• 0 Posts
  • 17 Comments
Joined 15 days ago
cake
Cake day: November 7th, 2024

help-circle


  • I use Apple devices for end-user activities but Linux for my routers and servers. I grew up with Windows at home and Macs at school; as a teen I used Linux full time on used PCs but always loved the “it just works” design of Apple gear.

    I actually prefer FreeBSD, but Docker and containerization have brought me much closer to Linux.

    Specifically, I love using Alpine Linux due to its flexibility. Its packages are very up to date and I can install an actually working Node or Ruby with a simple apk add versus installing nvm or rbenv. It’s awesome for lightweight, no nonsense stuff like Tailscale, VPNs, etc.






  • I would add from an end-user privacy perspective, they might want HTTPS. If I hit a website not using HTTPS, I pretty much immediately back out. Bad actors like hostile governments and hackers can use seemingly meaningless data against you.

    I can’t remember exactly what happened but I remember back when WebMD was fighting against rolling out TLS hackers were able to find medical weaknesses against people.






  • One thing I want to bring up just so you’re conscious of it is WiFi calling.

    I currently use Tailscale and a sophisticated setup to route traffic via commercial VPNs. I also do a ton of DNS ad/tracking blocking which Tailscale wasn’t really designed for (and requires a rat’s nest of routing, iptables and the like).

    I’ve noticed I never receive incoming calls now even while attempting to send traffic to my carrier’s WiFi calling server (it’s just another traditional VPN server at a technical level) through the nearest Tailscale exit node.

    All this is to say, if you want WiFi calling to work you should consider this. I believe it’s the same for Android and iPhone.

    As for the traditional VPN bit I kind of discovered this a few years ago when using one of those mobile cellular gateways you can plug into your LAN (I lived in a dead zone). When looking up my current carrier’s WiFi calling server (a different carrier) I realized the port matches the same VPN thing they were doing on the cellular gateway, so I think it’s fairly common for wireless carriers to just use a VPN to get you into their backend.