Joe

But not Fire tablets (kids profile) or Samsung TV or many others that Plex currently supports.

JellyFin android phone app’s UI is a little weird at times, but does work pretty well for me.

…

What I would adore from any app would be an easy way to upload specific content and metadata via SFTP or to blob storage and accessible with auth (basic, token, or cloud) to more easily share it with friends/family/myself without having to host the whole damn library on the Internet or share my home Internet at inconvenient times.

Client-side encryption would be a great addition to that (eg. password required, that adds a key to the key ring). And of course native support in the JellyFin/other apps for this. It could even be made to work with a JS & WASM player.

Yeah, at that point I wouldn’t worry. If someone has docker access on the server, it’s pretty much game over.

Encryption will typically be CPU bound, while many servers will be I/O bound (eg. File hosting, rather than computing stuff). So it will probably be fine.

Encryption can help with the case that someone gets physical access to the machine or hard disk. If they can login to the running system (or dump RAM, which is possible with VMs & containers), it won’t bring much value.

You will of course need to login and mount the encrypted volume after a restart.

At my work, we want to make sure that secrets are adequately protected at rest, and we follow good hygiene practices like regularly rotating credentials, time limited certificates, etc. We tend to trust AWS KMS to encrypt our data, except for a few special use cases.

Do you have a particular risk that you are worried about?

Normally you wouldn’t need a secrets store on the same server as you need the secrets, as they are often stored unencrypted by the service/app that needs it. An encrypted disk might be better in that case.

That said, Vault has some useful features like issuing temporary credentials (eg. for access to AWS, DBs, servers) or certificate management. If you have these use-cases, it could be useful, even on the same server.

At my work, we tend to store deployment-time secrets either in protected Gitlab variables or in Vault. Sometimes we use AWS KMS to encrypt values in config files, which we checkin to git repositories.

One can only try, for the alternative is the hole. It’s all about establishing a healthy routine, you see: “It rubs the lotion on its skin or else it gets the hose again.”

I’ll see myself out now. ;-)

That’s why I homeschool “my kids” in a dank cellar, where they also eat, sleep, and shit. I’m saving them from “the world” /s

Seriously - it is a balancing act, and something that every parent should struggle with. You can’t protect them from everything, especially as they get older. Education is key.

China’s aim is independence in strategic sectors, while happily fostering the dependence of other countries upon china.

There are different ways to encourage local development that could also harm western profits, and china is using this opportunity to demonstrate the tools at its disposal.

It’s a warning shot before a full blown trade war, and it’s highly questionable whether the US would come out “on top” (less worse off than the other players) if that happens, especially as the US is working hard to alienate its traditional political allies.

Additional SPoFs: Your upstream internet connection, your modem/router, electricity supply, your home (not burning, flooded, collapsed, etc.). And you.

It truly is a shame that this behaviour is considered acceptable in many games. I still report racist comms, but it’s sometimes hard to manage as (a) it’s near impossible to report 5 people chanting n****r all at once (b) they rarely get banned when you do.

It is incredible to me how little imagination these people have, acting like primary school children who just learned a bad word and now use it all the time.

In the EU, it is primarily russians and americans who engage in this behaviour (as far as I can recognise the accents). A downside of the sanctions is that many games no longer have russian servers.

I would like to see some legislation that “encourages” large multiplayer game server operators to police their online environments properly.

Ha, mia samideano! Tre bon’!

25 or so years ago, I learnt Esperanto (my first second language) by chatting on the Internet. I’d have two windows open - one with the IRC client, and the other with a terminal and a shell script that would grep a txt file with consistent formatting. “esp esperantoVerbPrefix/” or “esp noun,” or “esp affix-” would typically return the correct result in a split second. Thanks to the simple grammar (that I had quickly memorized), I could hold conversations in near real time as a result.

I wish I could have learnt my other languages as easily.

</story time>

Anki ?

Obsidian.md has mobile versions, apparently. Whether there is a free sync feature for the ios version will be a Q.

NFSv3 (udp, stateless) was always as reliable as the network infra under Linux, I found. NFSv4 made things a bit more complicated.

You don’t want any NAT / stateful connection tracking in the network path (anything that could hiccup and forget), and wired connections only for permanent storage mounts, of course.

Locked? Won’t somebody think of the cupcakes?!

How will running a CA limit access? eg. Do you want to do client side cert validation? That sounds like an overcomplication. Also not ideal to run a CA (have signing keys) on the proxy server.

That would be trademark infringement. Patents are much more nefarious.

Lots of ideas are patented, especially by large companies. Some ideas are pursued by the company themselves, while others sit in the patent war chest to (maybe) generate passive income and help with future litigation. Very occasionally they are used for prevention.

Regardless, such a system would be a reason for many people to avoid buying a particular car or brand of car.

Deemix is a good way to build up your local cache from Deezer, at which point you can serve it locally.

It will mess with artist renumeration though (which seems important to you), so you might want to find another way to compensate your favourite artists.

Not to mention the younger generation with no work ethic, unlike in my day… 5am start 6 days a week… builds character… then school… uphill… both ways… respected our elders… bought first house with 22… kids now… no respect… video games… no work ethic… living with parents at 30… avocado on toast… no house… AVOCADO ON TOAST.