For the record - analog multis can burn in hell. Nowadays, not running all of the show over Cat6 should be criminal.
![User banner]()
enumerator4829 @ enumerator4829 @sh.itjust.works Posts 0Comments 148Joined 9 mo. ago
enumerator4829 @ enumerator4829 @sh.itjust.works
Posts
0
Comments
148
Joined
9 mo. ago
Friends don’t let friends run erasure coding on BTRFS.
Personally, I don’t run anything on BTRFS. I like having my data intact and I also want two parity drives in my pools.
For anyone working on or around stages:
Most sane production companies standardise on over-under. Even if you find some other method superior (nothing is), you’ll get thrown out headfirst if you don’t follow the standard. Having a tech fuck around with a non-compliant cable during a changeover is far too risky.
Should be noted that there are special cases. For example, thicccc cables (i.e. 24ch analog multi) that have their own dedicated cases often go down in an 8 instead - easier to pull out and you can use a smaller case. Thank god for digital audio.
(Also, when using over-under correctly, you can throw the cable and it will land straight without any internal stresses winding it up like a spring)
Yeah, but my mom can’t do banking on a flip phone.
This is the issue. Everything sucks. Don’t complain that people make a determination to take the least fucky normal option instead of flashing privacy ROM of the week onto an old Nokia N95. Be happy they thought about privacy it at all.
You can’t participate in normal society without a smartphone. There are two options for normal people. Pick the least shitty one.
Yes. It would be nice if the Americans got their shit together.
Meanwhile, what phone should my mother buy in a store?
So where can my mother buy this excellent non-tracking phone?
She can’t. No one sells it.
Of course everyone is collecting a shitton of data. Out of the two (realistic) alternatives we have today, Apple has, by far, a better track record. Still bad, but they have far fewer incentives to be shitty than Google. Googles only incentive is to be shitty and sell ads. Pick your poison.
Probably excellent. Can my mother buy it over the shelf, in a store?
If not, what’s the best alternative currently available over the shelf, in a physical brick and mortar store, for my mother?
Try it. I dare you. And I want you to succeed.
People have been saying this about linux for the past two decades. Gamers are only now looking at moving over to Linux, after Valve invested a shitton of money into compatibility and usability, fixing the edge cases. And that’s the small subset of people who actively care about their computer. Normal people moving to Linux won’t happen the next few years.
Preserving usability while locking down a system is a really fucking hard problem, especially when you need to do it for normal people and not only us nerds. And you really need the normal people there in order to inject funding.
Of course they do.
But they have recurring revenue streams other than just ads, unlike the Android vendors. Meaning - they probably won’t fuck me over as hard as Google.
Edit: also, note that the ads they sell via your link are on their own platform, i.e. within their own ecosystem. The revenue here is most likely peanuts compared to the AppStore commissions.
First of all: writing this from my iPhone. I’ve been on various android phones, including flashed to Sailfish and alternative ROMs, and I kinda hate being on an iPhone now. But - it works.
Look at the incentives of Google and Apple. Google sells ads. That’s it. Any operation at Google other than that is just a small side hustle. Apple sells hardware and 30% commission on apps/media. Apple’s incentives to fuck over the privacy of individuals is far smaller than Google’s incentives. That’s it.
Let’s go through the list:
- Android vendors (Samsung et. al): Zero incentive to not sell you out. Also, no recurring revenue throughout device lifetime (except selling your data), so zero incentives to provide more than absolutely minimal software support after sale.
- Open Source ROMs: All the incentive, but zero funding or business model. Continually fighting against Google. Thus, not really an option for ”normal” people. I won’t hand my mother a flashed phone, and she won’t be able to flash one on her own.
- Sailfish: Had incentives and a business model. When I used it, the developers could barely keep the web browser patched. Tell me that’s good for privacy.
- Apple: Has incentives to patch and update older phones (recurring revenues from AppStore and iCloud), and doesn’t really sell any ads themselves.
Apple are anti-consumer assholes with a clear objective of creating lock-in under the guise of ”privacy” and ”security”, and they really want to force people into buying more hardware. Agreed. But they are the only major phone vendor that doesn’t have incentives to actively screw you over.
Is a flashed ROM ”better” for ”privacy”? Probably. Should you get your mother an iPhone? Yes.
I can agree on Apple not really having a properly supported hardware repair ecosystem, and actively working against third party repair.
But the software? When Samsung and friends had 2-4 years of security updates, Apple had almost twice that. The iPhone XS still has support, 6 years after end-of-sale, 7 years from release. Normal people can’t be expected to flash their phones with LineageOS. The situation is slightly better nowadays, but Samsung still seems to be depreciating 3 year old devices: https://endoflife.date/samsung-mobile
Here I am, running separate tailscale instances and a separate reverse proxy for like 15 different services, and that’s just one VM… All in all, probably 20-25 tailscale instances in a single physical machine.
Don’t think about Tailscale like a normal VPN. Just put it everywhere. Put it directly on your endpoints, don’t route. Then lock down all your services to the tailnet and shut down any open ports to the internet.
My NAS will stay on bare metal forever. Any complications there is something I really don’t want. Passthrough of drives/PCIe-devices works fine for most things, but I won’t use it for ZFS.
As for services, I really hate using Docker images with a burning passion. I’m not trusting anyone else to make sure the container images are secure - I want the security updates directly from my distribution’s repositories, and I want them fully automated, and I want that inside any containers. Having Nixos build and launch containers with systemd-nspawn solves some of it. The actual docker daemon isn’t getting anywhere near my systems, but I do have one or two OCI images running. Will probably migrate to small VMs per-service once I get new hardware up and running.
Additionally, I never found a source of container images I feel like I can trust long term. When I grab a package from Debian or RHEL, I know that package will keep working without any major changes to functionality or config until I upgrade to the next major. A container? How long will it get updates? How frequently? Will the config format or environment variables or mount points change? Will a threat actor assume control of the image? (Oh look, all the distros actually enforce GPG signatures in their repos!)
So, what keeps me on bare metal? Keeping my ZFS pools safe. And then just keeping away from the OCI ecosystem in general, the grass is far greener inside the normal package repositories.
I mean, the passkey is still in there. It’s protected by convention. It’s a bearer token wrapped in a password manager, presented as a revolution.
We have the technology, can we please pour the same amount of resources into what we’ve already had for decades? Passkeys solve the UX issue for ”normal people”, that’s the selling point.
By convention. See for example: https://github.com/keepassxreboot/keepassxc/issues/10407
We’ve had certificate authentication (backed by hardware) for ages. We could fix the UX there and be done with it, but nooooo, we are reinventing everything again. (Tangentially related: JWT, OIDC and SAML are basically kerberos with extra steps.)
The number of people talking about REST without having read the wikipedia page is astonishing. Roy Fielding’s dissertation on the subject might be of interest, but that’s from 2000 and absolutely not webscale.
(Edit: /s if that wasn’t immediately obvious)
Lol, using RAM like last century. We have enough L3 cache for a full linux desktop in cache. Git gud and don’t miss it (/s).
(As an aside, now I want to see a version of puppylinux running entirely in L3 cache)
$ su - # rm -rf —no-preserve-root /Should do the trick. (Obviously don’t try it unless you know what you are doing and know what may happen when it hits your EFI variables.)
Oh, have they started working on aviation grade test harnesses?
SQLite will rule our world for a long time, far after we are gone.
Normal people aren’t flashing custom ROMs. The audience for some FOSS software will shrink by several orders of magnitude.
But the pain really kicks in when your government/bank/streaming apps require attestation of a signed boot chain and Google Play services running.