How’s it compare to Hoarder/Karakeep?

Because of various privacy legislation, and people not wanting Google to track them as much, they stopped syncing the data to Google servers. As someone who’s worked at big tech companies, my guess would be that storing so many people’s location history was flagged as an issue during a privacy audit.

It’s entirely local now. You can enable encrypted backups and back up the data, however you can really only have the data on one device now, and the web version is gone.

had to upgrade due to DDOS

If you keep getting DDoS attacks, then I’d recommend getting DDoS protection from your hosting provider, or using Cloudflare. A lot of hosting providers can provide DDoS protection if you pay a bit extra per month.

Thanks. I looked into it a bit more and it looks like they actually want to increase what can be done in userland, to reduce the reliance on kernel mode. That’s still a good solution, if things the anti-cheat code needs to do can be moved into userland.

AFAIK Microsoft have plans to block kernel level anti-cheat on Windows. After the CrowdSec issues last year, they’re rethinking which types of programs should even be allowed to run in kernel space.

Edit: I was wrong. They actually want to increase what can be done in user mode, to reduce reliance on kernel mode code.

deleted by creator

How do you know this? Do you have a link to a source that says it?

From a friend that works at a big bank. I don’t want to dox then so I can’t really say which one.

I don’t disagree with this. Maybe I should get a phone that runs it.

In fact, I would argue that the safest distribution channel is F Droid and not Play Store.

I agree with this too! I don’t think I’ve seen any other app stores (on any platform) focus on reproducible builds.

giving access to your account only via SINGLE password and only asking for SMS OTP when transaction is done

This was a problem with US and Australian banks too. It’s still an issue in Australia, but some of the major banks in the USA have moved to sending 2FA requests to their mobile app, and either allowing OAuth or app-specific passwords to allow other services to get data from your bank account.

I mean, both things can be true? I know banks are pushing on Google to improve Android security, to avoid malicious apps with root access from messing with banking apps.

The fact is that a rooted phone can definitely be less secure if the user doesn’t 100% know what they’re doing, in the same way that always logging in as root on a Linux system can be.

Thanks for the reply!

preliminary NOVA driver code merged for the future Rust-written open-source NVIDIA kernel driver.

Is this based on the existing open-source driver (https://github.com/NVIDIA/open-gpu-kernel-modules) or will it be entirely new?

I usually use HTTPS, because a lot of web features only work over HTTPS.

You can use Let’s Encrypt DNS challenges to get real TLS certificates for internal hosts, instead of having to use your own CA or self-signed certificates.

Tailscale has several NAT bypass / hole punching methods for double NAT (including CGNAT) and symmetric NAT, but they don’t work in 100% of cases. https://tailscale.com/blog/how-nat-traversal-works

IPv6 is definitely a good solution since then you don’t have to deal with NAT at all. IPv6 is pretty easily doable in the USA (at long as you’re not using Starlink) but can be harder in other countries that don’t have as robust IPv6 infrastructure.

this means their permissions do not work like docker, and it is not in fact a drop-in replacement for docker

It might a drop-in replacement for Docker if you’re running Docker in rootless mode? Not sure how common that is, though.

I like Unraid because it’s essentially “just Linux” but with a nice web UI. It’s got a great UI for Docker, VMs (KVM) and Linux containers (LXC).

Don’t. Use a VPN like Tailscale or Wireguard. Tailscale uses the Wireguard protocol but it’s very easy to configure, and will automatically set up a peer-to-peer mesh network for you (each node on the VPN can reach any other node, without having to route through a central server).

The only things that should be exposed publicly are things that absolutely need to be - for example, parts of Home Assistant need to be publicly exposed if you use the Google Assistant or Alexa integrations, since Google and Amazon need to be able to reach it.

this community is literally built around hosting your own local infrastructure.

That’s part of it, but using a dedicated server, colocated server, or VPS are also considered “self hosted” too. “self hosted” is broader than just having a server at home, and means any server, web service, etc where you maintain it yourself.

Hardware in your own house is generally referred to as a “home lab”.

Web is a bit easier than native since the browsers handle all the platform-specific details across all common platforms, and you mostly just have to follow some guidelines that aren’t overly technical or arcane. Some examples:

• Use ARIA roles where appropriate
• Ensure sufficient contrast between text and background colours. Should at least meet the WCAG level AA which is a 4.5:1 contrast ratio, but ideally meet AAA which is a 7:1 ratio for body text and a 4.5:1 ratio for headings.
• Ensure you use <label> tags to label for all your <input>s, alt attributes on all images, title attributes where appropriate (e.g. on <table>s to describe the data contained inside the table), etc.

If you use Firefox, its developer tools have an “Accessibility” tab that can audit for common issues - things like missing labels on checkboxes and radio buttons, colours that don’t meet WCAG contrast ratio requirements, etc.

It’s a good time to learn more about building accessible sites and apps given it’s becoming a legal requirement in some jurisdictions. For example, the European Accessibility Act (EAA) goes into effect later this year, and it mandates that sites and mobile apps for various industries (like ecommerce, airlines and other transport, media streaming, social media, banks, and some others) meet accessibility guidelines.

I’m on an all Linux machine and the only accessibility software I know of is Orca and it’s so and so last time I tried it.

It’s probably worth spinning up a Windows VM to test in NVDA. It’s one of the most popular screen readers and probably the most popular open-source one, but only works on Windows since it deeply hooks into the Microsoft Speech API, accessibility APIs, and and other Windows APIs.

This is a really well written article. It’s unfortunate that this person has to deal with all these issues.

I suspect the reason that both MATE and the Debian installer have good accessibility support is because their codebases are quite old. In general, it seems like older software is more likely to have better accessibility support than newer software.

Accessibility should be something that’s built into software from the very beginning, but I totally understand that not all developers have time for it or properly understand it. It’s unfortunate.

Edit: I forgot to mention that accessibility is going to be mandated for some types of sites and apps in the EU thanks to the European Accessibility Act (EAA) coming into effect later this year, which should help somewhat. Won’t really help with Linux itself though.