Coops are still about the money. They’re about saving money by sharing resources with fellow workers/consumers, and maintaining democratic control over the company. You’re not going to get rich from a coop (without embezzlement), but you and your coowners will be cutting out the middle man. Obviously, it only makes sense for industries that you’re heavily invested in.

Self hosting can save a lot of money compared to Google or aws. Also, self hosting doesn’t make you vulnerable to DDOS, you can be DDOSed even without a home server.

You don’t need VLANs to keep your network secure, but you should make sure than any self hosted service isn’t unnecessarily opens up tot he internet, and make sure that all your services are up to date.

What services are you planning to run? I could help suggest a threat model and security policy.

No shit. These machines are as advanced as a nuclear power plant, they’re gonna have a bit more proprietary software and security protocols than you’d think. Not as simple as just pressing “start” with these machines.

I wonder if asianometry will do a video about the software on ASML machines sometime.

Definitely! If your VPN keeps logs, is in a surveillance-friendly jurisdiction, etc, then details of your internet traffic can be revealed by your VPN. I recommend Mullvad, paid with cash, for the most security. It can also help to pick VPN servers outside of the most egregious jurisdictions, like picking EU servers over US or HK servers.

DoH is meant to hide your internet activity from your ISP/cell-provider since DNS is otherwise unencrypted. If you trust your VPN, then you can trust unencrypted DNS.

The first step in security is to answer who you’re defending against. Someone stealing your phone? A cop with a STINGRAY device? All the security decisions you make are based on your initial threat model.

Generally, home internet, wifi, and cellular data are considered safe against passers-by (assuming your wifi password is strong). However, they are also assumed to be eavesdropped on by your ISP and government. Details of your internet traffic can then also be revealed by your ISP to other people during legal action, such as if you’re being investigated for piracy.

There are ways to further protect your internet traffic from being snooped on, even from your ISP and government, by using things like HTTPS, DNS over HTTPS, and of course, VPNs.

It would accelerate the ongoing brain drain in Hong Kong at least, and encourage the stragglers to finally leave for more democratic countries. Banning Google in Hong Kong would be a shitshow for the CCP, but Google doesn’t have any sort of spine or ethics.

The people? Democracy really isn’t that hard.

It’s an algorithm for determining how fast to upload packets. This article just talks about how to enable it.

Here’s the Wikipedia section about it: https://en.wikipedia.org/wiki/TCP_congestion_control#TCP_BBR

The gist is that instead of only throttling upload rate based on packet loss, BBR constantly measures roundtrip delay (ping) to determine how much bandwidth is available.

Stop basing your organization on Discord and hosting all your development work there. Don’t subject yourself to the whims of venture capital and enshittification.

Diversify your online presence, and find a local company that will host a matrix server for you.

Yeah, there’s definitely a learning curve since it’s so different from docker, but there are some good tutorials and everything just makes sense. All the error messages are googlable and everything fits together so well.

Kubernetes has user accounts that you could use to restart containers in an unprivileged way. Create a role and role binding that gives the “delete Pod” permission to a service account. Kind makes it very easy to run Kubernetes without any setup. You’d just need to convert your docker compose files to Deployments, Services, and PersistentVolumes.

If converting to a kubernetes setup is too big of a leap, you could maybe try to write a C program that uses setuid to gain docker privileges in a restricted way.

Probably easiest to just have a cronjob that restarts the container regularly, though.

Your internet/wifi seems really overloaded, average ping rtt should be under 100ms, not 712ms. Your wifi signal might be bad, a computer may be downloading/uploading a lot of data, or there is an issue with your internet line.

Double check your wifi signal and computer traffic, maybe try using a direct wired ethernet connection and disconnecting all other computers. Otherwise, contact your ISP with these ping results and speed results from speedtest.net.

Check for PSI stalling in htop (add PSI meters for cpu, ram, and io in the config menu), to rule out your system being overloaded. Check internet connectivity with ping 1.1.1.1, and see why registry is timing out with curl -v https://registry-1.docker.io/v2/

You can also test your dns servers if you think that they are an issue with

dig registry-1.docker.io @1.1.1.1
dig registry-1.docker.io @194.168.4.100

If the dig command outputs differ from each other, then it is likely that your ISP’s DNS servers are faulty and you should switch nameservers to 1.1.1.1 and 1.0.0.1 like the other commenter said.

docker compose isn’t really scalable. If you need automatic, hgih availability load balancing, you should look into Kubernetes Ingress.

FreeOTP+ is a good TOTP app for mobile, if anybody is looking for a TOTP app. It’s a FOSS fork extending an internal Red Hat app. https://f-droid.org/packages/org.liberty.android.freeotpplus/

nixos unstable had it too: https://github.com/NixOS/nixpkgs/pull/300028

I’m not an economics major, but maybe something like a blind auction every year, and if you owned the domain last year, you also have the option of matching the highest bidder to keep the domain.

The biggest flaw with a system like that is that it would still discourage trying to buy an already owned domain, since you could pay for it, but not actually get it if the owner exercises their matching right. But it would definitely discourage domain squatting since the more other people want your domain, the more you have to pay to keep it.

Yeah, one of the main reasons I switched my gaming computer from Windows 10 to Linux was the fact that there’s so much less setup on Linux whenever you need to reinstall onto a new SSD or motherboard. (Also, that you dont need to reinstall for a new motherboard on Linux)

That, and the looming threat of Windows 11.

I think the key statement there is “has grown up using windows”. Using Linux is no harder than using Windows, and in many scenarios it can even be easier. The smart kids these days are learning Linux first instead of taking a detour through old-school Windows.

Better hardware support will come with more popularity, there are always bugs with any operating system.