New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I can't trust much thats 2 days old. You provide no background or insight into you. And to remind you, you came here first. We didn't ask for to come and grace our pantless authors with plentiful mangoes. You just showed up and walked in on us eating cheese in our underpants.
It fucking doesnt matter if it is 2 days old. There is verify-and-run.sh SO YOU DO NOT NEED TO TRUST, YOU CAN VERIFY!
Idk. Can not you read?
You can verify the script
Better get a tattoo on your head so you can better understand maybe?
I didn´t asked you too to blah blah talk. There is verify-and-run.sh SO YOU DO NOT NEED TO TRUST, YOU CAN VERIFY!
Don't be so naive, it verifying the hash of whats on github doesn't matter at all. You wouldn't be the first person to slip malware into an opensource stuff.
And I can read thank you very much. But all I can see here is some 2 day account peddling shit no one knows about from an unverified source with no background other than "We the devs" you goof.
🤡 honk honk
@CheepCluck you must be so idiot
You didnt read a shit!
verify-and-run.sh require YOU TO DOWNLOAD smart.sh script to inspect it. It wont download it automatically.
Checks if github and disk.lol hashes are the same:
https://github.com/0xDiSk/NVMe-SSD-HDD-S.M.A.R.T-Monitoring/blob/main/verify-and-run.sh#L32
Check smart.sh script exists:
https://github.com/0xDiSk/NVMe-SSD-HDD-S.M.A.R.T-Monitoring/blob/main/verify-and-run.sh#L37
If smart.sh exists: (will exists only after YOU MANUALLY DOWNLOAD IT AND INSPECT IT):
https://github.com/0xDiSk/NVMe-SSD-HDD-S.M.A.R.T-Monitoring/blob/main/verify-and-run.sh#L39
If smart.sh not exists:
https://github.com/0xDiSk/NVMe-SSD-HDD-S.M.A.R.T-Monitoring/blob/main/verify-and-run.sh#L42
Manually download and inspect it, yeah sure people totally do that
Disk.lol for sure. I wouldn't download it myself, as far as I know you're a pant weasel.
@CheepCluck
Idk you read what you wrote? Crap AI bot.
Yes if you do not trust the script you manually download it and inspect it before run.
This is my last reply to you. I wont talk to some AI bot. Re-read your crap, maybe you better understand. Oh and learn to read.
Its not about your script yo doofus, its about who you are and your team. Its important to know whos behind every script we run on our server
Why so hurt little weasel?
Few IT students. And now what?
You can verify & inspect (so you do not need to trust) the scripts halooooooooooooooooooo
Next one who can not read...
lets get some verify & inspect on the OP here. Their reading skills are subpar when in comparison to their deflection techniques.
Sigh..
Besides all of this blabla talk i finally managed to cool off my external HDD, from 57 to 44 celsius (charts work great)
https://disk.lol/view/90175f5ed5a8e3fda85fcb077dca0435c12e037ec99709e2667796f9c848b50c/_dev_sdb/20
You might want to calm down. Such a defensive, mildly insulty, response to feedback is an extra red flag for many, myself included.
Yes. It. Does. Both subjectively (I'll decide what matters to me thankyouverymuch) and objectively in some technically matters (DNS and mail filters blocking brand new things).
Maybe not to you, but your view is not universal and repeating it in SHOUTY CAPS & BOLD with ex-fucking-pletives thrown in will not change that.
Some don't have the time (or maybe not the security expertise either), so any red flag however small means they'll just ignore without bothering to verify. I do have the expertise, but your attitude here is enough to kill any interest I might have had in taking a look at all. I wish you luck in your future endeavours.
If you don't want feedback, don't post to a forum with a habit of giving candid feedback… Perhaps follow your own advice about reading, and research where you are posting, so you aren't so surprised by responses?
Nah, they are all geniuses IT students that dont give a shit on everyone else's view, or everyone else
"Don't be so naive, it verifying the hash of whats on github doesn't matter at all. You wouldn't be the first person to slip malware into an opensource stuff."
He was all the same shit again and again and won´t chance a thing. If you can not read that´s your problem. I said it multiple times - you do not need to trust our scripts, you do not need to trust us, you can verify scripts, you can manually download them and inspect them or you can just see the code on github without even downloading it - verify-and-run.sh
https://github.com/0xDiSk/NVMe-SSD-HDD-S.M.A.R.T-Monitoring/blob/main/verify-and-run.sh-how.it.works
https://github.com/0xDiSk/NVMe-SSD-HDD-S.M.A.R.T-Monitoring/blob/main/verify-and-run.sh
https://lowendtalk.com/discussion/comment/3435083/#Comment_3435083
Idk what is wrong with you.
You seem a tad bit too upset for absolutely no good reason.
You seem to ignore talking about you and keep saying "verify this and that". People want to verify you and your team. You seem to be purposefully ignoring that part of the request.
You are making your product look A LOT WORSE (using bold text and all caps, so hopefully you get to read that portion at least, since thats how you communicate), than you would have if you kept your trap closed.
Live and learn little weasel, live and learn.
And i said you dont need to verify us, you dont need to, there is no need to do that, you will never know our personal identity so?
What you need is to verify the scripts. And they are 100% okay.
https://lowendtalk.com/discussion/comment/3435083/#Comment_3435083
I suppose the LEDs will pick things up if and when necessary
You do you, of course. You don't own anyone any explanation.
But when you come in here, ask for people to test your product, and then act all shady and like a little butthurt bitch whenever you are asked questions, which for some reason you find uncomfortable to answer, yet others find important to know - you are not doing your product any favors.
The red flags are flashing so bright, that they can be seen all the way from the Voyager.
What more you want? Act shady? It was not me who started yelling that we place malware and blahblah with trust. You are going round around you know it? You can verify scripts yourself. You don´t need to know us personally.
I don't see anything malicious in the bash script so far.
It just downloads smartmontools, curl, then extracts the SMART attributes and pushes to disk.lol API.
look we have no intention to do malicious things, yet some of you telling me we do place malware and trust things, doing shady things and so on.
We secured our scripts as we could. Added also virustotal scans. What more?
Actually read and try to understand what we've said, don't overreact, and apologise for responding to this feedback with shouting & insults.
Read the thread again. No one has said you have any such intention, we just pointed out that some choices like the domain name are things that some automated tools (and human gut reactions) will flag as suspicious (because many suspicious things are present on such domains). We were warning you of a potential issue you might encounter, not accusing you of planning to cause a security problem.
You are the only person YELLING and throwing insults about other people's comprehension skills or lack thereof (well, you were, I've just insinuated a lack of comprehension, and have used SHOUT TEXT to highlight what I'm referring to in your responses). This attitude is something that some people won't want to deal with, and it has nothing to do with malware and so forth, if this is how you respond to constructive feedback then I for one am not going to get involved with this or your future projects.
https://lowendtalk.com/discussion/comment/3435082/#Comment_3435082
Why even bother to reply? Omg
OK, so I missed that message and the direct insinuation there-in, but...
https://lowendtalk.com/discussion/comment/3435076/#Comment_3435076
You started the shouty text and insults a couple of replies earlier.
Don't get flustered and throw insults, then you cry because the insulted snaps back. Two wrongs don't make a right, but have the self awareness to realise the first wrong was yours.
Because I'm an idiot, who can't see someone being wrong on the Internet and leave well alone.
And again and again and again...
Then you as well missed this one too - "Gist is, no one knows you. And I trust your script as much as I trust a shell script from totallynotmalware.xyz"
And i said: "It fucking doesnt matter if it is 2 days old. There is verify-and-run.sh SO YOU DO NOT NEED TO TRUST, YOU CAN VERIFY!" And yes i am angry because you dont need to trust person to run a script. You can verify the script yourself - you can run it through virus/malware scan.
Theres no way I'm gonna spend that much effort for some unknown script
It´s not unknown. Source code is available.
Also to your previous post. So are you gonna tell me that when someone who you know made let´s say benchmark script you download it without inspecting what it will run? Let´s also say the known benchmark script is hosted on github, then github acc. get hacked, the hacker change the code, you run it without inspecting because you trust the person who originally made it? good for you. very good.
You don´t need to know who is behind what project.
The only that matters is that scripts does not include malware/virus. That the scripts does not harm your servers/pc.
Nope. Having skipped the first one, that one I filed under “we are telling you how things might look, not accusing you of being that way”. For someone who is fond of telling others to learn to read, you seem to be having a lot of trouble grasping that concept.
Getting angry at online feedback is not a sign of maturity. Not being prepared for feedback that might get drama-y when posting here shows a significant lack of judgement.
You do if you don't feel you know enough to make sure it is all secure. Not everyone here is a coder at all. You do if you don't feel you have time for that anyway. OK, it is a short script, but that isn't known without starting the verification process.
The fact that you can't accept this further makes me question your judgement.
We can. But many people won't bother if other red flags are present. Don't believe me that this could be an issue? “The domain disk.lol is blocked by due to a network filtering policy.” is what I see on the company's direct connection or VPN. Red flag right there, as predicted. IIRC our DNS filtering is provided via CloudFlair, so a lot of people could be seeing that. Whether this is due to newness of the domain registration, or the reputation of the TLD, I don't know, I'll leave you to work it out for yourself as I'm no longer in a frame of mind to be helpful beyond proving my initial point.
I note that while implying I'm going on and on repeatedly, you haven't at all addressed the bits about you using SHOUTY TEXT and insults about comprehension ability before any of the comments you are particularly angry about.
So once again
message != messages
Am i the one who can not read?