Melmi

This works if you trust every program you run with silent root privileges. Sure, don’t run untrusted code in general, but I think it’s generally good practice to lock down root privileges as much as possible. Layered security and all that.

The docker command doesn’t have to allow you to run commands as administrator to function properly. You can simply leave the docker group empty and run docker commands via sudo. Using the docker group is essentially equivalent to enabling passwordless sudo as far as security is concerned.

Or you could just take a train

T-Mobile doesn’t even have CGNAT, it’s single-stack IPv6. IPv4 gets routed via NAT64.

Except as written, it’s only a path to knowing who all children are, not the adults who are usually the ones advocating for taxing billionaires. Sure, they might change the law, but that doesn’t make starting it this way any less bizarre. I don’t understand what reason there would be to make it harder to make a child account than an adult account by only IDing children.

This is bizarre. Why would they force people under 18 to verify their birth date, but if you’re over 18 you can just enter your birth date with no verification?

Usually you only care about verifying the age of people over 18. What’s this law trying to accomplish by only verifying children?

Do you know where it says you can’t unarmed strike while holding a two handed weapon? I’m not seeing a requirement for a free hand in the rules.

Unarmed strikes with kicks and elbows and such aren’t just flavor, it’s written in the rules that you can use any part of your body.

Instead of using a weapon to make a melee attack, you can use a punch, kick, head-butt, or similar forceful blow. In game terms, this is an Unarmed Strike—a melee attack that involves you using your body to damage, grapple, or shove a target within 5 feet of you.

The mechanics don’t state you need a free hand anywhere.

90% of your posts are links to this one company’s blog.

Do you work for this company?

The age assurance thing is ridiculous but it doesn’t lock out people under 18 from the OS, it just records their age and has to tell it to every program on their computer so those programs can change their behavior based on whether the user is a minor, ostensibly so that programs meant for adults only can lock out minors without having to individually age verify the user.

I definitely feel the lab burnout, but I feel like Docker is kind of the solution for me… I know how docker works, its pretty much set and forget, and ideally its totally reproducible. Docker Compose files are pretty much self-documenting.

Random GUI apps end up being waaaay harder to maintain because I have to remember “how do I get to the settings? How did I have this configured? What port was this even on? How do I back up these settings?” Rather than a couple text config files in a git repo. It’s also much easier to revert to a working version if I try to update a docker container and fail or get tired of trying to fix it.

Just put everything that doesn’t have OIDC behind forward auth. OIDC is overrated for selfhosting.

I occasionally use middle mouse paste, but I switched my partner over from Windows recently and they were used to scrolling by holding MMB and dragging which seems to be the default on Windows…

I expected there to be a toggle to turn off middle mouse paste but there just wasn’t. I had to go into multiple different places to disable it and enable autoscroll for all their apps. I ended up installing a hacky tool that would just clear the clipboard whenever MMB was pressed.

If anything can make this process easier, I’m all for it.

Base 1 usually uses ones, because it represents summation at that point. Using zero as the numeral would be a bit awkward. Also historically zero is pretty new.

Tally marks are essentially a base 1 system.

You’re arguing two different points here. “A VPN can act as a proxy” and “A VPN that only acts as a proxy is no longer a VPN”. I agree with the former and disagree with the latter.

A “real” host-to-network VPN could be used as a proxy by just setting your default route through it, just like a simple host-to-host VPN could be NOT a proxy by only allowing internal IPs over the link. Would the latter example stop being a VPN if you add a default route going from one host to the other?

Fundamentally, a host-to-host VPN is still a VPN. It creates an encapsulated L2/L3 link between two points over another network. The number of hosts on either end doesn’t change that. Each end still has its own own interface address, subnet, etcetera. You could use the exact same VPN config for both a host-to-host and host-to-site VPN simply by making one of the hosts a router.

I see your point about advocating for other methods where appropriate (although personally I prefer VPNs) but I think that gatekeeping the word “VPN” is silly.

“It has effectively the same function as a proxy” isn’t the same thing as “it’s not actually a VPN”.

One could argue you’re not really using the tech to its fullest advantage, but the underlying tech is still a VPN. It’s just a VPN that’s being used as a proxy. You’re still using the same VPN protocols that could be used in production for conventional site-to-site or host-to-network VPN configurations.

Regardless, you’re the one who brought up commercial VPNs; when using OpenVPN to create a tunnel between a VPS and home server(s), it seems like it’s being used exactly to “create private communication between multiple clients”. Even by your definition that should be a VPN, right?

VPN and proxy server refer to different things. There’s lots of marketing BS around VPNs but that doesn’t make the term itself BS, they’re different and it’s relevant when you’re talking about networking.

Yeah, they mention in the article that the team tries to get “sensitive items” and “harmful substances” but Claude shuts it down. Tungsten cubes, on the other hand…