The most annoying part for me is the fact that none of them have the capability for annual recurring donations. It’s literally monthly or ad-hoc, which is fucking stupid and basically hands more fees to the banks.

Librepay/Forgejo had the best I’ve seen, which encouraged me to double my donation (to minimize fees) and said it’d remind me in 2 years.

With 700 million bots conducting marketing and psychological warfare ops it is!

FYI ^ Sunny — I suggest you query your LAN routing config with Tailscale specific support, discord, forums, etc. I’m 99% certain you can fix your LAN access issues with little more than a reconfig.

vyatta and vyatta-based (edgerouter, etc) I would say are good enough for the average consumer.

WTF? What galaxy are you from? Literally zero average consumers use that. They use whatever router their ISP provides, is currently advertised on tech media, or is sold at retailers.

I’m not talking about budget routers. I’m talking about ALL software running on consumer routers. They’re all dogshit closed source burn and churn that barely receive security updates even while they’re still in production.

Also you don’t need port forwarding and ddns for internal routing. … At home, all traffic is routed locally

That is literally the recommended config for consumer Tailscale and any mesh VPN. Do you even know how they work? The “external dependency” you’re referring to — their servers — basically operate like DDNS, supplying the DNS/routing between mesh clients. Beyond that all comms are P2P, including LAN access.

Everything else you mention is useless because Tailscale, Nebula, etc all have open source server alternatives that are way more robust and foolproof to rolling your own VPS and wireguard mesh.

My argument is that “LAN access” — with all the “smart” devices and IoT surveillance capitalism spyware on it — is the weakest link, and relying on mesh VPN software to create a VLAN is significantly more secure than relying on open LAN access handled by consumer routers.

Just because you’re commenting on selfhosted, on lemmy, doesn’t mean you should recommend the most complex and convoluted approach, especially if you don’t even know how the underlying tech actually works.

What is the issue with the external dependency? I would argue that consumer routers have near universal shit security, networking is too complex for the average user, and there’s a greater risk opening up ports and provisioning your own VPN server (on consumer software/hardware). The port forwarding and DDNS are essentially “external dependencies”.

Mesh VPN clients are all open source. I believe Tailscale are currently implementing a feature where new devices can’t connect to your mesh without pre-approval from your own authorized devices, even if they pass external authentication and 2FA (removing the dependency on tailscale servers in granting authorization, post-authentication).

I believe this is what some compression algorithms do if you were to compress the similar photos into a single archive. It sounds like that’s what you want (e.g. archive each day), for immich to cache the thumbnails, and only decompress them if you view the full resolution. Maybe test some algorithms like zstd against a group of similar photos vs individually?

FYI file system deduplication works based on file content hash. Only exact 1:1 binary content duplicates share the same hash.

Also, modern image and video encoding algorithms are already the most heavily optimized that computer scientists can currently achieve with consumer hardware, which is why compressing a jpg or mp4 offers negligible savings, and sometimes even increases the file size.

deleted by creator

Chris Berg is a professor of economics at the RMIT Blockchain Innovation Hub.

Worthless opinion piece is worthless.

Removed by mod

So source available. Not open source. Got it!

Maybe the difference is that the signal developers aren’t rich people flying around the EU on private jets? Maybe there’s no value in targeting the signal devs because they can’t legally be expected to moderate chats they literally can not access? Maybe it’s not worth backdooring because it’s open source?

For real. We already know Microsoft is a leader in data collection, economic espionage, and surveillance capitalism. We know for a fact they gave secret police real-time backdoors into their systems and all data they hold the encryption keys to.

Don’t do this. It’s illegal in most countries and could result in criminal charges.

Instead, DM them and ask “Hey, is your password for x still y”? That’s usually enough for people to feel vulnerable and start to take this shit seriously.

I actually did something similar to this before. After a breach I torrented the data to query my own creds (old passwords were leaked, from my pre random gen password manager days). I then searched my friend’s emails and messaged them asking them if their password was still “xyz”. I got a lot of “bro, wtf!?!” that day!

If they agree that Trump/Republicans are fascist, ask them why they think it’s an acceptable risk to allow the government to construct the most pervasive and advanced surveillance state that has ever existed for fascism — a system so advanced it would make Himmler cream his pants — why build big brother so all they have to do is simply take over, turn a key, and use it against the world?

If they’re insane and think Trump/Republicans are the good guys, repeat the above but swap out the perpetrator for liberals/trans/immigrants, or whatever “other” is the flavor of the week.

If they’re not American, ask them what they think will happen if the world’s strongest ever superpower — a kleptocratic failed state, straddling the knifes edge of fascism — with a secret police who have backdoor access to the tracking device in their pocket, all their data, and all their historic communications — became a fascist dictatorship? … Point out how “woke” they are (sex before marriage, gay marriage, whatever) … and ask them how comfortable they would be if the tens of thousands of people working at the NSA/CIA were converted into fascist “troll farms”, and started using AI and analytics of all their personal data, to unilaterally wage a cyber war on everyone they deem “woke”? Do they think their government or military could defend them from a bad actor that has the ability to hack anyone on Earth… A bad actor who, if they want you out of the picture, just has to remote into your machine, download some child porn, and tip off the local police… Good luck trying to prove your innocence. You don’t even know what most of those words mean! You weren’t even aware that this was a possibility 30 seconds ago!

Html is as private as any language — only private when secret (encrypted) — so your comment is a worthless “vacuous truth”.

If you only included projects created in the last 2 or 5 years rust would be ahead of C/C++, possibly ahead of all other strongly typed langs. Kotlin is usually chosen explicitly for modern Android and Java lib interoperability.

I would be willing to wager that within the next 1-2 decades, LLM transpilation will be used to replace most C/C++ code, too. LLM’s can’t be trusted to write code, but they can be trusted to transpile in combination with TDD. If a codebase is already well tested then transpilation is many orders of magnitude easier.

FYI. As someone who has only seen good work from the ACLU, If you don’t explain what they did that you consider wrong, I’m gonna assume you’re potentially a mentally ill lunatic, rather than having rational grievances.

This is why privacy policies are a virtue signaling joke. They all start with “we respect your privacy” which is so objectively, categorically, false 99% of the time that it should be considered illegal (e.g. false advertising) for the org to even associate those words with their business, in any capacity. Every evilcorp has one policy that is hundreds of pages long and covers everything they ever have done, and ever will do, across every subsidiary and product of the entire umbrella organization. The whole privacy policy system is designed so every consumer rubber stamps them and legally absolves the corporation for everything they will ever do, because it’s impossible for any human to read or understand them. By impossible I mean literally impossible – you would need more than a lifetime to read them, let alone comprehend them…

If we didn’t live in a capitalist dystopia, privacy policies wouldn’t be needed most of the time, because data laws qould be so comprehensive they explicitly apply for 99% of interactions, and every system would be designed from the ground up for zero trust (e.g. all data is E2EE). But in the 1% of cases where they are needed they’re dynamically generated from templates, based on a users current preferences/settings. The “use X app” policy would be different from the “integrate all of my other various PII linked services to my account” policy. In the case of a completely offline calculator, with no API, and no telemetry/analytics (or them all disabled by default) the policy would not even be a link; just a one-liner that says “App can be used with zero data collection”. If you download the app and choose to enable a data collection setting, that’s when you would be shown the policy related to the specific data points that setting relates to.

So, every “intelligence agency” should release all information that exists about their entire surveillance apparatus, all of their spies, and activities? I’m on board!

Also, post a link to a 24/7 stream of your bathroom. If you’ve got nothing to hide, you’ve got nothing to fear… right?