> big-tech abusing their market position as gatekeepers
No no, you see, that is called “innovation”. And whenever the EU does anything to try to curtail those abuses of power, what they are doing is stifling innovation. Because as we all know, the one thing that matters in life is growth growth growth, particularly company growth, and there’s nothing more innovative than coming up with ways to exploit people’s privacy and attention for profit. And if you can get the ones exploited to rally in your favour, you’ve hit the jackpot. All hail corporate America, let’s raise a glass to the obscenely rich getting richer at the expense of everyone else, that is working out great.
Unfortunately, I cannot confirm. Sharing my experience:
I used tinc over multiple years on production servers and it would sometimes create netsplits that did not recover.
I also suspect that there's a race or bug in re-keying, which also causes disconnects.
On the netsplit issue, it was me posting alone on the relevant issue [1] over multiple years without response. (I don't expect to get any from free-time maintainers, especially on hard-to-reproduce issues, but it's still important to know that such unsolvable hurdles exist.)
When I switched to Nebula, it improved this situation.
But both Nebula and tinc max out at around 1 Gbit/s on my Hetzner servers, thus not using most of my 10 Gbit/s connectivity. This is because they cap out at 100% of 1 CPU. The Nebula issue about that was closed due to "inactivity" [2].
I also observed that when Nebula operates at 100% CPU usage, you get lots of package loss. This causes software that expects reasonable timings on ~0.2ms links to fail (e.g. consensus software like Consul, or Ceph). This in turn led to flakiness / intermittent outages.
I had to resolve to move the big data pushing softwares like Ceph outside of the VPN to get 10 Gbit/s speed for those, and to avoid downtimes due to the packet loss.
Such software like Ceph has its own encryption, but I don't trust it, and that mistrust was recently proven right again [3].
So I'm currently looking to move the Ceph into WireGuard.
Summary: For small-data use, tinc and Nebula are fine, but if you start to push real data, they break.
Navalny has always been a supporter of a concept referred to as "Russkiy Mir"[1] and has spoke at length about it. It is a weird ethno religious philosophy which shows the bounds of the russian country extend far past the borders of teh russian federation. The closest I can easily describe it is as a weird western version of jihad where they want to assume all other cultures and erase them in favor of expansion of their own via multiple methods.
In 2007, in a Russian "Gun Rights" video, Navalny compared the Chechen muslims to "cockroaches and flies" and said he wanted to exterminate them. A picture of a Chechen muslim appears on the screen and he shoots it with a pistol. In another [2] video it featured Navalny dressed as a dentist, presenting a slightly confusing parable that likened interethnic conflict in Russia to cavities and argued that fascism can be prevented only by deporting migrants from Russia. Navalny closed his monologue with “We have a right to be [ethnic] Russians in Russia. And we will defend this right.” This is an allegory to killing all non-ethnic Russians.
In 2008 when Russia invaded the country of Georgia. He said[3]:
Of course, there is a big desire to fire a cruise missile at the General Staff of the [derogative name for Georgians], but they are just waiting for this.
Years later, he apologized for the ethnic slur denoting Georgian people, but never for his support of the Russian war on Georgia.
In an interview with Echo of Moscow radio station in October 2014, Navalny admitted that the peninsula had been seized through “outrageous violations of all international norms”, and yet asserted that it would “remain part of Russia” and would “never become part of Ukraine in the foreseeable future”.
His statement was not simply an assessment of the developments around Crimea. When pressed on whether he would return Crimea to Ukraine were he to become Russia’s president, Navalny wrapped his “No” in an odd question: “What? Is Crimea a sandwich or something that you can take and give back?” His position on Crimea was basically, "finders keepers."
Also in 2014, here[4] he is using one of the worst ethnic slurs for Ukrainians making fun of them.
In 2016, Navalny said that he intended to hold a "normal" referendum in Russian-occupied Crimea if he won the Russian presidential election. Note that Russia has forcibly killed or deported many/most ethnic Tatar peoples and native Ukrainians from Crimea. They've allowed Russian people to come occupy it and settle the lands, so by definition, any referendum would be with invaders on invaded territory. It would be a sham.
In 2023, he offered a 15 point "manifesto"[5] where he changed tac quite a bit, but this was after some prominent navalnyists were pissing off western journalists with their staunch anti-ukraine message, all in line with Russkiy Mir.
I can go on and on and on, but his support of violence and cleansing the world of non-russians goes back a long time. I just spent a few minutes to find these but if you dig in you can find the same and more.
That's great, but it's absolutely not high DPI. iFixit estimates the pixels per degree (ppd) of the AVP at ~34 [0]. A MacBook Pro at 20" is over 90 ppd [1]. A 27" 1920x1080 display at 22" would match the AVP at 34ppd.
Why not use a combination of open source and OpenAI models? GPT-3.5 is already beaten by Mixtral and Mistral-Medium. The first one you can host for free and the second has a darn cheap API while getting really close to GPT-4 performance.
Steam's Gabe Newell said it best: Piracy is an issue of service, not price. I went from full pirate (we didn't even pay for cable, it 'just worked' -- the beauty of analog) to nearly full streamer. The stuff I kept pirating wasn't available on stream. Then Disney started to take off their stuff from Netflix. HBO suddenly quit in The Netherlands, or I had to combine it with KPN or was it Ziggo (what if you can't have DSL or cable? And, what if you got better; fiber?). I'm still paying for like 6 services, but not forever. Because my children do not know or remember on which service they saw something. Heck, often they can't even remember the name. Or they know the name in our own language and the search doesn't work. And as cherry on top, Dutch public broadcasting organisation (NPO) updated their app which was a step back as it removed a lot of features, such as children profiles, and the navigation of the new UI is atrocious. Series paid for with public money suddenly got removed. I am done with this shit. I am. What I will do is download all my children's favorite series, and put them in Jellyfin. Then every month we pick a different service, and they can watch that, too. I will tell them it is beyond my control (a white lie).
Also the quality of the streams is laughable. Only Apple bring something which deserves the mention 4k (and Apple are part of the problem).
And a piracy setup is very easy. I will get fiber soon. I have a VPN with a container to run BitTorrent on. I have Usenet servers. I have a couple of lifetime ???znab accounts. All cheap.
I wrote this post angrily in less than 10 min, I probably forgot to mention other reasons on top of this all. Yeah, the fuzzy feelings I got for not pirating. I admit, I will miss those.
I used tinygs on a lilygo esp32-based board with a semtech sx1262. Before its untimely demise I used SDSAT, which would rebroadcast messages. I'm not currently aware of any active sats that do that, but you can receive telemetry from tons of them as listed on tinygs.
Yes, I disable it using the suggested method of returning NXDOMAIN for "use-application-dns.net". I do also disable it in applications such as the browser to avoid the log entries.
And then I have about 80 IP's that I blackhole. People often counter that with, "but DoH can run on any HTTPS endpoint and you can't block CDN's", and whilst this is true I have never run across a CDN performing front-ending DoH and I am the type of person that will block a CDN. I can route HTTPS for specific applications through my own VPN mesh if it came to that and use Squid SSL Bump MiTM proxies to sanitize URL's which I have done in the past. It would just be a couple ACL's in Squid to block DoH end-points. The only domains I can not MiTM are those still using public key pinning such as Paypal which I will never use, eff.org, and a few Google sub-domains. There are probably a few others I have not run across on my Squid proxies.
As a side note, I think PiHole should consider adding a feature for Squid MiTM proxy mode so that more people can do this, with options like peeling off specific LAN clients to use the proxy or force everything through it.
That's an interesting perspective. For another try reading the multiple attempts the libera team made to accommodate the slow progress and security holes on the Matrix side before the decision was made to close the the bridge permanently.
It was sad to see a few matrix people drop away but most of the activity and users were/are on the IRC side. And of the active matrix users I considered friends most just decided to connect to IRC using a real client. Much like Slack started off with an IRC bridge to bootstrap itself with IRC communities the Riot.im/Element.io corporation no longer feels the need to maintain the bootstrapping and does not allocate resources for it.
I’ve been evaluating FreeBSD, and the primary thing that I miss is the ease of use that comes with using docker images.
The jails system + zfs is pretty nice. If there was an ability to snapshot a jail and easily package it as an image… I wouldn’t look back at docker again.
I don't care. Before, people would look out for each other and treat everyone with respect, regardless of clothing and style. Tik Tok ravers tend do to the opposite. Let people die on the fucking curb, being an asshat, just go to raves to take all drugs at once. I'm no the only one who thinks that way. This is a very big debate, especially in Germany. So what's wrong with tik tok ravers? They bring their fucking consumerism into a culture that they don't care for, destroying it in the process.
I often wonder if we could start a new sub-internet. Like a wide area mesh VPN. Perhaps something like tor but not so focused on anonymity so it doesn't immediately degrade into the cesspool that tor has become.
In the self-hosted space, I've been really enjoying playing around with decentralized encrypted overlay mesh networks like Nebula. Here's the current list of my faves (all Wireguard based).
I find SAC305 to wick into joints faster than leaded solder does, provided you have quality flux in the solder.
If you get the cheapest lead-free solder you can find on Amazon it will be bad.
Doubly so if you have a non-temperature-controlled soldering iron. Too cold, and it won't melt effectively. Too hot, and exposed metal will oxidize rapidly.
Not the op but I use chatblade[0] on the cli, chatgpt-next-web[1] as webgui and quivr[2] for multimodal stuff files/images/audio/video. atm everything goes over a azure openai endpoint but would love to infere an llm locally.
In case you didn't catch it, my comment was a direct reference to the rule of 40. It has come to dominate a lot of thinking in finance, and I don't think it is just Silicon Valley.
Make a little script, bind it to a hotkey. For me, I use Windows+S
$ cat ~/bin/monitor-off.sh
#!/bin/bash
sleep .5
xset dpms force off
Same little trick for when I lock the screen, (Settings -> Notifications -> Screen Saver -> Configure Events):
cat ~/bin/LOCKSCREEN-ACTIONS.sh
#!/bin/bash
## Anything that is "slow" should be run in the background otherwise lock/unlock is slowed down
#Mute audio on screen lock, only if not already muted:
(
if [[ "$(amixer get Master | awk '/Front Left:/ {print $NF}')" = "[on]" ]]; then
amixer -q set Master mute
touch "${HOME}/.audiomutedbylockscreen"
fi
) &
#Pause foobar2000 only if playing, and make a note.
( "${HOME}/bin/foobar2000-pauseonly.sh" && touch "${HOME}/.foopausedbylockscreen" ) &
#Disable all mouses (to prevent movement waking monitor.)
"${HOME}/bin/set-mice-status" disable
#Force monitor to sleep.
"${HOME}/bin/monitor-off.sh"
And finally, I have the inverse of that, which is called on screen unlock, called automatically on screen unlock (Settings -> Notifications -> Screen Saver -> Configure Events):
cat ~/bin/UNLOCKSCREEN-ACTIONS.sh
#!/bin/bash
#Unmute audio only if muted by lockscreen:
(
if [ -f "${HOME}/.audiomutedbylockscreen" ]; then
amixer -q set Master unmute
rm -f "${HOME}/.audiomutedbylockscreen"
fi
) &
#Enable all mouses.
"${HOME}/bin/set-mice-status" enable &
#Unpause foobar2000 only if paused by lockscreen. Remove note.
(
if [ -f "${HOME}/.foopausedbylockscreen" ]; then
"${HOME}/bin/foobar2000-playonly.sh"
rm -f "${HOME}/.foopausedbylockscreen"
fi
) &
If you use a non-declarative adblocker, you're not just trusting the developer, but also all the third-party filter lists you've subscribed to. These filters have powerful capabilities and can even exfiltrate website data [1], and they are updated in real time, so if a bad actor pushed a malicious update (e.g. by gaining access to any EasyList contributor account), you would most likely be affected.
However, it's true some websites (like YouTube) are especially problematic and a declarative adblocker is not enough. What you can do is combine both approaches: use a declarative adblocker (uBlock Origin Lite) as a baseline, and selectively enable non-declarative adblockers (uBlock Origin) for specific websites (see [2] for a detailed overview).
I like this layered approach because it gets you the best of both worlds: the security and performance of a declarative adblocker, and the functionality of a non-declarative adblocker when you need it, without compromising your entire browsing session.
People use Airalo app to buy eSIMs, wherever they travel to. One can buy eSIM even before you land in foreign lands. I don't have experience with Airalo, but many recommended that app on this site.
