and regular updates to protect your streaming experience. These apps, combined with a reliable IPTV service like IPTV Smarters Pro, can provide a secure and enjoyable viewing experience.

Importance of Using Updated Devices

Using outdated devices can expose you to security vulnerabilities. Ensure your streaming devices, such as smart TVs and smartphones, are updated with the latest software to mitigate risks. Regular updates often include security patches that protect against new threats.

Firewalls and Antivirus Software

How Firewalls Protect Your IPTV

Firewalls act as barriers between your device and potential threats. By monitoring incoming and outgoing network traffic, firewalls can block suspicious activities and unauthorized access to your IPTV service. Configuring a firewall on your home network adds an extra layer of protection, especially when streaming content via IPTV.

Best Antivirus Software for IPTV Security

Investing in reliable antivirus software is essential. Programs like Norton, McAfee, and Bitdefender offer comprehensive protection against malware and other security threats, safeguarding your IPTV experience. Regular scans with antivirus software can detect and eliminate potential threats before they cause harm.

Safe Streaming Practices

Avoiding Suspicious Links and Downloads

Avoid clicking on unknown links or downloading files from untrusted sources. These can be potential vectors for malware that can compromise your IPTV security. Always download apps and updates from official sources to ensure they are free from malicious software.

Recognizing Secure Websites and Streams

Look for secure websites and streams by checking for HTTPS in the URL and verifying the site's legitimacy. Reputable IPTV services will typically have secure and professional-looking websites. If you're using a service like IPTV Smarters Pro, ensure that you only download the app from the official website or trusted app stores.

Regular Updates and Patches

Importance of Keeping Software Updated

Keeping your IPTV software updated is crucial for security. Software updates often include patches for known vulnerabilities that could be exploited by cybercriminals. Regular updates ensure that your IPTV service remains secure against the latest threats.

How to Enable Automatic Updates

Enable automatic updates on your devices to ensure you always have the latest security patches. This reduces the risk of missing important updates that protect your IPTV service. Most IPTV apps, including IPTV Smarters Pro, have options to enable automatic updates, making it easy to keep your software current.

Two-Factor Authentication

How Two-Factor Authentication Enhances Security

Two-factor authentication (2FA) adds an extra layer of security by requiring a second form of verification in addition to your password. This could be a code sent to your phone or an authentication app. Enabling 2FA on your IPTV account can significantly reduce the risk of unauthorized access.

Steps to Enable Two-Factor Authentication on IPTV Services

To enable 2FA, go to your IPTV service's account settings, find the security section, and follow the instructions to set up 2FA. This will significantly reduce the risk of unauthorized access. Services like IPTV Smarters Pro often offer easy-to-follow guides on enabling 2FA, enhancing your account's security.

Backup and Recovery Plans

Importance of Having Backups

Having backups ensures that you can recover your IPTV settings and preferences in case of a security breach. Regularly back up your data to a secure location. This practice can save you time and frustration if you need to restore your settings after a cyber attack.

How to Create a Recovery Plan for IPTV Data

Create a recovery plan by documenting your IPTV settings and keeping a secure copy of your login credentials. This will help you quickly restore your service if needed. Services like IPTV Smarters Pro often allow you to export and save your configuration settings, making recovery easier.

Monitoring Your IPTV Usage

Tools to Monitor IPTV Usage

Use monitoring tools to keep track of your IPTV usage. These tools can alert you to unusual activities that might indicate a security issue. Monitoring tools can help you detect unauthorized access or changes to your account settings.

Recognizing Unusual Activity

Be vigilant about any changes in your IPTV service, such as unexpected charges or unfamiliar content. These can be signs of unauthorized access or other security problems. Regularly reviewing your account activity can help you quickly identify and address potential security breaches.

Conclusion

Protecting your IPTV streaming experience involves a combination of secure practices, reliable software, and vigilant monitoring. By choosing a secure IPTV provider, using a VPN, keeping your devices updated, and following safe streaming practices, you can enjoy your favorite content without compromising your security. Remember to stay informed about the latest IPTV trends and use reputable services like IPTV Smarters Pro to enhance your streaming security.

FAQs

What is IPTV?

IPTV stands for Internet Protocol Television, a service that delivers TV content over the internet instead of traditional cable or satellite.

How can I secure my IPTV connection?

You can secure your IPTV connection by using a VPN, choosing a reputable provider, enabling two-factor authentication, and keeping your software updated.

Why should I use a VPN with IPTV?

A VPN encrypts your internet connection, making it difficult for hackers to intercept your data and providing additional privacy for your streaming activities.

What should I do if my IPTV service is hacked?

If your IPTV service is hacked, immediately change your passwords and contact your IPTV provider for assistance. Additionally, run antivirus scans on your devices to check for malware and consider using a VPN for added security.

How often should I update my IPTV software?

You should update your IPTV software as soon as new updates are available. Enable automatic updates can help ensure that your software is always up to date with the latest security patches. Regular updates are crucial to protect against new vulnerabilities and threats.

Exploring IPTV Trends

In the ever-evolving world of digital media, staying abreast of the latest IPTV trends is essential for both security and an enhanced viewing experience. Here are some key trends in the IPTV space:

IPTVTrends in Content Delivery

With the increasing demand for high-definition and ultra-high-definition content, IPTV providers are constantly innovating to deliver superior streaming quality. This trend includes the adoption of advanced compression technologies and more efficient streaming protocols to reduce buffering and enhance viewing quality.

Personalization and AI Integration

Another significant trend in IPTV is the integration of artificial intelligence to provide personalized content recommendations. By analyzing viewing habits, AI algorithms can suggest shows and movies that match the user’s preferences, making the viewing experience more engaging and tailored.

IPTV Trends Login Security

Login security is becoming a focal point in IPTV trends. Providers are implementing more robust authentication methods, such as two-factor authentication and biometric login options, to enhance user security. These measures help prevent unauthorized access and protect user data.

Best IPTV Services and Their Security Features

Choosing the best IPTV service is not just about the content offered but also about the security features. Providers like IPTV Smarters Pro are known for their comprehensive security measures. Here’s why:

IPTV Smarters Pro

IPTV Smarters Pro is one of the best IPTV apps available, offering a secure and user-friendly interface. It supports advanced encryption protocols to protect your data and offers regular updates to address security vulnerabilities. Additionally, IPTV Smarters Pro allows users to set up parental controls and restrict content, adding another layer of security.

IPTV Smarters Expert Tips

For those looking to maximize their security on IPTV Smarters Pro, here are some expert tips:

• Always download the app from official sources to avoid malicious versions.
• Enable two-factor authentication to add an extra layer of protection.
• Regularly update the app to the latest version to benefit from security patches.

How IPTVTrends Affect Security Practices

As IPTV trends evolve, so do the security practices associated with them. The increasing sophistication of cyber threats means that IPTV providers and users must continuously adapt. Here are some ways IPTV trends impact security:

Enhanced Encryption Standards

With more IPTV providers adopting higher encryption standards, users can enjoy safer streaming experiences. This trend is driven by the need to protect against advanced hacking techniques and ensure that user data remains confidential.

Network Security Improvements

Advancements in network security, including the use of more secure protocols and better intrusion detection systems, are becoming standard in the best IPTV services. These improvements help safeguard against a wide range of cyber threats, from malware to phishing attacks.

IPTV Smarters Pro: Balancing Performance and Security

IPTV Smarters Pro stands out not just for its content delivery but also for its commitment to balancing performance and security. The app provides high-quality streaming while ensuring that robust security measures are in place. Users can enjoy a seamless viewing experience without compromising on their data security.

Importance of User Awareness and Education

Staying informed about the latest IPTV trends and security practices is crucial for users. Understanding the potential risks and knowing how to mitigate them can make a significant difference. Here are some educational tips for IPTV users:

Stay Updated with IPTV Trends

Regularly read articles and updates on IPTV trends to stay informed about new features, security enhancements, and potential threats. Knowledge is a powerful tool in maintaining your streaming security.

Participate in User Communities

Engage with IPTV user communities and forums. These platforms are great for sharing experiences, tips, and staying updated on the best IPTV practices. You can also learn from the security strategies implemented by other users.

Conclusion

Protecting your IPTV streaming experience involves a combination of secure practices, reliable software, and vigilant monitoring. By choosing a secure IPTV provider, using a VPN, keeping your devices updated, and following safe streaming practices, you can enjoy your favorite content without compromising your security. Remember to stay informed about the latest IPTV trends and use reputable services like IPTV Smarters Pro to enhance your streaming security.

FAQs

What is IPTV?

IPTV stands for Internet Protocol Television, a service that delivers TV content over the internet instead of traditional cable or satellite.

How can I secure my IPTV connection?

You can secure your IPTV connection by using a VPN, choosing a reputable provider, enabling two-factor authentication, and keeping your software updated.

Why should I use a VPN with IPTV?

A VPN encrypts your internet connection, making it difficult for hackers to intercept your data and providing additional privacy for your streaming activities.

What should I do if my IPTV service is hacked?

If your IPTV service is hacked, immediately change your passwords and contact your IPTV provider for assistance. Additionally, run antivirus scans on your devices to check for malware and consider using a VPN for added security.

How often should I update my IPTV software?

You should update your IPTV software as soon as new updates are available. Enabling automatic updates can help ensure that your software is always up to date with the latest security patches.

Unable to login after trying to setup last night. I was able to create local admin but when I got to the Online account activation, i never received the Verification Code to my email (yes I checked spam folder). Tried several times. Gave up eventually and got a support thread going with them via email. This morning nothing seems to work to get into it even tho I copy and pasted my password into a keeper. find.ugnas.com doesn't find anything, but direct access with IP gives me a login screen, ping from computer just fine, and UGreen desktop and mobile app all find it and show me the IP. Have tried multiple browsers and incognito window. Desktop App and mobile app give me a network error upon logging in with local admin (nothing about an incorrect password even when i purposefully put one in). Even tho they all these methods find the device on the network and show it to have an IP on the same scheme as my computer i get the network error (logging in through web browser actually does nothing, i click "login" and literally nothing happens besides the button being clicked). Firewall is a Unifi Cloud Gateway Ultra, through Unifi 16 Port Pro switch, Country Restrictions have been turned off. Not sure what my UGREENlink ID is, scanning to bind from Mobile App results in the same thing when logging in. I'm not opposed to the reset but i already tried that, heard the beep but nothing changed. It's like the fact that i didn't complete the setup (should have just skipped the cloud account activation and sallied forth) now has it in a limbo of some sorts.
Putty to IP address works and the aforementioned local admin creds work fine.
I guess I never posed an actual question to the community:
Has anyone else experienced this same behavior? I saw another thread mentioning similar issues but they "logged in" and got a black white screen, i never got that far.
Has anyone done a reset seuqence as spelled out in the instruction manual and were able to reset the password? was it as straight forward as the user manual says? Should it not have prompted me to reset the password when accessing through web browser instead of asking for existing account creds?
Edit: Spelling and Grammar
Edit 2: Putty info added and 2 questions added.

I have an Mpix 4k NVR and I can't get rtsp to work.
The stream pops up and asks for the password each time. I can assure you, it's the right user.
I used admin, created user, changed password, etc. I even factory reset the NVR.
It has the exact string as the Dahua, I used the watchnet string on a dahua system I have access to (updated IP and login) worked immediately change streams from main to sub, even different accounts.
Is there something im missing? I can't seem to find a firmware update for this device, they are all June 2023.
I don't want to put all the cams on the main network and then remote each. We go from 1 to 9 points of entry / failure points.
Anything at all would be super appreciated. I'm at a loss on what to do next. As from what I'm seeing. This is a device / watchnet issue and not a url formatting issue.

Disclaimer: I do not speak Korean. This is purely translated by machine with a lot of cleanup afterward. With that in mind, I am open to criticism to improve these translations. Enjoy!
​
Chapter 429
​
「Shall we move in that direction now?」
​
The moment the press conference concluded, Shao Shen, the acting head of security, approached with this query. I nodded in affirmation.
​
"Let's do that. You know where he is?"
​
「Yes, I know. Let's go then.」
​
Guided by Shao Shen, a phalanx of security guards formed a protective circle around me and we commenced a slow march.
​
Meanwhile, pandemonium erupted outside our orderly formation. A tide of broadcasters armed with cameras and microphones surged towards us.
​
「Mr. Jin! Is it true that you are friends with His Royal Highness Prince Felix?」
​
「Jin-san! Jin-san!」
​
You're the real nuisance, buddy. [Note: the character for "san" in Korean phonetically sounds similar to the word for "nuisance" and "troublemaker".]
​
Even though we had just had the press conference, journalists from various countries clung on. Luckily, they could not break through the barrier of the Hunter security guards.
​
Well, there was one particularly tenacious reporter who managed to thrust a microphone in front of me.
​
"Mr. Jin Tae-Kyung! As a fellow Korean, just one interview please..."
​
There are always such people wherever you go.
​
"Ah, yes. Since we're both Korean, please step aside."
​
I was about to breeze past him when I halted, struck by a wave of recognition. I gestured for Shao Shen to allow the journalist through.
​
"Just a moment. Are you with DAS Patch?"
​
"......!"
​
"Yeah, you are. You published an article about me, right?"
​
"No, that's not true."
​
Right, that fucking guy.
​
This was the journalist who had once branded me as 'single since birth' in a viral article. Since then, searching my name online invariably brought up 'Jin Tae-Kyung, forever alone' as a related search term.
​
"Shen."
​
Bewildered by the Korean exchange, Shao Shen looked puzzled.
​
「Yes, Hyung.」
​
"Suppress him."
​
「Yes.」
​
With a firm nod, Shao Shen seized the DAS Patch journalist's wrist.
​
「Sir, I will now confiscate your balance.」
​
"Wait, just a moment!"
​
The commotion had escalated beyond control. The journalist, caught in a surge of force, was hurled into the air, landing amidst the crowd with a crash that sent cameras splintering across the ground. A cacophony of multilingual expletives rained down like a storm.
​
Witnessing this babel of curses, I couldn't help but marvel.
​
"We truly live in a global village."
​
「Eh?」
​
"No, never mind. Let's keep moving."
​
As the police intervened, the crowd parted, opening a pathway.
​
With the crowd's eyes on me and security tight, I made my way to the designated meeting spot — a suite in a five-star hotel reserved for VVIPs.
​
"Johnson."
​
「Oh, Jin. You arrived sooner than I expected?」
​
Magic Johnson, who had been intently studying something, rose to greet me with a warm smile.
​
His giant hand clapped my shoulder as he guided me to a seat.
​
「So, how did the press conference go?」
​
He obviously hadn't seen it. Accepting the beer he offered, I shrugged.
​
"So-so. I just answered the questions the best I could and ended it in 30 minutes."
​
「Haha. The journalists must not have liked that much.」
​
"They probably like me much more than they like you, since I at least held a press conference."
​
Magic Johnson had vanished into his quarters as soon as the conflict concluded.
​
Unlike other S-rank Hunters like Fei Chen and Prince Felix, he had become a recluse, to the extent that rumors of his death were circulating.
​
His only recent public interaction had been a cryptic update on his official SNS account.
​
​
​
I am researching something new.
​
It is as mysterious and magnificent as the victory we have just achieved.
​
​
​
Most people probably didn't understand what that meant and dismissed the message, but I was among the few who understood the depths of his new venture.
​
"So, how did it turn out?"
​
Magic Johnson's lips twitched slightly as he replied,
​
「Well...」
​
"Oh, you were able to do it."
​
「Did I say that?」
​
"You're not hiding your smile very well."
​
「I'm not? Not at all?」
​
What do you mean, not at all?
​
As his eyes brimmed with anticipation, I couldn't suppress a chuckle.
​
"You didn't even like this task at first."
​
「How do you know that when you weren't here? Did Choi tell you that?」
​
"Who else? Right now, it's just me, you, and Mr. Choi who know this secret."
​
「Oh. Well there's something wrong in what Choi told you.」
​
"Something wrong?"
​
「Yes. It wasn't that I disliked this task.」
​
Magic Johnson, having downed a 500ml can of beer in a single gulp, adopted a more grave demeanor.
​
「I was trying to destroy it.」
​
"Haha."
​
「No joke. Imagine if you were in my shoes back then. I almost blew the room to pieces.」
​
"If it were me, I would have destroyed the hotel."
​
Yet, the room and the hotel remained unscathed, a testament to Magic Johnson being a 'Grand Mage.'
​
Mages, driven by an innate curiosity, delve into the unknown, and a Grand Mage, at the pinnacle of both power and knowledge, embodies this trait profoundly.
​
He had embraced the proposal concerning this unprecedented venture.
​
「After hearing Choi's explanation and seeing it myself, I couldn't believe it. This is really...」
​
His words trailed off as he gazed absently at the other end of the room. Then he abruptly shook his head.
​
「No. This isn't right. You should check it out yourself.」
​
"Good thing. I thought I was going to die waiting."
​
Setting aside my half-empty can, I strode confidently across the expansive suite.
​
"Is it here?"
​
Magic Johnson nodded. It’s not surprising for an S-rank Hunter sensitive to the flow of energy to notice something odd in this space.
​
「That's right. You can really feel it?」
​
"At this level, it's really hard not to notice."
​
To an untrained observer, the area appeared ordinary. However, upon entering the room, I had instantly discerned its true nature.
​
This space was shielded by a spell that obscured all sound and vision.
​
「Wait a moment. I'll remove the magic...」
​
Whoosh, screech!
​
Magic Johnson's words were abruptly cut off, his expression shifting to one of surprise.
​
My hand, radiating with Protective Qi, swept through the air, effortlessly severing the layers of spells he had woven.
​
「Jin. What did you...?」
​
Thanks to opening my middle dantian during the fight with the Arch Lich, I could now see the patterns of Qi.
​
Such feats had become routine for me, so I offered no further explanation and simply focused forward.
​
With the spell dissolved, the fabric of space unfolded, revealing a figure concealed behind it.
​
"Ah, eh, ee, oh, oo. Hello. Thank you. Let's cook some rice. I love kimchi."
​
A blonde foreigner, meticulously practicing Korean in front of a full-length mirror while clutching an object, spun around at the sight of my reflection.
​
A brief, practiced smile flickered across his face, reminiscent of a seasoned actor.
​
"You've finally arrived, wicked human."
​
Look at this guy, getting the pronunciation exactly right.
​
For a moment, I contemplated punching him, but I chuckled and responded instead.
​
"Have you gotten handsomer since we last saw each other?"
​
The blonde foreigner, the Skeleton King, replied with a smug voice.
​
"You've gotten uglier since we last saw each other."
​
"......"
​
"Squid-faced human." [Note: squid is a Korean slang for "ugly guy".]
​
"...... You damn bastard."
​
Where on earth did this guy learn Korean?
​
​
​
* * *
​
​
​
「Hmm. Indeed, it's beautiful. There's no evidence of incongruity.」
​
Magic Johnson chuckled with satisfaction, echoing a top-tier plastic surgeon from Gangnam.
​
「Even looking at it again, it's a masterpiece of the era. I must be the first mage in human history to carve magic circles onto the bones of a living Named Monster, right?」
​
It was more than mere self-congratulation; it was the stark reality.
​
The radiant blonde hair, the eerily luminous golden eyes, and a stature of 190 cm — all meticulously crafted to the finest detail, including just the right amount of body hair.
​
Beyond that, the defined muscles, visible veins, and every subtle biological response to each breath or gulp.
​
Only upon intense scrutiny could one detect the abnormality; the Skeleton King appeared utterly human.
​
"...... Wow, it actually worked."
​
I had proposed the idea on a whim, thinking, 'What’s the worst that could happen?' but never anticipated such a flawless transformation.
​
I was just about to touch his blonde hair when...
​
Swoosh.
​
The Skeleton King stepped back, fixing me with a haughty look.
​
"Keep your dirty hands off me. You'll ruin my hair."
​
"......"
​
"Will you take responsibility if I go bald?"
​
This bastard is totally human now...
​
Dumbfounded, I couldn't muster a response. The Skeleton King, unfazed by my silence, admired his reflection in the mirror and smiled smugly.
​
"Hmm. Super handsome."
​
"......Where did you learn to talk like that?"
​
"From the internet."
​
"The internet?"
​
"Yes. I watched it intensely for a week."
​
"You don't happen to have a phone, do you?"
​
"That kind human over there bought me one. Thanks, Johnson."
​
Magic Johnson, having used a translation spell, grinned, evidently satisfied.
​
「Here's to a successful new start, Mr. King.」
​
「Thanks, Johnson.」
​
When did he learn basic English conversation?
​
I turned to confront Magic Johnson.
​
"Did you really buy him a phone?"
​
「Come on, Jin. What's the problem? My youngest daughter is five and she uses a smartphone.」
​
"That's your daughter, Johnson, but this is the Skeleton King."
​
"Wait. Wicked human. Sorry to interrupt this conversation, but I must say this."
​
The Skeleton King cut in with a serious expression.
​
"From now on, call me Stone-King." [Note: I'm not sure what reference the author is making here, but Stone-King is a direct translation of the Korean characters, which were even used phonetically to sound like "Stone-King" in English.]
​
"What bullshit is this? Do you want me to stone you?"
​
"It's my new name. Stone King. Born in Atlanta, Georgia, USA..."
​
I muttered, feeling a headache coming on.
​
"Should I just kill you now?"
​
"Are you planning to kill an American citizen?"
​
"Who's an American citizen, you idiot?"
​
"Sooner or later, I could acquire American nationality."
​
"You ought to be writing a web novel on KakaoPage with lines like that. Who says this kind of bullshit?"
​
Magic Johnson bashfully lifted his hand.
​
「Jin, with my connections, it's entirely possible...」
​
"Aaaaah!"
​
The absurdity nearly drove me to madness.
​
Clutching my throbbing forehead, I turned to Magic Johnson.
​
"Excuse me, Johnson."
​
「Hmm?」
​
"What I asked for through Mr. Choi was just to make him look like a human."
​
「Ah, of course. It was his desperate request, wasn't it?」
​
This whole scenario had unfolded shortly after my awakening, spurred by the Skeleton King’s vehement demands.
​
He had lamented about the oppressive confines of the Inventory where he’d been held.
​
Given his crucial role in the battle, his request seemed reasonable from the perspectives of both Mr. Choi and myself.
​
'He had protected Mr. Choi and Shao Shen during the battle with Lei Fei, and it was also thanks to him that I was able to defeat the Arch Lich.'
​
It was about time I reciprocated the Skeleton King’s efforts.
​
Additionally, having him in a human guise would simplify many things.
​
No longer would we need to conceal his true form, and he could even secure a contract with the Peace Guild.
​
But...
​
"The appearance I described was that of an Asian, wasn't it? No matter how many foreigners there are in Korea, they still stand out. Especially with looks like this."
​
Before Magic Johnson could respond, the Skeleton King spoke up assertively.
​
"I asked for it to be changed."
​
"What? Why?"
​
"I saw it on the internet. Handsome white men are popular everywhere in the world."
​
"......And why does that matter?"
​
"I’d like to try dating."
​
"Oh, my God."
​
Magic Johnson offered a consoling pat on my shoulder, which was heavy with the weight of exasperated sighs.
​
「It's okay, Jin.」
​
"What do you mean, it's okay? Do you know how scary social media is these days? What if netizens find out and say he's not born in Atlanta, Georgia, but is a native of the demon world? Does that even make sense? Why would you agree to such a request, Johnson?"
​
「I wanted to create a face that I'd enjoy looking at.」
​
"What?"
​
「That face is my ideal type.」
​
No, fuck...
​
Just then, a comment that shredded my last thread of patience reached my ears.
​
"Do you think it's unfair, squid-face?"
​
"Hey, you damn bastard!"
​
Snap!
​
In an instant, I lunged and landed a solid punch atop his head.
​
He groaned, blood gushing from his mouth — likely because he had bitten his tongue.
​
Blood, really? Was this yet another trick of magic? It was impressively executed.
​
"Die! Die!"
​
"Ack! Argh!"
​
The melee escalated as our hefty figures tumbled across the room, plunging it into chaos.
​
During the scuffle, a desk was upended, its collapse sending a cascade of documents Magic Johnson had been reviewing flying across my face.
​
"Wait, stop! Wicked human! I can't see anything!"
​
"You need to correct your manners today..."
​
But then, I froze.
​
Among the papers smothering my face, I spotted patterns — strange yet familiar.
​
'This is...'
​
I left the Skeleton King floundering as I stood and seized the sheet emblazoned with the pattern.
​
'Sichuan.'
​
Without a doubt.
​
It was indeed the pattern I had seen in Sichuan.
​
Previous Table of Contents Next

Disclaimer: I do not speak Korean. This is purely translated by machine with a lot of cleanup afterward. With that in mind, I am open to criticism to improve these translations. Enjoy!
​
Chapter 428
​
I pushed myself upright, exhaling the breath I’d been holding.
​
"Ah, fuck. I thought I was going to die from frustration."
​
Pretending to be comatose for four days had tested the limits of my patience.
​
It was a feat made no easier by the slew of cutting-edge medical devices surrounding me.
​
'It was also an awkward time to return to Murim.'
​
After all, returning meant nothing more than idly watching the Yangtze's waters from a ship's deck.
​
It was better to wrap up affairs in the modern world. With the System at my disposal, I've got plenty of time.
​
Crack, crack.
​
Flexing my stiff neck elicited chuckles from Mr. Choi.
​
"It would be chaos if people saw this on CCTV."
​
"That's a scary thought. If there were cameras in here, I would have just killed myself to avoid the trouble."
​
Fortunately, there was no CCTV to witness, and my life remained intact.
​
Actually, thanks to the brainwave detection device strapped to my head, alerting medical staff the moment consciousness returned, CCTV was virtually redundant.
​
"Out of curiosity, how did you manage to fool that machine?"
​
I shrugged nonchalantly.
​
"Hm? The brainwave detector? It's not exactly a machine."
​
"Oh?"
​
"It's technically a machine, but its core power source turned out to be a magic stone."
​
"So, you manipulated it with mana... I mean, with Qi?"
​
"Yes, I caused it to malfunction a bit. It wasn't too hard to manage."
​
Now that I had unlocked my middle dantian, my control over Qi had greatly improved.
​
If I couldn’t outsmart the few medical devices, I would have gone to check the temperature of the Han River out of frustration. [Note: the Han River is well-known for being a suicide hot spot, so much so that a common Korean saying for committing suicide is "visiting the Han River" or "checking the Han River's temperature". Fun fact: the namu.wiki page for the Han River has a link that you can press to check the current temperature.]
​
"By the way, how do you think the situation with Wu Hei-Xing will turn out? From what Grandpa General Receptionist says, it seems he was prepared." [Note: see novel chapter 384 for an explanation for this reference. This is something that the MC used to call the General Secretary of China.]
​
"For the fiftieth time, it's not Grandpa General Receptionist, it's President Shao."
​
"Why not? It sounds friendly and nice."
​
"..."
​
Mr. Choi shook his head and retrieved an apple from the nearby fruit basket.
​
With a knife that looked like a luxury item, he deftly peeled it and offered it to me.
​
"You probably don't need to worry about the Wu Hei-Xing issue. The general public is on our side, and it seems President Shao has sharpened his knife for it."
​
"President Shao? To be honest, he seemed a bit soft."
​
Crunch. I bit into the crisp apple, its sweetness exploding in my mouth.
​
If President Shao had been as tough as this apple, the Princelings wouldn’t still be entrenched at the heart of power.
​
As though he had read my thoughts, Mr. Choi chimed in.
​
"Did you know that President Shao was once branded a reactionary and spent five years laboring in a pig slaughterhouse?"
​
"Really?"
​
"He aimed for political reform after the Great Cataclysm but became a target of the Princelings. And look where he is now."
​
His implication was crystal clear.
​
Bearing personal vendettas against the Princelings and having weathered severe trials, he had ascended to the pinnacle of power. His resolve was unyielding.
​
"A knife that has been long sharpened must be swung when the time comes. To the Princelings, President Shao is now a formidable swordsman."
​
"What about Wu Hei-Xing's father then..."
​
"Considering his political stance and the public sympathy for Wu Hei-Xing, execution would be too harsh. He'll probably end up in a political prison or at the slaughterhouse. But given his age, he’ll likely spend the rest of his life wherever he ends up."
​
From Wu Hei-Xing to his father.
​
Thus concludes the tale of father and son.
​
Somehow, this apple tasted sweeter than usual today.
​
I grinned, wiping the juice from my lips.
​
"Lying down for four days was worth it."
​
As Mr. Choi began peeling another apple and extended it towards me, he responded.
​
"Your judgment was correct, Mr. Jin Tae-Kyung. If the media had known you woke up within half a day, you couldn't have avoided their scrutiny."
​
According to Mr. Choi, Lee Jeong-Ryong, whose body was never found, was considered certainly dead, and Wu Hei-Xing, whose neck had broken, was found as a gruesome corpse after the battle.
​
Had I appeared unscathed so swiftly, I would have been fodder for a scandal-hungry press.
​
"Mr. Jin Tae-Kyung, when you first woke up, even I couldn’t find my composure... Did you anticipate this before dealing with those two?"
​
I paused, biting into the apple again.
​
"I hadn't thought that far."
​
"Really?"
​
“No, I was just exhausted and my head was pounding, so I didn't want to deal with any of the fallout. If it got out that I was awake, it would have created chaos, both internally and externally.”
​
"..."
​
"Why?"
​
Mr. Choi’s expression turned to one of betrayal, then he looked away quietly.
​
"...No reason."
​
"Relax your face. If the result is good, that's all that matters."
​
My words rang true as events began to tilt remarkably in our favor.
​
Beyond resolving the complexities with Wu Hei-Xing and the Princelings, we had lawfully neutralized Lee Jeong-Ryong, our most formidable obstacle, and thwarted the Arch Lich, averting a bigger disaster.
​
The wave of global accolades and commendations that ensued was merely icing on the cake.
​
The notifications heralding my escalating fame came so frequently they nearly drove me mad.
​
Like right now.
​
Ding.
​
​
​
- The world's attention is focused on you!
​
- Your fame has greatly increased!
​
- There is too much information to process. Future fame-related notifications will be delivered monthly.
​
​
​
"…You should have done this sooner, damn thing."
​
At my muttered exclamation, Mr. Choi looked puzzled.
​
"Huh?"
​
"Oh, it's nothing. How's my family doing?"
​
Earlier, under a special mandate from President Shao Yang, my mother and Ha-Yeon had been flown to China on a chartered plane, welcomed with treatment befitting dignitaries and escorted by a fleet of jets.
​
"You don't have to worry. Your mother is resting comfortably, and your younger sister is..."
​
"You don't need to tell me about her. I'm sure she's fine."
​
"…Ah, yes."
​
I couldn't keep the secret from my family any longer, so I had discreetly informed them through Mr. Choi that I was unharmed and already awake, though I dreaded the impending first family visit.
​
'A couple of back smacks won't be the end of it.'
​
Facing thousands of monsters would be easier.
​
I could hardly fathom the confrontation that awaited. After all, with every fuck-around, the find-out is always lurking right around the corner. I was the one who hopped on a plane to China and had only notified my mother through a text in our family group chat.
​
"Team Leader Choi."
​
"Yes."
​
"You absolutely must not leave during the family visitation. Understand?"
​
"…?"
​
"Promise me. You have to stay by my side."
​
"Ah, got it."
​
And two hours later.
​
"You son of a bitch! You little rascal!"
​
"Gasp, Mom!"
​
"Jin Tae-Kyung!"
​
With a cry that was part wail, part shriek - the likes of which I’d never heard before — my mother launched herself at us. Mr. Choi, attempting to intercept her, was the first casualty of her onslaught.
​
"Calm down, Ma'am..."
​
"Move! Out of my way!!"
​
Swoosh! Rip!
​
"Ouch! Hey!"
​
"Hey, Jin Tae-Kyung-!"
​
In a stroke of ill-fated coincidence, a bold, recently graduated high schooler’s kick landed with pinpoint accuracy between his legs.
​
Thump!
​
"…Uh."
​
"…Ah."
​
With eyes wide, Mr. Choi spoke in a ghostly whisper.
​
"My special underwear, impervious to heat and frost and enchanted with a semi-permanent cleaning spell..."
​
Goodbye, Mr. Choi.
​
You should have enchanted it with a strengthening spell instead.
​
Thud, flop.
​
As I silently honored the fallen warrior, brought to his knees by agony, I steeled myself for what was to come.
​
'Inventory open. Equip Fire Dragon Armor.'
​
I felt the armor snugly encase my chest, stomach, and back beneath the hospital gown. Closing my eyes, I braced myself.
​
Then, unexpectedly, a palm struck my cheek.
​
Swoosh!
​
Ah, wait. A slap was not part of my calculations…
​
​
​
* * *
​
​
​
I regained consciousness a week later.
​
That was the official story, anyway.
​
After a week filled with exhaustive examinations and numerous follow-ups, I faced a sea of cheering fans and media at a brief press conference.
​
「Mr. Jin, we've filtered out any problematic journalists, so please respond to questions from the pre-selected reporters.」
​
However, despite the precautions set by President Shao before the press conference, several reporters, hungry for a sensational story, swarmed like bees.
​
「Mr. Jin! There have been reports that you had a poor relationship with Wu Hei-Xing, who died in the recent battle. Is this true?」
​
I gestured towards the security team attempting to restrain an insistent foreign journalist and responded.
​
"I've already explained everything during the investigation, but I'll tell you again. It's all true."
​
Snap!
​
A flurry of camera flashes and a crescendo of chatter ensued. One Chinese journalist, smiling with evident malice, pressed for further details.
​
「What was the reason?」
​
"That kid had no manners from our first meeting."
​
「What exactly...?」
​
"He cursed at me, calling me a bangzi. So I called him a jjanggae bastard, and then he attacked me after the meeting." [Note: a quick reminder since it's been a while: bangzi is a Chinese ethnic slur for Koreans. It is originally "Gaoli bangzi" but has been shortened in this sentence. It originated from the word for "helper", as numerous servants would accompany Korean diplomatic missions to China during the Ming and Qing Dynasties. These servants gained a bad reputation for petty crimes during this time period. Jjanggae is a derogatory term for Chinese people from the word "Jang Gwe", which means a person who manages a store's safe box. During the Imo Military Rebellion, low-status Han Chinese were brought by Qing dynasty's Manchu soldiers to Korea for menial tasks and, left stranded after the soldiers were mobilized for war against France, turned to running small-scale prostitution and restaurants during and after the Japanese colonial period to make a living. With no protections for their identities in Korea, these individuals' reverence for money stored in chests morphed into a term broadly referring to Chinese people and Chinese food establishments.]
​
The smile swiftly faded from the Chinese journalist’s face.
​
「Jjanggae! That's derogatory towards Chinese people!」
​
"Ah, I see."
​
With a casual nod, I signaled to the security officers.
​
"Please escort that jjanggae bastard out."
​
「Let me go! This is suppression of the press!」
​
"Please suppress that bastard's mouth. I'll talk with Chinese people, but I don’t talk with jjanggae. He's just like that bastard Wu Hei-Xing."
​
At that moment, another journalist, also Chinese, raised a question from the crowd.
​
「So, did you have further conflicts with Wu Hei-Xing after that?」
​
"There wasn't really a conflict; after I gave him a beating in true Korean style, he quieted down. After that, we got along fairly well."
​
「Then...」
​
"Yes."
​
I continued, my tone grave.
​
"Wu Hei-Xing was killed by the Arch Lich. There was no time to intervene, and I survived thanks to the Top-grade potion he left behind. I offer my condolences for his death once again."
​
There, the necessary condolences offered.
​
Admit what must be acknowledged, mend what can be salvaged. Regardless of Wu Hei-Xing’s actions in life or the nature of his character, confessing to his murder would complicate my future endeavors.
​
'Few would believe if I said Lee Jeong-Ryong lured Wu Hei-Xing into a plot.'
​
Inconvenient truths are often ignored.
​
Knowing that my next line would be better received with an expression of deep sorrow, I conjured the image of a 100T USB containing the treasures of all humanity disappearing. With that, tears naturally flowed heavily down my face. [Note: It's porn. It's always porn.]
​
"And most importantly, the hero of the Great Cataclysm and a senior I respected more than anyone. I feel profound sadness at the death of Hunter Lee Jeong-Ryong. He was a truly good person."
​
「Ah...」
​
The mood at the press conference momentarily grew solemn. I wiped the tears from my cheeks, gearing up to deliver one final, rehearsed statement.
​
"Although brief, the moments we shared will forever remain with me. I extend my deepest condolences to all who perished in this conflict. I regret that I could not save even one more soul."
​
A statement that silenced any further criticism.
​
This press conference, surprisingly brief given the weight of the circumstances, spanned just over thirty minutes. It was transmitted live across the globe via radio and cable networks; and on YouTube alone, it captivated an audience of three billion in real time.
​
Before the echoes of my words could even begin to fade, I set out to find someone.
​
Previous Table of Contents Next

Enable SSH

1. Login to the desktop of the NAS (https://:9443)
2. Launch Control Panel
3. Click Terminal
4. Check the Enable checkbox next to SSH
5. Click Apply
6. Use an SSH client like PuTTY or WinSCP to connect to the NAS by IP address
7. Use the same username and password you use to get into the desktop of the NAS

Install Docker

1. Log into the desktop of the NAS (https://:9443)
2. Launch App Center
3. Click install next to Docker
4. You will be prompted for where to place Docker. I would recommend either your only volume or your fastest volume.

Add the Plex Image

1. Click the Image button on the left of the screen
2. Click Image Database on the top
3. Type Plex in the Search bar
4. Find plexinc/pms-docker (documentation and information here https://github.com/plexinc/pms-docker)
5. Click the download button on the right (looks like a down arrow into a box and only shows when your mouse is over the bar that makes up the listing)
6. Choose the latest image
7. After the download is complete, click Container on the left
8. Click New Container at the top
9. Click Manual Creation
10. Select the plexinc/pms-docker:latest image and click Next
11. Enter information as outlined below:

Basic Information

1. Lower the CPU limit to at least 8 to give the NAS ability to function correctly, I recommend 2 or 4 CPUs if you are putting a heavy load on the NAS or if you are running other docker containers.
2. I Recommend lowering the Memory Limit to 4096 on standard 8GB units, you can have a higher memory limit if you have more RAM
3. Add the directories from your NAS that hold your media. You can name the directory however you like. I used /media/movies and /media/tv for mine.

Network Tab

This is up to you. I've setup the Plex docker either with Bridging or Host network mode. I will cover both. For ease of use, Host network mode is the best choice.
Network Mode -- Host
No configuration needed
Network Mode -- Bridging
You will need to set the NAS ports to the same value as the Container ports. Follow the values in the table below:
Port Mapping setup:

NAS Port	Container Port	Container Type
32469	32469	TCP
32414	32414	UDP
32413	32413	UDP
32412	32412	UDP
32410	32410	UDP
32400	32400	TCP
8324	8324	TCP
1900	1900	UDP

Advanced Tab

Container Run Command - Leave blank. You may have to remove and re-add the docker container if you put information into this field.
Environment Variables:

Variable	Value
PUID	1000
PGID	10
ADVERTISE_IP	http://:32400/
TZ
PLEX_CLAIM	(generated at plex.tv/claim)

The PUID and PGID values should match the user that was created when you setup your NAS. If you have a different user you wish to create, grant access to your media files and use for the Docker container, use those values here.
You can get the required information about the users on the system by logging into the NAS via SSH and running cat /etc/passwd. The user information will be in the following format:
:x:::::
You are interested in the UserID and GroupID. UserID goes into PUID and GroupID goes into PGID. My user and group ID are 1000 and 10.
Replace your NAS IP address in the Advertise_IP variable
Replace your timezone value with a value from this page: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones This is optional but recommended.
Permission And Function:
Privileged Mode -- Enable

Finishing Up

-Once the docker image is up, open a browser to http://:32400/ -You should be prompted to login and claim the server. -Setup your Libraries by pointing to the locations you selected when you setup the container

Known Issues

If you have multiple interfaces enabled on different subnets, UGREEN currently doesn't allow you to not set a default gateway. This can cause problems with downloading or claiming the Plex server. Please make sure you have a single interface enabled and unplug the other one. I have had issues communicating with the Plex server after adding the interface back later on. I don't see a way to limit the container to a specific interface so it will be available on all interfaces.
I hope UGREEN will allow us to disable network interfaces for Docker at some point, but currently this isn't the case. I have no idea if this affects network bridging situations.
If you can't claim your server the default way, you can follow the instructions here: https://ariq.nauf.al/blog/how-to-activate-claim-plex-media-serve. The top section of this document talks about enabling and using SCP.
This is a quick writeup on this. I'm sure there will be some errors and my experience may not match yours. This is what worked for me and the problems I ran into.
EDIT: Formatting, Incorporating Bridging and Host Networking Modes, added section for SSH enablement, incorporated information from responses to the document

Reverse Proxy with Tailscale on Unraid

The following is a guide for setting up a reverse proxy that is not exposed to the internet, but is accessed via Tailscale. This implementation allows you to access your services at standard web addresses with SSL enabled and share access with anyone you'd like, without port forwarding. Because there are TS clients available for practically every device under the sun, you shouldn't have any problems getting most devices connected. The one exception at time of writing (June 2024) is Roku. I've written a couple of previous guides on this, but I wasn't happy with their presentation or clarity, so this is hopefully the final version.
When you're done, you will be able to:

• Access your services at the same web address on any Tailscale-connected device regardless of what network you're on
• Share access to your services by sharing the associated Tailscale Docker node. All users have to do is accept your share invite and install Tailscale, then they can use the same web addresses you do.

Prerequisites for this guide

• A custom Docker network
• Tailscale (TS) installed as a Docker container on the aforementioned custom network (there are currently two versions of the Docker container available, use dsmith44's version since this has an environment variable we need already added)
• Nginx Proxy Manager (NPM), also a Docker container
• A registered domain, this guide is written for Cloudflare; others will work, but you will have to check how DNS challenges work for your provider and NPM
• Should be obvious, but a Tailscale account

Tailscale Container Config

• [Important] In the TS container settings, add "--accept-dns=false" in the "UP_FLAGS" field. (more on this later)
• If you have not done so already, set TS to use the custom docker network you've created by changing its "Network Type"
• Open the log file and click the login link to add the node to your account
• The creator of this container recommends disabling key expiry for this node on your TS admin console; I second that recommendation

NPM Container Config

• In the container config, toggle on "Advanced View" in the top right
• Change the "Network Type" to "None"
• In the "Extra Parameters" field add "--net=container:[name-of-TS-container]"
• Ensure the TS container starts before NPM by placing it higher in your list of Docker containers than NPM. There should be a little green lock icon on the right of your Unraid navigation bar that will let you rearrange containers after you click it. If NPM ever starts while TS is not running, it will go into a crash loop and you might have to disable autostart on the container and restart the Docker service to recover.

Cloudflare Config

• For the domain you want to use, set your A record to point to your TS Docker node's address and disable Cloudflare's proxy; you don't need it. Anyone can look up the address, but it's a private IP that's only accessible to your Tailnet or those you've shared the node with.
• Create a zone edit token for your domain and copy it to a notepad. You create tokens in your Cloudflare profile, use the "Edit zone DNS" template and in the "Zone Resources" section, set it to Include, Specific Zone, [Your Domain]. The first two entries should already be set, so all you really need to do is set it to your domain.

NPM Config

• Open your NPM web UI. You won't have any ports on your Unraid host to do this anymore, but that's not a problem, you can access it at the Tailscale address of your Docker node, port 81. The default login can be found in the overview in the container settings if you haven't already changed it.
• Add a new admin user for yourself, log in using the new credentials, then delete the default one.
• Go to the SSL certificates tab and click "Add SSL Certificate" to add a new Let's Encrypt cert.
• I like using wildcard certs for this for simplicity, so I use *.example.com; if you aren't sure about this, just use a wildcard cert.
• Enter your email, toggle on "Use a DNS Challenge", toggle to agree to the ToS, then select Cloudflare as your DNS provider; the DNS challenge option is used because NPM is not running at a public IP address.
• In the text box that shows up, paste the API token you copied down earlier in where the placeholder text is
• Save it, and if it fails, try it again with longer propagation time; I've had to increase it to 30s in the past to get it to work for me.

Conclusion

Each host obviously needs to be set up in Cloudflare as a CNAME (and remember, you don't want any of them proxied), but also in NPM. For NPM, you can use the name of the Docker containers as the destination address. The "--accept-dns=false" flag in TS that was added earlier is to make sure that Docker host names keep working. Without that flag, TS may override the Docker DNS and those hostnames may not work depending on what settings you're using on your TS admin panel. Since the DNS is kind of irrelevant for this Docker node it's fine to disable it here. This was a detail that caused me a lot of headaches before I figured out what the problem was and how to solve it, so don't overlook it.
The last thing to keep in mind is that when you set up your proxy hosts, you need to use the internal port the container is listening on, not whatever port you have mapped on the host because NPM is connecting directly to the containers, not through the host IP. I'm not going to include details on how to set up proxy hosts with NPM or setting up CNAMEs on Cloudflare and all that because there are lots of guides out there on those things (SpaceInvaderOne and Ibracorp have some great ones), I've focused here on what's different.
As always, if anyone has questions, I'm happy to try to help.

Understanding AWS Workspace Notifications

When leveraging AWS's boto3 library to automate the provisioning of Workspaces, one might encounter various hurdles, with notification issues being a common setback. The creation of an AWS Workspace should ideally trigger an email notification to the user, signaling the successful deployment of the virtual desktop environment. This process, integral to user onboarding and system management, ensures that stakeholders are promptly informed about the availability and readiness of their Workspace. However, discrepancies in the expected workflow, such as not receiving these crucial email notifications, can lead to confusion and operational delays.
This issue not only affects the immediate user experience but also poses challenges in managing and monitoring Workspace deployments at scale. Understanding the nuances of boto3's interaction with AWS Workspace service, including its configuration and the underlying infrastructure, becomes essential. By dissecting the problem, developers and IT professionals can identify potential misconfigurations or oversights in the setup process, paving the way for troubleshooting strategies and ensuring a smoother Workspace provisioning experience.

Command	Description
create_workspaces	Initiates the creation of one or more WorkSpaces.
DirectoryId	Specifies the identifier of the AWS Directory Service directory for the WorkSpace.
UserName	Specifies the name of the user for the WorkSpace.
BundleId	Specifies the bundle identifier for the WorkSpace.
WorkspaceProperties	Specifies the properties for the WorkSpace.
RunningMode	Specifies the running mode for the WorkSpace.

Exploring AWS WorkSpaces Creation with Boto3

Amazon Web Services (AWS) offers WorkSpaces, a managed, secure Desktop-as-a-Service (DaaS) solution that helps users provision virtual, cloud-based Microsoft Windows and Linux desktops for their end-users. This service enables businesses to provide their workforce with access to the documents, applications, and resources they need from anywhere, any supported device, enhancing flexibility and productivity. The process of creating these WorkSpaces can be automated and customized through AWS's SDK for Python, Boto3, which allows for detailed configuration of WorkSpace properties, including directory ID, user name, bundle ID, and running mode. This automation capability is crucial for scaling up operations efficiently, adhering to policy compliance, and managing resources effectively.
However, a common issue encountered during the automation process is the absence of email notifications upon the creation of new WorkSpaces. These notifications are essential for end-users to receive their login credentials and start using their allocated WorkSpace. This issue could stem from various factors, including configuration settings in the AWS Simple Email Service (SES), network policies blocking automated emails, or incorrect user email addresses in the AWS Directory Service. Addressing these potential pitfalls requires a thorough review of email settings, network policies, and user directory configurations. By ensuring these elements are correctly set up, developers can streamline the WorkSpace provisioning process, enhancing the end-user experience and maintaining operational efficiency.

Creating an AWS Workspace with Boto3

Python Script

import boto3 client_workspace = boto3.client('workspaces') directory_id = 'd-9067632f4b' username = 'username' bundle_id = 'wsb-blahblah' response_workspace = client_workspace.create_workspaces( Workspaces=[ { 'DirectoryId': directory_id, 'UserName': username, 'BundleId': bundle_id, 'WorkspaceProperties': { 'RunningMode': 'AUTO_STOP' } }, ] ) print(response_workspace) 

Enhancing Workspace Creation with Boto3 on AWS

When it comes to cloud computing, AWS WorkSpaces stands out by offering a managed, secure Desktop-as-a-Service (DaaS) that allows users to provision virtual, cloud-based desktops. Utilizing AWS's SDK for Python, Boto3, developers can automate the creation of these WorkSpaces, customizing each with specific configurations like directory ID, username, bundle ID, and running mode. This not only streamlines the provisioning process but also ensures that businesses can scale their operations efficiently, adhere to compliance requirements, and manage resources effectively, all while providing their workforce with flexible access to their work environments.
Despite the advantages, some users encounter challenges, notably not receiving email notifications upon WorkSpace creation. These emails are crucial as they contain the login details necessary for users to access their new virtual desktops. The issue could be due to various factors such as configuration settings in AWS Simple Email Service (SES), network policies that block automated emails, or incorrect user email addresses in the AWS Directory Service. Identifying and resolving these issues is essential for a seamless user experience, ensuring that users can quickly and efficiently access their WorkSpaces and begin their work without unnecessary delays.

Frequently Asked Questions About AWS WorkSpaces and Boto3

1. Question: What is AWS WorkSpaces?
2. Answer: AWS WorkSpaces is a managed, secure Desktop-as-a-Service (DaaS) that enables users to provision virtual, cloud-based desktops for their workforce.
3. Question: How does Boto3 facilitate AWS WorkSpace creation?
4. Answer: Boto3, AWS's SDK for Python, allows developers to automate the provisioning of WorkSpaces, including setting up directory ID, username, bundle ID, and running mode.
5. Question: Why am I not receiving email notifications upon WorkSpace creation?
6. Answer: The lack of email notifications can be due to issues with AWS SES configurations, network policies, or incorrect user emails in the AWS Directory Service.
7. Question: Can I customize the running mode of a WorkSpace using Boto3?
8. Answer: Yes, Boto3 allows for the customization of WorkSpace properties, including the running mode, such as 'AUTO_STOP', to manage resource utilization efficiently.
9. Question: How do I resolve the issue of not receiving email notifications?
10. Answer: Review and ensure correct settings in AWS SES, check network policies for any blocks on automated emails, and verify user email addresses in the Directory Service.

Wrapping Up AWS WorkSpaces Provisioning with Boto3

The automation of AWS WorkSpaces creation using Boto3 represents a pivotal advancement in cloud computing, offering a scalable, secure, and flexible solution for desktop virtualization. This approach not only simplifies the management of IT resources but also promotes a more dynamic and adaptable work environment. The encountered issue of missing notifications upon WorkSpace creation highlights the importance of meticulous configuration and understanding of AWS's ecosystem. Ensuring the correct setup of AWS SES, network policies, and directory service settings is essential for a seamless operation. As cloud technologies evolve, so does the necessity for adept handling of such sophisticated services. Ultimately, overcoming these challenges is key to leveraging the full potential of AWS WorkSpaces, making it a valuable tool for businesses aiming to enhance their IT efficiency and workforce productivity in a secure and managed manner.
https://www.tempmail.us.com/en/boto3/troubleshooting-aws-workspace-creation-without-notification-issues

Hello,
My District uses Windows systems that authenticate with our organization's Active Directory to logon. This generally works well except for the cached domain logon credentials¹ sometimes creating issues.
I don't want to disable this functionality, our users have valid use-cases where a computer may not have network access but they still need to do local work, however I would like to be able to set an expiry for the cache in order to cause users to connect to our systems and allow the laptop to process updates and policy.
Does anyone here know of a solution to this? I've done some cursory research²​³ but it's not making me hopeful. Closest I could think of doing is writing a custom credential provider for Windows and that's a bit out of scope.⁴
Thanks in advance for any comments or suggestions.

Warning: I am not a technician, programmer, or a cybersecurity expert, I am simply a tech enthusiast who hopes to help people in whatever way possible. So do take my advice with a grain of salt, as what I know may not be 100% true.
Also disclaimer: This post is not to criticize Hak5, O.MG or ridicule their staff, but rather to point out the potential danger posed from anyone who intend to use one of their products for malicious intent. I am sure they mean well, as their products are made to help improve the security of companies and software products.
——————————-
It’s a bit of a rare topic to talk about when it comes to cybersecurity, and I think it deserves more attention, especially since hackers are becoming more clever with hardware.
https://youtu.be/mPF9f-PLDPc?si=NG_MZvUZowT6czQz
I came across this YouTube video by Linus Tech Tips where he talks about a special type of cable known as, O.MG Cables. They sound terrifying because they are replica cables of the ones officially sold for iPhones and Android devices. These cables at first glance look normal and exactly like the ones you’d plug into your phone, but are actually hacking devices. Inside the USB end of the cable is a small, compact Wi-Fi connector that uses the Wi-Fi your device is connected to allow remote access to it. Once plugged in, a hacker immediately has remote access to your phone and it automatically keylogs everything you type, allowing the hacker to read everything you are saying, including in chat messages with other people, and even see your logins and passwords. I’ve been doing research on these things for the past two weeks now, and as a guy who travels a lot, either to college or general public, I even started to wonder if my cables were replaced at some point by somebody unknowingly. It was just simply out of fear and imagination though, and I’m pretty sure they’re still the same cables I’ve always had and used, plus I’m sure I would’ve noticed if somebody replaced them or tapped into my phone, but I am keeping a close eye on my cables from now on. (I mean I’m using my phone to make this post now.)
Now, I want to clarify, what I’m about to say is pretty much already covered in Linus’ and other YouTube videos, but I felt it necessary to spread word with more detail as possible.
Throughout my research, I found out these cables are sold by a company called, Hak5, who sells a bunch of hacking devices to red teams, IT departments, corporations, police departments, government agencies, or people in general to help improve security systems and patch out vulnerabilities in software. This is their website here:
https://shop.hak5.org
No, it’s not some black market scheme; these are legally sold. I know the media usually portrays hacking in a dark tone, whether it’s on a fictional TV show or video game, or news outlets explaining the dangers of hacks, but not all hacks are malicious as the media portrays; as already mentioned, they are sometimes done to help find vulnerabilities to be patched. If you’re into cybersecurity or a tech enthusiast like me, you may have at one point heard of the Wi-Fi Pineapple, a device used to find holes in a public Wi-Fi and eavesdrop on people, or the USB Rubber Ducky, a device made to look like a normal USB Flash Drive is actually a small computer that loads hacking payloads onto PC’s. These are actually products of Hak5. The O.MG Cable basically does the same thing as the Rubber Ducky, but it’s harder to detect since it was mainly made for smartphones, and they’re often detected as keyboard or mouse peripherals, which is usually the method of bypassing. They are indeed intended for smartphones, but in some cases I heard it can also affect computers too.
In case you don’t know what a payload is, it’s basically a script or a piece of code written by a hacker, made to cause the target system to do things without the need of its intended user, such as commanding the computedevice to open the default web browser and immediately go to a malicious website to download malicious files. Another reason why O.MG Cables and their payloads in particular are harder to detect is because the payloads are written in a unique coding language made for the O.MG Cables.
The O.MG Cable isn’t actually made by Hak5, but rather a product they sell in cooperation with another company, that being O.MG. Now I know what some of you iPhone users may be thinking: “what’s the big deal? Just update your iPhone and don’t jailbreak it!” Oh my friend, you have no idea what this thing is capable of. The O.MG Cables are regularly updated, with various updates, and new payloads are shared amongst people who use Hak5 sold products, and O.MG every once in a while releases a new model of O.MG Cables. Just last month, as of the time of this post, they released a new version:
https://youtu.be/TYXeIBhYZrw?si=-nFc1WuDH9Has5Dh
The good thing about cables like these, whether they’re O.MG or generic malicious cables, because there are some that have existed before O.MG ones, is that they are rare, and Hak5 sells O.MG Cables at a minimum of $180 USD. You’re most likely to see one of these things left on the ground at corporate offices or government agencies, where hackers might attempt to breach and obtain vital company or government information by hoping someone working in those fields will pick them up and think they’re benign devices. Now, that doesn’t mean that anybody who has a hold of one of these things won’t try to hack into a random individual’s device.
However, if you are somewhat worried whether or not your USB cables are legit or not, there do exist software and devices that can help you ease your worries, most notably, USB data blockers. These small USB devices were made to block out data transfers but allow power to pass through them, making it safer to even use public chargers that the FBI and other law enforcement agencies keep telling people not to use (though, I personally still wouldn’t trust them anyways). There’s plenty of them out there, but the most popular choices I’ve seen are the following:
-Juice Jack Defender -PortaPow USB Data Blocker -Charger Defender -Gosund USB Data Blocker -USB Condom (Yes, that’s actually its name.) -The Databloc -JSAUX USB Data Blocker
O.MG even made one themselves, because (this may make you chuckle) the wife of the guy who made the O.MG Cables got tired of trying to figure out which cables they had in their home were O.MG Cables, and which ones were genuine charger cords. According to the webpage on Hak5 and O.MG’s instruction manual for the product, this not only blocks data, but also there’s an LED indicator to alert the user that the Cable is attempting to connect to Wi-Fi or perform actions other than charging, so good thing they made such a product:
https://shop.hak5.org/products/malicious-cable-detector-by-o-mg
If you’re wondering whether or not your cable may be malicious, and for some reason you cannot get ahold of a device or software that can help you find out, here are some things and some signs to know if your phone is hacked, especially by one of these:

1. You may already know this one, but one of the first well known obvious signs is that your battery is draining fast. This is because your phone or device is being forced to do extra work so that the hacker maintains access to your phone.
   
2. Another well known and obvious sign is that your device is heating up even without you using it. This ties in with #1, where the device is doing extra work to keep the hacker connected.
   
3. Your web browser suddenly opens a web page you didn’t even intend to open. The keyboard is also acting on its own to make this happen.
   
4. Your device suddenly installs an app that you don’t even remember installing.
   
5. Probably the scariest one, is that your device suddenly sends texts or messages to others you don’t remember sending or the phone suddenly takes a photo from the camera or screenshot of what’s currently on the screen and immediately sends it to an unknown contact.
   
6. If you’re using an iPhone, it should be un-jailbroken. Being jailbroken means that your iPhone can download unauthorized apps and run files that are not approved by Apple and published in the AppStore. Apple keeps the iPhone un-jailbroken and sandboxed to ensure the safety of the user and to make sure iOS is as secure as possible, and the only software that you can download to your iPhone are the ones approved by Apple. If you find that your iPhone is jailbroken and you did not intend for this to happen, this means a hacker had somehow tapped into your phone and uploaded malicious code to jailbreak itself, so that the hacker could do more damage to it by making it download unauthorized files.
   

Note: 3,4, and 5 are signs that payloads were executed onto your device. As mentioned before, these are scripts or at least, pieces of code that were unknowingly sent by the hacker and executed so that the device performs actions that were not intended by the user and could most definitely be an indication that something you plugged into your phone is malicious.
These are some of the more well known signs of malware or hacks present on your device, and it may be best to check and see if your cable or whatever you may connect to it may be responsible. But what should you do if you believe the cable you currently hold is malicious? Here’s some steps I came up with:

1. Throw it away, or if possible, turn it in to police department. Throwing it away may sometimes or most times be the better, time saving option because oftentimes, a malicious cable has a self-destruct feature. Don’t worry, I do not mean it’ll blow up and cause physical harm to you. What this means is that the hacker can put in a command that’ll tell the cable’s computer components to delete everything it may have stored onto itself and fry the electronics, turning it into a normal charging cable and leaving no traces in the code as to who was hacking you. The hacker no longer has access to your device or can control the cable afterwards, but you should still throw what’s left in the cable away even if they could or did self-destruct it. So, when throwing it away, and I recommend wearing rubbenon-conductive gloves if you feel the need to do this, cut the wire in half or in pieces with a pair of scissors, flush cutter, or a knife and dismantle the connectors on both ends, the USB connector and the lightning/USB-C connector; this can be done by either crushing the shell and pulling the components apart with some strong pliers, or, and a bit of a dangerous method, smash it with a hammer. I don’t recommend the latter though, as the internal pieces could go scattering and end up somewhere you can’t find or get to them. If you can and it’s recommended anyway, dispose of the now dismantled cable in an e-waste bin. The reason we want to tear it up like this is so nobody else falls victim to the cable.
   
2. Replace your wire with an official wire from retail, such as Best Buy, Walmart, or even an Apple Store, or a phone service store like T-Mobile, Verizon, etc. Don’t buy a cable off of eBay, since most of the times, those are just random sellers who are not affiliated with a business and there’s a chance they might have tampered with it in some way and secretly turned it into a malicious cable (unless of course for whatever reason, you have a really old iPhone model that requires the old bulky connector). If you intend to buy a third-party cable online, especially from Amazon, do research first, see what people say about the particular cable you are about to buy whether it’s YouTube reviews or reviews on Amazon. I don’t know anything about Android cables unfortunately since I’ve never owned an Android phone, but for iPhones, definitely look for a cable that’s MFI Certified. MFI Certified means that the cable/product was checked and verified by Apple themselves and they confirmed it safe to use.
   
3. Factory Reset or download an AV app for your device if the hacks and possible malware continue to persist, even with the cable gone. If you have an Android phone, it’s definitely possible to download an AV off of the Google Store. Definitely find one with good detection rates and a firewall. I usually recommend the following for computer users and they could be just as good on Android if they are available: Bitdefender, Kaspersky, ESET, Malwarebytes, and Sophos. For iPhone users, I hate to say it, but you’re most likely going to have to backup and factory reset your iPhone. Because of the nature of the iPhone and Apple’s strict policy and sandboxing doesn’t allow true antivirus software onto iPhone. You’ll see many AV companies make apps for iPhone, but these are mostly jailbreak checkers and VPNs. Factory resetting is usually the way most iPhone users go to remove malware, hacks, payloads, and even reverse jailbreaks on an iPhone. Even then, Apple usually does great job at patching security exploits, so if you don’t want to do the factory reset, try checking for updates for iOS or simply turning off and on your iPhone again to see if that removes any problems first.
   
4. Lastly, and very simple. Keep your device’s OS and apps up to date. Especially if there’s a major update, download and install it. Consider a VPN for extra security if you feel the need.
   

If the steps above don’t work, it’s probably best to go see a cybersecurity or computer expert. At the very least, you should definitely change any the passwords and set up 2-Factor Authenticators for any and all accounts that were logged in onto your device through a non-compromised one.
That’s all I have to say for this post. I simply wanted to bring attention to malicious USB charging cables and give out some tips on whenever and if ever you came across one and you may have infected your smartphone device with one of these. I’m sure Hak5 and O.MG mean well, since their products are mainly done to pentest security systems and seek out vulnerabilities to help companies and people patch up their systems. The O.MG Cables have been around for some time, about four years now, they even come in different models that aren’t smartphone replicas, such as a USB to USB-C adapter, though the smartphone replicas are much more prevelent. While it is a bit rare to see a hardware based attack these days with tight security amongst corporations, and people being more weary of their surroundings, I still felt it necessary to make this post, and I hope it does potentially help someone in the future.

Warning: I am not a technician, programmer, or a cybersecurity expert, I am simply a tech enthusiast who hopes to help people in whatever way possible. So do take my advice with a grain of salt, as what I know may not be 100% true.
Also disclaimer: This post is not to criticize Hak5, O.MG or ridicule their staff, but rather to point out the potential danger posed from anyone who intend to use one of their products for malicious intent. I am sure they mean well, as their products are made to help improve the security of companies and software products.
——————————-
It’s a bit of a rare topic to talk about when it comes to cybersecurity, and I think it deserves more attention, especially since hackers are becoming more clever with hardware.
https://youtu.be/mPF9f-PLDPc?si=NG_MZvUZowT6czQz
I came across this YouTube video by Linus Tech Tips where he talks about a special type of cable known as, O.MG Cables. They sound terrifying because they are replica cables of the ones officially sold for iPhones and Android devices. These cables at first glance look normal and exactly like the ones you’d plug into your phone, but are actually hacking devices. Inside the USB end of the cable is a small, compact Wi-Fi connector that uses the Wi-Fi your device is connected to allow remote access to it. Once plugged in, a hacker immediately has remote access to your phone and it automatically keylogs everything you type, allowing the hacker to read everything you are saying, including in chat messages with other people, and even see your logins and passwords. I’ve been doing research on these things for the past two weeks now, and as a guy who travels a lot, either to college or general public, I even started to wonder if my cables were replaced at some point by somebody unknowingly. It was just simply out of fear and imagination though, and I’m pretty sure they’re still the same cables I’ve always had and used, plus I’m sure I would’ve noticed if somebody replaced them or tapped into my phone, but I am keeping a close eye on my cables from now on. (I mean I’m using my phone to make this post now.)
Now, I want to clarify, what I’m about to say is pretty much already covered in Linus’ and other YouTube videos, but I felt it necessary to spread word with more detail as possible.
Throughout my research, I found out these cables are sold by a company called, Hak5, who sells a bunch of hacking devices to red teams, IT departments, corporations, police departments, government agencies, or people in general to help improve security systems and patch out vulnerabilities in software. This is their website here:
https://shop.hak5.org
No, it’s not some black market scheme; these are legally sold. I know the media usually portrays hacking in a dark tone, whether it’s on a fictional TV show or video game, or news outlets explaining the dangers of hacks, but not all hacks are malicious as the media portrays; as already mentioned, they are sometimes done to help find vulnerabilities to be patched. If you’re into cybersecurity or a tech enthusiast like me, you may have at one point heard of the Wi-Fi Pineapple, a device used to find holes in a public Wi-Fi and eavesdrop on people, or the USB Rubber Ducky, a device made to look like a normal USB Flash Drive is actually a small computer that loads hacking payloads onto PC’s. These are actually products of Hak5. The O.MG Cable basically does the same thing as the Rubber Ducky, but it’s harder to detect since it was mainly made for smartphones, and they’re often detected as keyboard or mouse peripherals, which is usually the method of bypassing. They are indeed intended for smartphones, but in some cases I heard it can also affect computers too.
In case you don’t know what a payload is, it’s basically a script or a piece of code written by a hacker, made to cause the target system to do things without the need of its intended user, such as commanding the computedevice to open the default web browser and immediately go to a malicious website to download malicious files. Another reason why O.MG Cables and their payloads in particular are harder to detect is because the payloads are written in a unique coding language made for the O.MG Cables.
The O.MG Cable isn’t actually made by Hak5, but rather a product they sell in cooperation with another company, that being O.MG. Now I know what some of you iPhone users may be thinking: “what’s the big deal? Just update your iPhone and don’t jailbreak it!” Oh my friend, you have no idea what this thing is capable of. The O.MG Cables are regularly updated, with various updates, and new payloads are shared amongst people who use Hak5 sold products, and O.MG every once in a while releases a new model of O.MG Cables. Just last month, as of the time of this post, they released a new version:
https://youtu.be/TYXeIBhYZrw?si=-nFc1WuDH9Has5Dh
The good thing about cables like these, whether they’re O.MG or generic malicious cables, because there are some that have existed before O.MG ones, is that they are rare, and Hak5 sells O.MG Cables at a minimum of $180 USD. You’re most likely to see one of these things left on the ground at corporate offices or government agencies, where hackers might attempt to breach and obtain vital company or government information by hoping someone working in those fields will pick them up and think they’re benign devices. Now, that doesn’t mean that anybody who has a hold of one of these things won’t try to hack into a random individual’s device.
However, if you are somewhat worried whether or not your USB cables are legit or not, there do exist software and devices that can help you ease your worries, most notably, USB data blockers. These small USB devices were made to block out data transfers but allow power to pass through them, making it safer to even use public chargers that the FBI and other law enforcement agencies keep telling people not to use (though, I personally still wouldn’t trust them anyways). There’s plenty of them out there, but the most popular choices I’ve seen are the following:
-Juice Jack Defender -PortaPow USB Data Blocker -Charger Defender -Gosund USB Data Blocker -USB Condom (Yes, that’s actually its name.) -The Databloc -JSAUX USB Data Blocker
O.MG even made one themselves, because (this may make you chuckle) the wife of the guy who made the O.MG Cables got tired of trying to figure out which cables they had in their home were O.MG Cables, and which ones were genuine charger cords. According to the webpage on Hak5 and O.MG’s instruction manual for the product, this not only blocks data, but also there’s an LED indicator to alert the user that the Cable is attempting to connect to Wi-Fi or perform actions other than charging, so good thing they made such a product:
https://shop.hak5.org/products/malicious-cable-detector-by-o-mg
If you’re wondering whether or not your cable may be malicious, and for some reason you cannot get ahold of a device or software that can help you find out, here are some things and some signs to know if your phone is hacked, especially by one of these:

1. You may already know this one, but one of the first well known obvious signs is that your battery is draining fast. This is because your phone or device is being forced to do extra work so that the hacker maintains access to your phone.
   
2. Another well known and obvious sign is that your device is heating up even without you using it. This ties in with #1, where the device is doing extra work to keep the hacker connected.
   
3. Your web browser suddenly opens a web page you didn’t even intend to open. The keyboard is also acting on its own to make this happen.
   
4. Your device suddenly installs an app that you don’t even remember installing.
   
5. Probably the scariest one, is that your device suddenly sends texts or messages to others you don’t remember sending or the phone suddenly takes a photo from the camera or screenshot of what’s currently on the screen and immediately sends it to an unknown contact.
   
6. If you’re using an iPhone, it should be un-jailbroken. Being jailbroken means that your iPhone can download unauthorized apps and run files that are not approved by Apple and published in the AppStore. Apple keeps the iPhone un-jailbroken and sandboxed to ensure the safety of the user and to make sure iOS is as secure as possible, and the only software that you can download to your iPhone are the ones approved by Apple. If you find that your iPhone is jailbroken and you did not intend for this to happen, this means a hacker had somehow tapped into your phone and uploaded malicious code to jailbreak itself, so that the hacker could do more damage to it by making it download unauthorized files.
   

Note: 3,4, and 5 are signs that payloads were executed onto your device. As mentioned before, these are scripts or at least, pieces of code that were unknowingly sent by the hacker and executed so that the device performs actions that were not intended by the user and could most definitely be an indication that something you plugged into your phone is malicious.
These are some of the more well known signs of malware or hacks present on your device, and it may be best to check and see if your cable or whatever you may connect to it may be responsible. But what should you do if you believe the cable you currently hold is malicious? Here’s some steps I came up with:

1. Throw it away, or if possible, turn it in to police department. Throwing it away may sometimes or most times be the better, time saving option because oftentimes, a malicious cable has a self-destruct feature. Don’t worry, I do not mean it’ll blow up and cause physical harm to you. What this means is that the hacker can put in a command that’ll tell the cable’s computer components to delete everything it may have stored onto itself and fry the electronics, turning it into a normal charging cable and leaving no traces in the code as to who was hacking you. The hacker no longer has access to your device or can control the cable afterwards, but you should still throw what’s left in the cable away even if they could or did self-destruct it. So, when throwing it away, and I recommend wearing rubbenon-conductive gloves if you feel the need to do this, cut the wire in half or in pieces with a pair of scissors, flush cutter, or a knife and dismantle the connectors on both ends, the USB connector and the lightning/USB-C connector; this can be done by either crushing the shell and pulling the components apart with some strong pliers, or, and a bit of a dangerous method, smash it with a hammer. I don’t recommend the latter though, as the internal pieces could go scattering and end up somewhere you can’t find or get to them. If you can and it’s recommended anyway, dispose of the now dismantled cable in an e-waste bin. The reason we want to tear it up like this is so nobody else falls victim to the cable.
   
2. Replace your wire with an official wire from retail, such as Best Buy, Walmart, or even an Apple Store, or a phone service store like T-Mobile, Verizon, etc. Don’t buy a cable off of eBay, since most of the times, those are just random sellers who are not affiliated with a business and there’s a chance they might have tampered with it in some way and secretly turned it into a malicious cable (unless of course for whatever reason, you have a really old iPhone model that requires the old bulky connector). If you intend to buy a third-party cable online, especially from Amazon, do research first, see what people say about the particular cable you are about to buy whether it’s YouTube reviews or reviews on Amazon. I don’t know anything about Android cables unfortunately since I’ve never owned an Android phone, but for iPhones, definitely look for a cable that’s MFI Certified. MFI Certified means that the cable/product was checked and verified by Apple themselves and they confirmed it safe to use.
   
3. Factory Reset or download an AV app for your device if the hacks and possible malware continue to persist, even with the cable gone. If you have an Android phone, it’s definitely possible to download an AV off of the Google Store. Definitely find one with good detection rates and a firewall. I usually recommend the following for computer users and they could be just as good on Android if they are available: Bitdefender, Kaspersky, ESET, Malwarebytes, and Sophos. For iPhone users, I hate to say it, but you’re most likely going to have to backup and factory reset your iPhone. Because of the nature of the iPhone and Apple’s strict policy and sandboxing doesn’t allow true antivirus software onto iPhone. You’ll see many AV companies make apps for iPhone, but these are mostly jailbreak checkers and VPNs. Factory resetting is usually the way most iPhone users go to remove malware, hacks, payloads, and even reverse jailbreaks on an iPhone. Even then, Apple usually does great job at patching security exploits, so if you don’t want to do the factory reset, try checking for updates for iOS or simply turning off and on your iPhone again to see if that removes any problems first.
   
4. Lastly, and very simple. Keep your device’s OS and apps up to date. Especially if there’s a major update, download and install it. Consider a VPN for extra security if you feel the need.
   

If the steps above don’t work, it’s probably best to go see a cybersecurity or computer expert. At the very least, you should definitely change any the passwords and set up 2-Factor Authenticators for any and all accounts that were logged in onto your device through a non-compromised one. Also, if you must borrow a USB cable from someone, borrow it from someone you trust, and not just anyone.
That’s all I have to say for this post. I simply wanted to bring attention to malicious USB charging cables and give out some tips on whenever and if ever you came across one and you may have infected your smartphone device with one of these. I’m sure Hak5 and O.MG mean well, since their products are mainly done to pentest security systems and seek out vulnerabilities to help companies and people patch up their systems. The O.MG Cables have been around for some time, about four years now, they even come in different models that aren’t smartphone replicas, such as a USB to USB-C adapter, though the smartphone replicas are much more prevelent. While it is a bit rare to see a hardware based attack these days with tight security amongst corporations, and people being more weary of their surroundings, I still felt it necessary to make this post, and I hope it does potentially help someone in the future.

Warning: I am not a technician, programmer, or a cybersecurity expert, I am simply a tech enthusiast who hopes to help people in whatever way possible. So do take my advice with a grain of salt, as what I know may not be 100% true.
Also disclaimer: This post is not to criticize Hak5, O.MG or ridicule their staff, but rather to point out the potential danger posed from anyone who intend to use one of their products for malicious intent. I am sure they mean well, as their products are made to help improve the security of companies and software products.
——————————-
It’s a bit of a rare topic to talk about when it comes to cybersecurity, and I think it deserves more attention, especially since hackers are becoming more clever with hardware.
https://youtu.be/mPF9f-PLDPc?si=NG_MZvUZowT6czQz
I came across this YouTube video by Linus Tech Tips where he talks about a special type of cable known as, O.MG Cables. They sound terrifying because they are replica cables of the ones officially sold for iPhones and Android devices. These cables at first glance look normal and exactly like the ones you’d plug into your phone, but are actually hacking devices. Inside the USB end of the cable is a small, compact Wi-Fi connector that uses the Wi-Fi your device is connected to allow remote access to it. Once plugged in, a hacker immediately has remote access to your phone and it automatically keylogs everything you type, allowing the hacker to read everything you are saying, including in chat messages with other people, and even see your logins and passwords. I’ve been doing research on these things for the past two weeks now, and as a guy who travels a lot, either to college or general public, I even started to wonder if my cables were replaced at some point by somebody unknowingly. It was just simply out of fear and imagination though, and I’m pretty sure they’re still the same cables I’ve always had and used, plus I’m sure I would’ve noticed if somebody replaced them or tapped into my phone, but I am keeping a close eye on my cables from now on. (I mean I’m using my phone to make this post now.)
Now, I want to clarify, what I’m about to say is pretty much already covered in Linus’ and other YouTube videos, but I felt it necessary to spread word with more detail as possible.
Throughout my research, I found out these cables are sold by a company called, Hak5, who sells a bunch of hacking devices to red teams, IT departments, corporations, police departments, government agencies, or people in general to help improve security systems and patch out vulnerabilities in software. This is their website here:
https://shop.hak5.org
No, it’s not some black market scheme; these are legally sold. I know the media usually portrays hacking in a dark tone, whether it’s on a fictional TV show or video game, or news outlets explaining the dangers of hacks, but not all hacks are malicious as the media portrays; as already mentioned, they are sometimes done to help find vulnerabilities to be patched. If you’re into cybersecurity or a tech enthusiast like me, you may have at one point heard of the Wi-Fi Pineapple, a device used to find holes in a public Wi-Fi and eavesdrop on people, or the USB Rubber Ducky, a device made to look like a normal USB Flash Drive is actually a small computer that loads hacking payloads onto PC’s. These are actually products of Hak5. The O.MG Cable basically does the same thing as the Rubber Ducky, but it’s harder to detect since it was mainly made for smartphones, and they’re often detected as keyboard or mouse peripherals, which is usually the method of bypassing. They are indeed intended for smartphones, but in some cases I heard it can also affect computers too.
In case you don’t know what a payload is, it’s basically a script or a piece of code written by a hacker, made to cause the target system to do things without the need of its intended user, such as commanding the computedevice to open the default web browser and immediately go to a malicious website to download malicious files. Another reason why O.MG Cables and their payloads in particular are harder to detect is because the payloads are written in a unique coding language made for the O.MG Cables.
The O.MG Cable isn’t actually made by Hak5, but rather a product they sell in cooperation with another company, that being O.MG. Now I know what some of you iPhone users may be thinking: “what’s the big deal? Just update your iPhone and don’t jailbreak it!” Oh my friend, you have no idea what this thing is capable of. The O.MG Cables are regularly updated, with various updates, and new payloads are shared amongst people who use Hak5 sold products, and O.MG every once in a while releases a new model of O.MG Cables. Just last month, as of the time of this post, they released a new version:
https://youtu.be/TYXeIBhYZrw?si=-nFc1WuDH9Has5Dh
The good thing about cables like these, whether they’re O.MG or generic malicious cables, because there are some that have existed before O.MG ones, is that they are rare, and Hak5 sells O.MG Cables at a minimum of $180 USD. You’re most likely to see one of these things left on the ground at corporate offices or government agencies, where hackers might attempt to breach and obtain vital company or government information by hoping someone working in those fields will pick them up and think they’re benign devices. Now, that doesn’t mean that anybody who has a hold of one of these things won’t try to hack into a random individual’s device.
However, if you are somewhat worried whether or not your USB cables are legit or not, there do exist software and devices that can help you ease your worries, most notably, USB data blockers. These small USB devices were made to block out data transfers but allow power to pass through them, making it safer to even use public chargers that the FBI and other law enforcement agencies keep telling people not to use (though, I personally still wouldn’t trust them anyways). There’s plenty of them out there, but the most popular choices I’ve seen are the following:
-Juice Jack Defender -PortaPow USB Data Blocker -Charger Defender -Gosund USB Data Blocker -USB Condom (Yes, that’s actually its name.) -The Databloc -JSAUX USB Data Blocker
O.MG even made one themselves, because (this may make you chuckle) the wife of the guy who made the O.MG Cables got tired of trying to figure out which cables they had in their home were O.MG Cables, and which ones were genuine charger cords. According to the webpage on Hak5 and O.MG’s instruction manual for the product, this not only blocks data, but also there’s an LED indicator to alert the user that the Cable is attempting to connect to Wi-Fi or perform actions other than charging, so good thing they made such a product:
https://shop.hak5.org/products/malicious-cable-detector-by-o-mg
If you’re wondering whether or not your cable may be malicious, and for some reason you cannot get ahold of a device or software that can help you find out, here are some things and some signs to know if your phone is hacked, especially by one of these:

1. You may already know this one, but one of the first well known obvious signs is that your battery is draining fast. This is because your phone or device is being forced to do extra work so that the hacker maintains access to your phone.
   
2. Another well known and obvious sign is that your device is heating up even without you using it. This ties in with #1, where the device is doing extra work to keep the hacker connected.
   
3. Your web browser suddenly opens a web page you didn’t even intend to open. The keyboard is also acting on its own to make this happen.
   
4. Your device suddenly installs an app that you don’t even remember installing.
   
5. Probably the scariest one, is that your device suddenly sends texts or messages to others you don’t remember sending or the phone suddenly takes a photo from the camera or screenshot of what’s currently on the screen and immediately sends it to an unknown contact.
   
6. If you’re using an iPhone, it should be un-jailbroken. Being jailbroken means that your iPhone can download unauthorized apps and run files that are not approved by Apple and published in the AppStore. Apple keeps the iPhone un-jailbroken and sandboxed to ensure the safety of the user and to make sure iOS is as secure as possible, and the only software that you can download to your iPhone are the ones approved by Apple. If you find that your iPhone is jailbroken and you did not intend for this to happen, this means a hacker had somehow tapped into your phone and uploaded malicious code to jailbreak itself, so that the hacker could do more damage to it by making it download unauthorized files.
   

Note: 3,4, and 5 are signs that payloads were executed onto your device. As mentioned before, these are scripts or at least, pieces of code that were unknowingly sent by the hacker and executed so that the device performs actions that were not intended by the user and could most definitely be an indication that something you plugged into your phone is malicious.
These are some of the more well known signs of malware or hacks present on your device, and it may be best to check and see if your cable or whatever you may connect to it may be responsible. But what should you do if you believe the cable you currently hold is malicious? Here’s some steps I came up with:

1. Throw it away, or if possible, turn it in to police department. Throwing it away may sometimes or most times be the better, time saving option because oftentimes, a malicious cable has a self-destruct feature. Don’t worry, I do not mean it’ll blow up and cause physical harm to you. What this means is that the hacker can put in a command that’ll tell the cable’s computer components to delete everything it may have stored onto itself and fry the electronics, turning it into a normal charging cable and leaving no traces in the code as to who was hacking you. The hacker no longer has access to your device or can control the cable afterwards, but you should still throw what’s left in the cable away even if they could or did self-destruct it. So, when throwing it away, and I recommend wearing rubbenon-conductive gloves if you feel the need to do this, cut the wire in half or in pieces with a pair of scissors, flush cutter, or a knife and dismantle the connectors on both ends, the USB connector and the lightning/USB-C connector; this can be done by either crushing the shell and pulling the components apart with some strong pliers, or, and a bit of a dangerous method, smash it with a hammer. I don’t recommend the latter though, as the internal pieces could go scattering and end up somewhere you can’t find or get to them. If you can and it’s recommended anyway, dispose of the now dismantled cable in an e-waste bin. The reason we want to tear it up like this is so nobody else falls victim to the cable.
   
2. Replace your wire with an official wire from retail, such as Best Buy, Walmart, or even an Apple Store, or a phone service store like T-Mobile, Verizon, etc. Don’t buy a cable off of eBay, since most of the times, those are just random sellers who are not affiliated with a business and there’s a chance they might have tampered with it in some way and secretly turned it into a malicious cable (unless of course for whatever reason, you have a really old iPhone model that requires the old bulky connector). If you intend to buy a third-party cable online, especially from Amazon, do research first, see what people say about the particular cable you are about to buy whether it’s YouTube reviews or reviews on Amazon. I don’t know anything about Android cables unfortunately since I’ve never owned an Android phone, but for iPhones, definitely look for a cable that’s MFI Certified. MFI Certified means that the cable/product was checked and verified by Apple themselves and they confirmed it safe to use.
   
3. Factory Reset or download an AV app for your device if the hacks and possible malware continue to persist, even with the cable gone. If you have an Android phone, it’s definitely possible to download an AV off of the Google Store. Definitely find one with good detection rates and a firewall. I usually recommend the following for computer users and they could be just as good on Android if they are available: Bitdefender, Kaspersky, ESET, Malwarebytes, and Sophos. For iPhone users, I hate to say it, but you’re most likely going to have to backup and factory reset your iPhone. Because of the nature of the iPhone and Apple’s strict policy and sandboxing doesn’t allow true antivirus software onto iPhone. You’ll see many AV companies make apps for iPhone, but these are mostly jailbreak checkers and VPNs. Factory resetting is usually the way most iPhone users go to remove malware, hacks, payloads, and even reverse jailbreaks on an iPhone. Even then, Apple usually does great job at patching security exploits, so if you don’t want to do the factory reset, try checking for updates for iOS or simply turning off and on your iPhone again to see if that removes any problems first.
   
4. Lastly, and very simple. Keep your device’s OS and apps up to date. Especially if there’s a major update, download and install it. Consider a VPN for extra security if you feel the need.
   

If the steps above don’t work, it’s probably best to go see a cybersecurity or computer expert. At the very least, you should definitely change any the passwords and set up 2-Factor Authenticators for any and all accounts that were logged in onto your device through a non-compromised one.
That’s all I have to say for this post. I simply wanted to bring attention to malicious USB charging cables and give out some tips on whenever and if ever you came across one and you may have infected your smartphone device with one of these. I’m sure Hak5 and O.MG mean well, since their products are mainly done to pentest security systems and seek out vulnerabilities to help companies and people patch up their systems. The O.MG Cables have been around for some time, about four years now, they even come in different models that aren’t smartphone replicas, such as a USB to USB-C adapter, though the smartphone replicas are much more prevelent. While it is a bit rare to see a hardware based attack these days with tight security amongst corporations, and people being more weary of their surroundings, I still felt it necessary to make this post, and I hope it does potentially help someone in the future.

I have noticed this change recently and I am worried if some worm program is behind this.
I know Fed 24 is out of support but this problem is new.
As soon as I login in, my ps -ef output looks like this -
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 23:38 ? 00:00:01 /uslib/systemd/systemd --switched-root --system --deserialize 24
root 2 0 0 23:38 ? 00:00:00 [kthreadd]
root 3 2 0 23:38 ? 00:00:00 [kworke0:0]
root 4 2 0 23:38 ? 00:00:00 [kworke0:0H]
root 5 2 0 23:38 ? 00:00:00 [kworkeu4:0]
root 6 2 0 23:38 ? 00:00:00 [mm_percpu_wq]
root 7 2 0 23:38 ? 00:00:00 [ksoftirqd/0]
root 8 2 0 23:38 ? 00:00:00 [rcu_sched]
root 9 2 0 23:38 ? 00:00:00 [rcu_bh]
root 10 2 0 23:38 ? 00:00:00 [rcuos/0]
root 11 2 0 23:38 ? 00:00:00 [rcuob/0]
root 12 2 0 23:38 ? 00:00:00 [migration/0]
root 13 2 0 23:38 ? 00:00:00 [watchdog/0]
root 14 2 0 23:38 ? 00:00:00 [cpuhp/0]
root 15 2 0 23:38 ? 00:00:00 [cpuhp/1]
root 16 2 0 23:38 ? 00:00:00 [watchdog/1]
root 17 2 0 23:38 ? 00:00:00 [migration/1]
root 18 2 0 23:38 ? 00:00:00 [ksoftirqd/1]
root 19 2 0 23:38 ? 00:00:00 [kworke1:0]
root 20 2 0 23:38 ? 00:00:00 [kworke1:0H]
root 21 2 0 23:38 ? 00:00:00 [rcuos/1]
root 22 2 0 23:38 ? 00:00:00 [rcuob/1]
root 23 2 0 23:38 ? 00:00:00 [kdevtmpfs]
root 24 2 0 23:38 ? 00:00:00 [netns]
root 25 2 0 23:38 ? 00:00:00 [kworke1:1]
root 26 2 0 23:38 ? 00:00:00 [kworke0:1]
root 27 2 0 23:38 ? 00:00:00 [oom_reaper]
root 28 2 0 23:38 ? 00:00:00 [writeback]
root 29 2 0 23:38 ? 00:00:00 [kcompactd0]
root 30 2 0 23:38 ? 00:00:00 [ksmd]
root 31 2 0 23:38 ? 00:00:00 [khugepaged]
root 32 2 0 23:38 ? 00:00:00 [crypto]
root 33 2 0 23:38 ? 00:00:00 [kintegrityd]
root 34 2 0 23:38 ? 00:00:00 [bioset]
root 35 2 0 23:38 ? 00:00:00 [kblockd]
root 36 2 0 23:38 ? 00:00:00 [ata_sff]
root 37 2 0 23:38 ? 00:00:00 [md]
root 38 2 0 23:38 ? 00:00:00 [devfreq_wq]
root 39 2 0 23:38 ? 00:00:00 [watchdogd]
root 41 2 0 23:38 ? 00:00:00 [kauditd]
root 42 2 0 23:38 ? 00:00:00 [kswapd0]
root 43 2 0 23:38 ? 00:00:00 [bioset]
root 59 2 0 23:38 ? 00:00:00 [kworkeu4:1]
root 90 2 0 23:38 ? 00:00:00 [kthrotld]
root 91 2 0 23:38 ? 00:00:00 [acpi_thermal_pm]
root 92 2 0 23:38 ? 00:00:00 [scsi_eh_0]
root 93 2 0 23:38 ? 00:00:00 [scsi_tmf_0]
root 94 2 0 23:38 ? 00:00:00 [scsi_eh_1]
root 95 2 0 23:38 ? 00:00:00 [scsi_tmf_1]
root 96 2 0 23:38 ? 00:00:00 [scsi_eh_2]
root 97 2 0 23:38 ? 00:00:00 [scsi_tmf_2]
root 98 2 0 23:38 ? 00:00:00 [scsi_eh_3]
root 99 2 0 23:38 ? 00:00:00 [scsi_tmf_3]
root 100 2 0 23:38 ? 00:00:00 [scsi_eh_4]
root 101 2 0 23:38 ? 00:00:00 [scsi_tmf_4]
root 102 2 0 23:38 ? 00:00:00 [scsi_eh_5]
root 103 2 0 23:38 ? 00:00:00 [scsi_tmf_5]
root 104 2 0 23:38 ? 00:00:00 [kworkeu4:2]
root 105 2 0 23:38 ? 00:00:00 [kworkeu4:3]
root 106 2 0 23:38 ? 00:00:00 [kworkeu4:4]
root 107 2 0 23:38 ? 00:00:00 [kworkeu4:5]
root 108 2 0 23:38 ? 00:00:00 [kworkeu4:6]
root 109 2 0 23:38 ? 00:00:00 [kworke1:2]
root 110 2 0 23:38 ? 00:00:00 [dm_bufio_cache]
root 111 2 0 23:38 ? 00:00:00 [ipv6_addrconf]
root 112 2 0 23:38 ? 00:00:00 [kworkeu4:7]
root 129 2 0 23:38 ? 00:00:00 [kworke1:3]
root 130 2 0 23:38 ? 00:00:00 [kworke1:4]
root 131 2 0 23:38 ? 00:00:00 [bioset]
root 132 2 0 23:38 ? 00:00:00 [kworke1:5]
root 133 2 0 23:38 ? 00:00:00 [bioset]
root 134 2 0 23:38 ? 00:00:00 [bioset]
root 181 2 0 23:38 ? 00:00:00 [kworke0:2]
root 309 2 0 23:38 ? 00:00:00 [kworke0:1H]
root 316 2 0 23:38 ? 00:00:00 [kworke1:1H]
root 330 2 0 23:38 ? 00:00:00 [jbd2/sda6-8]
root 331 2 0 23:38 ? 00:00:00 [ext4-rsv-conver]
root 421 1 0 23:38 ? 00:00:00 /uslib/systemd/systemd-journald
root 431 2 0 23:38 ? 00:00:00 [kworke0:3]
root 440 1 0 23:38 ? 00:00:00 /ussbin/lvmetad -f -t 3600
root 456 2 0 23:38 ? 00:00:00 [rpciod]
root 457 2 0 23:38 ? 00:00:00 [xprtiod]
root 461 1 0 23:38 ? 00:00:00 /uslib/systemd/systemd-udevd
root 478 2 0 23:38 ? 00:00:00 [irq/28-mei_me]
root 517 2 0 23:38 ? 00:00:00 [led_workqueue]
root 525 2 0 23:38 ? 00:00:00 [kdmflush]
root 526 2 0 23:38 ? 00:00:00 [bioset]
root 529 2 0 23:38 ? 00:00:00 [kdmflush]
root 530 2 0 23:38 ? 00:00:00 [bioset]
root 533 2 0 23:38 ? 00:00:00 [kdmflush]
root 534 2 0 23:38 ? 00:00:00 [bioset]
root 567 2 0 23:38 ? 00:00:00 [jbd2/sda5-8]
root 568 2 0 23:38 ? 00:00:00 [ext4-rsv-conver]
root 573 2 0 23:38 ? 00:00:00 [jbd2/sda8-8]
root 574 2 0 23:38 ? 00:00:00 [ext4-rsv-conver]
root 579 2 0 23:38 ? 00:00:00 [jbd2/sda3-8]
root 580 2 0 23:38 ? 00:00:00 [ext4-rsv-conver]
root 604 1 0 23:38 ? 00:00:00 /sbin/auditd
root 606 604 0 23:38 ? 00:00:00 /sbin/audispd
root 607 606 0 23:38 ? 00:00:00 /ussbin/sedispatch
root 629 1 0 23:38 ? 00:00:00 /ussbin/ModemManager
dbus 632 1 0 23:38 ? 00:00:00 /usbin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
chrony 635 1 0 23:38 ? 00:00:00 /ussbin/chronyd
root 643 1 0 23:38 ? 00:00:00 /uslib/systemd/systemd-logind
root 649 1 0 23:38 ? 00:00:00 /uslibexec/snapd/snapd
root 650 1 0 23:38 ? 00:00:00 /ussbin/alsactl -s -n 19 -c -E ALSA_CONFIG_PATH=/etc/alsa/alsactl.conf --initfile=/lib/alsa/init/00main rdaemon
avahi 651 1 0 23:38 ? 00:00:00 avahi-daemon: running [linux.local]
root 653 1 0 23:38 ? 00:00:00 /uslibexec/accounts-daemon
root 654 1 0 23:38 ? 00:00:00 /ussbin/mcelog --ignorenodev --daemon --foreground
root 655 1 0 23:38 ? 00:00:00 /uslibexec/udisks2/udisksd --no-debug
root 658 1 0 23:38 ? 00:00:00 /usbin/python3 -Es /ussbin/firewalld --nofork --nopid
rtkit 659 1 0 23:38 ? 00:00:00 /uslibexec/rtkit-daemon
root 663 1 0 23:38 ? 00:00:00 /ussbin/abrtd -d -s
avahi 665 651 0 23:38 ? 00:00:00 avahi-daemon: chroot helper
polkitd 698 1 0 23:38 ? 00:00:00 /uslib/polkit-1/polkitd --no-debug
root 703 1 0 23:38 ? 00:00:00 /ussbin/gssproxy -D
root 724 1 0 23:38 ? 00:00:00 /usbin/abrt-dump-journal-oops -fxtD
root 725 1 0 23:38 ? 00:00:00 /usbin/abrt-dump-journal-xorg -fxtD
root 735 1 0 23:38 ? 00:00:00 /ussbin/NetworkManager --no-daemon
root 748 1 0 23:38 ? 00:00:00 /ussbin/libvirtd
root 755 1 0 23:38 ? 00:00:00 /ussbin/gdm
root 756 1 0 23:38 ? 00:00:00 /usbin/anydesk --service
root 758 1 0 23:38 ? 00:00:00 /ussbin/atd -f
root 760 1 0 23:38 ? 00:00:00 /ussbin/crond -n
root 765 755 0 23:38 ? 00:00:00 gdm-session-worker [pam/gdm-launch-environment]
gdm 825 1 0 23:38 ? 00:00:00 /uslib/systemd/systemd --user
gdm 869 825 0 23:38 ? 00:00:00 (sd-pam)
gdm 887 765 0 23:38 tty1 00:00:00 /uslibexec/gdm-x-session gnome-session --autostart /usshare/gdm/greeteautostart
root 895 887 0 23:38 tty1 00:00:00 /uslibexec/Xorg vt1 -displayfd 3 -auth /run/use42/gdm/Xauthority -background none -noreset -keeptty -verbose 3
gdm 932 887 0 23:38 tty1 00:00:00 /uslibexec/gnome-session-binary --autostart /usshare/gdm/greeteautostart
gdm 936 825 0 23:38 ? 00:00:00 /usbin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
gdm 972 825 0 23:38 ? 00:00:00 /uslibexec/at-spi-bus-launcher
gdm 982 972 0 23:38 ? 00:00:00 /bin/dbus-daemon --config-file=/usshare/defaults/at-spi2/accessibility.conf --nofork --print-address 3
gdm 990 825 0 23:38 ? 00:00:00 /uslibexec/at-spi2-registryd --use-gnome-session
root 995 735 0 23:38 ? 00:00:00 /sbin/dhclient -d -q -sf /uslibexec/nm-dhcp-helper -pf /varun/dhclient-enp3s0.pid -lf /valib/NetworkManagedhclient-7b42cc90-8893-3a51-8a7c-7e202a4e77e8-enp3s0.lease -cf /valib/NetworkManagedhclient-enp3s0.conf enp3s0
gdm 1004 932 1 23:38 tty1 00:00:04 /usbin/gnome-shell
nobody 1082 1 0 23:38 ? 00:00:00 /sbin/dnsmasq --conf-file=/valib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/uslibexec/libvirt_leaseshelper
root 1083 1082 0 23:38 ? 00:00:00 /sbin/dnsmasq --conf-file=/valib/libvirt/dnsmasq/default.conf --leasefile-ro --dhcp-script=/uslibexec/libvirt_leaseshelper
root 1085 1 0 23:38 ? 00:00:00 /uslibexec/upowerd
gdm 1169 1 0 23:38 ? 00:00:00 /usbin/pulseaudio --start --log-target=syslog
gdm 1184 1004 0 23:38 tty1 00:00:00 ibus-daemon --xim --panel disable
gdm 1188 1184 0 23:38 tty1 00:00:00 /uslibexec/ibus-dconf
gdm 1191 1 0 23:38 tty1 00:00:00 /uslibexec/ibus-x11 --kill-daemon
gdm 1199 825 0 23:38 ? 00:00:00 /uslibexec/xdg-permission-store
gdm 1206 932 0 23:38 tty1 00:00:00 /uslibexec/gnome-settings-daemon
root 1215 1 0 23:38 ? 00:00:00 /ussbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -u -s
root 1216 1 0 23:38 ? 00:00:00 /uslibexec/packagekitd
colord 1242 1 0 23:39 ? 00:00:00 /uslibexec/colord
gdm 1264 1184 0 23:39 tty1 00:00:00 /uslibexec/ibus-engine-simple
root 1359 755 0 23:42 ? 00:00:00 gdm-session-worker [pam/gdm-password]
user01 1370 1 0 23:42 ? 00:00:00 /uslib/systemd/systemd --user
user01 1376 1370 0 23:42 ? 00:00:00 (sd-pam)
user01 1387 1 0 23:42 ? 00:00:00 /usbin/gnome-keyring-daemon --daemonize --login
user01 1391 1359 0 23:42 tty2 00:00:00 /uslibexec/gdm-x-session --run-script gnome-session
root 1395 1391 2 23:42 tty2 00:00:00 /uslibexec/Xorg vt2 -displayfd 3 -auth /run/use1000/gdm/Xauthority -background none -noreset -keeptty -verbose 3
user01 1405 1391 0 23:42 tty2 00:00:00 /uslibexec/gnome-session-binary
user01 1418 1370 0 23:42 ? 00:00:00 /usbin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
user01 1485 1370 0 23:42 ? 00:00:00 /uslibexec/gvfsd
user01 1490 1370 0 23:42 ? 00:00:00 /uslibexec/gvfsd-fuse /run/use1000/gvfs -f -o big_writes
user01 1614 1370 0 23:42 ? 00:00:00 /uslibexec/at-spi-bus-launcher
user01 1619 1614 0 23:42 ? 00:00:00 /bin/dbus-daemon --config-file=/usshare/defaults/at-spi2/accessibility.conf --nofork --print-address 3
user01 1623 1370 0 23:42 ? 00:00:00 /uslibexec/at-spi2-registryd --use-gnome-session
user01 1643 1405 15 23:42 tty2 00:00:06 /usbin/gnome-shell
user01 1653 1 0 23:42 ? 00:00:00 /usbin/pulseaudio --start --log-target=syslog
user01 1667 1370 0 23:42 ? 00:00:00 /uslibexec/gnome-shell-calendar-server
user01 1668 1643 0 23:42 tty2 00:00:00 ibus-daemon --xim --panel disable
user01 1673 1668 0 23:42 tty2 00:00:00 /uslibexec/ibus-dconf
user01 1677 1 0 23:42 tty2 00:00:00 /uslibexec/ibus-x11 --kill-daemon
user01 1682 1370 0 23:42 ? 00:00:00 /uslibexec/xdg-permission-store
user01 1693 1370 0 23:42 ? 00:00:00 /uslibexec/gvfs-udisks2-volume-monitor
user01 1697 1370 0 23:42 ? 00:00:00 /uslibexec/gvfs-gphoto2-volume-monitor
user01 1701 1370 0 23:42 ? 00:00:00 /uslibexec/gvfs-goa-volume-monitor
user01 1708 1370 0 23:42 ? 00:00:00 /uslibexec/goa-daemon
user01 1709 1370 0 23:42 ? 00:00:00 /uslibexec/evolution-source-registry
user01 1721 1370 0 23:42 ? 00:00:00 /uslibexec/goa-identity-service
user01 1723 1370 0 23:42 ? 00:00:00 /uslibexec/gvfs-mtp-volume-monitor
user01 1731 1370 0 23:42 ? 00:00:00 /uslibexec/gvfs-afc-volume-monitor
user01 1743 1405 0 23:42 tty2 00:00:00 /uslibexec/gnome-settings-daemon
user01 1764 1370 0 23:42 ? 00:00:00 /uslibexec/evolution-calendar-factory
user01 1778 1668 0 23:42 tty2 00:00:00 /uslibexec/ibus-engine-simple
user01 1789 1405 0 23:42 tty2 00:00:00 /uslibexec/evolution/evolution-alarm-notify
root 1799 1 0 23:42 ? 00:00:00 /ussbin/cupsd -l
user01 1810 1 0 23:42 tty2 00:00:00 /uslibexec/gsd-printer
user01 1811 1405 0 23:42 tty2 00:00:00 /usbin/seapplet
user01 1883 1764 0 23:42 ? 00:00:00 /uslibexec/evolution-calendar-factory-subprocess --factory contacts --bus-name org.gnome.evolution.dataserver.Subprocess.Backend.Calendarx1764x2 --own-path /org/gnome/evolution/dataserveSubprocess/Backend/Calenda1764/2
user01 1903 1405 0 23:42 tty2 00:00:00 /uslibexec/tracker-miner-user-guides
user01 1907 1370 1 23:42 ? 00:00:00 /uslibexec/tracker-store
user01 1918 1405 0 23:42 tty2 00:00:00 abrt-applet
user01 1926 1405 0 23:42 tty2 00:00:00 /uslibexec/tracker-miner-fs
user01 1930 1405 0 23:42 tty2 00:00:00 /uslibexec/tracker-extract
user01 1936 1764 0 23:42 ? 00:00:00 /uslibexec/evolution-calendar-factory-subprocess --factory local --bus-name org.gnome.evolution.dataserver.Subprocess.Backend.Calendarx1764x3 --own-path /org/gnome/evolution/dataserveSubprocess/Backend/Calenda1764/3
user01 1939 1370 0 23:42 ? 00:00:00 /uslibexec/evolution-addressbook-factory
user01 1960 1405 0 23:42 tty2 00:00:00 anydesk --tray
user01 1965 1405 0 23:42 tty2 00:00:00 zeitgeist-datahub
user01 1975 1405 0 23:42 tty2 00:00:00 /uslibexec/tracker-miner-apps
user01 1992 1405 2 23:42 tty2 00:00:00 /usbin/gnome-software --gapplication-service
user01 2010 1370 0 23:42 ? 00:00:00 /usbin/zeitgeist-daemon
user01 2021 1939 0 23:42 ? 00:00:00 /uslibexec/evolution-addressbook-factory-subprocess --factory local --bus-name org.gnome.evolution.dataserver.Subprocess.Backend.AddressBookx1939x2 --own-path /org/gnome/evolution/dataserveSubprocess/Backend/AddressBook/1939/2
root 2023 1 0 23:42 ? 00:00:00 /ussbin/abrt-dbus -t133
user01 2028 1370 0 23:42 ? 00:00:00 /uslibexec/zeitgeist-fts
user01 2105 1370 1 23:43 ? 00:00:00 /uslibexec/gnome-terminal-server
user01 2112 2105 0 23:43 pts/0 00:00:00 bash
user01 2156 1668 0 23:43 tty2 00:00:00 /uslibexec/ibus-engine-m17n --ibus
user01 2157 1668 0 23:43 tty2 00:00:00 /usbin/python3 /usshare/ibus-typing-boosteengine/main.py --ibus
user01 2169 2112 0 23:43 pts/0 00:00:00 ps -ef
My .bashrc and .bash_profile contain shell commands to set env variables.
I am at a loss to understand this.
I am unable to use google meet, it hangs .....
Any help is appreciated.....

I am seeing occasional "Suspicious lateral movement" detections that I don't understand.
I see that "user@abc's credentials were used to perform a network login to machine1 from machine2" where machine2 is the users laptop and machine1 is my laptop.
Using threat hunter I see a single line for event "File Share" with the destination being my laptop (machine1) and the service is cifs/machine1 protocol Kerberos.
There has been no direct communication between these machines so I am not sure where to look further into this detection.
Does anyone have a suggestion? I don't really think there is a compromise, but I want to understand and get to the bottom of it.