Sorry I might have misunderstood, you mentioned giving others access externally and it working fine. Normally, if you’ve set up the service to be publicly accessible on the internet, you can just visit the same site through the public DNS record and your public IP. At home or elsewhere, it’s all the same internet.

So either you’ve done something odd, or you’re talking about different, more private, internal only services?

Can you live with the services routing out and back into your public IP? If it all works for external users on the internet, doing nothing special should mean it works for you too?

I used an old phone with a broken screen as a webcam since covid untill it totally broke recently.

However it needed some stars to align; I had a 3D printer to make a custom holder so it could sit on my monitor unobtrusively. I also luckily had a phone with a built in method to limit the battery charging so it could be plugged in 24/7. I was able to disable all power saving and permission features, so the app could run 24/7 without being killed by android.

I used droidcam, which works with an OBS plugin nowadays. I got it to the point that I just needed to launch OBS and my webcam was on, no touching or fiddling with the phone at all.

That’s just the invisible hand of the market directing people to use batteries to store the cheap power and export in the evening when the price goes up again.

Also it’s because the big coal plants can’t quickly turn on and off, so theres too much supply basically whenever the sun is out nowadays.

In my head I thought one could make relatively cheap high capacity in 2.5" SATA form factor by having more NAND chips of lower capacity. You give up speed and PCB space but that’s fine since bandwidth and IOPS are limited by SATA anyway and there’s plenty of space compared to M.2.

Turns out to not shake out that way, controller ICs that support SATA aren’t coming out any more, and NAND ICs are internally stacked to use up channels while not taking up PCB space.

There are some enterprise options, but they’re mad expensive.

I have 4x 6TB HDDs in my NAS. Around 5 years ago I decided to simply replace any dead drives with 6TB ones instead of my previous strategy of slowly upgrading their size. I figured I could swap to 8TB 2.5" SATA SSDs that had just started to exist and would surely only get cheaper in the future…

I think the idea of directions came before the idea of negative.

Back in the day I used a raspberry pi 3 for 1080p h.264 and steam link / moonlight. Problem was omxplayer plays up to 1080p60 beautifully, but anything else would struggle. Eventually ‘upgraded’ to an old laptop to easily YouTube/netflix in the browser too.

I fucking love copyparty. It starts simple enough but then the millions of options and configs let you twist it into exactly what you need.

As someone that runs a server OS that doesn’t support docker, it is very refreshing to see a single binary project. It has a focus on being administrator friendly thats really fallen out of fashion these days.

I’ve stopped using it as people have pointed out it’s hurtful, but I’ve never fully understood why. To me it’s in the same group as idiot, fool, lunatic, imbecile and cretin. Words that aren’t used to describe conditions anymore, only used as insults. While they can be used with hatred, they can also be used in a teasing way with friends. To me it doesn’t reach the level of racist, sexist and homophobic slurs.

I wanted to learn more and found a paper that makes the case that ableist insults are slurs. Download it here

I think it would be fine. Friend of mine has Immich on a N100, like you mentioned, the initial ML tasks on a big library takes over 24 hours but once it’s done it doesn’t need much. I don’t have experience running next cloud but the others you mentioned don’t need much RAM/CPU.

ZFS doesn’t need much RAM, especially for a two disk 4TB mirror. It soaks up free RAM to use as a cache which makes people think it needs a lot. If the cache is tiny you just end up hitting the actual speed of the HDDs more often, which sounds within your expectations. I dare say you could get by with 8 GB, but 16GB would be plenty.

I’d only point out if you’re looking for it to last 10 years, a neat package like the ugreen might bite you. A more standard diy PC will have more replaceable parts. Would be bigger and more power hungry though.

They’ve been seen using TM SGNL made by Israeli company TeleMessage to archive messages. Which is good except that it does so unencrypted, giving Mossad a window into the administration…

That is fricking sick dude!

If it was me, I’d snoop the DNS requests and/or SNI headers. Flag on torrent index sites and trackers known to be used for pirate stuff. They don’t need to know exactly which paw patrol movie you’re downloading, just that you are getting something from thepiratebay.

Does it exist anymore? iTunes went DRM free in 2009. Bandcamp is DRM free. Even streaming services can be readily downloaded from with alternative clients. Who’s still selling DRM’d music?

Ah yes the age old problem

If you’re looking for a privacy respecting paid service that’s not just a file locker for pirates I have two recommendations: At a previous workplace, we used LiquidFiles. More catered for commercial uses.

Personally I’ve been using Bitwarden Send. Requires a paid account ($10/year) and limited to 500MB files.

It’s called secure boot and it’s been around for over 10 years now.

Software passkeys can’t provide attestation and don’t. A service requiring it would reject every apple and google device too. Its a feature for hardware like yubikeys and smart cards used by governments to ensure it’s not a knockoff with backdoors.

No thats actually not an issue at all if your device is secure and uses full disk encryption.

Oh I see your computer is secure well then nothing to worry about 🤣

If i want to write down my private key on a piece of paper and type it in by hand then thats my issue to deal with and not theirs.

With a hardware FIDO2 key, the private key never leaves the device, instead it signs challenges. Malware on the PC can’t access the private key and make it’s own copy.

Using software keys, they are at least encrypted in the vault until you open it, then there’ll be a window of time with a plain copy in memory that malware can potentially grab.

Your plaintext private key file can be stolen by malware easily and immediately. You would actually be better off with it written on a post it note.

Course in real life malware is gonna be stealing your browser cookies to gain access to your accounts and avoid the whole keypass thing. In the world that FIDO was born, authentication is happening all the time and any possibility of key theft is considered a compromise.

I wanted to be sympathetic to the author. Passkeys are complicated, especially since they now try to cover so many situations, and it certainly originates from the corporate world. But this guy is spreading FUD. Tim Cappalli pointing out security shortcomings in keepassxc’s implementation a couple of times is not proof that FIDO Alliance is anti open source.

Ah kay, definitely not a RAM size problem then.

iostat -x 5 Will print out per drive stats every 5 seconds. The first output is an average since boot. Check all of the drives have similar values while performing a write. Might be one drive is having problems and slows everything down, hopefully unlikely if they are brand new drives.

zpool iostat -w Will print out a latency histogram. Check if any have a lot above 1s and if it’s in the disk or sync queues. Here’s mine with 4 HDDs in z1 working fairly happily for comparison:

The init_on_alloc=0 kernel flag I mentioned below might still be worth trying.