Just make sure any power saving features are disabled. That is, if the 3000km journey to wiggle the mouse is not on your bucket list.

It’s a vendor specific thing, so if that bothers you, just look up the pairing procedure for each device before buying.

As far as I remember, the philips bulbs can be reset by holding on and off buttons on the remote. This functinality has a limited range, but a sophisticated attacker could probably just bring a better antenna.

In practice, the compatibility issues will probably keep you busy enough not to think about the theoretical attacks.

Sorry, I didn’t mean to discourage you. Practically all the lights in my house, and some other stuff like blinds and aquarium equipment, are running on zigbee. When you finally tune it just right, it’s pretty great.

Zigbee devices that can be remotely reset back into pairing mode.

Meanwhile, the vendors are introducing security vulnerabilities marketed as features, even in protocols that would be reasonably secure otherwise…

Found myself replacing the broken file roller flatpak by the file roller from thr APT repo.

The desktop linux feels more and more like windows as time goes on. The things that worked fine for years are being broken in new and innovative ways.

High quality positive content

It took 3 hours and we already got to gatekeeping culture.

Way beyond fist shaking here. My brain simply doesn’t process the trendy flat UX. It looks like when my kitchen garbage can tips over. A piece of carrot here, empty milk crate over there, sprinkled with onion peels, and some unidentified goop that I only discover later in the evening, using my bare feet, while getting a cup of water…

What’s weird though is that I similarly hate the circle android icons. They all kinda blend together like a bowl of skittles. Make them squircle though… instantly recognizable!

Hope not. The new translation tools is great.

For a relatively long time I was under the impression that Servo is pretty advanced, but after the last weeks news, I’m not so sure anymore.

What else do you expect from a magnet based society?

800 research papers in 25 years is ~2,5 papers per month.

How did people who figure stuff out for a living not notice anything suspicious?

I host 2 ejabberd servers. One casual, federated, the other one standalone, for work.

• Conversations is a decent android client that supports modern XMPP standards
• Dino on the desktop. It just happen to support the same subset of standards as Conversations, so they work pretty well together.

For Mastodon, I’m using an Akkoma instance hosted by a frind of mine

• Tusky works pretty well with it. There were certain annoying bugs when I combined the official Mastodon app with Akkoma.

Every once in a while I try Matrix, but each time I try to log in, Synapse is is fucked in a different way. I have to scrap it up and start from the ground up some day.

• Only the element based clients so far, because every alternative lack certain features.

I’m a big fan of Nostr, because of one particular feature - You control your identity without having to selfhost a server. The network seems to be occupied by the christian-carnivore-bitcoin-conservatives so far, therefor it’s pretty bland when it comes to content.

• Amethyst on Android
• Gossip on the desktop. This one requires a certain knowledge of the protocol. Each action needs to be manually triggered.

For some special use cases I have Signal, but most of the time, Telegram is the best the average person can do to meet me in the middle.

That’s not a slow laptop. I’ve been daily driving worse for years.

To protect the data from random thief just browsing through the files I still use ecryptfs. It only encrypts the home directory, and the keys are derived from my accounts password, so no extra hassle.

The encryption is weak by the current standards, and wouldn’t stop a determined attacker, but it’s 100% better than nothing, and I’ve never noticed any performance problems.

If a communication software has terms of service, run away!

Gmail offers imap amd smtp access. You have to enable 2FA, and then it will allow you to create account for so called “less secure apps”.

In your place, I’d either continue using gmail directly, or finish the configuration of the self hosted mail server and just use that with any smtp/imap client. I suggest getting a separate domain for testing first, before moving your primary inbox there.

What is it with the silent T?

uname -a

Updates depend on the specific distro. Some, like debian, keep the major version the same throughout the entire lifetime, just backporting the security fixes, others, like arch, follows the official major releases more closely.

TIL: Some people actually like their laptop to wake up after openning the lid!

I’ve used Elitebooks with elementary for years and found the wakup after pressing a button logical.

What pissed me off about probooks/elitebooks was that they woke up to inform me about the low battery, then went back to sleep due to low battery, then wake up, sleep, wake up, sleep, wake up… and the agony went on until the sweet death. I’ve never felt so sorry for a non living object before or after.

Oh, and also elementary can’t go to sleep from the lockscreen, on any hardware. One of those those bugs that I’m always sure will be taken care of in the next release, but it never is.

you still need good security configuration of the exposed service.

In a sense that security comes in layers, yes. But in practice, this setup will prevent 100% of bots scanning the internet for exposed services, and absolute majority of possible targeted attacks as well. It’s like using any other 3rd party VPN, except there’s not a central point for the traffic to flow through.

From the attackers point of view, nothing is listening there.

I’ve used a similar setup in the past to access a device behind a NAT (possibly multiple NATs) and a dynamic IPv4. Looking back, that ISP was a pure nightmare.

This is not a guide to hide from the government or ISP. Just a way to tunnel to your home server without publishing the sshd for random strangers. Personally, I’d just publish the ssh and be done with it.

I would rather live without the correlation attacks

The more people using Tor, the less useful targeted disconnects become.