Dr. Hax

Some of us said it was a mistake for the centralized Signal chat app to rely on secure enclaves to keep information safe. https://arstechnica.com/security/2025/10/new-physical-attacks-are-quickly-diluting-secure-enclave-defenses-from-nvidia-amd-and-intel/ Don't build systems that put trust in one manufacturer or company. Don't have a centralized data collection point. Build completely open source, decentralized systems. And if you're a user, choose to use those systems.

Remember when chown used a dot instead of a colon? Ah, the memories.

nostr:nprofile1qqsv02e69gf59auv7zayrdc00cyux3g5qgyl7jc8vx59l8v8s8dr63qpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszyrhwden5te0dehhxarj9ekk7mf0qy88wumn8ghj7mn0wvhxcmmv9usutme5 Is your checkout down because of this Azure outage? When I try to check out, I get an error: "We couldn't find this payment request Please return to your point of origin to re-initiate payment."

With the number of times I've moved these materials, I'll have personally lifted up and set down my entire shed at least 5 times before it is installed. I'm going to try to dig these last two holes and not think about this too much.

Making apple chips and building a shed. How's your day going?

Have you ever wondered what a #solar powered #meshtastic node would look like if way too much time and effort were put into it, but it was made entirely with things lying around the house? #decentralize everything!

Open source version of the great firewall of China. https://gfw.dev "Bring the thrill of cyber-sovereignty right into your home router and start filtering like a pro - you too can play Big Brother." Uses cases include "Help you fulfill your dictatorial ambitions" Not quite #FreedomTech 😅 but it's #sovereign for sure. #sovereignty

I always find it peculiar that highly technical people complain about DNS not working instead of running their own. I don't know if they don't know how to run reliable DNS servers, or what but at this point I'm afraid to ask. I've had more problems from faulty UPS taking down the network than DNS.

This is why we can't have nice things. An article supposedly last updated in Feb 2024, whose title and content talks about 2025. Talk about proof of NOT doing the work. Pure garbage.

Huge shout out to Félix and anyone else involved in the latest GitLab Patch Release for specifying on every vulnerability whether it could be exploited by unauthenticated attackers or if the attacker had to be authenticated. This is the level of quality I expect in a disclosure, and I'm glad to see you're delivering. Thank you. 🙏 https://about.gitlab.com/releases/2025/10/22/patch-release-gitlab-18-5-1-released/

nostr:nprofile1qqsd7ele5ljpzft5tjl84naae5pkj9uqcepa77adwr6ayyy0948uyqqpz3mhxue69uhhyetvv9ujuerpd46hxtnfduq3vamnwvaz7tmjv4kxz7fwdehhxarj9e3xzmnyqyg8wumn8ghj7mn0wd68ytnhd9hx2egupvs have you been getting my DMs? Xan you see this post. Amethest seems to be u reliable when it comes to DMs ever since they added 20 different types of relays for inbox, outbox, shoebox, drafts, and all the other complicated stuff. DMs wormed fine 100% of the time for me prior to those updates. I'm sure it still works fine if you're a nostr developer, but not for the average user.

Brilliant business idea for someone who wants to put in the work: Make a local Frigate instance accessible to people who don't know how to set up a Docker container, read or write JSON, or log into their home router. A real CCTV system is more reliable than a cloud-based one. It's more secure in that you won't be affected by breaches of these cloud services and their partners. It provides piece of mind that your security camera footage isn't being shared with other companies, or sold to the highest bidder for Lord kniws what (AI training, purchased by law enforcement without your knowledge or consent, extremely creepy data brokers, etc.) You don't have to worry about some megacorporation jacking up prices or deciding they want to sunset that service. It has a lot of advantages. The disadvantage is the setup cost. With the commercial cloud junk, they can have the device phone home to their server and have you log in there. Very simple setup. With Frigate, you have to know Docker, JSON. And with Frigate or any other CCTV system, you need to know the bizzare RSTP URL that is likely not even documented by the camera manufacturer, the IP address of your cameras, which you also have to set up, and you have to be comfortable logging into your router to do that and heaven forbid that the IP address ever change... And all of that is for the most basic setup of just having live streams. If you want to record, have motion detection, alerts, object recoginition, or amything fancy, that's an even bigger investment of time and learning about the software. This experience may be tolerable for geeks, but for the person who wants to go from opening the box to having something that works in 30 minutes, it falls flat on its face. If there's anyone out there who actually serious about making this a thing, I'd be willing to be your technology partner. I already have scripts to set everything up for myself, it isn't a big deal if I let other people benefit from them. I've got enough projeta going on that I don't want to take on any more, even if they are to support the #FreedomTech cause.

I wanted to share my thoughts with nostr:nprofile1qqsfr084yhxtx4sttkjsneav95fjvqla8tcr8lwhmjczm4tl5rdqd8cpz4mhxue69uhhyetvv9ujumn0wd68ytnkv46qz9rhwden5te0wfjkccte9ejxzmt4wvhxjmcpzemhxue69uhhyetvv9ujuurjd9kkzmpwdejhgcuzjp2 and the rest of the world on my household's chocolate powder purchasing decisions. All dollar prices here are in USD. We pay $5.60/lb for 100% cocoa powder and have no idea about the heavy metal content. The brand that got good marks with their chocolate bars in terms of heavy metals is Ghirardelli, and their cocoa powder goes for $10.59/lb on sale ($14.12/lb for people who pay regular price). We don't actually know the heavy metal levels on this product, but we're making an educated guess that they use their own cocoa powder to make their chocolate bars. So that's what you're up against. Sell for under $5.60/lb and dominate the market. Price it over $14.12/lb and see if it sells. Personally, we ain't rich, and we consume far more cocoa than average. That's why we get the cheap stuff. But if you can do like 10 lbs shipped to the USA for 100K sats, I'll commit to it right now (as long as this year's heavy metal tests look good). What I'm saying here is that I'm willing to double my costs in order to directly support a small farmer who actually tests their crops. 🤙

Is it true that both the number of #lightning channels and the total amount of coins held in channels has been going down for years? https://mempool.space/lightning

It is so amazingly useful to spin up a fresh VM in under 10 seconds. It makes reproducing issues in a clean environment so much faster. And there's no question as to whether the issue is affected by a chroot, or dockerization, or running in a different kernel namespace which has different permissions. No, it's s real VM, running on a real CPU. And when I close the program (the terminal, bowser or what have you) everything gets automatically cleaned up. I ❤️ you, #QubesOS

nostr:nprofile1qqsv02e69gf59auv7zayrdc00cyux3g5qgyl7jc8vx59l8v8s8dr63qpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhszyrhwden5te0dehhxarj9ekk7mf0qy88wumn8ghj7mn0wvhxcmmv9usutme5 If you are open to suggestions on what to carry in your store, I'd like to submit this for consideration: "Future Imperfect: Technology and Freedom in an Uncertain World" by David Friedman It's from 2008 and talks about encryption, surveillance, virtual reality, AI, ecash, and contracts in cyberspace (& more). I'm not through the entire thing yet, but it's been interesting so far, especially with the benefit of hindsight.