Well, unless this is an offer to buy me a replacement Quest or Pico (all of which, work on Linux) “yes, I’m going to stay with Windows 10” (and/or maybe dual boot).

… because I have a Samsung Odyssey+ VR headsets, which needs “Windows Mixed Reality” (Windows VR) and was gutted/removed from Windows 11 (and doesn’t work on Linux).

I’m sorry this happened, but it seems rather reckless of the author to be running “Malicious PoCs” on their “daily driver” (re: the PC they use for everything).

If I was in the habit of running “Malicious PoCs”, you can be certain it would be isolated from the rest of my system. This could be in a sandbox or a vm. Heck, just created a dedicated (one time use) “new user” would have been better than "Hey, let me just download and run some random shell script. Oh, it needs root? No problem!

I have mixed feelings about this.

On one hand, I agree with the technical merits. Having an automated process to renew short lived tls certs is “a good thing” and I think services like Let’s Encrypt have demonstrated such automation is viable (at large scale).

But, there are reasons why people pay money for tls Certs rather than use free (short lived) Certs. For example, there’s a mom-and-pop webhosting company that allows you to upload your tls Certs (they cost < $25 / year) or you can pay them $95 / year to use their Certs (and they just use Let’s Encrypt - lol)

The nearly 4x markup is their “convenience fee” or “dumb tax”. Regardless, once the 45 day tls Certs are enforced, I’ll have no choice in either paying their 4x markup or migrating to another platform.

… Having a choice is not always a bad thing…

Yeah, bring back Usenet! (rabble, rabble, rabble) /s

I just laughed and said oh well that’s what you get when you moved from on prem to cloud.

Our Techs said that you couldn’t buy on-perm exchange anymore. You needed to go with the cloud subscription, which “includes” all the crap you don’t want: like Teams.

Atleast, they said didn’t make financial sense to pay for Google Workspace + Slack + Cloud Exchange, when MS offered their (lesser) services as a bundle (but the human suffering is real) :(

What?!? Actually, read the article? What is this, Reddit? /s

Seriously, though - let me spin the question around: what, in your mind, overlaps with what Greg said?

(plus, OP was just interested in people opinions - not whether they align/contradict with Greg, Linus, etc)

Oh absolutely, but you could argue the same for learning lisp or mastering any functional programming language (list comprehensions, etc). It will improve your design patterns when you go back to an object oriented language with some elements of functional programming.

In my mind, introducing Rust would only make sense if:

1. There was a serious lack of current kernel developers (which I don’t think there is)
2. New hardware and tech was evolving at a rate that the Linux Kernel could not keep up (again, I don’t think this is am issue)
3. The end goal is to migrate the entire Kernel to Rust.

Regarding point 3, having both C and Rust really only makes sense as a transition phase (measured in years) - as it would require kernel developers to be savvy in both C and Rust, or would force developers to stay within whatever domains were implemented in C or Rust.

… now in VR! ;)

How about have the bot detect community crossposts and try to funnel the conversations into one post.

I fear, this “to be created” “sync feature” is going to create a lot of noise.

edit: a word

It’s more than needing a reminder: Let’s Encrypt Certs are valid for a maximum of 90 days before they need to be reissued. Doing this 4 times (or more) a year, for years on end will be tedious and error prone.

Most tools that request and install Let’s Encrypt Certs automatically do this without the need for human interaction (30 days prior to the expiration) . Actually, they work so well you don’t notice the “behind the scenes work” that’s happening.

The problem is when this renewal process “stop working”. I’d been using Let’s Encrypt for years w/o problems, but eventually the client I was using wasn’t updating and it was using a deprecated Let’s Encrypt API. Ultimately, the cert stopped updating, but I got the email reminder from Let’s Encrypt and I was able to fix it w/o a disruption.

Now, this was just a server for personal use. So if the SSL cert expired, it would not be the end of the world. Plus, I would have gotten a bunch of SSL errors the next time my client was trying to sync data, and I probably would have dropped everything to fix it. But the email reminder was a convenient feature, which allowed me to fix it whenever I had time.

That said, if Let’s Encrypt wants to save some money for their free service, I’m certainly not going to complain (although I will miss it).

Fantastic! Thank you for sharing this.

I have it installed, I’m curious how effective it will be.

Lately, I’ve been reporting AI generated cruft as “spam” to duckduckgo. In fact, it’s not really spam - as there are some nuggets of useful information, but so sparse, I’d rather of skipped the article/website entirely. I hope these kind of Blocklists will evolve to include this kind of quasi-spam.

Wow, this is exactly what I was looking for. Thank you.

Original, I thought “hey, everything will work”… but then I started to look into the details. For example, Revolut, it works, then it doesn’t work (due to attestation), then works (after people complain).

I really need to ask myself, if this is the kind of experience I want with my daily driver. On the other hand, I know this is just Google strong arming me into their walled garden. Man, I really hate this dystopian future.

Can I install my bank app on it yet? I remember having problems with attestation in the past.

What about full application backups? I’ve got a few offline apps, I’d like to transfer the data to/from. However, I thought grapheneOS needed the application developer to “approved” this backup/restore method - or you needed root (which invalidated attestation)… I don’t recall which it was (but I really miss titanium backup).

I’ve got a similar set up and everything works. So, I can confirm that your assumptions are sound.

My solution is kubernetes based, so I use cert-Manager to issue/create the Let’s Encrypt (using DNS as the verification mechanism), when gets fed into a Traefik Reverse Proxy. Traefik is running on a non-standard port, which I can access from the outside world.

I’d suggest tearing your current system down and verify everything is configured correctly.

For example :

• Take a look at the SSL cert. Is it generated properly?
• Look at the reverse proxy. Is it using the proper SSL cert and is it properly formatted? (I’ve found curl - -verbose - - insecure https://... to be helpful)
• Maybe add a static file (ie: robots.txt) to nginx. This would allow you to see if the problem is between the outside world and nginx or between nginx and your service.
• You can also use the “snake oil” cert, in a pinch. It’s an insecure SSL cert, but it would allow you to confirm that your nginx is properly configured and it would confirm that the issue is with the Lets Encrypt cert (or that process/payload).

… and not to rob you of this experience, but you might want to look into Cloudflare Tunnels. It allows you to run services within your network, but are exposed/accessible directly from Cloudflare. It’s entirely secure (actually more so than your proposed system) and you don’t need to mess around with SSL.

Vampire Survivor: It’s fun, easy to pickup, the sessions are short (less than 20 minutes), and lots to unlock.

… Plus, (if you’ve been living in a cave and didn’t know) it’s free on Epic Games for the next few hours.

Shit, and here I thought spending my day unblocking people somehow boosted productivity.

Facebook, now it’s your turn…

It’s the “stringing it all together” that could be problematic.

If you have multiple clients (desktop/cellphone) modifying the same entry (or even different entries in the same “database” ). You need something smart enough to gracefully handle this or atleast tell you about it.

I did the whole “syncing” KeePass and it was functional, but it also meant I needed to handle conflicts - which was annoying. I switched and really appreciate the whole “it just works” with self-hosted bitwarden.