courts of law.

There are always courts of law! Just somtimes it’s the king in his court making up the law…

kbin obviously!

Minimum open services is indeed best practice but be careful about making statements that the attack surface is relegated to open inbound ports.

Even Enterprise gear gets hit every now and then with a vulnerability that’s able to bypass closed port blocking from the outside. Cisco had some nasty ones where you could DDOS a firewall to the point the rules engine would let things through. It’s rare but things like that do happen.

You can also have vulnerabilities with clients/services inside your network. Somebody gets someone in your family to click on something or someone slips a mickey inside one of your container updates, all of a sudden you have a rat on the inside. Hell even baby monitors are a liability these days.

I wish all the home hardware was better at zero trust. Keeping crap in isolation networks and setting up firewalls between your garden and your clients can either be prudent or overkill depending on your situation. Personally I think it’s best for stuff that touches the web to only be allowed a minimum amount of network access to internal devices. Keep that Plex server isolated from your document store if you can.

Yeah, a company got toasted because one of their admins was running Plex and had tautulli installed and opened to the outside figuring it was read-only and safe.

Zero day bug in tat exposed his Plex token. They then used another vulnerability in Plex to remote code execute. He was self-hosting a GitHub copy of all the company’s code.

Home assistant Web app would be fine.

Yeah that totally gave Goonies vs Star Trek prodigy vibes.

I keep a root folder. On Windows it’s in c:\something on Linux it’s in /something

Under there I’ve got projects organized by language. This helps me organize nix shells and venvs.

Syncthing keeps the code bases and synced between multiple computers

I don’t separate work from home because they don’t live in the same realm.

Only home stuff in the syncthing.

Running Ubuntu on my 2015 air I struggle to get 2 hours out of it. I was able to get TLP to bring it close to 4, But it was at the cost of being borderline unusable.

It’s crazy as hell watching that form factor reduce. The early bipeds looked like first generation NASA moon landing suits. That thing looks small enough to fit in clothing you could buy at a local department store.

And while I think the 360 pivoting hips are an interesting touch I really wish they would constrain themselves to human anatomical moves.

That’s not simping, The vast majority of that’s paid marketing.

Great, now we’re not going to catch the next zero day compression vulnerability. :)

I used enlightenment for something like a decade. When Gnome hit the big time I used Gnome because it looked Nice and was very flexible. I went back to Mac and Windows Land for a bit, when I came back I went Gnome again. I just screw around for a day looking and picking plugins and fighting with it to get it exactly how I wanted it. After fighting with one of the older plugins that mustn’t doing what I wanted to do I saw somebody mentioned using KDE. I tried KDE and sure enough every single thing I was plugging the hell out of Gnome for was a default setting in KDE. I’m currently running Plasma. I must say that Cinnamon’s not bad either.

The crypto is decent, it’s electron so it’s source available. If you want to ignore their hosting solution, you can disable the syncing and just take the vault from its config directory and sync it yourself

The real downsides are that it’s not actual open source, so if they decided to screw around with the security or turn the crypto off somebody can’t just fork it.

Realistically with that screen size you could put anything in that thing. How do you get the impression that it might be a little smaller than it looks though.

Especially when they’re already coming from places where there’s classism based bigotry and violence.

I’d vote for anytype or obsidian

Anytype has a learning curve, But it has built-in encryption and IPFS syncing provided by the company. The templating system is really slick and the relational aspect is pretty solid.

Obsidian + syncthing fork is a really solid contender. It’s much easier to work with out of the box but the features are a little more generic.

Neither of these are really self-hosted, so much as they are contained in their own ecosystem. You get some measure of higher availability that you have to really work for if you’re really self-hosting a product.

I you’re going to hack one, this one is much cooler

https://www.ebay.com/itm/186640570101

there’s a teardown here:

https://hackaday.com/2020/04/27/teardown-vtech-whiz-kid-luggable-computer/

Each distro picks the things it likes the things it doesn’t like and it combines what it wants into a working operating system. Maybe they make some of their own custom stuff, maybe they just borrow other people’s stuff.

Debian, up until the last couple of revisions, was very big on choosing* only free things. If you wanted to use any non-free products you had to jump through small hoops. So Ubuntu took Debians core, and rewired it to properly support free things making installation and maintenance on newer hardware much easier. Because it was so much easier, they got a huge support community, and became the default for a lot of people just starting out. But then the guys that run Ubuntu also made other decisions, like trying to monetize some of the aspects or pushing for the use of different package managers that people don’t love. Mint came along and kind of filled the gap in between Ubuntu’s up sides and downsides and became the easy default for a lot of people. In the midst of all that turmoil, Debian slipped in their own version of making non-free software seamless. A lot of the support thrown into Ubuntu and Mint also helps Debian.

Red hat, fedora, and centos have the same kind of story going on, But it’s much less exciting and more about support and payments.

The next thing you hear about* is immutable operating systems. Like Fedora Silver Blue or NixOS*. They’re extremely secure, because you’re not allowed to make changes to the operating system blindly while it’s running, But it complicates just about everything you do in the name of security.

The other things you mentioned were window managers. (Gnome, KDE…) They’re basically affecting the look and feel of the GUI for the operating system. It’s your right click and your start menu and your window shades at the top and how windows are moved and snapped and organized. KDE looks and works by default a lot more like Windows, Gnome has a rather flexible plug-in system in tons of plugins available. Most of the other window managers are designed for low memory usage.

Another thing you’ll run into is X-Windows and Wayland. They mainly deal with backend internals of how the gui does its work. X Windows is ancient and compatible with just about anything that was ever made, Wayland is a bit flashier a little more efficient, and a little more secure, But at the same time it has a lot of compatibility issues with new hardware. Like if you’re going to run auto hotkey you’re going to have a harder time getting it to run under Wayland.

If you’re running on an x86/64 PC you can choose whatever you want, with the lion’s share of tech support being available for Debian variants (Debian, Ubuntu, Mint)

If you’re running on Mac, some distros are better supported.

If you’re running on a Raspberry pi you’re usually best going with one of the ones they recommend.

When someone says that an application is tested to work with a certain distribution, if most likely can work or be coerced to work with most of the other distributions, But the developer designed it under and tests it under whatever distribution they recommended regularly. So don’t be surprised if you choose something else and you have to fight with it a bit to get it to work or in rare cases it doesn’t work at all.

• edit: wording, typos and clarifications now that I’m not on mobile.

$500 might be a stretch, It weren’t for the horrible keyboard, and horrible screen, it might be worth putting a raspberry pi into as a sleeper project.

Yes I realize it’s a joke.

I use Jellyfin for all my video but I use Plex for my audio. Plex app is just so much better than finamp.