Also new people are still motivated to change stuff. They are not yet worn down by bureaucracy.

Where comments are useful most is in explaining why the implementation is as it is. Otherwise smart ass (your future self) will come along, rewrite it just to realize there was indeed a reason for the former implementation.

Maybe not your particular board, but platformio supports Linux for ages. I worked with that 6 years ago (on arch, btw).

Sure, but the thing is: only a single person needs to break it temporarily in some way and this person can then leak the DRM free copy for everyone to consume.

That’s why DRM is such bullshit. It only ever punishes legitimate users. All others are unaffected.

So we could use a blockchain… (/s)

But why? If you don’t need moving parts, don’t use moving parts. Simplicity is king.

IDEA isn’t Java-only. Most of the other languages are available as plugins. IDEA is typically the go-to IDE for multilanguage projects.

My password database contains a few hundred entries. Good luck memorizing that.

Enpass uses the open source library sqlcipher (which is an sqlite fork with encryption). So while Enpass as a whole is not fully open source, you can still exfiltrate your passwords with open source tools, should they ever vanish or radically change their business model. You can then use for example enpass-cli.

That gives me enough confidence to trust in Enpass, since they can’t easily hold my data hostage.

Sorry, but log files can contain any amount of PII that is absolutely unsuited to be sent over an unencrypted channel to a person/company that should not even need some details.

I sure as hell also skim over logs before I send anything out and remove anything that I don’t want to leak.

Many security experts I know consider AV software to be snake oil. I do so too. They are so complex and need so far reaching permissions to be somewhat effective, that they become the attack vector and/or a large risk factor for faulty behavior.

Add in lots of false positives and it just numbs the users to the alerts.

Nothing beats educating users and making sure the software in use isn’t braindead. For example Microsoft programs that hide file extensions by default is a far bigger security problem than a missing AV tool. Or word processors that allow embedded scripts that can perform shit outside the application. The list goes on …

Happy to help.

Replacing a python service (searxng) by one written in rust? Count me in.

I mean … that’s basically how the internet works today. And even if you don’t “run” proprietary stuff on your end, their service as a whole is still proprietary. So it seems like a pointless battle, IMO.

I would rather ensure to use a browser where I trust its sandbox to properly isolate the shit it has to run inside.

But he said “proprietary software to run”, not to “setup” or “register” or whatever.

But as I said: once the DNS entries are set up, everything is routed directly to your machine. What runs there is completely in your hands. Same with VPS/root server: SSH is free. Pick the client you like.

I don’t know of a single registrar or hoster that I can’t run without libre software.

What exactly do you mean? Typically you go to a website, register the domain, setup payment and then setup the nameserver. No need to install anything on your end.

Same with hosting. You sign up, setup payment, order a machine (root or virtual) and then you get SSH credentials and are good to go.

This must be a while back, because it works fine here.

A few months ago they had a bug that prevented playback on Linux. But that was resolved after a week or so.

Oh wow. Good to know! Thanks!

But the thing is: B2 is cheap for storage, but retrieval and traversal are very expensive. And if that happens transparently on the filesystem (because you accidentally run grep or the service in question regularly hashes the files or something), you would implicitly download everything stored. And IIRC retrieval costs ten times the storage costs… each time.)