Something you might want to look into is using mTLS, or client certificate authentication, on any external facing services that aren’t intended for anybody but yourself or close friends/family. Basically, it means nobody can even connect to your server without having a certificate that was pre-generated by you. On the server end, you just create the certificate, and on the client end, you install it to the device and select it when asked.

The viability of this depends on what applications you use, as support for it must be implemented by its developers. For anything only accessed via web browser, it’s perfect. All web browsers (except Firefox on mobile…) can handle mTLS certs. Lots of Android apps also support it. I use it for Nextcloud on Android (so Files, Tasks, Notes, Photos, RSS, and DAVx5 apps all work) and support works across the board there. It also works for Home Assistant and Gotify apps. It looks like Immich does indeed support it too. In my configuration, I only require it on external connections by having 443 on the router be forwarded to 444 on the server, so I can apply different settings easily without having to do any filtering.

As far as security and privacy goes, mTLS is virtually impenetrable so long as you protect the certificate and configure the proxy correctly, and similar in concept to using Wireguard. Nearly everything I publicly expose is protected via mTLS, with very rare exceptions like Navidrome due to lack of support in subsonic clients, and a couple other things that I actually want to be universally reachable.

I envy your life, as it feels like every year the browser assimilates and consumes more and more.

A direct case was not reported in the UK in recent years, but evidence of very likely polio transmission was found in sewage samples two years ago:

https://nationalpost.com/news/world/polio-virus-found-in-uk-sewage-samples-risk-to-public-low

A similar situation happened in New York where an actual case was found a month later:

https://www.reuters.com/world/us/polio-found-new-york-wastewater-state-assesses-virus-spread-2022-08-01/

The short of it is, when vaccination rates fall, Polio can be reintroduced via transmission of the live virus found in the oral vaccine, usually taken in poorer countries. If someone were to take the oral vaccine and then immediately travel to a country with lessening vaccination rates, like is currently happening in the west due to the spread of right-wing conspiracy mongering, the live virus still in the vaccinated individual has a low but not zero chance of propagating to the unvaccinated or immune-compromised population there. Samples containing these vaccine-derived viruses are found a few times per year in most places, and it’s a weaker virus so often it leads to no symptoms, but in very rare instances it does take hold with the expected effect:

https://www.who.int/emergencies/disease-outbreak-news/item/2022-DON366

Despite individual cases of polio turning up, either via direct reporting or evidence found elsewhere, it would still be correct to describe polio as being “eradicated” in these countries, at least currently. Nobody is confused by this or demands reclassification of the status of polio.

I don’t follow. We regularly refer to polio as being “eradicated”, even though there have still been documented (but exceptionally rare) cases of polio transmission even in western countries over the last couple decades. That actually sounds like a perfectly apt comparison for the goals of prison abolition, just not in the way you intended.

In short, prison abolition isn’t about abolishing prisons?

Bad name choice in my opinion, as it immediately makes me think: what a dumb idea.

This is kind of like saying being anti-war is a dumb idea because there will surely always be wars fought in defense. Being anti-war isn’t necessarily being an absolute pacifist. It’s about opposing war and striving towards a future where war is a relic of the past. Everybody understands this, but struggles to apply the same logic to other topics.

Striving for intentionally utopian and impossible ideals is a great idea, actually, as long as you recognize it for what it is. I’m a prison abolitionist. Ultimately what I strive for is a society that doesn’t need prisons. I don’t know if total prison abolition is possible, but worst case scenario, we get as close as possible. What’s so bad about that?

Similarly, I’m a communist, in the classical anarchist sense: abolition of state, class, and money. Are these things possible? Maybe not. In fact, probably not, at least not in any timeframe where humanity will be recognizable to us, as it would require true peace between all people and absolute post-scarcity in every way available to everyone. But worse case scenario, we get as close as possible.

Ultimately, adopting a utopian ideal is a recognition that the struggle to do better never ends. We’re never “done”. There’s no end of history. Even if we do somehow achieve it, it must be maintained.

You’re greatly overestimating how many people that is; additionally, it was largely people that aren’t very committed to FOSS that got mad. The project maintainers and most users are fine with it. People who are committed to FOSS ideals are overwhelmingly progressive to leftist. That’s why those codes of conduct were added in the first place, and were largely uncontroversial amongst most actual contributors of those projects.

Agree with the former, not the latter.

Seconding this, I do the same. It’s a terrible sign that it took me longer to figure out how to successfully create VLANs and assign them to SSIDs in OpenWRT, which is a fairly simple concept, than it took me to learn basically anything about OPNSense, a vastly more powerful and complex tool.

I appreciate OpenWRT for giving me FOSS firmware I can slap on my AP, and I certainly don’t want to come across as entitled to the free labor of the developers, but it’s just objectively not very good from a UI/UX perspective.

No that’s true, open source is superior is proprietary

“Let’s remove the social element of our social movement”

Great so what’s left at that point, the free value FOSS provides to corporations?

Criticizing people’s past and current actions relating to the subject and bringing up their direct history relavent to the subject is not a personal attack, nor is it out of line to point out he does his to advance his political agenda within the project, which is why he got banned in the first place. All of this directly relates to the subject at hand.

You know what doesn’t relate to the subject at hand? Your random little “sjw gender terrorists” comment. But it does make it rather clear why you want to obfuscate the facts about Srid’s history with the project, subsequent ban, and continued amplification of drama and general shit-stirring ever since.

You made one reply to me whining that I attacked the person by pointing out his beliefs, and then made another reply to me about “gender terrorist SJWs”. Do you just lack any form of self-awareness?

I attacked his beliefs which is perfectly valid. You should critically examine the motives and biases of people who feed you information.

You should know that the guy you cited in the second link, Srid, is a well-known right-wing shit-stirrer who is banned from basically all NixOS spaces because he cannot peacefully coexist. He literally gets up day after day with the seemingly sole purpose of fueling drama and causing problems. Don’t take his opinion at face value, he wants to see the project burn down and this colors his interpretation of events.

NixOS is going through a rocky moment for sure, but there’s no indication it will implode currently.

Whatever you get for your NAS, make sure it’s CMR and not SMR. SMR drives do not perform well in NAS arrays.

I just want to follow this up and stress how important it is. This isn’t “oh, it kinda sucks but you can tolerate it” territory. It’s actually unusable after a certain point. I inherited a Synology NAS at my current job which is used for backup storage, and my job was to figure out why it wasn’t working anymore. After investigation, I found out the guy before me populated it with cheapo SMR drives, and after a certain point they just become literally unusable due to the ripple effect of rewrites inherent to shingled drives. I tried to format the array of five 6TB drives and start fresh, and it told me it would take 30 days to run whatever “optimization” process it performs after a format. After leaving it running for several days, I realized it wasn’t joking. During this period, I was getting around 1MB/s throughput to the system.

Do not buy SMR drives for any parity RAID usage, ever. It is fundamentally incompatible with how parity RAID (RAID5/6, ZFS RAID-Z, etc) writes across multiple disks. SMR should only be used for write-once situations, and ideally only for cold storage.

When people recognize they were wrong about something, as smugly satisfying as it may be it’s not actually helpful to tell them that they should have been correct sooner.

Refurbished drives get their SMART data reset during the process, they absolutely had more than that originally.

I’ve got a Protectli VP2420 running OPNSense at home, which has 4x Intel i225-V 2.5gbe running on a weaker Celeron J6412, and I was able to get the expected iperf performance of ~2.35gbps from some brief testing between two directly connected machines. I didn’t really do any deeper testing than that though, and I’m not currently doing any crazy threat detection stuff.

I don’t know, that sounds like hard, thankless work that will take years of consistent effort, dealing with countless setbacks and losses but not giving up, before finally achieving our goals of making real and meaningful change. What if instead if that I just don’t buy Starbucks, will that work?

Plants aren’t sentient. When we say they “feel pain” and “communicate” we don’t mean like sentient creatures. We just don’t have better words to accurately convey the mechanics at play here. Computers also “communicate”.