6·
25 days agoDamned if they do, damned if they don’t?
Droolio
- 0 Posts
- 51 Comments
Joined 2 years ago
Cake day: June 12th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Are people not capable of forming their own opinion these days?
I’ve been happily using FF since v1 and the only issues I have every now and again is I may need to update my CustomCSSforFx - with my chosen customisations (i.e. keeping the tabs on the damn bottom). I regularly have 1000+ tabs loaded at any time (with Auto Tab Discard), uBlock Origin has never failed on me, and everything just works.
So, I really couldn’t give a monkeys what this clickbait article says. I’m not saying Mozilla is perfect, but when people complain about the privacy stuff, they’ve also forgotten FF is one of the only browsers that lets you turn that shit off.
The latest hysteria about FF adding Perplexity AI as a bloody search shortcut - no different to Wikipedia(!) - tells me all I need to know about other people’s opinions.
announced
What announcement? There’s been a new Personal Plus plan around for several months already - introduced without much fanfare, and simply brings the user count from 3 to 6 for a fixed small fee. Presumably this is due to feedback from personal users wanting to contribute something other than nothing.
Where do you see the free Personal plan has changed at all?
custom domain
From what I gather, this refers to the email address you sign up with.
If you use something like a non-gmail email address when signing up, it starts you off on the business plan with a trial (which you can instantly change to free). (Note: they’re gonna change this auto-detection thing with shared domains soon due to a security hole.)
I believe you can still use a custom domain (instead of the randomised *.ts.net provided one) with DNS lookups in your tailnet, on the personal (free) plan.
2·2 months agoDunno about Posteo or Mailbox but couldn’t really recommend a dedicated email provider as I alluded to earlier - cPanel gives me complete control, although it’s your own responsibility to set up mailboxes and configure it how you like. There’s a way to create a filter to give yourself a catch-all email (use a unique email address when signing up for things), and I turn off SpamAssassin as I prefer 100% deliverability and no false positives. If an email address ‘leaks’, I can simply blackhole it in cPanel.
Used to use Namecheap for domains but now Porkbun (much cheaper). Been using KeePass for a number of years too, but switching over to Bitwarden imminently. :)
The point is not to self-host email (not entirely anyway; you’ll always need an SMTP relay with good IP reputation, e.g. mailgun), but you can use a regular web hosting company and buy your own domain there or separately via porkbun etc… Your bank won’t have a clue what email you use, you’re just paying a web hosting co. / domain registrar.
I kinda wish more people would look beyond the big email providers that rely on proprietary apps and tech. Email is a set of open protocols but it was never designed to be secure and never will be. Proton et al can only offer e2ee within its boundary (GPG works just as well if you really need it) - for everything else (most stuff), it’s pretty pointless to try harden that.
For the last 26+ years, I’ve been hosting my email on simple cPanel, with my own domain name, 100% managed by myself. I have a catch-all / wildcard mailbox, get almost no spam (and can blackhole any address that leaks, as they inevitably do), and can access it in my own way (Roundcube, Thunderbird ftw.)
Right now, I use old-fashioned POP3 (so it’s deleted off the server), but could if I wanted, set up a local IMAP server with something like fetchmail and chain it together for more privacy and convenience. (Remember, you’re never gonna approach ee2e levels unless it’s in a proprietary system.) The most important thing; since the hosting company is responsible for email delivery, they use reliable third parties (think mailgun, sendgrid, brevo etc.) as part of the package.
Total control, cheap, and don’t ever have to rely on a big tech company (or a CEO getting political).
Do ignore me then, I assumed you might know the reference and only I mean’t it in good humour. :) (Without spoiling anything - in the unlikely event you might some day watch it - Mr Milchick is a character that uses ‘big words’. Your choice of words struck a chord.) I will say though, you’re seriously missing out. The cinematography alone is brilliant and the acting exceptional.
As you were, Mr Milchick.
More than just a traditional VPN. @Galapagon@sh.itjust.works was concerned about security and it being always-on. Tailscale is an overlay network that links devices directly, deals with authentication, punching holes through NAT.
You’re limiting yourself somewhat if you’re not able to plug in multiple drives at the same time. Otherwise, I might suggest mergerfs for basic JBOD. You won’t be able to use a single ZFS to avoid bit rot - only detect it. SnapRAID - ideal for offline setups - would be the next step up if you could dedicate one of your drives to parity.
In your position, I’d do Duplicacy backups split/spanned over multiple backup drives (however you connect them).
It has a pretty cool Erasure Coding feature that protects individual chunks from bit rot and possibly even bad sectors, plus the whole database-less architecture makes it very robust. De-duplication, high levels of compress, and encryption. Plus you can keep historic snapshots, so you can avoid the risk of accidentally sync’ing ransomware over the top.
Edit: the CLI is free for personal use, and is source-available. Written in Go and extremely performant.
my dad and I both have hypervisors. Any suggestions on how to share backups without a vpn?
Just use Tailscale on the devices instead of VPN. Secure and no faffing around with port forwarding.
15·4 months agoCrazy. Though I suspect the copy protection is done by the third party Termly, which hosts the policy.
To select the text (in Firefox), first right-click This Frame > Show Only This Frame. Press F12, expand <head>, find the second <style> block, right click it and Delete Note.
16·4 months agoMultiple backups may be kept.
Nice work, but if I may suggest - it lacks hardlink support, so’s quite wasteful in terms of disk space - the number of ‘tags’ (snapshots) will be extremely limited.
At least two robust solutions that use rsync+hardlinks already exist: rsnapshot.org and dirvish.org (both written in perl). There’s definitely room for backup tools that produce plain copies, instead of packed chunk data like restic and Duplicacy, and a python or even bash-based tool might be nice, so keep at it.
However, I liken backup software to encryption - extreme care must be taken when rolling and using your own. Whatever tool you use, test test test the backups. :)
313·4 months agoStill using Private Internet Access (PIA).
Honestly, dunno why they’ve fallen out of fashion due to the FUD about being owned by an unsavoury parent company, but the most important matter to me is if they keep logs, which they don’t. One of the few VPN companies tested on this, in court, and in a recent audit. Plus still extremely cheap (if you go for 3yr+3mo).
Port forwarding works with with this docker NAS stack. Doesn’t use gluetun, but there’s a specialised docker-wireguard-pia container as part of the stack, with a script that handles port changes. Been flawless.
There’s no point doing anything fancy like that - wireguard over Tailscale is pretty pointless, as Tailscale is literally wireguard with NAT traversal and authentication bolted on. Unless you enable subnetting, it can’t get more secure than that.
And even if you do enable subnetting (which you might wanna do if you need access to absolutely everything), you can use Tailscale ACLs to keep tighter control - say, from specific (tagged) devices.
Won’t take that long before the enshittification is complete.
WTF! How did it hit target already? Hope there wasn’t any bot farming involved…
Otherwise, pleasantly surprised!