I don’t think it’ll come globally at all - even the most crazy laws I’ve read so far target “only” OS vendors.

If it comes it’ll be regional only as manufacturers will be hell bent on not losing revenue in the rest of the world.

Keep in mind that age verification needs to be done on a local level as there is no universal level of what is an acceptable method.

Yes, it is private by technology:

GPS and other systems working the same way are passive, similar to receiving a radio signal. You’re receiving the signal of several satellites at the same time and your device calculates your position based on those signals. You’re basically getting “I’m satellite cool boy and at the next beep it’s exactly five past nine” all the time - only with a bit more precision. Your device does rhen the actusl position calculation locally.

Fun fact! Geo positioning is one off the few things where we need to apply both general and special relativity for real world effects: the effects due to the satellites speed and high distance to earth (and therefore the reduced effect of gravity) cause a significant shift in the speed in which clocks run on those satellites compare to Earth. As we use the exact time to calculate distance and with that position this would cause a huge drift otherwise!

Ah but this means if I can’t control the client (i.e. because I’ve setup a streaming server) then it’s not a solution for me - but I’d I do then this is the cleaner one because it doesn’t reencode the files.

Understood, thank you!

I might have a mistake in my thoughts/knowledge:

This would be a playback tool dependent solution though, right? Because then it works be not something at least I’d want.

Am I overlooking something? (Except the obvious “keep the original” aspect)

Opencloud is the was to go from the established systems in my opinion. https://github.com/opencloud-eu

File sharing and -management for me has a higher level of trust and stability requirements. Syncin with four developers and “doing everything” while based on typescript makes me suspicious - but I haven’t tried it hands-on.

Traefik and caddy were mentioned, the third in the game is usually nginxproxymanager.

I’m using both traefik and nginx in two different setups. The nginxproxymanager can be configured via UI natively which makes checking configurations a bit easier.

Traefik on the other hand is configured easily within the compose itself and you have everything in one place.

This turned out to be tiresome though if you don’t have a monolithic compose file - that’s actually even hr history why I switched to npm in the first place.

I don’t have any experience with caddy so can’t provide anecdotal insights there.

I really like it already so take this as an alternative, not as improvement:l. I don’t have a good eye for aesthetics anyway don’t his is more about structure.

Personally I switched from a single dashboard to purpose driven hubs - I can’t imagine a situation where I need my infrastructure and my calendar at the same time regularly for example.

Another point is context typing: your release checker is quite far away from your appointments and calendar. It looks to me to be sorted by content rather then function (i.e. it’s entertainment so it’s next to YouTube). The same is true for your interaction patterns. There is a lot of visual information which I’m sure you’ll rarely interact with but instead consume. And then there are clearly external links, both bottom left (opencloud, tooling) and top right (external media) in addition to your own self hosted content.

My suggestion is therefore a process instead of a change: Note down when you consume which features of this awesome dashboard together for a few days. Then restructure the content of the whole dashboard based on your usage patterns - either as a new Monolith or even experimenting with splitting it.

I even suggest using a different medium then your usage device (if it’s a desktop PC mainly use pen and paper, if it’s your laptop use your phone, if it’s your phone you use this dashboard on then you might have different problems :D)

If I understand you correctly: You want to be able to record one computer with another one on a system level (the BIOS-party that comes before any operating system is loaded).

Although this is not Linux specific: your best bet is a video capture card as you’ve suggested already. Anything else would depend on your bios supporting remote access which is not exactly the same (my server bios for example can expose a website where I then can configure it from within a browser.

The problem with video capture is that you’d still have two controls: one for the client and one for the host.

Depending on what your final result should be it could be actually easier and cheaper to just get a stand for a smartphone and record it from there and then crop it precisely.

You then have to only worry about light reflecting.

Oh yeah I - at least in part I wanted to go over the top as reply to the “so boomer” phrasing :)

But honestly, I think I see where you’re coming from. My concern is that it’s not a change in language but a shift from information to emotion: And there is genuinely something to keep an eye on: Do my news inform me or engage me?

No matter if Epstein, AI, Ukraine, etc - it’s becoming harder and harder for me to create an opinion on my own because more and more of my information channels tell me how I should feel instead of what’s going on. I’d rather find that out on my own though.

It’s an interesting thought for me though because I can easily rationalize my opposition against this shift - but it’s also rooted in my emotional reaction to emotion-bait which is … ironic I feel!

Yes, this is an unpopular opinion - and at least for me not for the reason you seem to think!

“that’s the way the world is” has way more “boomer vibe” than you can imagine. Even if you add “now”. Why should I give up just because things go to shit? Why should I retire into acceptance and ignorance?

Your acceptance is surrender, your annoyance a sign that a party of you knows that.

Sorry if I use the wrong English terms! I think you are right :) With system I refered to the literal computer system the file is saved on. I’m not a dev of one of those tools but I know several maintainers and developers that’s why I’m a bit sensitive there! Thats why I (baldy apparently, apologies!) tried to focus on the developer point of view and ignored the whole cost/benefit aspect which you described very well - thank you for that!

Back to my point re/ local security because I feel this is the only one where I see a fundamentally different assessment between us: (Fontext: access an unencrypted file on my machine): I’m not aware of a mechanism to read (unencrypted or not) files on a host without a preceding incident. How else could your files be acessed? I don’t understand how I might have this backwards.

You’re completely right if course that there are a lot of tools out there one could use - but it would be on the developer to implement support for those. If you support one you can be damn sure users shout for “I want to use Y”. And then you would still need a Fallback for anyone not willing to install a supported third party tools.

I have my issues with proton because of its CEO and some weird decisions for their product lone and don’t use them at all. I.e. I won’t defend this company.

Such a claim without source and explanation or interpretation of assumed implications are pure fear mongering.

Because of this: my advice is to decouple your privacy concerns and thoughts from politics in the first degree (rhetoric and hearsay). Base it ok policies, observable behavior, audits, laws and so on…your example: exit nodes for VPNs don’t have an impact on security at all in neither direction. Hosting infrastructure there would (i.e. it would increase potential access and put the infrastructure under additional legal requirements).

Cybersecurity works inherently with risk scenarios. Your comparison is flawed because you state that there is an absolute security hygiene standard.

That said: I highly appreciate your approach to the subject, i.e. looking at the code and raising a discussion about something that looks wrong. Thank you for that!

On the subject itself:

There are two common ways to implement token management. The most common one I am aware of is actually the text based one. Even a lot of cloud services save passwords as environment variables after a vault got unlocked via IAM. That’s because the risk assessment is: If a perpetrator has access to these files the whole system is already corrupted - any encryption that gets decrypted locally is therefore also compromised.

The second approach is to implement the OS level secret manager and what you’re implicitly asking for from my understanding.

While I agree that this would be the “cleaner” solution it’s also destroying cross platform compatibility or increasing maintenance load linear to the amount of platforms used, with a huge jump for the second one: I now need a test pipeline with an OS different than what I’m using.

Which are all of them who claim to hear a difference.

Haha that was an auto correct fuck up - I agree with you!

It was supposed to be “are preferable” - that’s what I meant with the first sentence: There must still be effective encryption in the wild if some… elements fight so hard to kill it.

You realize they"trying to destroy" implies existence?

It’s not " good vs bad" for me, it’s a “better vs worse”. And for them: yes, European date centers as few are preferable at this point in time from my current knowledge.

Edit: Auto correct fuckup.

“gimme your mongodb url for me to do anything”

• random docker container or tool.

Last example where I was … Annoyed by: unifi. Their management application demands a mongodb.

If you do don’t trust em then don’t update syncthing - it’ll work for quite a while I assume.

And in addition the keepass safe default encryption of AES-256 and is even secure against theoretically existing quantum computer attacks to our current knowledge. It is designed to be not trusted by the storage owner :)

I get where you’re coming from but movie audio also fails here. The same darkness discussion arises about dialogue-to-explosion volume regularly :)

That doesn’t take away from what you said they “proper” audio work is done that way …

I wish I could blame auto correct but I’m afraid at least 2/3 of that was (and is) sleep deprivation :(

Hopefully a bit cleaner now and thanks for the pointer.