Comments

This profile is from a federated server and may be incomplete. Browse more on the original instance.

BearOfaTime, (edited ) to privacy in Privacy benefits of Custom roms

DivestOS (a Lineage fork) permits you to run MicroG as a user app, so it can be run within a user profile (e.g.the work profile).

How do you think this compares to the Graphene approach? (This stuff is above my pay grade, hence the question).

DivestOS.org

Edit: Divest is only available for a handful of devices, fewer than what Lineage supports.

BearOfaTime, to selfhosted in The "safest" way of self hosting

Something like Wireguard, Tailscale (uses Wireguard but provides easier administration), Reverse Proxy, VPN, are the best approaches.

Since OP doesn’t need for anyone else to access, I’d use Tailscale (Wireguard if you want a little more effort). Tailscale has a full self-host option with Headscale, though I have no problem with letting them provide discovery.

With Tailscale, you don’t even need the client on devices to access your Tailscale network, by enabling the Funnel feature. This does something similar to Reverse Proxy, by having a Web-exposed service hosted by Tailscale which then routes traffic (encrypted) to your Tailscale network.

BearOfaTime, to selfhosted in Starting over and doing it "right"

Since their modem is handing out DHCP addresses, is there any reason why you couldn’t just connect that cable to your router’s internet port, and configure it for DHCP on that interface? Then the provider would always see their modem, and you’d still have functional routing that you control.

Since consumer routers have a dedicated interface for this, you don’t have to make routing tables to tell it which way to the internet, it already knows it’s all out that interface.

Just make sure your router uses a different private address range for your network than the one handed out by the modem.

So your router should get a DHCP and DNS settings from the modem, and will know it’s the first hop to the internet.

I do this to create test networks at home (my cable modem has multiple ethernet ports), using cheap consumer wifi routers. By using the internet port to connect, I can do some minimal isolation just by using different address ranges, not configuring DNS on those boxes, and disabling DNS on my router.

BearOfaTime, to selfhosted in Tailscale help needed

Have you looked at using the Funnel feature in Tailscale, instead of port mapping? This gets external traffic onto your Tailscale network (for anyone who doesn’t have Tailscale) for specific resources, courtesy of Tailscale servers.

If you’re just going to open ports to the world, Tailscale isn’t really necessary (it’s useful for you and anyone on TS, since you can use the Serve feature to permit other Tailscale networks to have access to specific resources).

BearOfaTime, (edited ) to selfhosted in Advice for buulding a cheep NAS

For the money you’ll spend on drives, you may be able to pay for a year of space at somewhere like www.storj.io, and use something like Duplicati to backup to them.

Because even with a shiny new NAS, you’ll still need backup for it when it crashes, something is accidentally deleted, a drive hiccups and loses data, etc.

If you already have some stuff sitting around, spin up an UnRAID/TrueNAS, but still have a backup solution.

BearOfaTime, (edited ) to privacy in Here's what telegram's founder say about Whatsapp's privacy

Simplex - requires nothing, just install. But you connect with other people by sending a code outside of SimpleX. Though they’ve added a directory service for groups.

XMPP

Wire (not Wiremin), though it requires an email account, which is easily addressed with a disposable email.

Signal is very secure from what I’ve read, despite the phone number identifier.

BearOfaTime, to selfhosted in Streaming local Webcam in a Linux machine, and acessing it when on vacations - which protocol to choose?

Setup Tailscale on your machine at home and on your Android device. It’ll provide a virtual encrypted network between your devices.

Not sure what video performance across it will be like, I’m sure there’s a bit of overhead.

BearOfaTime, (edited ) to piracy in Me vs my ISP

On the flip side, direct open ports to your home network isn’t really a great idea anyway.

At one time it wasn’t as bad, but today I’d be hesitant because of the number and capability of bad actors and I’m not a network security expert (though I have a lot of training in networks, just shy of that kind of expertise).

In a way, these restrictions have promoted the use of even more secure approaches, like using Cloudflare tunnels, VPS’s with VPN connections to your network, or things like Wireguard/Tailscale, which provide a virtual (encrypted) network layered on top of the public (untrusted) network.

All of these can provide an externally controlled (secured and encrypted) access to specific resources within your own network. As mentioned, VPS with VPN, Cloudflare tunnels, or Tailscale Funnel or Share.

BearOfaTime, to privacy in Blocking app access to the internet

DivestOS seems to give a nice balance between vanilla Android and Graphene. I really like it.

BearOfaTime, to piracy in Beeper Mini

Signal is more secure.

It’s nowhere near as convenient as Telegram, the clients on each OS are at best OK.

Show me conversation history when I login to Signal desktop. Oh, yea, it doesn’t do that. Is there even a web login?

From a typical user standpoint, Signal looks like text messaging, and that matters to them. And it’s not simple to manage.

Signal is coming along, and I look forward to when it’s mature enough that I can get people to use it (again). But they also made a massive mistake in dropping SMS support. That was my best tool to get people to switch. When they dropped SMS, those folks all left signal.

BearOfaTime, to asklemmy in Which items/products were you once able to get from local shops on a whim that you now more or less have to order online?

Old spice has come back around… Haven’t you seen the commercials? 😁

BearOfaTime, to privacy in Police across Britain equipped with live facial recognition bodycams

A large portion of Americans everyone too.

BearOfaTime, to piracy in I finally uploaded a whole terabyte in a single session. I'm a super seeder!

My cable modem consumes about 10-20w (I’ve done monitoring). This while a single file server is continually backing up to Crashplan (about 700GB this month so far). So I don’t even see my cable modem in my power bill.

My file server is much worse - on average it’s consuming about 100w (or 2400wh/day). I’ve done the math several times, that’s about $1/day. It’s the box that’s syncing with all my devices, and then backing up to Crashplan.

BearOfaTime, to selfhosted in Termius alternative ?

Tailscale just solves so many these types of problems.

With a virtual network, you mo longer need tools that work over the internet - just use the same tools as you would on a LAN.

I’ve used Hamachi this way on windows since about 2006. I’ve waited for an Androidi/iOS client, but it never appeared. Glad to see Wireguard/Tailscale step in to fill that gap, and it’s self-hostable!

BearOfaTime, to selfhosted in Starting over and doing it "right"

Lol, sarcasm received, loud n clear!

Yea, they all suck that way. I still use my own router for wifi. It’s just routing, and your own router will know which way to the internet, unless there’s something I don’t understand about your internet connection. See my other comment below.

Yea, requirements mapping like this is standard stuff in the business world, usually handled by people like Technical Business/Systems Analysts. Typically they start with Business/Functional Requirements, hammered out in conversations with the organization that needs those functions. Those are mapped into System Requirements. This is the stage where you can start looking at solutions, vendor systems, etc, for systems that meet those requirements.

System Requirements get mapped into Technical Requirements - these are very specific: cpu, memory, networking, access control, monitor size, every nitpicky detail you can imagine, including every firewall rule, IP address, interface config. The System and Technical docs tend to be 100+/several hundred lines in excel respectively, as the Tech Requirements turn into your change management submissions. They’re the actual changes required to make a system functional.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • localhost
  • All magazines
  • Loading…
    Loading the web debug toolbar…
    Attempt #