quantum computing is revolutionary because it allows instant transmission of information across unlimited space

False and common misconception! In quantum mechanics there is even a theorem called the no-communication theorem that mathematically proves that no information can ever be transmitted by quantum entanglement. Sorry!

Gravity—the curvature of space-time—can’t stop changes in the curvature of spacetime from propagating outward.

This is false. If it were true, you could build a device to communicate from inside a black hole event horizon. By waving around a heavy ball you would create gravitational waves that a sensitive enough LIGO outside the black hole could detect. But this is impossible. You would create gravitational waves, yes, but they would fall towards the center singularity same as you, and will never penetrate and escape the event horizon.

Use wireshark and listen on your ethernet interface. When you use tailscale, are the packets coming in/out from the tailscale server IP or the VPN ip? Check through the ip route routing table and figure out which pathway a packet will take in each use case. Might need to add a route exception specifically for the tailscale server IP to go out on the ethernet device.

PostUp = ip route add 100.64.0.0/10 dev tailscale0

Looks like you need to stick this line in the tailscale service file, since it’s the only time that the existence of the tailscale0 device is guaranteed. If you don’t want to modify the service file inside the package, could you write your own systemd service file and include the tailscale service as a prerequisite?

Also make sure that when you start the VPN first and then tailscale, you don’t get a double tunnel situation where tailscale goes out through the VPN (unless that’s what you wanted).

The exact script would depend on the use case; you’d use commands something like this:

mkdir -p /etc/netns/VPN
sh -c 'echo nameserver 1.1.1.1 > /etc/netns/VPN/resolv.conf'
ip netns add VPN
ip link add tun1 type wireguard
ip link set tun1 netns VPN

Because the wireguard device was created in the default namespace, it will “magically” remember its birthplace, even after you move its mouth (the tun1 device) to a separate namespace. The envelope VPN packets will keep going in/out in the default namespace.

ip netns exec VPN wg setconf tun1 /etc/wireguard/vpn.conf
ip netns exec VPN wg set tun1 private-key /etc/wireguard/vpn-key.private
ip -n VPN addr add 192.my.peer.ip/32 dev tun1

Get the wireguard config file from the VPN website, both mullvad and OVPN have a wizard to generate them. Your assigned private network ip is in the config file. Also get and save your device key.

ip -n VPN link set tun1 mtu 1420
ip -n VPN link set tun1 up
ip -n VPN route add default dev tun1
ip netns exec VPN su myuser -c 'firefox --no-remote'

Now all firefox (and only that firefox) traffic will go through the tunnel. Firefox has its own DNS, if you run another app it will use 1.1.1.1.

I actually do the reverse of this - I create a namespace ETH and move my eth0 device in there and attach dhcpcd to it. Then I create the wireguard tun1 device inside ETH namespace, and move tun1 to the default namespace. Then any software I run can only use the tunnel, because the ethernet device doesn’t even exist there. This keeps the routing table simple and avoids a whole class of issues and potential deanonymization exploits with the split routing table used in traditional single-namespace VPN configurations.

You can set up split tunneling yourself if you run the wireguard/OpenVPN daemon manually and move the “mouth” of the tunnel to a separate Linux network namespace.

OVPN is a 1-to-1 feature clone of mullvad (wireguard, multiple device keys, crypto payments/cash in the mail, no usernames/emails, etc.) AND has port forwarding. Switched to them when mullvad sadly closed their ports, no problems since. Can’t live without port forwarding.

That allows sending packets inside the VPN tunnel, but the outer envelope packets still need to be able to reach the VPN server.

sudo ufw default deny outgoing

I’m guessing this would block the VPN packets themselves as well.

For something like a browser, you don’t even need to “install” at all. You only need to acquire the standalone/portable executable from the browser developer’s official website. For example you get Waterfox from https://www.waterfox.net/download/. If you read the PKGBUILD, even if you can’t see through all the potential malicious tricks you’ll at least find that that’s basically all it claims to do: download a binary from official website and put it somewhere. In this case “installing” means using root permissions to stick it in /usr/bin, so all users on the computer can run it. But since almost all home computers only have a single user, you can skip having to give it (temporary) root access by saving it in your home directory instead. I also run the binary inside its own Firejail so it doesn’t even have access to my personal files. You are always trusting someone, be it the Arch maintainers, the AUR contributors, or the independent browser developers, but this way the least number of parties get the least number of permissions.

windy.com with a VPN in a private browser window. They can’t track you if they don’t know where you are!

Physical players disconnected from the internet can still receive offline firmware updates included on the discs themselves. The moment you insert a new disc, it automatically executes BD+ code that in theory could patch the firmware to blacklist an arbitrary old disc that you own. This has never yet happened with a previously-legal disc, but then again for example Amazon has never deleted purchased copies of the 1984 book from customers’ kindles, until one day when it did.

a standalone drive

Another cool/scary feature of the BluRay spec is offline firmware updates (called BD+). Any disc can contain code that runs automatically and can patch the player firmware or execute arbitrary functions. So if you have an older hacked player and you insert a newer disc into it, the AACS Consortium has the ability to brick it. Or if you “own” an older disc but the Consortium starts to dislike it for some reason (maybe they discovered that the disc was printed by a pirate publisher, or maybe there was a retroactive licensing dispute), they can include code on every newly published disc that blacklists the old disc. Even with a standalone player that you never connect to the internet, the moment you insert any new disc into it, your old “problematic” disc will be unplayable. This has never yet happened with a previously-legal disc AFAIK, but it is possible within the spec. Every player manufacturer must obey the spec and implement the BD+ virtual machine in order to be allowed to read AACS content. And if you hack your player to ignore BD+ code, then the newer disc will not play because its content may be scrambled in a way that only the custom BD+ code included with it can unscramble.

FYI, the magic about:config key that you need to set to false is “keyword.enabled”. After that Firefox will finally stop using any non-url string as a search query and will instead say say “Hmm. That address doesn’t look right. Please check that the URL is correct and try again.”

I am still sad Hitachi was too embarrassed to carry on the legacy of its name and sold off the Magic Wand brand to its subsidiary manufacturer. Hitachi, the brand name was a compliment to you, not a liability! You lost out.

Thank you for your detailed input!

It’s not even a platonic ideal - it’s drawing a supply/demand curve and thinking you understand how prices work in a market economy.

You got me 😁. I love drawing supply-and-demand curves. Seems pretty hopeless then if to even begin to understand how to vote “correctly” you need 5 years of game theory PhD. Hearing someone say “just trust me bro, the optimal strategy is that one” is not good enough. Voting was supposed to be for the masses…

drop everything to just start suing states and protesting for voting rights

I could get onboard with ranked-choice voting. My city used IRV for our latest mayoral primary election, and even though none of my ranked candidates won, I felt extremely satisfied that at least my voice was finally being heard. When a literal police-mayor got elected (winning primary by only 7000 votes), I had the comfort of full knowledge that this was not due to any spoiler effect on my part, but solely simply due to more people voting for him. If we’d campaign for ranked-choice voting in federal elections - presidential primaries and general - we can eliminate all the above hand-wringing. The Democratic party should be totally on board with this since they could finally get the Green protest vote.

So I am proposing that the Democratic party is acting irrationally and suboptimally, but you claim that the Democrats are acting most optimally, and it is the fringe left that is acting irrationally instead by refusing to accept a unfair split against all game theory guidance, causing all of us to eat shit (despite them making up only low single digits). Yet if the Democrats are so rational, how come they keep losing? Shouldn’t they have found an optimal strategy to get around the irrational ultimatum of the left? Yet here we are.

I want people to be able to report bugs without any trouble.

Thank you for being aware! I’ve experienced this on github.com. I’ve tried to submit issues several times to open source projects, complete with proposed code to solve a bug, but github shadowbans my account 6 hours after creating it (because I use a VPN? a third-party email provider? do not provide a phone number? who knows). I can see the issue and pull request when logged in, but they only see a 404 on their project page even if I give them a direct link. I ended up sending them a screenshot of the issue page just to convince them this was even possible. Sad to hear gitlab does it even worse now by making phone mandatory.

the most a third party is going to do is shave off a few percentage points, resulting in the main party losing

If the third party can force the main party to lose, then it holds ultimatum power and game theory rules apply. The main party irrationally keeps rejecting the ultimatum and as a result keeps losing. To execute the threat of the ultimatum even after the unfair split has already been offered is the paradox of game theory. You have to appear credible enough to carry out such a threat, but the only reliable way to appear credible is to actually follow through on such threats every time.

The Democratic party keeps losing and shifting right because it acts irrationally and fails to execute optimal game theory strategy. It could have offered the left a fair split and we could have all had guaranteed single-payer medical care, food, and housing, but instead none of us will have women’s rights, and the immigrants and gays among us will be herded into cages.

more evidence we need Civics back in our schools

Maybe we need more math as well - have you heard of the Ultimatum Game? Sometimes the rational strategy is to reject unfair split offers, even if that makes it a guarantee that you both get nothing.