Salt from the seawater

In my very limited experience with my 5400rpm SMR WD disk, it’s perfectly capable of writing at over 100 MB/s until its cache runs out, then it pretty much dies until it has time to properly write the data, rinse and repeat.

40 MB/s sustained is weird (but maybe it’s just a different firmware? I think my disk was able to actually sustain 60 MB/s for a few hours when I limited the write speed, 40 could be a conservative setting that doesn’t even slowly fill the cache)

Your mileage may vary - your experience might be different for one reason or another

They’re not doing a recall, but that doesn’t mean they won’t somehow compensate big OEMs for their warranty issues.

Yes, that’s exactly the problem - there’s nothing wrong with the encryption used, but it’s IMHO incorrect to call it time-based when it’s “work-based” and it just so happens that the specific computer doing the encryption works at a given speed.

I don’t call my laptop’s FDE time-based encryption just because I picked an encryption that takes it 10 seconds to decrypt the key.

def generate_proof_of_work_key(initial_key, time_seconds):
    proof_key = initial_key
    end_time = time.time() + time_seconds
    iterations = 0
    while time.time() < end_time:
        proof_key = scrypt(proof_key, salt=b'', N=SCRYPT_N, r=SCRYPT_R, p=SCRYPT_P, key_len=SCRYPT_KEY_LEN)
        iterations += 1
    print(f"Proof-of-work iterations (save this): {iterations}")
    return proof_key


def generate_proof_of_work_key_decrypt(initial_key, iterations):
    proof_key = initial_key
    for _ in range(iterations):
        proof_key = scrypt(proof_key, salt=b'', N=SCRYPT_N, r=SCRYPT_R, p=SCRYPT_P, key_len=SCRYPT_KEY_LEN)
    return proof_key

The first function is used during the encryption process, and the while loop clearly runs until the specified time duration has elapsed. So encryption would take 5 days no matter how fast your computer is, and to decrypt it, you’d have to do the same number of iterations your computer managed to do in that time. So if you do the decryption on the same computer, you should get a similar time, but if you use a different computer that is faster at doing these operations, it will decrypt it faster.

It’s a very short Python script and I’m confident I get the general idea - there’s absolutely nothing related to current time in the decryption process. What they refer to as a “time lock” is just encrypting the key in a loop (so the encrypted key from one loop becomes the plain text for the next one) for the specified duration and then telling you how many iterations were done. That number then becomes a second part of the password - to decrypt, you simply provide the password and the number of iterations, nothing else matters.

Right, now get a borderline computer-illiterate person to connect to your network, ensure their firewall isn’t misconfigured to block all incoming traffic (with TeamViewer, this configuration would still work because the device just connects to the TV server) and open and set up a completely separate screen sharing program.

I know none of these steps are difficult if you have any idea what you’re doing, but I’ve met plenty of people who would most likely need assistance going through the motions. Funnily enough, the best way to do it remotely would probably be to get them to install TeamViewer to then set this up for them remotely.

By the way, as far as networking goes, Tailscale does the same thing TeamViewer does, just for a VPN instead of a screen sharing application - it will try to do all the NAT punchthrough techniques and IPv6 connection and fall back on tunneling through relay servers if all else fails. It’s not any more of a direct connection than TV.

Convenience (after you install it, all you have to do is enter the code and you’re connected, no other setup required), familiarity (it’s the default name people will think of or find if they want remote access - that alone means they can get away with pushing their users slightly more) and - IMHO most importantly - connectivity: if two computers can connect to the TeamViewer servers, they will be able to connect to each other.

That’s huge in the world of broken Internet where peer to peer networking feels like rocket science - pretty much every consumer device will be sitting behind a NAT, which means “just connecting” is not possible. You can set up port forwarding (either manually or automatically using UPnP, which is its own bag of problems), or you can use IPv6 (which appears to be currently available to roughly 40% users globally; to use it, both sides need to have functional IPv6), or you can try various NAT traversal techniques (which only work with certain kinds of NAT and always require a coordinating server to pull off - this is one of the functions provided by TeamViewer servers). Oh, and if you’re behind CGNAT (a kind of NAT used by internet providers; apparently it’s moderately common), then neither port forwarding or NAT traversal are possible. So if both sides are behind CGNAT and at least one doesn’t have IPv6, establishing a direct link is impossible.

With a relay server (like TeamViewer provides), you don’t have to worry about being unable to connect - it will try to get you a direct link, but if that fails, it will just act as a tunnel and pass the data between both devices.

Sure, you can self host all this, but that takes time and effort to do right. And if your ISP happens to use CGNAT, that means renting a VPS because you can’t host it at home. With TeamViewer, you’re paying for someone else to worry about all that (and pay for the servers that coordinate NAT traversal and relay data, and their internet bandwidth, neither of which is free).

Are you sure you didn’t set DNS directly on some/all of your devices? Because in that case they won’t care about the router settings and will use whatever you set them to.

Also as the other commenter said, DNS changes might not propagate to other devices on the network until the next time they connect - a reboot or unplugging the cable from your computer for a few seconds is a dirty but pretty OS agnostic way to do that.

No worries, nothing wrong with not knowing everything about every random subject. I would like to apologize for being overly harsh, I assumed that people in c/opensource would have general knowledge of this definition, but that assumption was clearly bad. So again, sorry.

I assume the term is misused often.

Yes, companies sometimes do that. Open source is marketable as a guarantee that you won’t fully lose access to a piece of software, and there aren’t any real consequences of misusing it. But there’s also a scheme called dual licensing where the software is available under two licenses - one license is open source but annoying for commercial use, and the other is a “normal” proprietary license under which businesses can buy the code. This is fine (as long as the provider has copyright to all the code being dual licensed) and is pretty common and makes the software open source.

But “open source” doesn’t even mean that you can reproduce it or use it for free.

You’re thinking of source-available licenses. Open source has a clear and widely accepted definition that requires a certain level of freedom. You’re free to ignore this definition, but you can’t expect the rest of the world to do the same.

To be clear, open source allows for only providing access to paying customers, but those paying customers are then free to use and distribute their copies without any further payment. Then it wouldn’t be open source anymore.

I mean, it’s called “LaTeX by example”, so there’s a pretty good chance it’s written in LaTeX, which you do indeed compile to get the PDF or whatever output you want.

Also, just having access to the source doesn’t make it open source - that requires more freedoms. For example, here’s GitLab Enterprise Edition source code, fully functional and ready to be used. And also officially described as the proprietary edition of GitLab by the GitLab company itself. Why? Because its license pretty much boils down to “you can use this only for testing and development, unless you have paid for it”.

See? Hidden in an image, clearly that’s steganography! /s

So, if I understand this correctly, open source means free beer, just not if you sell the end product.

Yes, once you give the beer to someone, you can’t require any further payments no matter what they do with it. Free software philosophy says users are free to use the software however they wish and for whatever purpose they wish without any barriers (like having to pay for commercial use).

its all a scam for free work for corpos then. Very disappointing.

I’m sorry you feel that way, and it’s becoming a not-so-rare sentiment lately (or at least I’ve started noticing it more), but I don’t agree. Look at (A)GPL and how many companies are doing their best to avoid such code - like when Google made their own C library for Android and even stated that its main goal was to avoid copyleft licenses. I’ve also seen plenty of people say that GPL code is pretty much useless for their work due to their company’s policies forbidding its use.

I also think that revenue-based loyalties screw over small companies the most - sure, you get the donations from the massive companies that can work with 1% of their revenue gone while also keeping it free for non-commercial users, but in my view you also help those same massive corporations by making the software less viable for their smaller competitors who don’t have the economies of scale on their side, and for whom that 1% might legitimately break the bank.

And to be clear, I don’t mean any of my arguments as some kind of “gotcha! Look, I’m right and you’re wrong”, I just thought I might share my reasoning for why I don’t think your statement is fair.

Here’s Stallman’s/FSF’s view on requiring loyalties (lol) royalties (read the whole section, it’s explicitly stated at the end), and here’s similar requirement in OSI’s Open source definition.

You are free to use whatever license you wish, but don’t call it FOSS/Open source if you don’t agree with their definitions.

I’m pretty sure all of those entries are in the same /12 network - 172.16.0.0/12. Apparently there’s nothing wrong with it, but I think you can significantly simplify that config by just removing all the extra ones

I kinda doubt there’s going to be any outside contributions to this project, so any non-exclusive license would allow MS to rerelease this under a proprietary license - even the GPL. They own the copyright, so they can release it under as many licenses as they wish.

With software there’s way lower barrier to entry and way higher chance of having the patches accepted. With art… Good luck convincing MS that your version of the emoji is worth the hassle of losing the ability to just change the license at any moment.

Because of the built-in SSD, I could also sell the external SSD and buy an 8-12tb HDD instead.

If you’re going for a 3.5" HDD, then you’ll most likely have to look for a bit bigger form factor than TinyMiniMicro (Lenovo Tiny / HP Mini / Dell Micro series) - these computers can’t fit a 3.5" HDD.

If size isn’t a major concern, I’d go for the SFF variants of these computers - they are often cheaper than minis for same specs, but probably have a bit larger idle power draw and take up more space. As a bonus upside, you get some small PCIe slots in these computers, so yay for expansions.

On the other hand, it’s also worth noting that newer RAM generations are less and less susceptible to this kind of attack. Not because of any countermeasures, they just lose the data without constant refreshing much quicker even when chilled / frozen, so the attack becomes impractical.

So from DDR4 up, you’re probably safe.