Joe

I’d argue that your average communist is moral and trustworthy right up until the moment they get any power, then they are just corrupt(able) politicians, ready and able to fuck over group A to benefit group B, who they happen to favor more this week (decisions must be made, after all!). No system is perfect, and definitely no individual.

Big picture view: The scales will tip every now and then, but it’s ultimately survival of the fittest system that wins, with none existing in isolation - there are always external forces at play.

With that in mind, I’d put my money on more limited socialist-style-carve-outs like single payer healthcare in the US, more rent controls and housing subsidies, slightly better employee protections. Just enough to placate the masses, while the ruling class mostly continues as before. Even this will require a massive effort. Post-republicans, of course.

wg-quick takes a different approach, using an ip rule to send all traffic (except its own) to a different routing table with only the wireguard interface. I topped it up with iptables rules to block everything except DNS and the wireguard udp port on the main interface. I also disabled ipv6 on the main interface, to avoid any non-RFC1918 addresses appearing in the (in my case) container at all.

edit: you can also do ip rule matching based on uid, such that you could force all non-root users to use your custom route table.

https://github.com/FreeTubeApp/FreeTube/issues/2786#issuecomment-1303117112 for a real world example of needing an exception.

My pranks were less destructive … /ctcp nick +++ath0+++ … it was amazing how often that worked. 🤣

Did you find a solution?

Congrats for waiting this long - many parents don’t.

Honestly, this will depend on your child. If they are prone to addictive or obsessive behaviour, a smart phone will only amplify the tendancy. We already know how hard it is for adults to put down their phones for any length of time, and kids typically have less will power.

That said - digital communication is an important part of most people’s lives now. If all her friends are using a particular app to communicate, they will “need” it too. Some parental controls would be good for the first phone – which apps get installed, etc. Just be prepared to unlock most of them. ;-)

You might want a phone “lockbox” at home to ensure they turn off. Hopefully the school is strict about phone usage and etiquette too - it can help.

What is the typing experience that you want, and for which language(s). It’s not clear to me, sorry.

It is possible to map keyboard input in various ways. For more complex use-cases, many programs support character substitution as you type (eg. gx could become ĝ automatically).

What a Tosser with his T-mobile.

Looks neat, except for the rightmost column. Delete that and try again.

I vote in my country, not yours.

From my brief time exploring it, many there seem to think the end always justifies the means, and are oblivious to the means being the likely effective end. For example: China is apparently only temporarily embracing capitalism on its way to utopian communism. I haven’t followed the trump support that was alluded to here, but I assume it’s similarly reaching the limits of their forward reasoning. At some point, some talking points pop into their head to reinforce or build on their existing beliefs, and they pat themselves and their fellow comrades on the back.

Some are well prepared to run circles around you with their well trained mental gymnastics. It’s not dissimilar to the flat earthers, or other conspiracy theorists. You just have to believe to be saved (from critical thinking). It’s best not to engage, but rather observe from a distance.

You have an opportunity. Give him a pre-installed Linux and a terminal, along with a page of commands that he can run to do neat things… including starting the GUI to watch his favourite (ideally pre-downloaded) videos, running some demos, etc.

Don’t make it too easy, but not too hard (2 you said? Can type a few characters though…)… Add to it over the years, unlocking the power, and guiding him to discover more by himself.

Kids won’t become tech savvy if we hand everything to them on a silver platter, with touch screens, controllers, and flashy games. It can be bland and boring, until they do something.

It might just be the most life changing gift they ever receive.

That was IRIX (SGI’s UNIX) with the “fsn” file browser, if the Internet is to be believed.

Some Competitive Multiplayer games that generally “just work” and perform well under Linux/Proton: Insurgency Sandstorm, Hunt Showdown, Hell Let Loose, Dead by Daylight, Battlebit

It truly is a shame that this behaviour is considered acceptable in many games. I still report racist comms, but it’s sometimes hard to manage as (a) it’s near impossible to report 5 people chanting n****r all at once (b) they rarely get banned when you do.

It is incredible to me how little imagination these people have, acting like primary school children who just learned a bad word and now use it all the time.

In the EU, it is primarily russians and americans who engage in this behaviour (as far as I can recognise the accents). A downside of the sanctions is that many games no longer have russian servers.

I would like to see some legislation that “encourages” large multiplayer game server operators to police their online environments properly.

An apparmor profile is associated with an executable, based on its filesystem path. I think distributions tend to support either SELinux or Apparmor, but some (like Arch) support both.

Apparmor profiles are easier to reason about than SELinux, I find.

I have two apparmor profiles targeting shell scripts, which can run other programs. One is “audit” (permissive with logging) and the other is “safe” (enforcing).

The safe profile still has a lot of read access, but not to any directories or files with secrets or private data. Write access is only to the paths and files it needs, and I regularly extend it.

For a specific program that should have very restricted network access, I have some iptables (& ip6tables) rules that only apply to a particular gid, and I have a setgid wrapper script.

Note: This is all better than nothing, but proper segregation would be better. Running things on separate PCs, VMs or even unpriviliged containers.

Temporal is MIT licensed and comes with multi-tenant security features and its durable execution model is solid and scalability is phenomenal. They upsell to the cloud offering and the default OSS auth plugin is intentionally limited (you might want to develop your own if you self-host). You’d probably only look at the Temporal UI when debugging.

Windmill is very cool, but it is only suitable for trusted teams due to its security model. If you want to be able to develop scripts and workflows in the web browser and run them together with trusted colleagues, on a schedule etc., then windmill might just be for you!

Obsidian.md has mobile versions, apparently. Whether there is a free sync feature for the ios version will be a Q.

I don’t know about these days, but I remember making a custom layout for Windows back in 2005 that was US Qwerty keyboard plus AltGR+auose for äüö߀ (German umlauts and euro symbol).

I forget how I did it, as I haven’t used Windows for serious work in years.