i think it should not be too difficult to compete with m$ security, that is at least true for the state of the last 30 years or maybe more.

But something like a non-profit organisation - or a bunch of them- that make self-hosting for essential services (like email, messenger, video calls) a charm could be a big win for billions of peoples.

because the domains tend to be cheaper when they don’t end with “.com”.

did a quick check with a weird domain name to not hit reserved ones etc,.

on one domain hoster .com was the second cheapest, only one other offered was cheaper all others offered were more expensive than .com looking at name.com it showed some bit cheaper ones like .pro or .life but majority seems definitively more expensive than .com also most spam i got (as long as i got spam) was genuinely (spf) from .com domains that days. however i do not really get much spam any more 😁

really i’ve had that problem once (and only once in > 20years of self-hosted emailling), and guess what? competitors are available, problem quickly solved.

i am sure that only affects the data YOU can ever access, but never the data already stored for later abuse ;-)

better do not hate, just make them irrelevant for yourself.

NOT hating is good for health and not depend on abusers is good for you too ;-)

one does not become dependent on tech giants without a critical loss at some day, no matter whats the “reason” for it and they tend to do weird stuff within or without laws…

For others or for a new start and how to avoid such in the future (maybe “migrate” your relatives to secure services “before” you get ripped off):

• get your own domain like somestupidtext.info make sure the toplevel (.info .com .net or whatever) has laws that let you effecticely reclaim your domain if one of the providers block something or fail to do their job. also make sure you do not fall into only-first-year-very-cheap traps for domain prices. maybe check that the toplevel domain is not one regulary found to be used by spammers and thus maybe blocked by some providers.
• use one company only for DNS related things, maybe name.com, but there are plenty others and lots of generic hosting providers also provide dns-only hosting.
• get some provider to host email for your domain or run your own emailserver and set mx records to that mailserver.
• configure and change valueable services to your email addresses under your domain
• make sure you have a local(!) copy of all your emails that automatically updates itself, if you can, at least daily, offlineimap checked in into a git repo could do a good job
• if one provider sucks, change it and leave the rest as is.
• the setup alone already shows the provider, that only gov (of that toplevel domain) can effectively block you, as when the email provider tries to block you, you find a new one and change MX records (and obviously cancel and stop paying the blocking one), if the DNS provider tries to block you, you get a new provider and transfer the domain to it, if that fails a lawyer could help) also the small providers have usually no way to know what you do on another account at another company, only if you put your whole life into the hands of the few known big evil ones, you are that vulnerable to the chaos they produce.

also setting up recovery addresses (if possible) is a good idea, like when one email is unusable for whatever reason, the provider already has a known email address from you to start a recovery process, of course that second email address MUST be out of reach of the provider of the first one, that is, if you have somemailprovider.com address and one at microshits, then microshit buys somemailprovider.com, you have to change everything from that somemailprovider.com to a new one just to stay secure. due to this, your own domain with a connected email service of a random hosting provider comes in handy as you would not have to change all the email adresses but only that random email provider. also if skype/zoom etc does not work for you, there are plenty of other ways to do video talks on the internet. i prefer to be independent for same reasons even though i haven’t been blocked yet, i just saw the signs of possible approaching evil because of the shitflow big evil tech produces all the time just to flush their believers view of what would be possible down the drain and choosed independence ahead of losses. following signs like leaving companies with red flags (like just too big, like already robbed their users, like give a shit on their users security, like give a shit on their bugs and blame users while their own big-tech-company-network is pwned by someone unknown for month and such) a more privacy aligned messenger that supports videocalls would be for example matrix, there are multiple clients to choose from and lots of providers to choose from (also self hosting or becoming a provider is possible while for talking to each other it is NOT necessary to use the same provider, but again self-hosting of course is most-secure) one cannot do things securely without knowing a bit about what it is. to learn more about dns, email, matrix or other topics the internet is full of informations, sometimes wikipedia is very helpful and linux user groups exist for talking about stuff and helping each other. the type of support is different and -as i see it - much more efficient, but different, there is no one to do it for you (or you get into the very same dependency trap again) but you are encouraged to learn what it takes to do so and do it yourself.

example prices from a random dns provider: .de 10€ / year .eu 16€ / year

random mail provider imap email 100GB storage 3 € /month

that is having more control over your email than when using big tech, may cost you more or less 4€ per month (and maybe the learning time to set everything up). for matrix server one might use managed services, looking around i found etke.cc with 5€ as a base minimum when you provide your own VPS for it, but with many other options too. maybe the free hosting announced by element.io where i did not look into yet is an option too. i prefer my own domains and servers, but just using separate hosting companies for dns, email and matrix gives a whole lot more control while still beeing a simple and adjustable setup. while matrix does not lock you in into one instance from the beginning (i can chat/call from/to my own account/server to any other account on other servers while beeing able to try this out using a multi-account-client that connects to all acvounts/servers at the same time) they now have bridges so one can use the same client to chat with others on telegram or whatsapp (and others) too, so this is rather the opposite of vendor lock-in. while a matrix hoster could still block your account in error and if you did not use your own domain for your matrix account at the hoster, you could connect to your friends again from another account at another hoster as you would still have their matrix adresses stored in your client. however to securely use matrix one should read about its security mechanisms and what backup keys are and why one should validate new connections.

if you had the loss, at least take advantage of the message/lesson: big tech is too powerful and thus insecure. maybe do three steps in parallel: choose and migrate to smaller providers, more providers each for different things, if one f**ks up, everything else stays in place, thus less stressful on problems. second step in parallel: get yourself into DIY your digital life. every little step into independence is a step more powerful while removing the very same power from big tech to attack the stability of your digital life. third step in parallel: share your problem including the possible solutions, which you choosed and how it went to those you think might take advantage of that information ;-)

that could come in veery handy once microsoft wants to pull some plugs. i guess we can be grateful for the backup that is 1. not 100% in m$ hands any more then and 2nd cannot be as easy destroyed as some backups at archive.org. i actually hoped for someone with enough money to create this type of security after m$ assimilated github and thought like “does nobody see the rising danger there?” but even if china’s great fork might be more reliable than m$ over time, maybe it’s better to have your own backups of all the things you actually may need in future.

btw did microsoft manage to get rid of the hackers that settled into their network for … how long??

i guess they’ll tell

its amazing how good services can be if some just skip the corporation-obligatory adding of enshittification. i remember an article about a downloadable (but not very legal) DVD with an installer for a (worthless but very popular) OS that included heaps of expensive industry software and the installer was point-klick what you want and then all is done in background and fully usable once done. reading that article it seemed to be a better installer than ever produced by any company for any product.

however as that payed streaming service seemingly leaves huge amount of bank records and ran for such a long time, i guess it would have been easy to stop their customers from paying them. it rather might seem that the real intentions of content corporations might not truely be what they officially claim. maybe we learn in 25 years that the content corporations really were behind such services, maybe like “better get money from ALL markets!” or such.

• The good’ol cursing seemed to work without radio or someone actually listening
• it seems boeing was already cursed with parasites in high positions. not sure if additional cursing could actually increase a long painful death curse by anything other than its duration.
• The “pick them up” they’ld rather want, does not work through radio yet, rescue missions for biological personnel sadly still need to be made of/by solids.
• unfortunately radio is a bit flawed during the plasma phase of reentry, while i think the plasma phase ‘is’ the reentry, before is only getting closer, after its basically flying or gliding/falling down, maybe parachuting. the plasma is a bit of a barrier for radio signals they said long ago. however i was quite surprised to see a new "documentation’ lately about the columbia shuttle during reentry where i was sure the original documentation said that they were in the no-radio phase due to plasma while the new ‘documentation’ said they could communicate through radio even seconds before the destruction of the shuttle, the new documentation even showed they had sensor metrics about first sensors to measure high temp while afaik those sensors were initially later installed only “because” of the aftermath for this very nasa failure … so could be that also the informations we got from tha liers about the plasma phase is also a bit “flawed”.
• last, i’ld guess that they don’t have equipment for amateur radio frequencies on board, all involved are picky about overall rather “deadly” leaking of informations important for the public.

so to answer your question: my guess is no one will.

great, thanks. i’ll try it out as i have some spare resources on my server.

🤔 maybe there is a lack of distributed fediversed search engine instances where:

1. everyone can host a search engine for their very own pages
2. everyone can crawl other pages and provide (maybe with permissions) the crawled data to other search engines (as compressed snapshots, api …) or provide a search engine by themselves for all.
3. such search engines can be ranked or marked with “has anti features xyz” and put into followable ‘collections’ per topics.
4. possibility to add 3rd party rankings and filters, so that one can use only a subset of a search engine list that was pieced together by someone you know or trust, reduced by rankings or filters published by another one you somehow trust to limit the items in the first list.

then: “for software development i use linuz personal ‘devel’ collection, this way i don’t have to manually click through big G’s gigabytes of SpaMalAds they always only frustrate you with and i am not distracted with dyo stuff when searching for server administration things like ‘puppet stages howto’. for my home projects i use my friends ‘home of DYO’ collection, i get more results than i need but get new ideas as well without seeing work stuff when looking up how to build a puppet stage for my little one. 👨‍👧 for kids its awesome, our school provides a collection including specialized search instances that fit learning, while that collection is also peer reviewed by a company that spezialized to ensure it does to not contain search engine instances that also index any unfitting content pages.”

oh btw: no i do not have any info about duckduckgo status unfortunately, i stepped over it by myself today 🤷‍♀️

after looking at the ticket myself i think the relevant things IMHO are:

• a person filed a bug report due to not seeing what changes in the new version caused a different behaviour
• that person seemed pushy, first telling the dev where patches should be sent to (is this normal? i guess not, better let the dev decide where patches go or -in this case- if patches are needed at all), then coming up with ceo style wordings (highly visible, customer experience of untested but nevertheless released to live product is bad due to this (implicitly “your”) bug)
• pushiness is counterparted by “please help”
• free-of-charge consulting was given by the one pointing to changes likely beeing visible in changelog (i did not look though) but nevertheless it was pointed out to the parameter which assumes RTFM (if docs were indeed updated) that a default value had changed and its behavior could be adjusted by using that given parameter.

up to there that person -belonging to M$ or not (don’t know and don’t care) - behaved IMHO rather correctly, submitting a bug report for something that looked like it, beeing a bit pushy, wanting priority, trying to command, but still formally at least “asking” for help. but at that point the “bug” seemed to have been resolved to me, it looks like the person was either not reading the manual and changelog, or maybe manual or changelog lacks that information, but that was not stated later so i guess that person just did not read neither changelog nor manual.

instead - so it seems to me - that person demanded immediate and free-of-charge consulting of how exactly the switch should be used to work in that specific use case which would imply the dev looks into the example files, maybe try and error for himself just so that that person does not need to neither invest the time to learn use the software the company depends on, nor hire a consultant to do the work.

i think (intentional or not) abusing a bug tracker for demanding free-of-charge enduser consulting by a dev is a bad idea unless one wants(!) to actively waste the precious time of the dev (that high priority ticket for the highly visible already live released product relies on) or has even worse intentions like:

• uploading example files with exploits in them, pointing to the exact versions that include the RCE vulnerability that sample file would abuse and the “bug” was just reported cause it fits the version needed for exploitation and pressure was made by naming big companies to maybe make the dev run a vulnerable version on it on his workstation before someone finds out, so that an upstream attack could take place directly on the devs workstation. but thats just creating a fictive worst case scenario.

to me this clearly looks like a “different culture” problem. in companies where all are paid from basically the same employer, abusing an internal bug tracker for quick internal consulting would probably be seen as just normal and best practice because the dev who knows and is actually working on the code is likely to have the solution right at hand without thinking much while the other person, who is in charge of quick fixing an untested but already live to customers released product, does not have sufficient knowledge of how the thing works and neither is given the time to learn or at least read changelogs and manual nor the time to learn the basics of general upstream software culture.

in companies the https://en.m.wikipedia.org/wiki/Peter_principle could be a problem that imho likely leads to such situations, but this is a guess as i know nobody working there and i am not convinced that that person is in fact working for the named company, instead in that ticket shows up a name that i would assume to be a reason to not rely too much about names in the tickes system always be realnames.

the behaviour that causes the bad postings here in this lemmy thread is to me likely “just” a culture problem and that person would be advised well if told to learn to know the open source culture, netiquette etc and learn to behave differently depending on to who, where and how they communicate with, what to expect and how to interact productively to the benefit of their upstream too, which is the “real price” all so often in open source. it could be that in the company that rolled out the untested product it is seen to be best practice to immediately grab the dev who knows a software and let him help you with whatever you can’t on your own (for whatever reason) whenever you manage to encounter one =]

i assume the pushyness could likely come from their hierarchy. it is not uncommon that so called leaders just create pressure to below because they maybe have no clue of the thing and not want to gain that clue, but that i cannot know, its just a picture in my head. but in a company that seems to put pressure on releasing an untested product to customers i guess i am not too wrong with the direction of that assumption. what the company maybe should learn is that releasing untested and/or unfinished products to live is a bad habit. but i also assume that if they wanted to learn that, they maybe would have started to learn it like roundabout 2 decades ago. again, i do not know for what company that person works -or worked- for, could be just a subcontractor of the named one too. and also could be that the pushyness (telling its for m$, that its live, has impact to customers etc) was really decided by someone up the latter who would have literally no experience at all on how to handle upstream in such situations. hierarchies can be very dysfunctional sometimes and in companies saying “impact to customers” sometimes is likely the same as saying “boss says asap”.

what i would suggest their customers (those who were given a beta version as production ready) should learn is that when someone (maybe) continously delivers differently than advertised, that after some few times of experiencing this, the customer would be insane when assuming that that bad behaviour would vanish by pure hope + throwing money into hands where money maybe already didn’t help improving their habits for assumingly decades. And when feeding everhungry with money does not resolve the problems, that maybe looking towards those who do have a non-money-dependant grown-up culture could actually provide more really usable products. Evaluation of new solutions (which one would really be best for a specific usecase i.e.) or testing new versions before really rolling them out to live might be costly especially when done throughout, but can provide a lot of really high valueable stability otherwise unreachable by those who only throw money at shareholders of brands and maybe rely on pure hope for all of the rest. Especially when that brand maybe even officially anounced to remove their testing department ;+) what should a sane and educated customer expect then ? but again to note, i do not know which companies really are involved and how exactly. from the ticket i do not see which company that person directly works for, nor if the claim that m$ is involved is a fact or just a false claim in hope for quicker help (companies already too desperate to test products before live could be desperate again in need for even more help when their bad habits piled up too long and begin falling on their heads)

the xz vulnerability was done through a superflous dependency to systemd, xz was only the library that was abused to use systemd’s superflous dependency hell. sshd does not use xz, but systemd does depend on it. sshd does not need systemd, but it was attacked through its library dependency.

we should remove any pointless dependencies that can be found on a system to prevent such attacks in future by reducing dependency based attack vectors to a minimum.

also we should increase the overall level of privilege separation where systemd is a good bad example, just look at the init binary and its capability zoo.

The company who hired “the” systemd developer should IMHO start to really fix these issues !

so please hold your “$they have fixed it” back until the the root cause that made the xz dependency level attack possible in the first place has been really fixed =)

Of course pointing it out was good, but now the root cause should be fixed, not just a random symptom that happened to be the first visible atrack that used this attack vector introduced by systemd.

usually at first you can do such, and later on, when a ceo wants more money, you then can buy that together with the new “pro” features actually nobody needs nor wants.

maybe better look for more stable solutions before they start acting like a broadcom ;-)

there was a study saying that there is not “the” best way of learning, but it is best to combine multiple ways, like with an app, by book, listening to audio only (i listened to radio stations via internet and got some exercise for free), a bit of talking, visiting a country that only speaks that language and so on. trying everything a bit in parallel.

that is because of our brain learns better when given more different types of “connections” to learn.

i started with duolingo (website only, not the app and only the free parts) 4 years ago and now i speak quite fluently. but i also partly read a book about grammatics, visited a spanish speaking country (more than once), viewed movies with only subtitle in my language and did lots of phone calls in spanish only.

my advice is:

look at free apps, whatever pleases you, take chances, listen to the sound (movies, radio), try to speak, and read easy books or go through exercise books.

duolingo is good to keep on going while not really motivated as the shortest thing that counts are really only minutes and one can choose to do something that is already easy. this way at least continuation is kept even if pace is down for a while. and it is much easier to go on with pace when not having really stopped.

i am happy to have a raspberry pi setup connected to a VLAN switch, internet is behind a modem (like bridged mode) connected with ethernet to one switchport while the raspi routes everything through one tagged physical GB switchport. the setup works fine with two raspi’s and failover without tcp disconnections during an actual failover, only few seconds delay when that happens, so basically voip calls recover after seconds, streaming is not affected, while in a game a second off might be too much already, however as such hardware failures happen rarely, i am running only one of them anyway.

for firewall i am using shorewall, while for some special routing i also use unbound dns resolver (one can easily configure static results for any record) and haproxy with sni inspection for specific https routing for the rather specialized setup i have.

my wifi is done by an openwrt but i only use it for having separate wifis bridged to their own vlans.

thus this setup allows for multi-zone networks at home like a wifi for visitors with daily changing passwords and another fror chromecast or home automation, each with their own rules, hardware redundancy, special tweaking, everything that runs on gnu/linux is possible including pihole, wireguard, ddns solutions, traffic statistics, traffic shaping/QOS, traffic dumps or even SSL interception if you really want to import your own CA into your phone and see what data your phones apps (those that don’t use certificate pinning) are transfering when calling home, and much more.

however regarding ddns it sometimes feels more safe and reliable to have a somehow reserved IP that would not change. some providers offer rather cheap tunnels for this purpose. i once had a free (ipv6) tunnel at hurricane electronic (besides another one for IPv4) but now i use VMs in data centers.

i do not see any ready product to be that flexible. however to me the best ready router system seems to be openwrt, you are not bound to a hardware vendor, get security updates longer than with any commercial product, can 1:1 copy your config to a new device even if the hardware changes and has the possibility to add packages with special features to it.

“openwrt” is IMHO the most flexible ready solution for longtime use. same as “pfsense” is also very worth looking at and has some similarities to openwrt while beeing different.

went through lots of plane accidents to find the one i think to remember, but had to stop as i do not want to increase fear of flying. however i stumbled about this one, Airbus A320 Air France flight 296 on 26th of June, 1988 which was sort of related as some “security” mechs seemed to have prevented crash prevention there and fired discussions. but this one was earlier and it was not boeing (and it looks like no one tried to cover things). however since it was during an airshow, not a commercial flight, i now figured out that the one i remember could have been a testflight, cargo flight or something else like a flight show as well… not sure if i “can” find it, the little i remember.

calm down and see it as a joke. *ggg

would make a nice tshirt =)

woman would take care for a literal horse instead of going to therapy. i don’t see anything wrong there either.

just a horse is way more expensive, cannot be put aside for a week on vacations (could a notebook be put aside?) and one cannot make backups of horses or carry them with you when visiting friends. Horses are way more cute, though.

deleted by creator