#1 items should be backups. (Well maybe #2 so that you have something to back up, but don’t delete the source data until the backups are running.)
You need offsite backups, and ideally multiple locations.
#1 items should be backups. (Well maybe #2 so that you have something to back up, but don’t delete the source data until the backups are running.)
You need offsite backups, and ideally multiple locations.
This is not funny, it is mildly infuriating.
That isn’t what that document says. It says that they can impersonate you in non-E2EE scenarios. The clients I use warn me when a message isn’t properly encrypted so someone without E2EE keys can’t impersonate someone in an E2EE room.
That being said the general concept is a problem. I would love to see progress where all events from a user are signed by a device key and non-forgable. There is some thinking about this with portable identities (such as MSC2787) where you server is basically just storing and forwarding events but the root of trust is your identity and keys that you control. But none of this will land soon, not for many years.
Probably yes, it depends on your threat model.
If you are using E2EE on a matrix.org account then your message content, attachments (images) and most other traffic isn’t accessible to anyone but the people in the chat. However Matrix isn’t the most private option, it has a number of leaks such as reactions and chat topics (these are being worked on but aren’t close to happening).
For most people Matrix is a very private and secure option and the fact that it is federated is a huge plus. If you want something more secure you are probably looking at Signal (which you don’t want to use and isn’t federated) or Simplex Chat (which doesn’t have multi-device support).
I’m pretty sure every microwave just splits the input in to the last to digits as a number of seconds and the digits before that as minutes. Then runs for 60 * minutes + seconds
. So 0:99 is equivalent to 1:39 and 1:80 is equivalent to 2:20. I mean it is a little weird that the seconds can be >59 and extra weird that you can do 6:66 but it isn’t exactly wizardry.
Closed-source software that sends home tons of information about your system without consent. All communication accessible to a VC funded company that has huge pressure to make as much money as possible.
I’ve been doing this from Firefox forever…
But “with audio” is actually a new feature. Previously I was manually sending the audio through my voice channel which worked pretty well but it would be nice to have a separate stream for the streaming audio.
Probably not enough for me to install the spyware though, I’ll keep using Discord via Firefox.
those disks were not spinning for maybe 3 weeks total
This is actually a good thing for longevity. Start up and stopping is the hardest part of a drive’s life. So you will see more failures on a personal PC that you turn off every night than a server drive running 24/7. Laptop drives will typically fare the worst as they may be power cycled many times a day, often fully stop when idle for power saving and get shaken much more than other drives.
Yeah, the music industry gets it and nearly everyone happily pays for Spotify as a result. Spotify is slowly enshitifying but it is still fairly convenient and has most things you would want to listen to.
I was on this train. I paid for Netflix for a handful of years. Really my only complaint is that I couldn’t share screenshots because of the DRM (you don’t want free advertising?). But then the selection went downhill, new seasons of shows I was watching started appearing on other services. The UI got worse and slow. I eventually started getting pissed off and was wondering why I was paying for a frustrating service.
I had a very similar arc for YouTube Premium a few years after that one, I must have been a subscriber for 5 years at least. But then it got worse and worse.
I don’t think this is a major “this is why people pirate”. Pirate sites also regularly get cracked (possibly more often the the average streaming service). It isn’t like bank details were leaked here so the only real difference is that in some pirate sites you don’t need a login at all.
Ah great, so a messenger run by a data hoarding giant that resists usage of anything but the proprietary non-free client.
IDK, what else do they use? Email has to be the least bad option. At least with email you can choose your provider (or be your own).
YAML is fine as a configuration language and ok data input language.
YAML is absolutely cursed as a programming language. As in Ansible has created a really shitty programming language inside of YAML. Should be burned with fire.
Yeah, I don’t think there are many benefits when keeping the key on the same drive. Other than a bit of obfuscation. It does still help with erasing, as you can wipe the keyslots (rendering the key useless) but with modern storage media deletion is fairly hard to ensure. But still better than unencrypted.
The short answer is that Docker (and other containerization technologies) share the Linux kernel with the host. The Linux kernel is very complicated and shouldn’t be trusted to be vulnerability free. Exploitable bugs are regularly discovered in the Linux kernel (and Windows and Darwin). No serious companies separate different tenets with just container technology. Look at GCP, AWS, DigitalOcean… they all use hardware virtualization which is much simpler and much more likely to be secure (but even then bugs are found on occasion).
So in theory it is secure, but it is just too complex to rely on. I say that docker is good for “mostly trusted” isolation. Different organizations in the same companies, different software that isn’t actively trying to be malicious. But shouldn’t be used to separate different untrusted parties.
IMHO Arch is actually a great choice. They do have a minimum update frequency you need to maintain (I don’t recall exactly, I think it is somewhere between 1 and 3 months) but if you do, and read the news before updates (and you are usually fine if you don’t, usually the update will just refuse to run until you intervene) things are pretty seamless. I had many arch machines running for >5 years with no issues and no reason to expect that it would change. This is many major version updates for other distros which are often not as seamless.
That being said I am on NixOS now which takes this to the next level, I am running nixos-unstable but thanks to the way NixOS is structured I don’t need to worry about any legacy cruft accumulating from the many years of updates.
And after all of that I don’t think it really matters. I think any major distro you pick, weather stable, release-based or LTS will be fine. They all have some sort of update path these days. (unlike in the past where some distros just recommended a re-install for major updates).
Only if they gain possession when the device is running with the drive decrypted and they keep it running the whole time. That is a lot higher bar then being able to turn the machine on at any time and then recover the key. For example if this is a laptop that you are flying with. Without auto-decryption you can simply turn it off and be very secure. With auto-decryption they can turn it on then extract the key from memory (not easy, but definitely possible and with auto-decryption they have as long as they need, including sending the device to whatever forensics lab is best equipped to extract the key).
It would be nice if there was a shortcut to go “back to previous site”. Because on one hand using back to navigate around map moves is often very convenient, but sometimes I want to go to the site before the map. Having a two-level history with page and site would be super useful.