A basic requirement most devices don’t meet is the ability to relock the bootloader. Other than Fairphone, Google Pixel and OnePlus basically no manufacturers allow unlocking and subsequently relocking the bootloader, which makes custom ROMs inherently less secure than stock. This keeps CalyxOS from most devices. LineageOS can’t be relocked and thus is able to support way more devices.

Others have pointed out more in-depth security requirements GrapheneOS specifically thinks of as mandatory (they do take security very seriously).

Yes. I like to leave the original link in the post body for that reason.

Sadly it’s not possible to provide links using Firefox Translate. People would have to translate it themselves (i.e. opening in a browser and clicking translate). Depending on the device they likely wouldn’t bother.

Agreed. In general people seem to like centralised platforms. They don’t want to sign up on another site for a specific purpose. They stick to what they know unless there’s good reason to change (mostly peer/ad/social media pressure I feel like).

In a way Lemmy is similar in that it’s a single platform to access all types of content. Given most people don’t care about the technical “how”, I can see why they like Discord and Reddit.

If you pay 10€ per month for a VPN, cancel and switch to something better. E.g. njalla always costs 5€/m with port forwarding.

https://njal.la/vpn/

If you’re on a private tracker with CGNAT you need to use a VPN to be able to port forward. Without port forwarding many will ban you.

It’s only an issue if the files aren’t properly named. If you’re using *arr this won’t be an issue. E.g. “Title (Year) - TMBD/TVDB ID” works flawlessly.

I wonder how much money Plex still makes through their lifetime purchases. Is it that they were struggling and then made bad business decisions with the aim on increasing revenue (ad supported video on demand)? Or was it the other way around?

In the 80s new systems usually came with new OSs, which required porting software it. Thus a lifetime license was practically limited.

I wouldn’t be as opposed to a subscription model if it was cheaper and they focused on their actual core product, not all the other fluff around. 5€/m is a bit much given they don’t pay for my bandwidth. And if they didn’t store my media info, history etc…

A few years ago I’d use sites in the order of rarbg > TGx > ext.to, although I’ve searched via qBittorrent.

I don’t think Usenet is really more difficult to use than Torrents. While writing I noticed you have to pay for a Usenet provider (and likely the indexer too), which does make it more difficult than torrent. But only if you live in a region where piracy is not persecuted and you can skip the VPN.

Usenet: You buy a provider and put it’s credentials into sabNZBd. You have an indexer, which gives you a .nzb, which you put into sabNZBd to download your files. If your provider is missing pieces the download might fail.

Torrent: You buy a VPN and bind qBittorrent to it. You have an tracker, which gives you a .torrent, which you out into qBittorrent to download your files. If there’s no seeder or you aren’t port forwarded the download might fail.

Meiner Erfahrung nach ist die Anzahl an deutschen Inhalten relativ begrenzt, da nur Inhalte von öffentlichen Trackern geladen werden können. Für englischsprachige Inhalte ist es aber wirklich genial.

To me there’s a major difference depending on the cost of the provided service. I don’t know what features crowdsec provides, but if it’s mostly providing lists and all the blocking etc happens locally, I don’t see how they lose much money on this free service. Gathering the lists is something they’d have to do anyway to service their paying customers.

If Cloudflare stopped making Cloudflare Tunnels free to use, I’d be more understanding since bandwidth costs them relevant amounts of money.

Es kommt aufs Threatmodel drauf an. Ich habe nicht per Monero bezahlt, dementsprechend hoffe ich einfach, dass sie nicht erwischt werden.

Da man aber nur NZB Dateien herunterlädt, die keine Urheberrecht geschützten Daten enthalten, sollte eine potentielle Klage sehr unrealistisch sein. Da man beim Usenet nur herunterlädt, kann man sowieso nur für den Wert des Films verklagt werden. Also z.B. 30€ pro Film, keine 300-900€ wie beim Torrenten.

Wenn es um anonymes bezahlen geht, ist Monero das Mittel der Wahl. Ich habe seit ein paar Jahren noch ein paar wenige Dutzend Euro in Monero übrig, die praktisch im Wert gleichgeblieben sind, d.h. es taugt als Zahlungsmittel verhältnismäßig gut. Es ist wichtig (Sicherheit, Anonymität), Monero im eigenen Wallet zu speichern, und nicht auf der Börse wo sie erworben wurden [1]. Stelle nur sicher, alle Passwörter etc zu speichern.

[1] https://www.getmonero.org/downloads/

If you pay for a VPN for torrenting anyway, make sure it supports por forwarding. It does not cost more (at least not much) and has no disadvantages.

ProtonVPN, AirVPN, IVPN, Njalla are great. Njalla has the same pricing model as Mullvad and similar privacy standards.

Memes always take over communities because of how much upvotes they receive. Also, they spark discusssions which sometimes are quite interesting (altough off topic).

Most public trackers don’t take uploads from unknown people to combat spam/malware.

If you create a torrent and enable DHT/PEX it might get indexed by something like btdigg.com for people to find. It won’t be available on sites like 1337x.to. The advantage is your free to create a single torrent or any other organization you desire.

Private trackers generally accept uploads or make it simple to request upload access. But they have upload rules you must follow.

If you want to automate uploading there’s Upload-Assistant. UA makes it easy by creating a proper name and uploading to multiple trackers automatically.

In any case you must have port forwarding configured to greatly increase the likelyhood of others actually being able to download from you. If you don’t want to do that on your router a VPN with port forwarding is the private option (ProtonVPN, AirVPN, IVPN, njalla and few others).

Pessimistisch würde ich jetzt davon ausgehen, dass alles was irgendwie geht zu den “klimafreundlichen 100 Milliarden” dazugezählt wird. Dann bleiben immer noch 400 Milliarden für fossiles, Straßen, und anderweitige Klimaschädliche Investitionen.

Wartet nur ab, bald gibt es eine neue klimafreundliche E-Auto-Spur auf dem Autobahnen, und schon ist man die nervigen Klimafreundlichen 100 Milliarden los. /s, zumindest hoffe ich das noch.

Hier sind paar Auszüge aus einer vom Vorposter verlinkten Seite [1], um zu zeigen, in welchen Fällen Angriffe auf medizinische Einrichtungen erlaubt sind.

Es ist wichtig zu erwähnen, dass vor entsprechenden Angriffen eine Warnung ausgesprochen werden muss. Außerdem muss genügend Zeit zur Evakuierung von Zivilisten bleiben. Ob und in welchem Umfang Israel das missachtet (hat), wird der IGH bei seiner Entscheidung berücksichtigt haben.

When [medical establishments and units] are used to interfere directly or indirectly in military operations, and thereby cause harm to the enemy, the rationale for their specific protection is removed. This would be the case for example if a hospital is used as a base from which to launch an attack; as an observation post to transmit information of military value; as a weapons depot; as a center for liaison with fighting troops; or as a shelter for able-bodied combatants.

An act harmful to the enemy may render a medical establishment or unit liable to attack; it may seriously endanger the wounded and sick entrusted to its care; and it may also engender distrust of the work of medical establishments or units in other cases, and thus lessen the protective value of IHL in general. […] A concrete example would be the placing of a medical establishment or unit in proximity to a military objective with the intention of shielding it from enemy’s military operations.

[1] https://www.icrc.org/en/document/protection-hospitals-during-armed-conflicts-what-law-says

Starlink als Backup, falls Glasfaser getrennt wird, direkt im Weißen Haus zu haben, halte ich für keine schlechte Idee. Nur scheinbar ist das nicht der Weg den sie einschlagen. In Washington DC wird es mit Sicherheit ein eigenes Netz für Behörden geben, dementsprechend ist der bessere Weg überall Glasfaser hinzulegen.

Starlink an Orten mit schlechtem WLAN einzusetzen kann ich überhaupt nicht nachvollziehen. Da scheint Musk wohl einen guten Preis ausgehandelt zu haben (für Musk).

In Deutschland holen wir Lobbyisten in die Regierung, in den USA direkt die Unternehmer. Effizient, ein Zwischenschritt weniger.

NixOS container is using systemd-nspawn/systemd container. Both are using Linux namespaces and cgroups.

A disadvantage of NixOS container is that it only supports rootful containers, i.e. root inside the container has the same privileges as root outside the container. This is also true for docker unless configured otherwise.

OCI containers (Docker, Podman) are often created by upstream themselves, which you might prefer.

I configure containers by using the podman backend (default) and virtualisation.oci-containers.conrainers, which supports rootless podman [1]. Imo rootless is the best and most secure way to run containers on NixOS.

Edit: I prefer NixOS packages if available and only use OCI (Docker) containers if not. The main reason being the simplified declarative configuration through NixOS options, which can also be used inside NixOS container.

[1] virtualisation.oci-containers.containers.<name>.podman.user