I respect your strong ethics and sticking to them, but saying they people support genocide for using software hosted on GitHub is an extreme position.

I could easily change this: Do you drive a car or fly a plane? Then you must have no red lines against climate change.

Tailscale Funnel

The problem is the payment processor. There’s only so many of them that customers actually choose to use.

I never thought I’d see any upgrade. I’m still running my EdgeRouter 12. I kept looking to switch to the Unifi for my router since I have Unifi switches, but never did it because for a while they were missing features that I used.

How about some Yubikeys or smart cards instead of something that requires me to scan my retina and share it with Sam Altman

Right. Zero trust means at the very least you need to add AuthN and AuthZ to every endpoint with no exceptions for internal IP addresses.

Encryption at rest just means the data itself is encrypted when stored on disk and the key is somewhere. It doesn’t dictate that the key is not visible to the server.

Encryption in transit refers to an encrypted channel from client to server.

E2E encryption usually refers to encryption from one entity to another where any intermediary servers do not have the ability to decrypt

Source: too many years doing application security at my job

I really want to like Nix. The idea of declaratively defining my entire system sounds great. I can manage it with Git and even have multiple machines all look the same. I can define my partititioning once and magically get a btrfs disk working. Wow!

But I find the language confusing no matter how many times people say it’s easy. I have a lot of experience with other programming languages so maybe it just doesn’t mesh. It also gives terrible error messages that are hard for me to understand. And Nixpkgs is unpredictable for what version I’m going to get. One of the services I installed ended up being a release candidate version which was a surprise. What if I don’t want the latest version of Docker? How do I pin it? Do I have to duplicate part of Nixpkgs? It just feels like a monorepo where everybody has to be on the same versions. Why on earth do the Nix language docs start by introducing math expressions instead of here is a simple self contained thing that installs one program. Here’s how you configure it. Here’s how you expand. Why does the dependency graph seem to pull in so many unnecessary dependencies? For example, I tried to build a minimal Docker image (which Nix looks to be a very good fit for), but I couldn’t figure out how to strip out dependencies that likely were only used during build for a dependency.

I still like the idea and have managed to get my server defined entirely with NixOS which is very cool, but I can’t recommend this to my tech friends because if I’m confused they will be more so.

The point seems to be able to handle a UPS failure

WiFi is on all three bands. It’s not so much what’s newer vs older. Newer devices tend to support 2.4, 5, and 6 and switch between them based on quality of signal and support by the WiFi network. Higher frequencies like 5 and 6GHz are generally better because there’s less interference.

Cheaper devices tend to only support 2.4GHz

Fascinating. Just based on your comment and nothing else, sounds like it could be something like a CPU Enclave like Intel SGX. Basically a remote client can validate that an application runs in a secure part of a remote cloud computer. The stated goal of SGX is that you only have to trust Intel and if you trust Intel and say run program X in the enclave, then only that part of the CPU can access the data, not the applications running in the non-secure enclave.

Now that brushes over some things like you still need to trust the client and IIRC in a WhatsApp situation, you don’t really know what enclave does, but the communications between the enclave and the host OS are heavily restricted. LLMs also require lots of CPU and are usually run on GPUs, so not sure how that works yet.

They used a protocol called WebRTC that allows for establishing direct P2P connections to establish a connection to the Facebook app running on your phone. The FB app knew your identity so it was able to link your in browser actions with your FB identity.

Another one I’ve used with limited success is ecapture. It can be tricky to debug processes in Docker because you need the ecapture executable with enough permissions to tap the process while also being able to see the libraries that the container uses.

I’ll put this to use and see how well it works.

Its not difficult for technical people like you or me, but my friend who just wants to watch their favorite show on my Plex on their TV won’t know how to traffic engineer the traffic over a Tailscale network to my network. My mom won’t be installing Tailscale on her laptop and phone.

With Plex, you’re getting the easy ability to grant access to users. You get a single pane that can search across multiple Plex instances, and NAT traversal/port forwarding. Jellyfin makes you figure that out yourself.

Oh that would be nice. I would use that to just go into the database and fix all my broken music metadata which I can’t see to fix any other way.

https://www.recompile.se/mandos

You’re right. Unfortunately, open-source has proven time and time again to be unsustainable and burn maintainers out

That’s a good reason for people to take the money they would have spent buying a proprietary solution and instead donate that money to an open source project. For me it’s not always about the cost, but what I get out of it. I’d rather the money go to the community and better it.

it doesn’t seem to open when I’m on the extension store

Firefox marks certain pages as privileged and no extensions will run on them. You’re probably encountering this issue. You can see the full list here.