Looking at a new machine for home

Last year I started looking at a new computer for home.  The windows laptop was to be converted to Linux instead of 'upgrading' to Windows 11.  Sadly, that had to be postponed due to having to replace a furnace, A/C, hot water tank and a fireplace that was red-flagged.  At the time I thought no problem, I can do it later. However the various AI companies and their data centers sucked up most of the RAM supply, video cards and prices skyrocketed and that was even if the devices were available.

I wasn't looking for bleeding edge, but a faster machine.  To be specific a mini-pc.  I don't need SFF, mini-towers, full towers or a laptop.  Just a small machine that can handle code editing, compiles, video and photo editing along with being able to handle basic games.

What I was looking for

• Intel I7 or I9  or  AMD Ryzen 9
• 32 gigs of memory
• 1 terabyte of drive space.  Either SSD or old-school HD.
• Need this as right now I have over 128 gigs of photos and that will grow as I have thousands of negatives, slides and prints to still scan.
• Minimum 2 HDMI ports so I can have dual monitors.
• Minimum 2 USB-C ports.
• Minimum 2 USB-A ports.
• 3.5 mm jack that supports my wired headset with microphone.
• bluetooth
• WIFI 6

Last year the above would run 700-1,000 and readily available.  Today, the models I am interested in starts at just under 1,000 for those that are available and it is bare bones.  I still have to buy the memory and SSD.

I really hope the bubble bursts on AI and data centers so that pricing goes back to sane levels and are more readily available.

Common Vulnerability and Exposures & work

At work one of my unofficial tasks is to review the current CVE list.  We have been asked in the past several times if a vulnerability affects us and we have to quickly find out if it does.  Now we (actually just me) check every day for updates from the prior day against a list of software that we use.  We use a simple XLS to track the CVE, product, date and high level description and a summary is sent out the various team members to investigate.  It has paid off as we knew about a vulnerability before being asked about it and quickly responded to senior management with what was being done if impacted.

This allows us to identify any potential impacts, verify if we are or are not impacted.  If impacted then what are the mitigation steps required before the fix and when will the fix be installed.

The part that I find annoying is that many of the vulnerabilities can be prevented by the app developers during testing.  I suspect that management or marketing is pressuring the developers to push out the code and let the users and others find the bugs.

Terminology

CVE is Common Vulnerability and Exposures. WIKI for CVE.

CVSS is Common Vulnerability Scoring System. WIKI CVSS.

EPSS is Exploit Prediction Scoring System. WIKI for EPSS.

Buffer overflow. WIKI Buffer overflow.

Cross-Site Request Forgery (XSRF). WIKI XSRF.

Cross Site Scripting (XSS). WIKI XSS.

Race condition. WIKI Race condition.

SQL injection. WIKI SQL Injection.

CVE URL I use to check on updates

BrowseCVE vulnerabilities by date (cvedetails.com)

Using and liking Mastodon

When I dropped Twitter X I didn't miss the ongoing toxic waste dump.  I found a great replacement called Mastodon.  It does take a bit of work and time to get started, but I find it a friendly place.  I see what I want to see, I follow those who I want to follow and it isn't a spam filled, advertising filled site overflowing with hatred, bigotry and intolerance.  The administrators keep an eye on things and when spam does appear it quickly gets removed.  

There is a growing community of people who are willing to share, technical experts and media personalities who regularly post. 

If you are tired of X I suggest that you check it out.