utopiah @ utopiah @lemmy.ml

Posts

2

Comments

1,034

Joined

4 yr. ago

Yep, that'd be me. That said if I were to buy a new GPU today (well, tomorrow, waiting on Valve announcement for its next HMD) I might still get an NVIDIA because even though I'm convinced 99% of LLM/GenAI is pure hype, if 1% might be useful, might be built ethically and might run on my hardware, I'd be annoyed if it wouldn't because ROCm is just a tech demo but is too far performance wise. That'd say the percentage is so ridiculously low I'd probably pick the card which treats the open ecosystem best.

Nice, leaving Google is a lot of work but worth it, kudos!

FWIW Im torrenting on my server 24/7 for years. I'm only torrenting Linux ISO though, using transmission in a container.

Started to write a long paragraph to explain the difference between privacy and anonymity but I now believe this new user is (no idea why) collecting engagement via rage bait. I won't participate in their posts anymore.

It might even come from a good place, namely trying to always do "better" and be "more private" but in practice it's just lead to confusion.

Installed LMS (and got some of my former music streaming server to send me my listening data as .csv via GDPR request) and WireGuard this week.

Also took the occasion to clean up and simplify my nginx reverse proxy a bit, making the addition of a new service on my server easier.

I didn't suggest it for any usage, solely that it's easy to setup.

You can host WireGuard on your server, you don't need a VPN provider specifically, you need a server to put WireGuard on though. Depends who you want to be anonymous from, as per usual it's the threat model that defines the solution.

Wrong assumption, you can install it on any other machine you have root access to, e.g. remote ssh. You can rent a server in another country and put your VPN server if that's your need.

FWIW took me less than 1h yesterday to setup WireGuard on 4 different devices :

• server with wg-easy and thus easy to use Web UI (before 2-step auth)
• peers
  • BananiPi 3 F (RISC-V) headless via nmcli
  • desktop on Debian via NetworkManaged
  • mobile phone on /e/OS via the WireGuard client (with Ente Auth to login back on server as admin)

... and it was the first time I used WireGuard.

So I'm trying to imply that one shouldn't use commercial VPNs or benefit from their services, solely that setting up your own depending on your abilities and needs might not be as complex as you initially imagine.

PS: I did have experience with OpenVPN before and a running server already with Docker and nginx as reverse proxy.

I did not say it was always bad :

if an app is not present on it, it’s rarely because technically it can’t, it’s often because of anti-patterns.

So we agree. What sparked this reasoning though was https://github.com/Mentra-Community/MentraOS/issues/1168 which as you can see squarely fits in that pattern, namely :

• interesting open-source project targeting Android
• not focusing on distributing via F-Droid
• upon checking how to do so, discover that beside their available bandwidth, their current choices is not compatible with F-Droid.

I think it's a great example because it shows that developers themselves might not be aware of the consequence of their choices on privacy. This very project is about augmented reality and the value they try to demonstrate is that, unlike Meta for example, they do care about privacy. Yet, in practice, they do rely on Google components that do share data back.

So sure, I didn't say nor do I think ALL projects missing from F-Droid are because they have anti patterns... but more often than not they do.

PS: also noticed WireGuard is like that too. They force upgrades via their own distribution system and AFAICT F-Droid insists that it's up to the user to upgrade if they want to. It's a hard stance and it has consequences, e.g. maybe some people on F-Droid do not get WireGuard official app, maybe they get a less secure one, maybe they get it out of F-Droid and side-step the anti-pattern ... but it's also understandable.

Between this and ICEBlock (and its removal from official stores) I'm wondering if we'll soon see a pattern :

• problem
• data of problem
• plotting on map
• routing around on map

and the whole not packaged as an app itself because that's too risky to get blocked but as user added content, a la Waze.

Maybe CoMaps should support such layers.

You will hardly find anything that is not open source recommended for privacy. Read independent code review of the software and third party audits of the company.

Yes, and IMHO a good trick to shortcut that is F-Droid. They spend a lot of resources to do all that cf https://f-droid.org/en/docs/Anti-Features/

If like me you are both lazy and not a lawyer, check ToS;DR https://tosdr.org/ but honestly it's like labels on food products.

You don't need the damn label to know that Coca Cola is not good but water is... so yes, don't use Facebook, great. You knew that already if you care just a bit about privacy.

Still, if you want to go there, please do check https://tosdr.org/ and if you can contribute back.

What I personally find more useful is F-Droid because if an app is not present on it, it's rarely because technically it can't, it's often because of anti-patterns. The app tries to go on F-Droid only to realize it's not "just" another store but they have rules, good rules IMHO, like no Google Analytics and whatever backends to track user behavior.

Also Android app analysis like https://exodus-privacy.eu.org/ is quite good, same idea, finding anti-patterns but not in code (which isn't a good start if it's not FOSS anyway) but rather in how the app actually behaves.

TL;DR: yes, do read the ToS if you can, but if you can't don't just press "yes" or avoid and move on, rely on the work of others like ToS;DR, F-Droid or exodus-privacy!

I typically investigate with ncdu which gives very useful visualization like :

    
--- /home/fabien/Prototypes/esphome/.esphome ----------------------------------------------------------------------------------------------------------------
                                     /..
    3.1 GiB [######################] /platformio
  218.1 MiB [#                     ] /build
   28.0 KiB [                      ] /idedata
    8.0 KiB [                      ] /storage

  

and let's you iterate. Here for example you'd go into platformio and get another view, press d to delete files or directories that aren't needed anymore if it's a stale project e.g. node_modules. Go back, etc.

So yes, warmly recommended, both on desktop and remote servers. It's way easier IMHO that du -sh ./directory then cd, rinse and repeat. It's also way WAY faster then GUI equivalents ... because you navigate and take action, e.g. delete, with your keyboard.

All that being said, if it's about your filesystem rather than your files, it probably won't help much. I don't know enough about btrfs to help unfortunately.

Interesting, does it do routing e.g. what's the path from A to B with the minimum amount of cameras?

Check my history but basically no. It's not so hard.

I'm on Debian stable yet place the latest games, from VR to flat ones, from AAA to indies, and it just works.

Maybe I spent 30min https://wiki.debian.org/NvidiaGraphicsDrivers months ago (years now? time flies) when I did my install and since then smooth sailing. I have minor issues, e.g. suspend sometimes hang. Sometimes coming back from sustain some visual glitches in the browser via WebGL, but that's it.

Edit: I sometimes also use the GPU for CUDA for local AI/LLM (mostly to make sure it's bullshit, and it is but at least I can say I tried) and that also went well, just followed instructions.

Indeed, and that's why I enjoy lock picking. You get to actually understand the technology and its limits. It's a playful pastime but IMHO it's an interesting reminder.

That being said... I do believe 1 protection exist and is close to 100% : computational complexity. The math behind encryption is the closest we have to a perfect lock. The fact that governments have to put artificial limits on it says a lot.

The comments are funny... I run Home Assistant (using ZigBee, so devices have no Internet connectivity) at home but I also lock pick, for fun.

Sure, your "smart" or "connected" gadgets can be hacked but don't get fooled by believing your "dumb" locks are safe!

As somebody pointed out check the LockPickingLawyer... but if you believe it's complicated buy yourself a lock-picking training kit for 30€. Sure you won't open "fancy" locks easily but you can open a lot of locks by training for like 1h. Get a kit, watch few videos, train while paying attention, repeat while watching a movie (basically blind picking) and you'll get surprised how quickly it comes. If you have very fancy lock (the ones that cost more than 200€) then you need better tooling, like 1000€ automated ones, but that still requires little skill and need a minute to pop a lock (so I heard, this I never tried).

So yes, please, do NOT buy a connected lock if you believe that's unsafe BUT also do not imagine you are safer with a "traditional" cheap one.

PS: full disclosure, I do not have a connected lock but it's not because I think they are more unsafe, just because I didn't bother. I'm not convinced of the utility for the price. That said if you have suggestions, I'm all ears.

PS2: as with similar questions on software, depends on your thread model. If you have to deter playful teenagers or drunkards, sure, it'll hopefully slow them down enough so that they give up. If you are facing professionals it won't matter either way, safer to get insurance for the outcome.

Because

• it works (pretty fundamental!),
• popular alternatives are pretty much evil.

So, I know you think the 2nd point is a hyperbole. That truly I'm exaggerating. Well, actually no, I'm not. I genuinely believe that closed source OSes are one of the biggest epistemological trauma Mankind ever experienced. It's right behind fake as an organized political tool. Sure troll farms and political advertising take the cake... but honestly a locked down OS is very very close. Why? Well because it forces people who use a computer to assume the computer is a black box. It's a thing they can use a certain way. That certain way might be good, lucky them, or bad but regardless they must find a way to make their entire life, professional and private, fit within that very small black box. They are trained, day after day, interaction after interaction, as a lifetime of servitude. The personal computer was supposed to be a "bicycle for the mind" but truly, between closed source OS and the "cloud" (someone else computer, for profit) Mankind has been trained to accept and use a computer as they have been told.

This is an absolute disgrace and should never be accepted. This was bad in the 70s... but nowadays everything around you is a computer. Your computer is a computer (duh) but your phone is a computer, your console is a computer, your headphones are tiny computers, your e-bike is a computer, your doorbell is a computer, your printer is a computer, your washing machine is a computer, heck a light bulb or a button on your wall might be computers!

So... when your entire life is surrounded by small black boxes you are taught never to challenge, your life is miserable.

That's why I switched to Linux.

people still believe that VPN is a safe option

What does that sentence even mean without context?

Safe against whom? I'm pretty convinced a VPN is safe against :

• your boss or manager if you somehow browse on your corporate network
• your flatmates or family member if you browse at home and do not necessary trust them or whomever setup the router
• your school
• the manager of the cafe you are using WiFi on

I'm pretty convinced might be safe against larger scale surveillance :

• your ISP if it is not doing deep packet inspection (and that's pretty much per country basis AFAICT)

I'm pretty convinced might NOT be safe against professional individual surveillance :

• state level professionals using exploits and actually knowing your name, not your nickname
• your VPN provider or the cloud provider you rely on to install the backend side of Wireguard or OpenVPN

So... no I don't think anyone can make your VPN pointless. Clearly the random person sitting next to me in a cafe can not. Only few people with the technical expertise or power can do that. None of that matters though if you already volunteer your information elsewhere publicly on private platforms like Instagram or YouTube though.