Arghblarg

I don’t know how far we should/need to go … but all I do know is that the current state of mergers, consolidations and cartels in a lot of industries is, well ‘too much’. I don’t pretend to know what the proper balance is but it certainly ain’t what we have today.

Take the recent news of RAM price explosions and Micron just stopping sales to retail for their RAM products. RAM is such a critical item in today’s world there almost should be some guarantee enforced by governments that it remains affordable for people; we can’t live in modern society without affordable computing devices.

Yay, more consolidation! /s

Good. The more projects that move off of github, the better. It’s a dangerous dependency-sinkhole at this point, and has been for some time. De-centralize!

Well that could be considered the point where we lost our innocence, yeah. :(

Good point. On that note I am very happy having moved my home server from Apache to Caddy. The auto cert config is very nice.

More the latter :) … if only we could all just get along and be nicer to each other. Sigh.

Oh, definitely rose-coloured, but I am thinking even before those days… like when access to Usenet was restricted to colleges and universities, dial-up BBSes … and I didn’t use Windows or MacOS at all back then. ActiveX and js didn’t even exist back then. Boot-sector floppy viruses did, but those were easy to guard against.

Oh, I’m really just pining for the days before the ‘Eternal September’, I suppose. We can’t go back, I know. :/

This seems like a good idea.

So what’s the floor here realistically, are they going to lower it to 30 days, then 14, then 2, then 1? Will we need to log in every morning and expect to refresh every damn site cert we connect to soon?

It is ignoring the elephant in the room – the central root CA system. What if that is ever compromised?

Certificate pinning was a good idea IMO, giving end-users control over trust without these top-down mandated cert update schedules. Don’t get me wrong, LetsEncrypt has done and is doing a great service within the current infrastructure we have, but …

I kind of wish we could just partition the entire internet into the current “commercial public internet” and a new (old, redux) “hobbyist private internet” where we didn’t have to assume every single god-damned connection was a hostile entity. I miss the comraderie, the shared vibe, the trust. Yeah I’m old.

I have a script that watches apache or caddy logs for poison link hits and a set of bot user agents, adding IPs to an ipset blacklist, blocking with iptables. I should polish it up for others to try. My list of unique IPs is well over 10k in just a few days.

git repos seem to be real bait for these damn AI scrapers.

At some point we’ll just have to tunnel IP over DNS, and then they can’t block traffic without destroying the entire internet. Not that it’ll dissuade them.

Yeah, hard pass. Don’t let an OS which has a walled-garden by default for apps get a toe in the door. Android is based in Linux, use that instead.

I took the jump and installed GrapheneOS on my Pixel 9 this weekend. Easiest alternate OS load I’ve ever done, didn’t even need to see a command line. (I’ve put LineageOS on many a phone and GrapheneOS’s web-based installer is amazing).

Loving it so far. I have three profiles, the main ‘Owner’ with NO google services/app store at all; and two more ‘Personal’ and ‘Work’ profiles that have Google stuff that I alone chose to install.

Amazingly GrapheneOS even lets you deny Google App Store itself permissions to install from untrusted sources (in this case, Google App Store itself) – I was suprised to see installing just App Store triggered attempts to then load: My Pixel, Google Photos, Fitbit(!!? WTF), and a few others, without any confirmation first. Was able to shut that shit down immediately. (I had never, ever installed Fitbit on my previous phones, so there’s no excuse to install it “from my previous device” or whatever…)

I hope GrapheneOS spreads to other phone models. And I’m sure Google has a team planning on how to strangle it before it does…