sylver_dragon

Can we follow this up by murdering most of the generic Top Level Domains (gTLD)? I have yet to see anything except spam and malware coming out of the .top domain.

While it was kinda lame for Mozilla to add it with it already opted-in the way they did

That’s really the rub here. Reading the technical explainer on the project, it’s a pretty good idea. The problem is that they came down on the side of “more data” versus respecting their users:

Having this enabled for more people ensures that there are more people contributing to aggregates, which in turn improves utility. Having this on by default both demands stronger privacy protections — primarily smaller epsilon values and more noise — but it also enables those stronger protections, because there are more people participating. In effect, people are hiding in a larger crowd.

In short, they pulled a “trust us, bro” and turned an experimental tracking system on by default. They fully deserve to be taken to task over this.

Have you considered just beige boxing a server yourself? My home server is a mini-ITX board from Asus running a Core i5, 32GB of RAM and a stack of SATA HDDs all stuffed in a smaller case. Nothing fancy, just hardware picked to fulfill my needs.

Limiting yourself to bespoke systems means limiting yourself to what someone else wanted to build. The main downside to building it yourself is ensuring hardware comparability with the OS/software you want to run. If you are willing to take that on, you can tailor your server to just what you want.

Switched to full time Arch because I didn’t want to run Windows Privacy Invasion Goes to 11. And it’s been pretty good. Valve gets a big “thank you” for their contributions to WINE and making gaming on Linux nearly as seamless as Windows.

It’s probably still true that “Next year” will be the year of Linux on the desktop, and it will be for several more years to come. But, it’s starting to feel like cracks are forming in the Microsoft wall.

It’s getting Fark’d

I do agree with what you are saying, but for a complete beginner, and a very general overview, I didn’t want to complicate things too much. I personally run my own stuff in containers and am behind CG-NAT (it’s why I gave it a mention).

That said, if you really wanted to give the new user that advice, go for it. Rather than just nit pick and do the “but actshuly” bit, start adding that info and point out how the person should do it and what to consider. Build, instead of just tearing down.

No, but you are the target of bots scanning for known exploits. The time between an exploit being announced and threat actors adding it to commodity bot kits is incredibly short these days. I work in Incident Response and seeing wp-content in the URL of an attack is nearly a daily occurrence. Sure, for whatever random software you have running on your normal PC, it’s probably less of an issue. Once you open a system up to the internet and constant scanning and attack by commodity malware, falling out of date quickly opens your system to exploit.

Short answer: yes, you can self-host on any computer connected to your network.

Longer answer:
You can, but this is probably not the best way to go about things. The first thing to consider is what you are actually hosting. If you are talking about a website, this means that you are running some sort of web server software 24x7 on your main PC. This will be eating up resources (CPU cycles, RAM) which you may want to dedicated to other processes (e.g. gaming). Also, anything you do on that PC may have a negative impact on the server software you are hosting. Reboot and your server software is now offline. Install something new and you might have a conflict bringing your server software down. Lastly, if your website ever gets hacked, then your main PC also just got hacked, and your life may really suck. This is why you often see things like Raspberry Pis being used for self-hosting. It moves the server software on to separate hardware which can be updated/maintained outside a PC which is used for other purposes. And it gives any attacker on that box one more step to cross before owning your main PC. Granted, it’s a small step, but the goal there is to slow them down as much as possible.

That said, the process is generally straight forward. Though, there will be some variations depending on what you are hosting (e.g. webserver, nextcloud, plex, etc.) And, your ISP can throw a massive monkey wrench in the whole thing, if they use CG-NAT. I would also warn you that, once you have a presence on the internet, you will need to consider the security implications to whatever it is you are hosting. With the most important security recommendation being “install your updates”. And not just OS updates, but keeping all software up to date. And, if you host WordPress, you need to stay on top of plugin and theme updates as well. In short, if it’s running on your system, it needs to stay up to date.

The process generally looks something like:

• Install your updates.
• Install the server software.
• Apply updates to the software (the installer may be an outdated version).
• Apply security hardening based on guides from the software vendor.
• Configure your firewall to forward the required ports (and only the required ports) from the WAN side to the server.
• Figure out your external IP address.
• Try accessing the service from the outside.

Optionally, you may want to consider using a Dynamic DNS service (DDNS) (e.g. noip.com) to make reaching your server easier. But, this is technically optional, if you’re willing to just use an IP address and manually update things on the fly.

Good luck, and in case I didn’t mention it, install your updates.

At the time I stood my server up, I was supporting RHEL at work and support for docker seemed a bit spotty. IIRC, it took both setting up the docker yum repo directly, along with the EPEL repo. And every once in a while, you could end up in dependency hell from something which was at different versions between EPEL and the official repos. Ubuntu, on the other hand, had better docker support in the official repos and docker seemed more targeted at .deb distributions. So, I made the choice to go Ubuntu.

I suspect this is long since all sorted. But, I see no compelling reason to change distributions now. The base OS is solid and almost everything the server does is containerized anyway. If I were to rebuild it, I would probably use something more targeted at containerization/virtualization, like Proxmox.

I had dabbled with Linux before, both at home and work. Stood up a server running Ubuntu LTS at home for serving my personal website and Nextcloud. But, gaming kept my main machine on Win10. Then I got a Steam Deck and it opened my eyes to how well games "just worked’ on Linux. I installed Arch on a USB drive and booted off that for a month or so and again, games “just worked”. I finally formatted my main drive and migrated my Arch install to it about a week ago.

I’m so glad that I won’t be running Windows Privacy Invasion Goes to 11.

Holy Misleading Headline, Batman…
The actual first sentence of the article:

Since 2019, the U.S. Department of Defense has been asking for a waiver from legislation barring it from doing business with companies reliant on telecommunications equipment manufactured by Huawei.

Emphasis added. This isn’t the DoD saying “we need to use Huawei hardware”, it’s the DoD saying “a fuck-ton of companies we do business with use Huawei hardware.” And that’s because Huawei hardware is cheap and businesses like cheap. While I do think the DoD has some leverage in contracts to say, “welcome to the Defense Industrial Base (DIB), you cannot use anything manufactured by Huawei in infrastructure which is within scope”. If the text of the law says that the DoD can’t do business with companies who use Huawei hardware at all, then that’s going to be very limiting.

By combining Mozilla’s scale and trusted reputation with Anonym’s cutting-edge technology…

Ya, that reputation is taking a big hit right now.

Congratulations, you have now arrived at the Trough of Disillusionment:

It remains to be seen if we can ever climb the Slope of Enlightenment and arrive at reasonable expectations and uses for LLMs. I personally believe it’s possible, but we need to get vendors and managers to stop trying to sprinkle “AI” in everything like some goddamn Good Idea Fairy. LLMs are good for providing answers to well defined problems which can be answered with existing documentation. When the problem is poorly defined and/or the answer isn’t as well documented or has a lot of nuance, they then do a spectacular job of generating bullshit.

My experience has been pretty similar. With Windows turning the invasive crap up to 11, I decided to try and jump to Linux. The catch has always been gaming. But, I have a Steam Deck and so have seen first hand how well Proton has been bridging that gap and finally decided to dip my toes back in. I installed Arch on a USB 3 thumbdrive and have been running my primary system that way for about a month now. Most everything has worked well. Though, with the selection of Arch, I accepted some level of slamming my head against a wall to get things how I want them. That’s more on me than Linux. Games have been running well (except for the input bug in Enshrouded with recent major update, that’s fixed now). I’ve had no issues with software, I was already using mostly FOSS anyway. It’s really been a lot of “it just works” all around.

That is a possibility. To be honest, I haven’t tried very hard yet. I’m currently working on spinning up a Win10 VM in KVM and I’ll see how that works. And Android emulator is another good idea, I’ll have to give that a go.

Did the same. The writing has been on the wall for a long time, Microsoft’s anti-user behavior is only set to get worse. I made the jump to Linux (Arch) and things have been reasonably smooth. I did have a few issues with Enshrouded, but was able to get past those with Proton-GE. The only issue I haven’t worked around yet is Roblox with the kids. But, I may just have to pick up a cheap tablet for that.

I think AI is good with giving answers to well defined problems. The issue is that companies keep trying to throw it at poorly defined problems and the results are less useful. I work in the cybersecurity space and you can’t swing a dead cat without hitting a vendor talking about AI in their products. It’s the new, big marketing buzzword. The problem is that finding the bad stuff on a network is not a well defined problem. So instead, you get the unsupervised models faffing about, generating tons and tons of false positives. The only useful implementations of AI I’ve seen in these tools actually mirrors you own: they can be scary good at generating data queries from natural language prompts. Which is, once again, a well defined problem.

Overall, AI is a tool and used in the right way, it’s useful. It gets a bad rap because companies keep using it in bad ways and the end result can be worse than not having it at all.

what is the advantage in using Windows 11 over 10?

Many years ago, I was at a Windows XP launch event and the Microsoft Rep had a really honest line:
“Why should you start using Windows XP? Because we’re going to stop supporting Windows 98!”

And ya, that’s pretty much been the cattle prod Microsoft uses to push new versions, eventually you stop getting security updates for the older OS and at some point there are enough security vulnerabilities which make it no longer safe for daily use. That said, with Windows becoming more and more user hostile, other options start to make more sense.

The answer to that will be everyone’s favorite “it depends”. Specifically, it depends on everything you are trying to do. I have a fairly minimal setup, I host a WordPress site for my personal blog and I host a NextCloud instance for syncing my photos/documents/etc. I also have to admit that my backup situation is not good (I don’t have a remote backup). So, my costs are pretty minimal:

• $12/year - Domain
• $10/month - Linode/Akamai containers

The Domain fee is obvious, I pay for my own domain. For the containers, I have 2 containers hosted by the bought up husk of Linode. The first is just a Kali container I use for remote scanning and testing (of my own stuff and for work). So, not a necessary cost, but one I like to have. The other is a Wireguard container connecting back to my home network. This is necessary as my ISP makes use of CG-NAT. The short version of that is, I don’t actually have a public IP address on my home network and so have to work around that limitation. I do this by hosting NGinx on the Wireguard container and routing all traffic over a Wireguard VPN back to my home router. The VPN terminates on the outside interface and then traffic on 443/tcp is NAT’d through the firewall to my “server”. I have an NGinx container listening on 443 and based on host headers traffic goes to either the WordPress or NextCloud container which do their magic respectively. I also have a number of services, running in containers, on that server. But, none of those are hosted on the internet. Things like PiHole and Octoprint.

I don’t track costs for electricity, but that should be minimal for my server. The rest of the network equipment is a wash, as I would be using that anyway for home internet. So overall, I pay $11/month in fixed costs and then any upgrades/changes to my server have a one-time capital cost. For example, I just upgraded the CPU in it as it was struggling under the Enshrouded server I was running for my Wife and I.

Microsoft: “We’re sorry, this is all just a misunderstanding. We thought you were too stupid to notice.”