𝘋𝘪𝘳𝘬 @ Dirk @lemmy.ml

Somewhere between Linux woes, gaming, open source, 3D printing, recreationa

---

Read more

Posts

10

Comments

1,679

Joined

2 yr. ago

It IS a terrible name. But it also is an over one decade old brand.

It will be hard to propagate the new name and have it as recognizable as "Minetest".

Luh-Anti?

Also luanti.net (which would be the most logical step to use that address because of the same TLD).

Why isn't something like this done prior to announcing the new name ...

Is this an out-of-season April Fools' joke?

So, the government murdering people by law is still a thing in the USA?

*Neiße

That's a cute idea but it completely ignores that it isn't 2005 anymore. Algorithms are good enough to detect that.

Otter

Startup times getting down below 20s definitely helps with this.

Absolutely. SSDs, systemd, and recent kernels definitely help. From the moment the EFI hands over to the kernel, my ca. 9 years old system is ready for login 3 seconds later.

Definitely seeing some people complain about the design changes

The great thing about Mastodon is, that you can freely chose what client you use. If you dislike the original client or web interface, just use Elk, Semaphore, Tusky, etc. whatever you prefer.

What's your typical "stand-by" mode for your computer when you're not using it?

Off.

Ideally I’d like to create a simple wiki for creative projects [...] and give others editing access [...] I’m moderately tech savvy

Codeberg allows to create wikis, even if this isn't their main feature.

The best thing: It is Git-based. So you have a regular Git repository for your wiki and you don't need to learn a new workflow. You can also edit pages in the browser. Permissions are a no-brainer of course. For editing pages, Markdown is used, so you don't even need to learn a new markup language.

Since Codeberg is an open source platform run by a non-profit association all and everything is free to use.

And if you ever want to migrate to somewhere else, just git pull your wiki and you're good to go.

Loss of control of this data would be catastrophic, so I took its security very seriously.

Ask yourself: "If my current system is unavailable: How screwed am I?"

If the answer is anything less than "Not screwed at all!", then it is time for a backup - regardless of what system you're using or plan to use.

I just checked their FAQ. They have information about SSH, SMB, RDP, connecting private networks (VPN), etc. available. I did not dig deeper regarding specific ports, though.

You could always use a reverse proxy on your side just accepting port 443 connections (https) and forwarding to a specific docker container using a specific port without the outside world even knowing.

I never tried it personally but I assume you're pretty save.

Here’s how it works:

The Tunnel daemon creates an encrypted tunnel between your origin web server and Cloudflare’s nearest data center, all without opening any public inbound ports.

After locking down all origin server ports and protocols using your firewall, any requests on HTTP/S ports are dropped, including volumetric DDoS attacks. Data breach attempts — such as snooping of data in transit or brute force login attacks — are blocked entirely.

https://www.cloudflare.com/products/tunnel/

At all stages I want to be left alone and just do what I'm paid for.

… for a small web server.

It’s not just a small web server. It’s a dedicated server with full root access and 24/7 direct hardware access without any extra costs.

The problem for me is I believe you need to open your network firewall for Lemmy and other federated services to work right?

Yes, of course. Or search for an external reverse proxy. Cloudflare offers something like this. (You set a Cloudflare server IP as target for your domain and then tell Cloudflare your IP and all traffic is routed over the Cloudflare ecosystem so your actual IP is not publicly used.)

I just opened port 443 and forwarded it to my Docker host and have NPM running there, handling all the forwarding to the individual containers, based on the request, but due to my day job I know what I’m doing :)

You can’t even turn all of this off via UI, but need to use about:config or user.js (the later needs to be explicitly enabled via about:config first).

Here’s my setup (except some specific settings based on my personal preferences that are not related to privacy).

 javascript

    
// Do not leak URLs, IPs, etc. to external services
user_pref('browser.safebrowsing.malware.enabled', false);
user_pref('browser.safebrowsing.phishing.enabled', false);
user_pref('network.trr.mode', 5); // DoH explicitly off
user_pref('security.OCSP.enabled', 0);
user_pref('browser.contentblocking.category', 'custom');
user_pref('app.shield.optoutstudies.enabled', false);
user_pref('browser.urlbar.trending.featureGate', false);

// Disable hidden extensions
user_pref('extensions.pocket.enabled', false);
user_pref('extensions.screenshots.disabled', true);

// Remove new tab spam
user_pref('browser.newtabpage.activity-stream.showSponsoredTopSites', false);
user_pref('browser.newtabpage.activity-stream.feeds.section.topstories', false);
user_pref('browser.newtabpage.activity-stream.feeds.topsites', false);

// Disable telemetry
user_pref('datareporting.policy.dataSubmissionEnabled', false);
user_pref('datareporting.healthreport.uploadEnabled', false);
user_pref('toolkit.telemetry.unified', false);
user_pref('toolkit.telemetry.enabled', false);
user_pref('toolkit.telemetry.server', 'data:,');
user_pref('toolkit.telemetry.archive.enabled', false);
user_pref('toolkit.telemetry.newProfilePing.enabled', false);
user_pref('toolkit.telemetry.shutdownPingSender.enabled', false);
user_pref('toolkit.telemetry.updatePing.enabled', false);
user_pref('toolkit.telemetry.bhrPing.enabled', false);
user_pref('toolkit.telemetry.firstShutdownPing.enabled', false);
user_pref('toolkit.telemetry.coverage.opt-out', true);
user_pref('toolkit.coverage.opt-out', true);
user_pref('toolkit.coverage.endpoint.base', '');
user_pref('browser.ping-centre.telemetry', false);
user_pref('browser.newtabpage.activity-stream.feeds.telemetry', false);
user_pref('browser.newtabpage.activity-stream.telemetry', false);
user_pref('breakpad.reportURL', '');
user_pref('browser.tabs.crashReporting.sendReport', false);
user_pref('browser.crashReports.unsubmittedCheck.autoSubmit2', false);
user_pref('app.shield.optoutstudies.enabled', false);
user_pref('app.normandy.enabled', false);
user_pref('app.normandy.api_url', '');

// Disable AI bullshit
user_pref('browser.ml.enable', false);
user_pref('browser.ml.chat.enabled', false);
user_pref('browser.ml.chat.shortcuts', false);
user_pref('browser.ml.chat.sidebar', false);
user_pref('pdfjs.enableAltText', false);
user_pref('pdfjs.enableUpdatedAddImage', false);

  

Nothing of this is opt-in:

By default, Mozilla collects […] information about the number of open tabs and windows or number of webpages visited. […] The data collected is associated with a randomly generated identifier that is unique to each Firefox client.

and

Firefox by default sends data about what features you use in Firefox to Leanplum, our mobile marketing vendor […] Leanplum tracks events such as when a user loads bookmarks, opens new tab, opens a pocket trending story, clears data, saves a password and login, takes a screenshot, downloads media, interacts with search URL or signs into a Firefox Account.

and

[Leanplum collects] certain information, which may include your browser’s Internet Protocol (IP) address, your browser type, the nature of the device from which you are visiting the Service[…], the identifier for any handheld or mobile device that you may be using, the Web site that you visited immediately prior to accessing any Web-based Service, the actions you take on our Service, […] We also may collect information regarding your interaction with e-mail messages, such as whether you opened, clicked on, or forwarded a message.

https://www.privateinternetaccess.com/blog/the-firefox-browser-is-a-privacy-nightmare-on-desktop-and-mobile/