ime rideshare drivers are generally incredibly good at driving, so I trust their judgement. Are there stats that they get in more crashes?

that’s probably generalized too far and reaches into pseudo-science.

Just understand the concept of Turing-completeness, and the idea that many systems are Turing equivalent.

Rustdesk did have some massive controversies in the past, like:

• installing root certificates without fully understanding the implications
• ignoring AGPL for their proprietary bits
• and other questionable decisions

Which raises doubts as to how trustworthy the development team is.

And while some other people say “it’s ok that was in the past they fixed it”, keep in mind that most of Brave Browser’s controversies were in the past, and yet lemmy still hasn’t forgiven them yet…so I’d like to know how long it takes for lemmy to forgive past mistakes

deleted by creator

You’re not wrong but when you use somebody else’s config you use somebody else’s…configuration. Like if they use ProtonVPN, you’ll need to use ProtonVPN as well. If they use Usenet instead of torrents, that’s what you’ll get as well. If somebody uses Podman instead of Docker, etc etc. So this is why it can be more difficult than just ripping configs from strangers.

This is the classic problem where the more flexibility a program has, the more fragmentation comes out of it. The *arr stack is complicated for this reason. It’s a million different pieces that can be configured in a million different ways. Something like Nextcloud is much more plug-and-play. I’ve been doing self-hosting for years now and even I find *arr a chore to deal with.

Though nothing wrong with referencing other people’s configs to get a sense of what it’s supposed to look like. Start simple, look for somebody who has a radarr + qbittorrent + gluetun stack working, and go from there.

The idea is sound. Give it 10 years to mature further. The public cares about privacy less than you think, just look at the past 20 years.

Well the innovations clearly must be good because people use them so much. Frankly the term “illegal” doesn’t carry much weight for me. Piracy is illegal, but I think copyright is far worse.

it reduces cars in public parking lots and spaces though, which is nice

Doesn’t dread’s captcha force you to check the url? Afaik it makes you fill in specific parts of the url, so that you check that the url you are using is the same one they are using. Curious how the mirror was able to bypass that.

Regardless I just spent some initial investment saving the pgp public keys and making sure they are legit, so that I can use them to verify dread’s mirrors.txt whenever needed. Faster than walking out to the street imo

I prefer internal data abuses because it removes me from being at fault. If I send e-mail to a gov agency whose MX lookup leads to a Microsoft server and MS abuses the data, I have a hand in the abuse of my own data. A well-lawyered opponent would rightfully argue: “you handed your message to MS; you reap what you sow. If you did not trust MS with your message then you should not have handed your message to them.”

You’re not at fault if email is the only option. The lawyer would rightfully recognize that. So making (online) email the only option absolves you of the blame. Is that really all you want? I really don’t understand this reasoning behind the idea that only “internal data abuses” are ok.

To keep things short, there are two things that I feel like would satisfy a lot of your concerns:

1. government services should minimize sharing data with third-parties
2. copyright should be abolished

The first addresses your issues with interacting with government services. It would allow you to say, boycott Microsoft while still using government services. It would extend to internal data processing. And it would even cover things like allowing Tor, since Tor is used to minimize data sharing with your ISP, which is a third-party.

The second addresses your desire to play games offline. The main reason why games force online connection even when the game doesn’t need it, is to prevent piracy. Without copyright, there is no piracy.

These are both fairly big goals, especially the latter, but still more reasonable and achievable than enforcing offline access imo.

idk maybe there were roads for carriages before cars were invented? I’m not old enough to know

Nobody believes virtualization is perfect, it’s just the best we got because:

• smaller attack surface
• security is the priority over adding new features (the opposite of most other development cycles)
• in practice we have seen how secure it is relative to other systems like the kernel

And anyways, even a separate physical computer can be hacked. If it has networking, there could be a vulnerability in the networking stack. Just making an outbound tcp connection can be enough to be pwned.

I think the closest thing we have to an “invincible” system is seL4, but I rarely hear about amybody using them

copy fail allows VMs to infect the host system? I thought it was a kernel vulnerability, not a hypervisor vulnerability. Containers and LXCs share the kernel with the host, full VMs do not. So a kernel exploit allows container escape but not VM escape.

Kernel exploits happen a few times a year. Hypervisor exploits and VM escapes are VERY rare.

Using SSH for clustering is optional. You can just use normal VMs. You don’t have to install SSH into the VM, you can view it through proxmox. The only difference between a VM and a separate physical machine is the hypervisor, so the only security difference is the security of the hypervisor. And as I mentioned, hypervisor exploits are very rare.

Edit: for a sense of perspective, think about this. Almost every major tech company in the world relies on hypervisors for security. Qubes OS, known in the privacy/security world as one of if not the most secure OSes, relies on the hypervisor for security. An easily exploitable hypervisor escape would be a vulnerability on the scale of the XZ utils backdoor (which was unsuccessful). I have not seen a vulnerability of that scale since heartbleed.

Edit2: a word

I recommend proxmox. One VM for sensitive private data and backups, one VM for stuff exposed to the internet

archive.is is the one with the horrible new google captcha right? (the one that requires phone scan)

Difficulty can make a big difference. If uploaders have to start making bootleg recordings using camcorders, cleaning up recording artifacts and lighting/reflections from the recording environment and fixing lens distortion etc, all to end up with a mediocre bootleg recording…then I can guarantee you piracy will become extremely rare.

Popular movies might get the attention and work needed. But good luck for random Youtube videos.

The study talks about giving money to people after prison. It doesn’t give any evidence that the prison method can be skipped. It might make prison cheaper, since lowering recidivism means less inmates which means less cost. But it doesn’t replace prison.

Yes but I’m saying the tech could get more advanced and locked down, like all DRM tech has been progressing

Afaik under the current system, rehabilitation is already one of the goals of prison (akin to parents giving their kids time out or grounding them in their room). I’m sure it’s questionable how effective it is. Sure is cheaper than other rehabilitation methods though.

I’m sure in the future they’ll have a firmware update system for rotating their keys if they’ve been leaked. And if you try to keep your TV offline to prevent the key rotation, they’ll still rotate the encryption key for the stream (maybe wait a year for most people to receive the firmware update), and your offline TV won’t be able to decode the stream anymore