Research what happened to Upstart, Mir or Unity. It won’t take long until snap becomes one of them. Somebody at canonical seems to desperately obsess over having something unique, either as a way to justify canonicals existance or even in the hopes of making the next big thing. Over all these years they never learned that whatever they do exclusively will always fall short of any other joint efforts in the linux world, because they always lack the technical advances, ability/will to push it for a prolonged time and/or the non-proprietary-ness. So instead of collaborating like every serious linux vendor, they’re polluting their distro with half-assed, ever changing and unwanted experiments. They’re even hijacking apt commands to push their stupid snap stuff against the users intent. With the shengians they’re pulling Ubuntu cannot be relied on, and with that they’re sabotaging their own success and drive away any commercial customers that generate revenue.

This is the correct answer, every device you use a bitwarden-client regularly on automatically becomes a backup

Also I think nobody so far weighed the energy consumption of e.g. using copilot against the environmental footprint of a human doing the legwork manually

Specifically the shitty IPU6 situation is on Intel, and is invariant to any laptop manufacturers. I also have a Thinkpad X1 with that issue. So for that the situation that one manufacturer would support it properly (i.e. upstream) and others don’t can’t exist, as soon as anybody puts it upstream it works for everybody. Thankfully there’s some progress (search for libcamera) and in the not too distant future it should work ootb. For fingerprint readers it is a different story though, as there are many different ones, so that one is on Dell indeed

One possibility would be Huginn I guess https://github.com/huginn/huginn

You have this view because your hardware is from an era where fingerprint reader largely weren’t a thing and webcams were connected via internal usb. The issue is not that the Linux kernel drops anything (between you and op, you’re the one with the old hardware). The issue is, that fingerprint readers became a commodity without ever gaining universal driver support, and shengians like Intel pushing its stupid IPU6 webcam stuff without paving the way upstream beforehand

As far as I understand, in this case opaque binary test data was gradually added to the repository. Also the built binaries did not correspond 1:1 with the code in the repo due to some buildchain reasons. Stuff like this makes it difficult to spot deliberately placed bugs or backdors.

I think some measures can be:

• establish reproducible builds in CI/CD pipelines
• ban opaque data from the repository. I read some people expressing justification for this test-data being opaque, but that is nonsense. There’s no reason why you couldn’t compress+decompress a lengthy creative commons text, or for binary data encrypt that text with a public password, or use a sequence from a pseudo random number generator with a known seed, or a past compiled binary of this very software, or … or … or …
• establish technologies that make it hard to place integer overflows or deliberately miss array ends. That would make it a lot harder to plant a misbehavement in the code without it being so obvious that others note easily. Rust, Linters, Valgrind etc. would be useful things for that.

So I think from a technical perspective there are ways to at least give attackers a hard time when trying to place covert backdoors. The larger problem is likely who does the work, because scalability is just such a hard problem with open source. Ultimately I think we need to come together globally and bear this work with many shoulders. For example the “prossimo” project by the Internet Security Research Group (the organisation behind Let’s Encrypt) is working on bringing memory safety to critical projects: https://www.memorysafety.org/ I also sincerely hope the german Sovereign Tech Fund ( https://www.sovereigntechfund.de/ ) takes this incident as a new angle to the outstanding work they’re doing. And ultimately, we need many more such organisations and initiatives from both private companies as well as the public sector to protect the technology that runs our societies together.

Well you must have either set up a port redirect (ipv4) or opened the port for external traffic (ipv6) yourself. It is not reachable by default as home routers put a NAT between the internet and your devices, or in the case of ipv6 they block any requests. So (unless you have a very exotic and unsafe router) just uhhh don’t 😅 To serve websites it is enough to open 443 for https, and possibly 80 for http if you want to serve an automatic redirect to https.

That’s odd, I upgraded my ender 3 with bed leveling and removed the knobs to mount it fixed, because the damn knobs keep moving and then you have to redo the bed calibration. To be honest I can imagine one reason might be that a loosely mounted bed gives you more fault tolerance against the nozzle being too low. I put my bed on two parallel linear rollers for more rigidity, and combined with dual z screws the nozzle has no chance anymore to produce any sort of first layer when it is slightly too low. That made me realize just how much the stock ender 3 is flopping around, but also how this can give you mostly okayish results most of the time without having to deal with a ton of small tolerances.

A colleague of mine had a (non externally reachable) raspberry pi with default credentials being hijacked for a botnet by a infected windows computer in the home network. I guess you’ll always have people come over with their devices you do not know the security condition of. So I’ve started to consider the home network insecure too, and one of the things I want to set up is an internal ssh honeypot with notifications, so that I get informed about devices trying to hijack others. So for this purpose that tool seems a possibilty, hopefully it is possible to set up some monitoring and notification via uptime kuma.

Well it is compiled to byte code in a first step, and this byte code then gets processed by the interpreter. Now Java does the exact same thing: gets compiled to byte code which then gets executed by the jvm (java virtual machine), which is essentially a interpreter that is just a little simpler than the python one (has fewer types for example). And yet, nobody talks about a java interpreter

Ah thank you, that wasn’t obvious to me from its website

Why do you prefer it over syncthing?

I don’t have one, I can only tell you that you can change the keyboard layout. The Readme of the firmware sourcecode says:

To change the keyboard layout, adjust the matrix arrays in keyboard.c.

https://source.mnt.re/reform/reform/-/tree/master/reform2-keyboard-fw

You might find more information in the mnt forum, it is here: https://community.mnt.re/

You do not want Octoprint on a machine that is busy. Otherwise you have load spikes that cause Octoprint to not be able to send the move-commands (gcode) as fast as the printer executes the movements. This problem is pronounced with faster printers and slicers that break up arcs into small straight lines (which is practically all slicers). Otherwise your printer stutters because it has to take small breaks to wait for the next command from octoprint.

What privacy concerns do you have? I’m all for privacy, but I don’t really see where registrars are a delicate topic in that. The most that comes to mind is that some (most?) have a service where they do not give out your name and address for whois requests, but instead the details of the registrar (namecheap has that for example).

True words. The sustained effort to keep something in decent shape over years is not to be underestimated. Now when life changes and one is not able or willing anymore to invest that amount of time, ill-timed issues can become quite the burden. At one point I decided to cut down on that by doing a better founded setup, that does backup with easy rollback automatically, and updates semi-automatically. I rely on my server(s), and all from having this idea to having it decently implemented took me a number of months. Just because time for such activities is limited, and getting a complex and intertwined system like this reliably and fault tolerant automated and monitored is simply something else than spinning up a one off service

And they believe all employees actually remember so many wildly different and long passwords, and change them regularly to wildly different ones? All this leads to is a single password that barely makes it over the minimum requirements, and a suffix for the stage (like 1 for boot, 2 for bitlocker etc), and then another suffix for the month they changed it. All of that then on sticky notes on the screen.

I ordered some parts from them a couple weeks ago to build my own custom laptop, and they’re finally on their way and I’m super excited! The article is missing this, but you can order hinges, keyboard (with or without case), trackball/-pad and all these things individually from them, and use them for your own purposes.

It is just mind boggeling how much MNT encourages hacking with their stuff. They even went and made a dedicated logo you can put on things that are made to work with the reform ecosystem / derivatives: https://source.mnt.re/reform/reform/-/blob/master/symbol-for-derived-works/mnt-based-reform.svg

You can also search for the founder Lukas F. Hartmann and find a couple interviews out there.

Since you run everything in docker, I guess you have experienced the benefits of containerization. So why not leverage that for your host too?

Fedora IoT is a container-based host that runs on your hardware, with a focus on edge device deployment.

https://fedoraproject.org/iot/ I have it running on two servers as well, and it works great. The only thing I changed is that I layered docker on it instead of using podman, because at the time I had trouble getting my reverse proxy working properly over ipv6