UGREEN NASync DXP4800 GT Review and Initial Setup

UGREEN NASync DXP4800 GT Review and Initial Setup

Last year I bought a UGreen NASync DXP2800 for my homelab, along with two Seagate IronWolf 8TB HDDs. This was my first NAS, and I've been using it for just over a year now, and I'm very happy with it. I back up two of my Macs using Time Machine, store a lot of media, documents, photos, videos, etc, pretty much what a NAS is designed to do. I also run some Docker containers and Proxmox Backup Server as a VM. Even though it has an N100 CPU, so far I've never had a single issue in terms of resources. For £249, it was a bargain.

Fast forward to today, and UGreen released the NASync DXP4800 GT, a 4-bay NAS that comes with an AMD Ryzen Embedded R2514, dual 10GbE LAN, and dual M.2 NVMe SSD slots for £529 at the time of writing here in the UK. It looked like a great addition to my homelab setup, giving me a lot more power and flexibility compared to my current NAS. I was lucky enough to get my hands on a unit from UGreen to try out, so let's get into it.

Disclaimer - This unit was sent Continue reading

Cloudflare WAF protects WordPress applications from two high-severity vulnerabilities

Cloudflare has deployed new Web Application Firewall (WAF) protections for two critical vulnerabilities affecting WordPress. The protections address an Unauthenticated Remote Code Execution (RCE) vulnerability in WordPress's REST API and a related SQL Injection vulnerability.

The WordPress security team disclosed the vulnerabilities to Cloudflare before public release so that we could prepare protections for customers. Cloudflare has deployed the new rules to protect all customers, including those on free and paid plans, as long as their application traffic is proxied through the Cloudflare WAF. The rules were deployed at 17:03 UTC on July 17 2026.

WAF protections reduce exposure while customers update, but they are not a substitute for patching. WordPress has released fixes in version 7.0.2, with backports to affected earlier branches: 6.9.5, 6.8.6, and 7.1 Beta 2 (see release details). Versions earlier than 6.8 are not affected. WordPress is treating this as its highest-severity, highest-priority class of issue and is forcing automatic updates to affected sites, so most sites will be updated automatically. We still recommend confirming that you are on a patched release or the backports for your branch and follow the guidance in the official WordPress Continue reading

Mengenal Laba-Laba Ogre Faced dengan Penglihatan Malam Tajam

Laba-laba merupakan salah satu makhluk yang paling menarik dalam dunia hewan, dengan berbagai adaptasi unik yang memungkinkan mereka bertahan dan beradaptasi di lingkungan yang berbeda. Salah satu jenis laba-laba yang saat ini menarik perhatian para ilmuwan dan pecinta alam adalah ogre faced, atau dalam bahasa Indonesia dikenal sebagai laba-laba berwajah ogre. Keunikan utama dari laba-laba ini terletak pada kemampuan berburu menggunakan penglihatan malam yang sangat tajam, sebuah adaptasi yang luar biasa di dunia laba-laba.

Apa Itu Laba-Laba Ogre Faced?

Laba-laba ogre faced adalah jenis laba-laba yang termasuk dalam keluarga Deinopidae. Mereka mendapat nama “ogre faced” karena bentuk wajahnya yang khas dan menyerupai tokoh ogre dalam cerita rakyat, dengan mata yang besar dan menonjol di bagian depan kepala. Mata-mata besar ini bukan hanya untuk penampilan — mereka benar-benar berfungsi sebagai alat utama untuk berburu dalam kondisi gelap atau malam hari.

Adaptasi Penglihatan Malam Pada Laba-Laba Ogre Faced

Salah satu kelebihan utama laba-laba ogre faced adalah penglihatannya yang sangat tajam di malam hari. Mata mereka terdiri dari sejumlah besar mata kecil (merefleksikan adaptasi khusus), yang memungkinkan mereka untuk menangkap cahaya dengan maksimal. Keunggulan penglihatan ini sangat krusial untuk mendapatkan mangsa di lingkungan yang minim cahaya.

Penglihatan malam laba-laba ogre faced tidak Continue reading

Fakta Unik Sable Island, Kuburan Kapal di Laut Atlantik

Pulau Sable adalah sebuah tempat yang penuh misteri dan keunikan, sering kali disebut sebagai “Kuburan Kapal di Atlantik.” Saat ini, pulau ini terus menarik perhatian para peneliti, pecinta sejarah maritim, dan wisatawan berkat kisah-kisah legendarisnya serta kondisi alam yang khas. Artikel ini akan mengupas fakta unik tentang Sable Island dengan konteks terbaru yang berlaku, memberikan gambaran lengkap tentang daya tarik dan pentingnya pulau ini di era modern.

Sejarah dan Letak Geografis Sable Island

Sable Island terletak di Samudra Atlantik, sekitar 300 kilometer sebelah timur pesisir Nova Scotia, Kanada. Pulau ini memiliki panjang sekitar 42 kilometer dan lebar yang sangat sempit, yaitu hanya sekitar 1.5 kilometer. Posisi geografisnya yang terpencil dan berada di jalur perairan utama di Atlantik menjadikan Sable Island sebagai lokasi yang rawan kecelakaan kapal laut.

Sejak awal tahun ini, Sable Island masih dikenal sebagai “Kuburan Kapal di Atlantik” karena puluhan kapal karam yang terjadi di sekitarnya sepanjang sejarah. Angin kencang, gelombang besar, serta kabut tebal menjadi penyebab utama banyaknya kecelakaan di daerah ini. Hingga saat ini, pulau ini menjadi objek studi penting untuk memahami dinamika navigasi laut dan cuaca ekstrem.

Fakta Unik Sable Island yang Menarik untuk Diketahui

1. Habitat Kuda Liar yang Langka

Salah Continue reading

Hedge 312: Keys and DNS

The entire technology world has, for decades, treated the IP address as a shorthand host identifier. This is clearly not the way IP was designed, but what are our other choices? In this episode of the Hedge, Scott Robohn joins Russ And Tom to discuss a recent paper arguing cryptographic keys should be the primary host identifier, and another article on the centrality of DNS to the Internet.

download

From intent to enforcement: Lessons from operating Kubernetes controllers at scale

Kubernetes controllers are what make the platform’s declarative model real. They observe the state, reconcile toward the intent, and keep doing so as the system changes beneath them. At larger scales, though, the hardest problems are no longer about writing the reconcile loop. They are about preserving correctness while caches lag, objects churn, and enforcement depends on a complete view of the world. This post distills what we learned from operating two critical controllers in Amazon EKS at scale. Kubernetes provides pods with connectivity, but it leaves fine-grained traffic enforcement to the underlying platform. Inside the cluster, intent such as who should be allowed to talk to whom still has to be translated into rules the datapath can enforce. For a small experiment, openness is convenient. For production traffic, it becomes a problem you need to solve, and you want to express that intent once and have it hold as pods are created and destroyed all day long. In Amazon EKS, two controllers close that gap. The Network Policy Controller governs traffic inside the cluster, deciding which pods may talk to which. The VPC Resource Controller governs how selected pods access AWS resources outside the cluster by assigning them their Continue reading

The RPKI Paradox: why invalid routes keep showing up

RPKI was supposed to be the fix for one of BGP’s oldest problems: nothing stops a network from announcing someone else’s IP addresses, on purpose or by accident. More than a decade into the project, adoption numbers finally look good, and yet RPKI invalid routes haven’t gone away. Route hijacks still happen, leaks still happen, and (this is the part that surprised me when I dug into the research) the tools built to catch all this still cry wolf constantly.
Here’s the short version: RPKI did its job. It just wasn’t as big a job as everyone hoped, and thousands of invalid routes a day are proof that the story doesn’t end at “deployed.”

The good part: RPKI actually got deployed

A Route Origin Authorization (ROA) is a cryptographic statement from an IP address holder saying, “this AS, and only this AS, is allowed to originate this prefix.” Routers that check incoming announcements against ROAs sort them into three buckets (Valid, Invalid, or Not Found) through a process called Route Origin Validation (ROV).

That’s the whole mechanism. Simple in concept, it took the industry years to actually roll it out at scale. It’s happened now: a majority of Continue reading

NVIDIA OpenShell Secures the Agent. Who Governs the Fleet?

In short: At GTC 2026, NVIDIA released OpenShell, an open source runtime that sandboxes autonomous AI agents with kernel-level policy: what files they can touch, what processes they can spawn, where their traffic can go. It is a serious piece of engineering and it validates something we have argued all year: agent security belongs in the environment, not in the prompt. But agent identity, agent-to-agent governance, and cross-sandbox communication all sit outside its scope today. This post covers what OpenShell does, where it stops by design, and three integration patterns that close the gap with Tigera Lynx.

Most attempts to control AI agents work at the model layer (alignment, system prompts) or the application layer (guardrail libraries, output filters). Both share a flaw: the thing being secured is also the thing doing the securing. A sufficiently confused or sufficiently compromised agent can talk its way past its own instructions.

OpenShell takes a different position, and it is the right one. Put the controls in the environment, where the agent cannot negotiate with them. An agent inside an OpenShell sandbox cannot leak a credential it never received, and cannot call an endpoint the kernel refuses to route.

If that argument sounds Continue reading

Content: New Parameter in Multiple something_config Ansible Modules

Last December, I wrote a pretty ranty post explaining how Ansible release 12 broke (some?) network device configuration playbooks. The inevitable anonymous troll (why are they always anonymous?) couldn’t resist asking whether I opened an issue on GitHub. I didn’t (more about that later), but when the solution to that rant was “we’re deprecating using templates in src” parameter, I opened an issue arguing why that’s not a good idea.

1 2 3 3,887