Okay I know people sort by new comments, so I'm just going to keep creating more comments here.

I paused halocard for now, since it does look like it's paid. That makes me hesitate, but also gives me confidence (that its business model isn't glorping up all my data).

I tried wise.com, which looks free, but it also asked for my SSN... which it then said it couldn't verify?

I don't get it. Why do they all put the joysticks at the bottom? I find that so uncomfortable. Why are double top joysticks so rare?

I am trying to use nix and firejail only, but it is pretty rough and barely documented which is kinda insane as firejail is THE tool. Unlike crabjail, bubblejail and what else is out there

I was investigating sandboxing with Nix. Here is a dump of my saved notes:

General Nix Based

github.com/nixpak/nixpak

github.com/Naxdy/nix-bwrapper

https://todo.sr.ht/~alexdavid/jail.nix

LLM Specific Nix based

Projects to sandbox AI agents:

https://github.com/archie-judd/agent-sandbox.nix

https://github.com/myme/jaillm/blob/main/flake.nix

https://github.com/gfauredev/nix-agents-jail

https://github.com/azuwis/fence-agent.nix

github.com/kohane27/jailed-ai-agents/blob/main/llm.sh

Someone told me that if you take these things and then replace the entrypoint with bash, you get a sandboxed shell environment

On reddit, there is a community called r/progressionfantasy, which is about a specific type of fantasy fiction. They have a rule that self promotional posts (for paid books) must be preceeded by 10 comments, and actual engagement with the community.

This is a reasonable compromise, in my opinion. Known community member who has been answering questions and contributiting to discussions?

I would be okay if they dropped a paid product of good quality and with a reasonable business model (please no vibecoded slop).

But drive by ProductNameAccount users who have never posted on lemmy before a bunch of self promotional posts? Yeah ban that shit.

What if the new account user, who is working on a product that integrates with what the vast majority of selfhosters run, just found Lemmy?

This happens on Reddit, and basically my problem is that these users often don't have enough experience to be able to actually give solutions. Reddit is full of people who think they have a good solution, dealing with comments of people explaining that what they are struggling with is actually a solved problem (or a skill issue). No one cares about your vibecoded slop that implements 1% of the features of an existing open source solution (they used to not be vibecoded but we still didn't care). It being paid and proprietary is just even more annoying.

My idea of requirement to engage with the community is also about being able to ensure that the users are technically competent. If they are experienced, it will show up in the discussions we can see and review. For their benefit, if they lurk, then they can take a look at what is being used, and what problems actually exist, instead of making assumptions.

If they really believe their product is so good, they can spend a few weeks helping people with Linux questions and sharing their (non product related) insightful thoughts on Lemmy so I don't dismiss them instantly when they finally advertise it.

It is possible to detect and moderate them, as long as your mods haven't been disappeared and replaced by people who's job is to accept bribes. And also when we can actually see people's history, since reddit now has an option to hide your history from others because of course.

My usual method is to focus on content, rather than writing style. The AI bots can write a lot, or be brief, or whatever, but they don't actually contribute to the discussion. They just kinda paraphrase and restate what has been said, or when trying to sell a product they disagree and go "Are you sure this isn't an problem?" to everybody in the thread telling them that it's actually a skill issue.

Sometimes they'll be a little better, but it's often surface level stuff that can be found at the top of a google search of keywords.

This also makes it possible to tell the difference between ESL speakers who are using AI to clean up their writing style, and true bots. Since the ESL speakers will actually have something to say, but bots won't.

And then: https://xkcd.com/810/

Unraid is an example, that I consider fairly reasonable. Sure, it is a subscription.

But all of the services are docker containers. What unraid brings to the table is a nice management UI, and the ability to mix and match drive of different sizes in a single raid pool. It makes having a fairly resilient self hosting setup easier than trying to do all of this stuff from scratch.

Nice features sure, that many people find worth paying for, even if I don't. But they are just nice to haves. If the company ever dies, it's absolutely possible to export the data and move to say, portainer, or docker via the cli, or podman, or anything that can run containers.

Second comment in the thread, since I decided to go hunting for alternatives: https://discuss.privacyguides.net/...

edit 1: Okay I am trying out Halocard right now. What the actual fuck, it sends the verification code via Whatsapp to the phone number I provide.

edit 2: no wait I received it as a text. It looks like whatsapp has a service to send text to people.

distrobox/toolbox

Distrobox excels for when you need some proprietary tool that ships it's packages as a repo for Ubuntu but not much else. You spin up a distrobox for Cisco Packet Tracer, or VSCode (the proprietary microsoft one, not Arch's Code-OSS and Unity.

Then, once you're done, you can just delete it all.

nix doesnt have any of these, but sandboxing is hard, there is either stable or unstable, changing and configuring things is very complex. Likely no official packages. Still the method I prefer.

Nix is what I use, and it was frustrating to have to hack a lot of it into place, but I feel like it has the most potential. Unfortunately the flakes nonflakes split, in combination with the split of "distros" like determinate nix, flox, and so on, and the governance concerns really hold it back. It has horrific documentation, for the most part caused by the above (flakes are "experimental" and so can't be included in official docs), and it is frustrating the lengths I have to go to to make stuff work that should be easy.

For example, GPU acceleration of Nix packaged apps on non Nixos systems. I figured out how to do it:

(config.lib.nixGL.wrappers.mesa pkgs.gzdoom)

source

But I think it's just straight up impossible to do this via imperative package installs, outside of home manager. And it's kind off important if you want any GUI app whatsoever to work.

But now that I have it working, I use Nixpkgs exclusively and am able to avoid the AUR entirely. To me, the AUR is a last resort, only for something like say, system level printer drivers (thankfully I've never needed to install anything to get printers to work). By ensuring that I only use the AUR once in a blue moon, I can make sure that I actually review the PKGBUILD when using it.

Not everybody does. It's just sometimes.

If the tarball was dynamically linked against specific distro's libraries though, then it wouldn't work on all distros.

They also often provide RPM packages for Red Hat systems. Not always though, and I use Arch (btw) anyways.

snap is likely the most secure by avoiding user namespaces, using AppArmor only and thus being very flexible (also for use for kernels, drivers, browsers …) but it is proprietary, nobody likes it and Canonical doesnt wanna stop somehow.

Snap does seem to support user namespaces. Although I want to comment that user namespaces are not universally insecure. When an application is confined within a user namespace, seccomp rules restrict it from being able to interact with the user namespaces subsystem, walling it off from the increased attack surface.

They are probably referring to the way that snap, flatpak, and distrobox are available as official packages in most linux distro's repositories, whereas nix isn't. I have encountered this frustration for sure. Debian and Arch provide nix packages, but many other distros don't.

In addition to this, nix requires manual setup if you install it from the repos, which is annoying. And then you have to do further manual setup to enable flakes, and then you have to figure out how to install packages and it's not fun.

So the main way people install nix is via the curl | bash scripts various "distros" of Nix provide.

Privacy.com is, legally, a bank. Banks have always had aggressive KYC requirements, but it's only gotten worse in recent years.

I went through the sign up and they made me take pictures of my face with Persona.

Once I did that, I then declined to use this other platform, Plaid for storing my card. Instead I submitted my debit card information directly.

The logged in page said that my account was pending, and would be verified in a 1-2 business days. It's been like 5 days now.

I dug around on reddit, and found someone with a similar experience. They theorized that delayed, or even indefinite account "verification" is a way of soft punishing people who don't submit to every single privacy invasive thing.

I really only wanted protection from fraud, overcharching, and bad merchants, so I wish this was a feature my bank would provide.

lmao. I hate takes like this.

It's not about making the website impossible to get to, it's about making the website more difficult and annoying to get to than an alternative productive activity/site.

Part of making it difficult to get to is technical.

Good practice exams will often be harder than the original test. Teachers do this in order to ensure you are prepared. If the practice test is harder, then the real test is easy. This is a pattern that I have noticed even in my college classes.

n reddit (ew) discussions are always making it like some terrifying thing.

To someone that doesn't know that they are using Windows, yes, the tests will be terrifying and difficult to study for. Often people are scared of computers and technology, and actively avoid knowing. But now, they will essentially have to cram a massive amount of information, since they are starting from scratch. And for those trying to break into cybersecurity from nothing, that is a common scenario.

For people who already know what a virus is, and how to spot phishing links, the test will be a lot less of a struggle. Now, you should study, in order to figure out gaps in your knowledge compared to what sec+ covers, but it won't be a nightmare.

clicks profile

Love computers, art, and nature.

You actively like computers instead of being scared of them. So I don't think you'll find the test terrifying.

No, it should be:

↹↹↹This↹↹↹

No, it would actually be quite easy to spot.

Nixpkgs templates the source code url fro the url, and then it injects a variable

Here is an example from bash:

pname = "bash${lib.optionalString interactive "-interactive"}";
    version = "5.3${fa.patch_suffix}";
    patch_suffix = "p${toString (builtins.length upstreamPatches)}";

    src = fetchurl {
      url = "mirror://gnu/bash/bash-$%7Blib.removeSuffix fa.patch_suffix fa.version}.tar.gz";
      hash = "sha256-DVzYaWX4aaJs9k9Lcb57lvkKO6iz104n6OnZ1VUPMbo=";
    };

If the url were to be changed, it would show up as a change in git when someone is reviewing before merging.

It's open source, and the relay's are e2ee (and audited), but they can also be self hosted.

1. Do you have actual technical issues with rustdesk?

2. Do you have an alternative software you would recommend? I hate when people spread FUD or say "don't use/do this" without actually providing an alternative. Drives me nuts. Because if you don't present an alternative to a software that someone needs, your complaints are kinda meaningless and a waste of everybody's time because they're gonna end up ignoring the complaints and using the tool they need.