kconner

macOS Internals

Understand your Mac and iPhone more deeply by tracing the evolution of Mac OS X from prelease to Swift. John Siracusa delivers the details.

Starting Points

How to use this gist

You've got two main options:

1oh1

Enable PCIe 3.0 speeds for NVMe SSDs on Dell OptiPlex 3060

Out of the box, any M.2 NVMe SSDs connected to the Dell OptiPlex 3060 runs at PCIe Gen 2.0 speeds (Max 5 GT/s; 2 GB/s) so the speed tests look like this:

However, after this BIOS mod, the SSD can reach PCIe Gen 3.0 speeds (Max 8 GT/s; 3.9 GB/s) so the speed tests look like this:

Dasutin

RetroNAS on Unraid

This guide is intended for installing RetroNAS on an already configured Unraid server. If you're not familiar with Unraid or RetroNAS, head over to the RetroNAS GitHub page to learn about RetroNAS and consider setting it up on a Raspberry Pi.

Unraid NFS Setup

Within Unraid, enable NFS by going to Settings and NFS.

• Enable NFS: Yes
• Click Apply

aleksasiriski

How to setup VA-API within Proxmox LXC Unprivileged container

Proxmox configuration

No drivers need to be installed on the proxmox, from now called host.

Find GIDs of video and render group on host:

cat /etc/group | grep video

cat /etc/group | grep render

packerdl

Running Plex in an Unprivileged LXC with Intel QuickSync Passthrough

First setup an unprivileged Ubuntu container with Plex Media Server installed. Inside the container take note of the id of the plex group.

# Your Plex group's ID may be different
$ getent group plex | cut -d : -f3
998

ckuethe

# Here are some domains I block to interfere with DNS-over-HTTPS, so that my own DNS-based security schemes work.
# If you're going to be doing this, you should probably block all outbound 53, 853, and 5353 on your network,
# except from your own internal DNS resolver (eg. pihole)
#
# Data from https://github.com/curl/curl/wiki/DNS-over-HTTPS  (and other places)

1a.ns.ozer.im
8888.google
aattwwss.duckdns.org
abel.waringer-atg.de

nstarke

Netgear Signed TLS Cert Private Key Disclosure

Overview

There are at least two valid, signed TLS certificates that are bundled with publicly available Netgear device firmware.

These certificates are trusted by browsers on all platforms, but will surely be added to revocation lists shortly.

The firmware images that contained these certificates along with their private keys were publicly available for download through Netgear's support website, without authentication; thus anyone in the world could have retrieved these keys.

arthurbeggs

#!/bin/bash

################################################################################
###                       Install Quartus and ModelSim                       ###
################################################################################
#            Source code at https://github.com/arthurbeggs/scripts             #
################################################################################
#                                                                              #
#    Based on https://github.com/jessebarreto/ConfigureWorkspace script.       #
#                                                                              #

hfiref0x

typedef interface IEditionUpgradeManager IEditionUpgradeManager;

typedef struct IEditionUpgradeManagerVtbl {

    BEGIN_INTERFACE

    HRESULT(STDMETHODCALLTYPE *QueryInterface)(
        __RPC__in IEditionUpgradeManager * This,
        __RPC__in REFIID riid,

lizthegrey

default['sshd']['sshd_config']['AuthenticationMethods'] = 'publickey,keyboard-interactive:pam'
default['sshd']['sshd_config']['ChallengeResponseAuthentication'] = 'yes'
default['sshd']['sshd_config']['PasswordAuthentication'] = 'no'