HackerTrans
TopNewTrendsCommentsPastAskShowJobs

exiguus

1,087 karmajoined ปีที่แล้ว

Submissions

Google-Free Phone Is IP68-Rated and Has a Replaceable Battery

yankodesign.com
2 points·by exiguus·2 เดือนที่ผ่านมา·0 comments

Donating to Open Source

entropicthoughts.com
2 points·by exiguus·2 เดือนที่ผ่านมา·0 comments

comments

exiguus
·เมื่อวาน·discuss
That's true. It's like care work; e.g. taking meeting notes. But instead of stopping it, make them visible.
exiguus
·เมื่อวาน·discuss
I had a similar experience with macOS a few years ago. After using GNOME for over 15 years, I had to switch to a Mac for work for about two years; and I never fully adapted. Windows, on the other hand, I've never been able to take seriously; every time I use it, the interface feels completely different.

The same goes for tools like Word, Excel, and PowerPoint. I prefer Markdown for creating presentations and documents, and I even use Vim keybindings in VSCode and JetBrains IDEs (because I am lazy and you can use them nearly everywhere). My "TV/Steam" runs a tiling window manager (Sway) and is controlled by a keyboard instead of a remote (and you guest it, you can use Vim keybindings with sway). At one point, I used the right-hand for mouse at work and the left-hand at home. And, of course, there is the classic switch from a native-language keyboard to an English one for programming. What I'm trying to say is, you can adapt if you're motivated. And sometimes you don't.

I'm also a huge friend of trackpoints instead of touchpads. And I avoid to use the mouse and keyboard at the same time. Usually, mouse while planning, reviewing and presenting and keyboard when creating. And I learn keybindings for software that I use daily because of that.

Less GUI, means more Content / Information on the screen. And sometimes you benefit from that.

My takeaway? Do whatever makes you happy. Rewiring your brain from time to time keeps it flexible and sharp; like learning a new language or playing a musical instrument. It's a workout for your mind.

And Productivity isn't just about speed; it's also about quality. Sometimes, slowing down (by using a mouse) to focus on the craft of your work leads to better results than rushing to get things done as quickly as possible.
exiguus
·4 วันที่ผ่านมา·discuss
You can record tracks or add places right in the app.
exiguus
·4 วันที่ผ่านมา·discuss
CoMaps is my daily. From time to time I also use it's share my location, add place or record track functionality.
exiguus
·7 วันที่ผ่านมา·discuss
I ran my own YaCY instances. Three of them to be specific, because they are "super fast" and "reboot" often. I crawl with them the smallweb, smallcomic and smallyt sites and also all feeds from my miniflux instance; getting them via the miniflux api. Beside that i have other static entries that i crawl. For wikibooks and wikipedia i tried and use also YaCY, but it use a lot of resources. So its only in one instance. I suggest >16GB RAM and 300GB+ HDD if you want to do this. To access wikimedia, gutemberg, archwiki or media.ccc.de directly, I use also SearXNG. Usually it takes 1-3 Seconds to get search results from YaCY in my setup. I run them in docker on aarch64 with ~6GB of RAM and 200GB HDD. The VPS it-self has 8GB RAM, 6 arm cores and 250GB HDD. If YaCY hang, i just restart it. This are my pretty good working docker deploy and java settings I use currently:

    environment:
      JAVA_OPTS: >-
        -XX:+UseG1GC
        -XX:MaxGCPauseMillis=200
        -XX:+ParallelRefProcEnabled
        -XX:+UseStringDeduplication
        -XX:InitiatingHeapOccupancyPercent=45
        -XX:G1ReservePercent=15
        -Xms1024m
        -Xmx3072m
        -XX:MaxMetaspaceSize=256m
        -XX:MaxDirectMemorySize=256m
        -XX:+ExitOnOutOfMemoryError
        -XX:G1HeapWastePercent=10
        -XX:G1MixedGCCountTarget=4
    deploy:
      resources:
        limits:
          cpus: "4.2"
          memory: 5.2G
        reservations:
          cpus: "2"
          memory: 2.5G
    healthcheck:
      test: |
        /bin/bash -c '
        if ! timeout 55s wget --spider --no-verbose http://127.0.0.1:8090/yacysearch.html?query=exiguus; then
          exit 1
        fi
        if ! timeout 55s yacy_search_server/bin/checkalive.sh; then
          exit 1
        fi
        exit 0
        '
      interval: 120s
      timeout: 60s
      retries: 3
      start_period: 240s
That's the smallest I got it running mostly stable and self-healing with a index size of +100GB. I also avoid to use crawling by the build in tasks and use the API and cron jobs for weekly feed importing, because I found out, that kind of crawling eats up less resources then the usual. All-Over, to much running crawlers, make retrieving search results slow. For production use, I suggest to min. double the resources. If you do this, it becomes very stable.

Thanks to pointing out kiwix. I'll give it a try.
exiguus
·7 วันที่ผ่านมา·discuss
YaCY has a proxy mode that automatically index your web-serving. In my experience, the index grow in size very fast and reaches ~100GB or more. How does the index size of Hister compare to that?
exiguus
·8 วันที่ผ่านมา·discuss
SearXNG is my daily internet search now +5 years; with YaCY Backends and else as fallback. I also build internal document search or RAG applications with this setup (SearXNG also support json results). However, there are some downer I accept because of privacy: 1. Its slower and the results are not that good then with others. But fast and good enough for most of my queries. 2. From time to time you get blocked on the duckduckgo, brave or whatever search and you must solve some captures. You can prevent this by getting and using API-Keys from them.

The nice thing about using your own backend is, that you can prio it in the results and for example, if I crawl the smallweb and other site important for myself, this sites come up first in the results.
exiguus
·10 วันที่ผ่านมา·discuss
This is a fantastic article! I completely agree with the author's philosophy. Simple automation can reduce maintenance to nearly zero, and it's incredible how much can be achieved with just a few well-crafted scripts.

I use a nearly identical alias for docker pull to keep my containers updated. To ensure everything stays running smoothly, I've built a lightweight watchdog (a mix of bash scripting and Uptime Kuma/Beszel) that monitors my services and containers and restarts them if they crash. This way, I rarely need to intervene manually.

For critical services (DNS, VPN, git, web search, crawler and mail, etc.), I add an extra layer of redundancy by running them on multiple servers across different locations. If one server fails, the others seamlessly take over. I also use DNS round-robin as a simple but effective way to handle load balancing and failover; no HaProxy, K8, expensive IP Takeover (ARP Spoofing) or BGP Anycast and VRRP/CARP, Proxmox or fancy orchestration tools required. If a node goes down, another watchdog script temporarily removes it from DNS, and traffic shifts to the remaining servers. Most often the services are self-healing. The best part? My deployment and monitoring are fully self-scripted (no Terraform, Ansible or BundleWrap). Moving services to a new server is as easy as running some scripts over SSH. Everything sets itself up automatically. Currently I run my services on 2 Pi's, 2 stratum 1 servers (from centerclick), and 8 VPSs that cost me around $40/month. It's a great example of how a little automation and redundancy can go a long way in keeping things cheap and reliable without unnecessary complexity.

I invest around 1-2h/month to maintain and (mainly) adjust my setup. Before I head multiple Proxmox instances and a backup server that cost me around $250/month, I was spending 1-2h/week just to keep everything running. The difference is night and day.

However, I've personally had bad experiences with consumer hardware like the Raspberry Pi and hardware failures. Most of the time, I didn't feel motivated to replace the hardware and set up all the services again (even if I had a backup). As an Unify alternative i can recommand GL-iNET; build modern hardware for OpenWRT with some additions and the hardware has enough power to run Wifi7, AdGuard and Tailscale or ZeroTier. (Before I run Protectli Vaults with a virtual PfSense, Tailscale and AdGuard on Proxmox and extra OpenWRT access points) I can recommand the Protectli Hardware over a Raspberry Pi, especially if you want to run a single server/hardware homelab.

Thanks for the inspiration; it's always refreshing to see others embracing simplicity!
exiguus
·11 วันที่ผ่านมา·discuss
What are the specific factors that make you, in measurable terms, a person affected by this issue? And from your perspective, what makes this issue so significant compared to others?
exiguus
·12 วันที่ผ่านมา·discuss
That's how populism works and people act if they don't understand that manipulation.
exiguus
·12 วันที่ผ่านมา·discuss
It's not just talking about it. It's how and also how much you talk about it.
exiguus
·12 วันที่ผ่านมา·discuss
In my understanding its far-right or right-wing and definitely a populist party. See also the Ideology Section from the link you added.
exiguus
·12 วันที่ผ่านมา·discuss
How do you use DNSCrypt on Android or iOS?

On my notebooks, I run two Docker instances of AdGuards dnsproxy, using my own DNSCrypt resolvers as upstream servers. This setup provides anonymity from the resolver and protects against man-in-the-middle attacks, since DNSCrypt authenticates DNS responses. However, root DNS queries from the upstream remain unencrypted. Additionally, not all nameservers support DNSSEC, so a fallback is often needed. Which can still leave the upstream vulnerable to man-in-the-middle attacks. Of course, DNSCrypt is more secure (authentication, no bootstrapping), faster and anonym (against the resolver). But i think it is still not useable for "normal" people. And as a provider, the setup is more complex then DoH, DoT or DoQ, because of cert rotation and the DNS entries.
exiguus
·13 วันที่ผ่านมา·discuss
Do you mean when communicating directly with a root DNS server over unencrypted UDP or TCP? You're right. There's currently no universal way to encrypt direct queries to root DNS servers. To work around this, the best approach is to host your own public DNS server outside your untrusted ISPs network and connect to it securely using DoH, DoQ, or DoT. Alternatively, you can rely on a trusted third-party public DNS provider that supports encrypted connections. In the end, there's no perfect solution. You have to choose who to trust. Personally, I trust my ISP more than external DNS providers. For anonymity you could route your DNS root queries throe tor or a VPN for the cost of performance.

I also used third-party public resolvers before. Mainly FFM (its not on the list) but non-profit, EU and encrypted. If you boil down the list (from the website) to this categories, you have 4 providers. You can trust, in my opinion. But the problem with all this provider is, that you ran quick into rate limits or some query type restrictions. Especially if you run your own mail server or other DNS expensive task.

Fun fact about hosting your own DNS infrastructure and offering it to friends and family: They might actually trust other providers more than they trust you. Even if they know and trust you personally. Because they know you can theoretically read their queries, it’s more convenient for them to have a stranger do it instead.
exiguus
·13 วันที่ผ่านมา·discuss
To be honest, there’s no way to prevent others from using my DNS server without putting it behind a VPN or in any other non-public network. Also you can do port-knocking or something, but that's not rely authentication. However, I'm not aware of any authentication mechanisms in DNS. That would also cause performance to plummet. If you use a VPN or something, in turn, would mean you'd have to rely on someone else's DNS infrastructure. So I don't have any of this and its public.

The good thing about dnsdist is that it acts as a sort of load balancer for DNS queries and offers features such as dynamic blocking (including via eBpf) at the IP level and rules and rate limits for query types you can combine. Therefore, there are no limits (or very open limits) for all query types from whitelisted IPs, and stricter rules for all others. IPset and GeoIP banning of known malicious IPs and regions (using block-lists) also keeps the footprint of "unwanted" use very, very small.
exiguus
·14 วันที่ผ่านมา·discuss
I use my own public powerdns dnsdist and recurser/authoritave instances for DoH, DoT, DoQ, TCP and UDP now for ~3 years. Setup took some time, because i used bind, unbound and dnsmasq before. It's super stable and i can also use it on my mobile or legacy devices and as resolver in unbound, adguard/dnsproxy or just in my local resolve.conf.
exiguus
·14 วันที่ผ่านมา·discuss
Most important and super privacy/security related topic: DNS. Instead of choosing a public one. Host your own infrastructure. You don't need public instances. Just run ADGUARD or unbound/dnsmasq/dnsdist in recursive mode on your router or machine. And you can set limits and block-lists to your needs.
exiguus
·14 วันที่ผ่านมา·discuss
I enjoy collecting old ThinkPads and other Notebooks, and I wanted to clarify a few points about 32-bit vs. 64-bit support.

The last true 32-bit processors were the AMD Athlon XP and Intel Pentium 4 (early Core Duo models also had 32-bit variants). ThinkPad series like the T6x, T4x, R5x, and X3x/X4x are limited to 32-bit. Meanwhile, models like the X2xx and newer generally support 64-bit and run modern distros like Debian or Fedora smoothly, often this models have at least 2GB of RAM and 64GB+ storage.

The article's title feels a bit misleading to me. It's more about limited resources (RAM/storage) than truly "old" hardware. In my view, the defining factor for "old" should be 32-bit processor support, which is far more restrictive than storage or RAM constraints. Usually the 32-bit systems are better typewriter. They don't have enough power the browse smoothly the modern web.

For 32-bit systems, I usually go with Q4OS (great for old hardware compatibility) or Puppy Linux (unlimited 32-bit support). For 64-bit, it's Fedora (Sway) or Debian (GNOME). I choose these distros because I want to get the manual installation and setup done in under an hour. Worth noting: many distros still support 32-bit, but some (like Debian) are phasing it out by 2028.
exiguus
·29 วันที่ผ่านมา·discuss
That reminds me of that time when Reddit doxxed the alleged Marathon Bomber, ruined his life, and then it turned out it wasn't him. Aside from all the nicknames, I don't see any evidence. But the article shows how to doxx responsibly.
exiguus
·เดือนที่แล้ว·discuss
I think the hole root-comment is a joke (if you think about it as training data), because its actually the bias thingy (mensplaining, opportunity vs. knowledge and hn is a very privileged place).