Max-P

Server side rendering has become popular again with frameworks like Svelte and Next.js. For a while basic React was popular and entirely on the client side, and thus dependent on JS to work at all.

You can’t really easily locate where the last version of the file is located on an append-only media without writing the index in a footer somewhere, and even then if you’re trying to pull an older version you’d still need to traverse the whole media.

That said, you use ZFS, so you can literally just zfs send it. ZFS will already know everything that needs to be known, so it’ll be a perfect incremental. But you’d definitely need to restore the entire dataset to pull anything out of it, reapply every incremental one by one, and if just one is unreadable the whole pool is unrecoverable, but so would the tar incrementals. But it’ll be as perfect and efficient as possible, as ZFS knows the exact change set it needs to bundle up. It’s unidirectional, so that’s why you can just zfs send into a file and burn it to a CD.

Since ZFS can easily tell you the difference between two snapshots, it also wouldn’t be too hard to make a Python script that writes the full new version of changed files and catalogs what file and what version is on which disc, for a more random access pattern.

But really for Blurays I think I’d just do it the old fashioned way and classify it to fit on a disc and label it with what’s on it, and if I update it make a v2 of it on the next disc.

Both use Linux under the hood. You can even install LineageOS on some TVs.

The only reason AndroidTV is bullshit is the manufacturers because casual users want shit like Netflix and Prime preinstalled. Google TV in particular comes with a lot of crap and the ads, which believe it or not some users take as a feature.

But that’s not inherent to Android TV as an OS, it’s exactly like Android phones and manufacturers preloading a bunch of crap to make an extra buck. If your run AOSP you get none of that crap, and it’s fully open-source.

I would distrust my carrier well before I distrust the encryption. Even when roaming, your Internet is tunnelled through your carrier using an internal VPN. It even works in China, that’s a fairly common way to get around their firewall.

I also wanted to put an emphasis on how working with virtual disks is very much the same as real ones. Same well known utilities to copy partitions work perfectly fine. Same cgdisk/parted and dd dance as you otherwise would.

Technically if you install the arch-install-scripts package on your host, you can even install ArchLinux into a VM exactly as if you were in archiso with the comfort of your desktop environment and browser. Straight up pacstrap it directly into the virtual disk.

Even crazier is, NBD (Network Block Device) is generic so it’s not even limited to disk images. You can forward a whole ass drive from another computer over WiFi and do what you need on it, even pass it to a VM boot it up.

With enough fuckery you could even wrap the partition in a fake partition table and boot the VM off the actual partition and make it bootable by both the host and the VM at the same time.

Yeah, that’s enough to not have it exposed directly. I understand why they did it that way but very good to know, thanks!

What you’re trying to do is called a P2V (Physical to Virtual). You want to directly copy the partition as going through a file share via Linux will definitely strip some metadata Windows wants on those files.

First, make a disk image that’s big enough to hold the whole partition and 1-2 GB extra for the ESP:

qemu-img create -f qcow2 YourDiskImageName.qcow2 300G

Then you can make the image behave like a real disk using qemu-nbd:

sudo modprobe nbd
sudo qemu-nbd -c /dev/nbd0 YourDiskImageName.qcow2

At this point, the disk image behaves like any other disk at /dev/nbd0.

From there create a partition table, you can use cgdisk or parted or even the GUI GParted will work on it.

And finally, copy the partition over with dd:

sudo dd if=/dev/sdb3 of=/dev/nbd0p2 bs=4M status=progress

You can also copy the ESP/boot partition as well so the bootloader works.

Finally once you’re done with the disk image, unload it:

sudo qemu-nbd -d /dev/nbd0

For the most part, it’s just like how you learned to be good with a controller: experience. The more you use the mouse the better you get. You brain just learns that this amount of movements equals roughly this distance moved on the screen.

For a lot of people, disabling mouse acceleration helps with precision. By default there’s an acceleration curve, so you move the mouse faster and the cursor goes even faster, disabling it makes it so the cursor tracks the mouse precisely. It can make it harder to do a 360 though, as acceleration can help get the speed needed. Dial in your sensitivity settings to where it feels comfortable for aiming, because if you make the sensitivity too much for the 360 it’ll be really hard to aim with any sort of accuracy.

There’s a rhythm game called Osu! if you want to stress test your mouse accuracy.

I keep hearing claims that it’s not secure enough to be exposed on the Internet, but I can’t seem to find anything about unauthenticated vulnerabilities. It’s got a fair amount of CVEs but they all seem to affect when you’re an already authenticated user, mainly to XSS an admin as a regular user or the likes.

It’s written in C#, and publicly all you can do is pretty much attempt to log in, this feels like it should be pretty sane compared to some other PHP crap I run.

Do you have any examples of previous exploits or anything else to be concerned about?

deleted by creator

I think it counts. You always have the option of taking your data with you and go elsewhere which is one of the main points of self-hosting, being in control of your data. If they jack up the prices or whatever, you just pack up, you never have to pay or else.

Also hosting an email server at home would be an absolute nightmare, took me 10+ years to get that IP rep and I’m holding on to it as long as I can.

I have a mix of it: private services run at home, public ones run on a bare metal server I rent. I still get the full benefits of having my own NextCloud and all. Ultimately even at home, I’d still be renting an Internet connection, unless you have a local only server.

It’s literally been working just fine for like a decade? Even for NVIDIA users that’s kind of a stretch.

Maybe if you share more details about your issues and your setup we can help fix it.

The Microsoft Surface Duo 2 is the only one I know that does that. Yes Microsoft makes Android devices.

Alternatively, two tablets and a little bit of duct-tape would also achieve a similar result.

Yes, the Android version also lets you exclude apps.

NixOS isn’t a bad option, I’m not sure how much you can trim it down but I’d expect it to be possible to express in Nix to install to a target that’s different from the host. Maybe not NixOS but Nix itself as a package/config manager. I’m sure at minimum it makes for a great development environment for building a buildroot.

It’s hard to give concrete advice without knowing the specs or the software you want to run on this, but for tiny Linux systems there’s Buildroot so you can compile just the bare minimum you need and not use a distro at all (unless you could Buildroot as a distro). This is what OpenWRT uses to build all the router firmwares among other things.

For something that would go in a car that seems pretty ideal to me. Skip initializing things you won’t use, make something that boots to GUI in 3 seconds. When you want to update the software you flash it as a new firmware image, no on-device installing or anything.

Depending on what you run, ideally you’d skip Xorg/Wayland and use the framebuffer directly. But if you need to run a more standard environment, that’s what things like Cage are designed for. Single app, always full screen. It’s called a kiosk environment.

Is it directly exposed over the Internet? If you only port forward the VPN on your router, I wouldn’t worry about it unless you’re worried about someone else already on your LAN.

And even then, it’s really more like an extra layer of security against accidentally running something exposed publicly that you didn’t intend to, or maybe you want some services to only be accessible via a particular private interface. You don’t need a firewall if you have nothing to filter in the first place.

A machine without a firewall that doesn’t have any open port behave practically the same from a security standpoint: nothing’s gonna happen. The only difference is the port showing as closed vs filtered in nmap, and the server refusing to send any response not even a rejection, but that’s it.

Proton is Wine but tweaked for the sole purpose of running games, so it packs a bunch of extra stuff needed to make games run well together.

Usually there’s also a long list of per-game tweaks and changes to make sure it runs, it’s all preconfigured so you press play in your launcher and it works. Not need to change settings whenever you want to play a game.

You can still use regular Wine but you’ll have to set up a bunch of stuff yourself, and eventually you run into a game that needs a different version of something that breaks another game, you get into prefix management and it’s a mess. Or oh this game runs better when we pretend to be Windows 7 but this one works best with Windows 10. Proton just does it all for you, every game gets its own space with all the correct settings from the get go, and you just launch into the game and play.

Honestly a VPN that doesn’t support Linux at least through manual connection settings, run away. All reputable and even the sketchier VPN providers support Linux, because that’s what the privacy crowd uses, not supporting it implies those aren’t even the target user base at all. It’s a red flag. It’s not a VPN for privacy or getting another country’s Netflix.

I’d trust Norton about as much as my ISP, so unless you use public WiFi somewhat often, it doesn’t add much value, just the downsides of captchas everywhere. They’re probably analyzing the traffic to map out malware campaigns and such, which would make sense but isn’t very private.

The business model of antivirus companies is fear, and they sell the solution to that fear. They have a VPN because people assume VPN means more security, of course they’ll sell you one. At best they block known malware domains and IPs, which is utterly useless on Linux anyway.

If you want a VPN get a real VPN.

Proof of work is what those modern captchas tend to do I believe. Not useful to stop creating accounts and such, but very effective to stop crawlers.

Have the same problem at work, and Cloudflare does jack shit about it. Half that traffic uses user agents that have no chance to even support TLS1.3, I see some IE5, IE6, Opera with their old Presto engine, I’ve even seen Netscape. Complete and utter bullshit. At this point if you’re not on an allow list of known common user agents or logged in, you get a PoW captcha.