Maybe we should consider, not letting everyone setup whatever the fuck they want, whenever the they want, however they want and assuming it’s all good because, “it’s in the cloud”. And then that setup gets either dumped in IT’s lap in it’s half-assed state (if you’re lucky) or is left running, long forgotten, until an attacker finds it and informs the organization about it’s continued existence by spinning up a coin miner.

“The cloud” does need a lot of work on configuration management. But, that doesn’t mean just another fancy tool to fix the fuckups. It means policies and procedures to make the broken configs harder to implement in the first place. But that doesn’t have AI and flashy dashboards to wow the execs into spending more money. It just has users whining about waiting for an understaffed IT organization not getting things done “right now” for a project that has a deadline i tomorrow, which has been known about for three months.

the rights it licensed to Otherside for System Shock 3 had been sold on to Tencent

Be careful what you wish for.

Why am I expecting to need to buy “energy” or “gems” or some other bullshit “pay to keep playing” mechanic? Likely with some other “pay to skip grinding” mechanic.

I kinda have the opposite problem. I’ll start some sprawling, open world game, get bored with the main gameplay loop and fire up a new world in Valheim.

I was introduced to it when it was still Hero’s Quest (and EGA)

This is the version I always play. There’s something just “right” about the EGA graphics and text parser. A clicky interface will never replicate:
Hut of brown, now sit down

There’s probably a lot of nostalgia in the choice, but my all time favorite game is Quest for Glory: So You Want to be a Hero. The game was just the right mix of fantasy, adventure and humor for a young me, and I still go back an play it about once a year. A close second is Valheim. It’s kinda my “cozy game”. I find building and exploring relaxing, and there’s enough fighting to keep the game from getting boring.

I tried that, I ended up with this weird “Windows 11” adware installed and couldn’t get rid of it. There was also a problem with odd programs and advertising showing up in my Start Menu, even after I removed them. Also, my settings would occasionally just change, without my knowledge or permission.

It depends on the environment. I’ve been in a couple of places which use Linux for various professional purposes. At one site, all systems with a network connection were required to have A/V, on-access scanning and regular system scans. So, even the Linux systems had a full A/V agent and we were in the process of rolling out EDR to all Linux based hosts when I left. That was a site where security tended to be prioritized, though much of it was also “checkbox security”. At another site, A/V didn’t really exist on Linux systems and they were basically black boxes on the network, with zero security oversight. Last I heard, that was finally starting to change and Linux hosts were getting the full A/V and EDR treatment. Though, that’s always a long process. I also see a similar level of complacency in “the cloud”. Devs spin random shit up, give it a public IP, set the VPS to a default allow and act like it’s somehow secure because, “it’s in the cloud”. Some of that will be Linux based. And in six months to a year, it’s woefully out of date, probably running software with known vulnerabilities, fully exposed to the internet and the dev who spun it up may or may not be with the company anymore. Also, since they were “agile”, the documentation for the system is filed under “lol, wut?”

Overall, I think Linux systems are a mixed bag. For a long time, they just weren’t targeted with normal malware. And this led to a lot of complacency. Most sites I have been at have had a few Linux systems kicking about; but, because they were “one off” systems and from a certain sense of invulnerability they were poorly updated and often lacked a secure baseline configuration. The whole “Linux doesn’t get malware” mantra was used to avoid security scrutiny. At the same time, Linux system do tend to default to a more secure configuration. You’re not going to get a BlueKeep type vulnerability from a default config. Still, it’s not hard for someone who doesn’t know any better to end up with a vulnerable system. And things like ransomware, password stealers, RATs or other basic attacks often run just fine in a user context. It’s only when the attacker needs to get root that things get harder.

In a way, I’d actually appreciate a wide scale, well publicized ransomware attack on Linux systems. First off, it would show that Linux is finally big enough for attackers to care about. Second, it would provide concrete proof as to why Linux systems should be given as much attention and centrally managed/secured in the Enterprise. I know everyone hates dealing with IT for provisioning systems, and the security software sucks balls; but, given the constant barrage of attacks, those sorts of things really are needed.

I’d be curious to see how they handle the problems which have cropped up with similar systems in the past. Player housing, for example, can be an absolute nightmare. I was actively playing UO back when they implemented player housing, and it was a clusterfuck. You couldn’t go three steps without slamming into someone’s house and most of them ended up being owned by a few big guilds, because space was at such a premium that no one else could afford one. And with the land so littered with houses, they had to create an alternate world to quest in, which specifically didn’t allow player houses. I can also see the systems they are designing becoming a playground rife for griefing. Look at that nice home you built. It would be a shame if someone diverted a river into it while you weren’t online.

MMO’s greatest strength can also be their greatest weakness: and that strength is other people. The more open and free-form a world is, the easier it is for the griefers to find and exploit edge cases.

It depends on what your goals are.

• Ventoy is good for having an alternate OS on a Thumbdrive. Even with a USB 3 device, you may encounter I/O blocking and find this isn’t suitable as a “daily driver” OS. However,. for booting something like Tails or Windows/Linux for OS specific hardware/applications, it can be a good solution.
• Dualbooting is a good way to “test drive” an alternate OS and also have a way to fallback to the other OS if you regularly need access to some software which only runs on that OS. This is likely to have better performance than the USB/Ventoy setup at the cost of Windows fucking up the bootloader config from time to time.
• Windows/Linux with a Linux/Windows VM is useful when you know what OS you want to run on a day to day basis, but have some reason to reach into the other OS on occasion and aren’t too worried about performance and hardware access in the alternate OS.

Ultimately, it’s going to come down to what you are trying to do and why you want to run multiple Operating Systems. For example, my main system is running Linux. But, I want the ability to run Windows malware in a controlled sandbox (not a euphemism, I work in cybersecurity and lab some stuff for fun). So, I have KVM setup to run Virtual Machines, including Windows.

For another example, prior to making the switch to Linux, I had Windows as my primary OS and booted Linux on a USB stick (not Ventoy, but close enough). This let me gain confidence that I would be able to make the jump.

I don’t have a good example for dual booting. Maybe something like a SteamDeck where you want a stable, functional OS most of the time; but, have some games which will only run in Windows.

Once again reinforcing the fact that “the cloud” is still someone else’s computer. If you want control over your data, you really need to look into self hosting. Otherwise, don’t be surprised when that someone else decides to change the rules for using their computer. I also can’t help but think that the more the internet matures, the more the version we had in the 90’s makes sense. Web 2.0 was a mistake.

While it was fun to watch the GME stock shitshow, the fact remains that the short selling hedge funds were right: GameStop doesn’t have a good business case anymore.

GME should have died years ago and this is just the people who are currently holding the bag trying to scrape some value off the bottom of the barrel.

“We are investing more, not less, into the evolution and growth of this game,” NetEase continued. “We’re excited to deliver new super hero characters, maps, features, and content to ensure an engaging live service experience for our worldwide player base.”

Translation: We’re gonna monetize the fuck out of our playerbase.

The tactical shooter aspects of Rainbow Six all but died after Ubisoft bought Red Storm Entertainment. After R6 Rogue Spear, the series started morphing into a bog standard run and gun shooter.

At least on Android (I’d assume iOS does it as well), you can set Do Not Disturb (DND) to turn on and off automatically, based on the time. You can also designate certain contacts to be allowed to bypass DND, so the phone will ring normally. I setup DND a long time ago, because I don’t want to be bothered by random shit while I am trying to sleep. However, my job is such that I might reasonably be called at 03:00 and need to roll my arse out of bed and start working. So, the number they call from is set to bypass DND. My elderly mother and brother are both similarly set to bypass. It all works out quite well and if some random marketer figures out my number and calls in the middle of the night, I don’t get woken up to talk about my car’s warranty.

It makes little sense why it works on an offsite WiFi, but not mobile data.

I’d agree with unbuckled above, it’s a DNS issue. If your mobile device is capable, use nslookup or dig to see what responses you are getting in different scenarios. It’s possible that your VPN software is leaking DNS queries out to the mobile data provider’s DNS servers while you are on mobile data and only using the correct DNS settings when you are on wifi. Possibly look for split tunnel settings in the VPN software, as this can create this type of situation.

You can also confirm this from the pihole side. Connect to the VPN via mobile data and browse to some website you don’t use often, but is not your own internal stuff. Then open the query log on your pihole and see if that domain shows up. I’d put money on that query not showing in the pihole query log.

I have one as well in my PC of Theseus, it’s been an ongoing part for more than a decade now. But, I also haven’t used in in a year or more.
It’s kinda funny to think back at how excited I was when my father first installed a CD-ROM drive in our home PC and knowing I could now get some of the newest games which were coming out on PC at that time. And now, I don’t even know if my optical drive is still working.

It’s a neat idea for something which is going to be used primarily for web browsing and word processing. It’s using an ARM Cortex CPU with up to 16GB of memory. It should run most popular flavors of Linux, there are ARM64 packages for LibreOffice and FireFox, so the basics are covered. All in all, a fun idea for a minimal system.

Really nice game.

EDIT: Finally managed to get a full clear at 303 points.

Along with the things others have said (Backups, Linux, Docker, Networking) I’d also recommend getting comfortable with server and network security. A lot of this is wrapped up in the simple mantra “install your goddamn updates!” But, there is more to it than that. For example, if you go with Nextcloud, read through their hardening guide and seriously consider implementing all of the recommendation. Also think through how you intend to manage both the server and instance. If this is all local, then it is easier as you can keep SSH access to the server firewalled off from the internet. If you host part of your stuff “in the cloud”, you’ll want to start looking at limiting down access and using keys to login (which is good practice for all situations). Also, never use default credentials. You may also want to familiarize yourself with the logs provided by the applications and maybe setup some monitoring around them. I personally run Nextcloud and I feed all my logs into Splunk (you can run a free instance in a docker container). I have a number of dashboards I look at every morning to keep an eye on things. E.g. Failed/successful logins, traffic sources, URI requests, file access, etc. If your server is attached to the internet it will be under attack constantly. Fail2Ban on my wireguard container banned 112 IP addresses over the last 24 hours, for 3 failed attempts to login via SSH. Less commonly, attackers try to log in to my Nextcloud instance. And my WordPress site is under constant attack. If you choose to run Wordpress, be very careful about the plugins you choose to install, and then keep them up to date. Wordpress itself is reasonably secure, the plugins are a shit-show and worse when they aren’t kept up to date.