They have a poor history of incidents that leaves many people not trust them.

https://manjarno.pages.dev/

It’s meant to protect the software, not the hardware. Of course you can still put a hardware keylogger on it.

You’re also only considering the use case of the owner and user being the same person. In a business context, the user and the owner are two different persons. It can be used to ensure the company’s MDM and security software aren’t tampered with, for example if you try to exfiltrate company data. In that situation, even if you have a keylogger, it doesn’t help you much, it still won’t allow you root access on the machine, because the user of the machine doesn’t have root access either.

Same with servers: you don’t even care if the hardware is keylogged, nobody’s ever using the local console anyway. But it’ll tell you if a tech at the datacentre opened the case, and they can’t backdoor the OS during a planned hardware maintenance.

Same with kiosk machines: you can deface the hardware all you want, the machine’s still not gonna let you order a free sandwich. If you buy one off eBay you can bypass secure boot and wipe it and use it, but it won’t let you sneak a USB on it while nobody’s watching and attack the network or anything like that.

But yes, for most consumers it’s a bit less useful and often exploited in anti-consumer ways.

It’s mostly for use cases where you can lose physical access to the computer like overnight at the office, at a hotel while travelling, in a shared server room, etc. It’s extra assurance that the computer runs the software you expect it to run and nothing else without at least being somewhat noisy about it.

This can in turn be used to use the TPM to get a disk encryption key, so you can do full disk encryption but still boot to a normal login screen without entering a password. It will only hand out the key with the correct signed boot chain.

If you have a desktop PC at home that nobody untrusted touches, then yeah there isn’t that much value to it for you.

If we deleted everything written by insufficiently pure developers, we wouldn’t have a Linux desktop. Especially if we count the ones that were smart enough to not bring up anything political in public.

Not a fan of DHH, but then you delete Rails then there’s no GitHub, GitLab, Mastodon, and many many other things given how popular Rails is, and that’s just that one guy.

If you include all the sketchy stuff that happens in the supply chain mining the minerals, processing, assembly all the way up to the final computer product, you just can’t morally justify supporting any manufacturer either.

This really doesn’t do anything useful other than feeling good to not support one of those guys. If anything it just adds extra political drama that feeds into a much bigger worldwide division problem.

How much easier can it even get to deploy? You start it, point your domain at it and you’re good to go.

Because fear and hypocrisy, and pretending we’re somehow special as humans. It’s okay for us to copy this style, and replicate this drum set, and sample these sounds. We’re okay torrenting stuff because screw the big rich studios. We’re okay buying knockoff stuff because it’s cheaper.

We only care because it’s started crushing small creators struggling to make a living, and AI can gobble up training data faster than any human reasonably can in a lifetime.

Intellectual property has always been broken, AI just exposes the problem more clearly. It’s always been a double-standard.

At this point China doesn’t need propaganda, they just let the chinese users look at the US user’s misery by themselves and sit back.

When Rednote was first flooded by the first wave of TikTok refugees, the chinese users were baffled just how much worse it was than their propaganda said. Which is probably why they just let it go and didn’t immediately shut it down.

Rednote is pretty different vibes, I’m on it but not nearly as much as TikTok. It’s pretty interesting for what it is but it’s not a replacement and it’s not competing to be a replacement either.

I would guess they’ll probably move to Bytedance’s other app, Lemon8, or probably Skylight Social as Bluesky is generally pretty popular with the particular part of TikTok I’m on, so everyone already have ATproto accounts and follows.

No way. iPhones don’t exactly allow bootloader unlocking to begin with, but even if you could, it would be in no better state than Asahi on the M1 Apple computers. Every driver would have to be written from scratch.

Pixels are a good platform for custom ROMs because until the recent drama, you could literally just build AOSP as-is and use it. So the GrapheneOS team only really need to focus on their changes to the OS and their apps and none of the drivers and modem interface and all that. That’s also why GrapheneOS runs so well on it: Google provided everything, it just works.

iPhones would be the absolute worst phone to develop for: zero support from Apple, no drivers no documentation, no nothing. Not even a Linux kernel! At least for Android, the Linux license forces manufacturers to publish the source code, so at minimum you start with something that should boot and contain all the stuff to talk to the hardware already, just need to wire it in with userspace drivers. CPU manufacturers like Qualcomm also provide a fair chunk of the userspace drivers open-source too, so you can just pull that and have audio and video working.

Not impossible, but definitely really hard and impractical.

It’ll tolerate a few hours no problem, mine’s been down for a bit over 24h and caught up fine.

I think it marks instances as down after 2-3 days, but I’m not sure if it’ll resume once it comes back up at this point. I think if your instance reaches out it might start pushing events again but it could also result in dropping the previous days.

No, I would simply give them a box of condoms or whatever.

If they’re gonna do it, they’re gonna do it, and as a parent, you’re way better off with your kids comfortable not hiding it because if there’s complications you can intervene quickly. If the condom broke, you want the kid to come to you so you can get plan B and not have to deal with an abortion a couple weeks or even months later. It’s also way better they get caught doing it at home vs in a car and now be on the sex offender registry.

What you’re describing is abstinance and is common in religious families, and well know for being ineffective. Plus as you’ve described, it completely falls apart when bisexuality is involved, and it makes even less sense if it’s physically impossible to even get pregnant.

The same extends to alcohol, drugs, porn, whatever evil vice people are worried. If your kid’s gonna do drugs, you want them to feel comfortable calling you if they have a bad trip, and also feel comfortable giving you the drugs so you can get them to the hospital and they can quickly identify what you’re on and give the necessary medications.

They’re gonna learn about all that eventually, better they learn it from you. Punishment and “you’ll understand when you’re grown up” doesn’t work. If they’re old enough to ask, they’re old enough for the answers too.

You need to set up your PC to be on that IP address first, TFTP doesn’t magically listen to a particular IP, you need to configure the PC with that IP.

ip link set eth0 up
ip addr add 10.10.10.3/24 dev eth0
ip addr add 10.10.10.1/24 dev eth0

Then you can start the TFTP server on the interface:

dnsmasq -d --port=0 --enable-tftp --tftp-root=/path/to/tftp/root -i eth0

This is why when an app pops up that permission dialog, you always say no. The number of permissions Meta apps ask immediately upon startup is a red flag on its own.

Can’t collect and upload what it doesn’t have.

For all its flaws and mess, NFS is still pretty good and used in production.

I still use NFS to file share to my VMs because it still significantly outperforms virtiofs, and obviously network is a local bridge so latency is non-existent.

The thing with rsync is that it’s designed to quickly compute the least amount of data transfer to sync over a remote (possibly high latency) link. So when it comes to backups, it’s literally designed to do that easily.

The only cool new alternative I can think of is, use btrfs or ZFS and btrfs/zfs send | ssh backup btrfs/zfs recv which is the most efficient and reliable way to backup, because the filesystem is aware of exactly what changed and can send exactly that set of changes. And obviously all special attributes are carried over, hardlinks, ACLs, SELinux contexts, etc.

The problem with backups over any kind of network share is that if you’re gonna use rsync anyway, the latency will be horrible and take forever.

Of course you can also mix multiple things: rsync laptop to server periodically, then mount the server’s backup directory locally so you can easily browse and access older stuff.

Technically it wasn’t really designed with megainstances in mind that swallows the entire fediverse.

My instance has no problem whatsoever keeping up and storage is well under control. But we’re few here subscribed to a subset of available communities so my instance isn’t 90% filled with content I don’t care about and will never look at. Also reduces the moderation burden because it’s slow enough I can actually mostly see everything that comes through.

Lemmy itself is also pretty inefficient in that regard, you can very much make software that pulls instead and backfill local cache as needed.

Even my Reddit subscriptions would be pretty easy on my instance.

Technically it wasn’t really designed with megainstances in mind that swallows the entire fediverse.

My instance has no problem whatsoever keeping up and storage is well under control. But we’re few here subscribed to a subset of available communities so my instance isn’t 90% filled with content I don’t care about and will never look at. Also reduces the moderation burden because it’s slow enough I can actually mostly see everything that comes through.

Lemmy itself is also pretty inefficient in that regard, you can very much make software that pulls instead and backfill local cache as needed.

One thing to keep in mind is ActivityPub isn’t exactly made for social media in the sense most people use it nowadays. It’s intended to be more like RSS feeds: you’re support to subscribe to stuff like news sites and be able to bring it all into a content aggregator. Seen that way, its design makes a lot of sense.

It kinda works well for public microblogging as well. It’s when you start involving moderation, voting, sharing, boosting that things get kinda weird.

I’ll add some of my comments to that discussion.

You guys have basically been describing Aether and Nostr

The main issue is when your instance starts federating, accounts are created with a key pair that you will lose when changing software, and generally a whole bunch of URLs will no longer be valid. The actor ID of your user is https://feddit.org/u/buedi, not just buedi. Mastodon might make it https://feddit.org/@buedi instead. As per the spec, that is the canonical URL for the user/actor.

Other instances will still try to push content to your instance assuming the software it was registered with. So you may continue to receive data for Lemmy communities which Mastodon has no clue what that is or what to do with it.

You can host the API/frontend on a different domain no problem, but the actual ActivityPub service should be on a dedicated subdomain to avoid the issues.

That said, I believe after a couple days/weeks, it should eventually sort itself out as your instance keeps erroring out and gets dropped and reregisters with the new software.

https://seb.jambor.dev/posts/understanding-activitypub/

For decades, we offshored that stuff there because it was cheaper. Now we’re acting shocked pikachu that the asians that have been producing our chips for the last 30 years are better than us at producing chips. Not just chips, hell of a lot of manufacturing in general too.

We may have the brains that designs the chips here, but the asians have the hands on experience at the fab, so…