Show newer

Seems a bit better with regard to some security features (ssh, console access) and more polished all around. DNS ad blocklisting is built in, you don't even need to install a package.

Show thread

Okay pfSense is really nice, but OPNsense is really nicer.

pfSense has a package for DNS filtering. A couple clicks and I just put my pi-hole out of a job. This is awesome!

Just turned an old computer into a pfSense router. Much more satisfying than buying a new one, and now it has SSH 😁

If Google Glass was styled after Geordi La Forge, they'd be running the world now

Ubuntu Desktop on a raspi 4 is surprisingly good!

VimAwesome added some of my new plugins. I was worried the service was abandoned, so the new activity is exciting!

I'm terrible at maintaining digital relationships. Really looking forward to meeting people IRL again.

Sometimes I think I possess rudimentary people skills. Then I leave my house.

DuckDuckGo's backslash operator has made me a 10x engineer

Only an hour to set up front end tooling for a new web app! I already hate it.

@metalune It's not a data breach, it's a surprise backup

Still, that might actually be a bug in Brave. And it has other downsides. Although crypto is enabled, other permissioned resources aren't, like audio/video. Which coincidentally was exactly what I needed it for.

I've really gone out of my way to avoid using a domain. I want to know how P2P browser apps can work in practice. But I'm not seeing a good method yet.

Show thread

I get why they do it, but that means if you self host a web service, you have to choose A: centralization through domains+certs, or B: entirely vulnerable content (serve everything over unencrypted http). Option B is obvious a no-go.

Oddly enough Brave seems to be leading the charge in that regard. They just added IPFS integration. If you use a local node instead of a gateway, it loads the content in a weird mixed mode. You can access crypto *and* make insecure page requests.

Show thread

The biggest blocker for (securely) running P2P apps in the browser seems to be mixed content restrictions. We're so close!

Specifically, web crypto isn't available on insecure sites, and unencrypted WebSockets (e.g. to a LAN server) aren't allowed on secure sites. The crypto API *could've* proven authenticity of your LAN server without requiring domains/cert chains.

Why aren't more people calling the proliferation of "carcinisation"? It's like the perfect term for it.

Arrrg, libp2p is almost good enough. Trying to use the IPFS bootstrap nodes to resolve a LAN server from a static site and open a bidirectional socket. That would open so many possibilities. Alas, the websocket transport doesn't support proxied discovery and it isn't part of the default protocol set anyway. There's always DDNS.

Show older

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.