Last I checked, using Kindle For PC on a windows (virtual) machine still works. I did it last weekend and the instructions are still on reddit.

In the process of re-verifying and ever so slowly using kvm on my desktop and will likely duplicate the instructions as part of that. But if you just go check the calibre board at reddit, it is super easy to find.

But yeah. Strongly suggest migrating to a different ecosystem. There is no guarantee that Rakuten aren’t going to shit it up but they are way better than Amazon right now (super low bar…). But since some of my favorite authors only self publish on kindle for pricing reasons…

Andrew Rea is a special kind of asshole (gotta love how he uses his own, probably legit, stories of struggles with mental health to sell fucking Better Help of all things).

But recipes and paywalls have always been a mess. Cookbooks were, and still are, a thing. And the time and cost it takes to develop a recipe is REALLY high. Brian Lagerstrom has talked about this on and off and half joked about how many lasagnas and cakes he and his partner have eaten to get a 15 minute youtube video up. And then someone else just steals that verbatim without any credit at all. So a lot of “recipe creators” are looking at methods to make sure they at least break even on their IP.

And Rea is very aware of this. Partially because he has a long history of using the exact same techniques that Kenji et al do without any accreditation (Alvin is REALLY good about saying where he got an idea though) and partially because he is pretty good friends with some of the most notorious recipe thiefs out there.

But yeah. If they had done a “going forward, all recipes are paywalled” I would not be too bothered. But he retroactively paywalled all his old recipes. Which sucks because many videos outright contained errors that weren’t in the text recipes because he screwed up the narration.

But also? The good news is that you can generally just google a few of the ingredients of a given recipe and get the “real” name of it and five different versions.

Ah. Thank you for actually finally citing yourself.

I actually HAD seen that before so:

1. .Protonmail Behaves like a CIA/NSA “Honeypot”: This is an incredibly sensationalized point that boils down to them having a really shit TOR page. And, agreed. But “In fact, the only other websites that operate like this are suspected NSA/CIA Honeypots.” is very much false. LOTS of sites are configured in a really shitty manner which gets back to people having to understand the tools they use.
2. Protonmail Does Not Provide “End to End Encryption”: Yeah. Which gets back to what I have been saying the entire time. If you actually care about your security, encrypt your own emails. Nobody should EVER trust a company to do encryption for them when it actually matters. Which speaks to the quality of proton as a service, not it being a “honeypot”
3. . Protonmail’s Was Created Under CIA/NSA Oversight: That article is almost entirely them just repeating that same inflammatory statement over and over. But it boils down to having issues with something coming out of MIT research which is a prestigious school with government grants and very questionable side hustles for some professors. The reality is that almost all software is at least “incubated” under very questionable circumstances because… people gotta eat and the people doing the kind of research that makes “cool stuff” tend to get government grants (well, not as of two weeks ago but…)
4. .Protonmail is Part Owned by CRV and the Swiss Government: Which is not the CIA?
5. CRV, In-Q-Tel & the CIA : I am not seeing a direct link to Proton Corp other than “Additionally, The mastermind, cryptographer & back end developer that created Protonmail, Wei Sun, now works for Google.”. Which… okay? If it was written properly that doesn’t matter. If it wasn’t then… encrypt your own emails.
6. Protonmail Follows CIA Email format & Metadata Requirements: "There are several ways to store emails, and Protonmail has selected the format that the CIA requires. ". Yup. Smoking gun right there. They chose the wrong standard. Yes, I would like it if they encrypted that metadata on principle. But it doesn’t matter. If they are compromised, they have that metadata anyway. Again, encrypt your own communications and maybe don’t use your personal accounts when you are discussing super sensitive topics?
7. . Swiss MLAT Law Could Give the NSA Full Access: Are we back to the Swiss being a CIA front?
8. Protonmail Uses Radware for DNS/DDOS Protection: So now it is Mossad who controls Proton and all they have to do is compromise a DDOS filter. Again, encrypt your emails.
9. Protonmail Developers Do Not Use Protonmail: if not wanting to eat your own dogfood means you are a CIA operation then Uncle Sam owes me a lot of money.
10. Protonmail engages in illegal cyberwarfare: They did a “hack back”, Okay? Fuck 'em, but okay?
11. Protonmail has a history of Dishonesty: Yeah, there is no bias in that list at all

You see, when you actually post a link to stuff people can discuss what you are talking about and explain why you are misinformed and clearly referencing a somewhat deranged hit piece.

The main takeaway from that? They are, at worst, as bad as gmail. Except with a much smaller customer base and at least more open that they want you to pay for functionality rather than not question what google is doing with your data.

And, as proton themselves even say: if it actually matters, encrypt your own emails. That way Proton Corp don’t have anything they can give to their CIA/Mossad/Swiss overlords.

you want me as an ally, your tone lost me…

If the only way you care about people protecting their privacy and very selfs is if someone is nice to you and cuddles you and thanks you for spewing uncited nonsense…

There was a blog post by a website called Privacy Watchdog (if I remember correctly), I can’t find that website anymore nor the blog post,

Yeah. And trump totally read an article somewhere that black trans people are the root of all evil. He can’t find it right now, but totally trust him on that.

I don’t know if you are just this stupid or if you are actually trying to undermine those who are trying to make educated decisions on what they should or should not “trust” communication wise (you’ll note that I all but say “don’t trust proton. protect yourself”).

But either find that mystery article so that people can make educated decisions or shut the fuck up.

I am not making arguments for US politics. I am not here to give you “something (you) can use in future discussion with others”

I am telling you that you have no evidence whatsoever but you are spewing bullshit. You are just as bad as trump making up bullshit about how he read a report that nuking a hurricane would solve all problems. Your argument is literally “I think I heard somewhere”

We are all scared. We are all trying to protect ourselves. Maybe you can be an ally instead of an agitator, hmm?

Sorry, just to check: your evidence is “I think I read it somewhere?”. If it weren’t for “weak argument, dismissed” being too “cringe” even for ME…

If you have evidence, please actually provide it. If you don’t, please shut your opinion hole.

And

she was the World Economic Forum Global Agenda Council Chair of the Future of Internet Security

That actually seems like a good background to have for working on software/products like this?

Also, people should actually LOOK at what proton “promises”. Mostly it boils down to limited protections and suggested tools to protect yourself. Which is why, as a company, I like them. They aren’t promising to fight all the governments of the world. In fact, they are pretty open that they are gonna roll over because they don’t know you. But what they do claim to turn over? Combine that with some opsec and personal encryption and you are in a really “good” place for someone who has a warrant out on them.

Contrast that with all the companies that DO make wild claims about having zero data and being willing to go to nu-gitmo for their customers and blah blah blah.

The reality is: if you are doing something the CIA should care about, you… probably shouldn’t be doing email at all. That said, there are ways to reduce your risk factor and they almost all boil down to communicating with trusted and vetted individuals where you can actually encrypt communications yourself rather than relying on a company to do so.

But if you are mostly just pirating shit or writing graphic lemons about threesomes involving trump, xinnie, and putin? Meh. You can do a lot worse.

They didn’t “pay vassalage to trump”. They spewed the same libertarian tech bro bullshit that most companies trying to cozy up to a new administration did. And the damage control responses align with that.

It isn’t particularly good. But on the list of “privacy” corporations that are potentially honeypots, they still rank fairly low.

Yeah. This isn’t the first time the news app and the core nextcloud updates have fought each other in weird and mysterious ways (for me or others). I forget how I solved it last time (I think it was a similar case of needing to manually update to bleeding edge and then tweak things) but… I just don’t care anymore.

I don’t know who is right or wrong in how nextcloud is maintained (my instinct is the nextcloud devs because… have you seen nextcloud? but also, most apps don’t have this recurring problem). But at this point, the benefits I get out of it are largely gone. And when so many issues boil down to “We need more people and resources to maintain this”, it kind of feels like getting off the train BEFORE it crashes rather than after.

I’m on the alpha and it still won’t update any of my feeds. And going through the github issues it is basically summed up as “We will do another stable release once we have a frontend developer” which is basically never. So, at best, it will work until it doesn’t and then I have to fix it myself yet again and… yeah.

And if my choice is to run an older version of nextcloud to support one app? Hell no.

… mostly the other way around?

Theoretically it is possible that a compromised machine could compromise a USB stick. If you are at the point where you are having to worry about government or corporate entities setting traps at the local library? You… kind of already lost.

Which is the thing to understand. Most of what you see on the internet is, to borrow from a phrase, Privacy Theatre. It is so that people can larp and pretend they are Steve Rogers fighting a global conspiracy while necking with a hot co-worker at an Apple store. The reality is that if you are actually in a position where this level of privacy and security matters then you need to actually change your behaviors. Which often involves keeping VERY strong disconnects between any “personal” device and any “private” device.

There have been a lot of terrible (but wonderfully written) articles about journalists needing to do this because a government or megacorporation was after them. Stuff like having a secret laptop that they never even take out of a farraday cage unless they are closer than not to an hour away from wherever they are staying that night.

I think any “privacy oriented OS” is inherently a questionable (kneejerk: Stupid and reeks of stale honey) strategy in the first place.

A very good friend of mine is a journalist. The kind of journalist where… she actually deals with the shit the average person online larps and then some. And what I and her colleagues have suggested is the following:

Two flash drives

• One that is a livecd for basically any linux distro. If you are able to reboot the machine you are using and boot to this, do it. That helps with software keyloggers but obviously not hardware
• One that is just a folder full of portable installs of the common “privacy oriented” software (like the tor browser) supporting a few different OS types.

Given the option? Boot the public computer to the live image. Regardless, use the latter to access whatever chat or email accounts (that NEVER are logged into on any machine you “own” or near your home) you need.

It isn’t about being reasonable.

If you are expected to track your time to this degree (and, to make it clear, the majority of employers actively don’t want you to), there is a reason. That reason usually being different funding sources. Generally a mix of grants and clients.

And if a client or grant source finds out you are lying about those? Maybe you only had enough work to do 34 hours instead of 40 hours in one week. Would you be cool paying extra because the guy repairing your muffler had a slow week?

And if people think being proud of a tool that openly talks about what everyone else silently does isn’t a red flag for employers? Hey, its a great job market so I am sure none of that will matter.

Tracking time is fine.

Normalizing your time to the hours you were supposed to work is a massive no no. Especially if you are expected to break down your hours per project.

I mean, you obviously do it. But you never put it in writing.

Pretending the most important use of bit torrent is Linux ISO’s is the kind of cya that people giggle at.

If a candidate I am interviewing has a tool to change their reported hours to me or clients on their public GitHub? That person is radioactive no matter how many times they say “but don’t do anything naughty wink wink”

So … it is a tool to automate time fraud?

Make sure to put this front and center on your CV

More drives is always better. But you need to understand how you are making it better.

https://en.wikipedia.org/wiki/Standard_RAID_levels is a good breakdown of the different RAID levels. Those are slightly different depending on if you are doing “real”/hardware RAID or software raid (e.g. ZFS) but the principle holds true and the rest is just googling the translation (for example, Unraid is effectively RAID4 with some extra magic to better support mismatched drive sizes)

That actually IS an important thing to understand early on. Because, depending on the RAID model you use, it might not be as easy as adding another drive. Have three 8 TB and want to add a 10? That last 2 TB won’t be used until EVERY drive has at least 10 TB. There are ways to set this up in ZFS and Ceph and the like but it can be a headache.

And the issue isn’t the cloudflare tunnel. The issue is that you would have a publicly accessible service running on your network. If you use the cloudflare access control thing (login page before you can access the site) you mitigate a lot of that (while making it obnoxious for anything that uses an app…) but are still at the mercy of cloudflare.

And understand that these are all very popular tools for a reason. So they are also things hackers REALLY care about getting access to. Just look up all the MANY MANY MANY ransomware attacks that QNAP had (and the hilarity of QNAP silently re-enabling online services with firmware updates…). Because using a botnet to just scan a list of domains and subdomains is pretty trivial and more than pays for itself after one person pays the ransom.

As for paying for that? I would NEVER pay for nextcloud. It is fairly shit software that is overkill for what people use it for (file syncing and document server) and dogshit for what it pretends to be (google docs+drive). If I am going that route, I’ll just use Google Docs or might even check out the Proton Docs I pay for alongside my email and VPN.

But for something self hosted where the only data that matters is backed up to a completely different storage setup? I still don’t like it being “exposed” but it is REALLY nice to have a working shopping list and the like when I head to the store.

A LOT of questions there.

Unraid vs Truenas vs Proxmox+Ceph vs Proxmox+ZFS for NAS: I am not sure if Unraid is ONLY a subscription these days (I think it was going that way?) but for a single machine NAS with a hodgepodge of drives, it is pretty much unbeatable.

That said, it sounds like you are buying dedicated drives. There are a lot of arguments for not having large spinning disk drives (I think general wisdom is 12 TB is the biggest you should go for speed reasons?), but at 3x18 you aren’t going to really be upgrading any time soon. So Truenas or just a ZFS pool in Proxmox seems reasonable. Although, with only three drives you are in a weird spot regarding “raid” options. Seeing as I am already going to antagonize enough people by having an opinion, I’ll let someone else wage the holy war of RAID levels.

I personally run Proxmox+Ceph across three machines (with one specifically set up to use Proxmox+ZFS+Ceph so I can take my essential data with me in an evacuation). It is overkill and Proxmox+ZFS is probably sufficient for your needs. The main difference is that your “NAS” is actually a mount that you expose via SMB and something like Cockpit. Apalrd did a REALLY good video on this that goes step by step and explains everything and it is well worth checking out https://www.youtube.com/watch?v=Hu3t8pcq8O0.

Ceph is always the wrong decision. It is too slow for enterprise and too finicky for home use. That said, I use ceph and love it. Proxmox abstracts away most of the chaos but you still need to understand enough to set up pools and cephfs (at which point it is exactly like the zfs examples above). And I love that I can set redundancy settings for different pools (folders) of data. So my blu ray rips are pretty much YOLO with minimal redundancy. My personal documents have multiple full backups (and then get backed up to a different storage setup entirely). Just understand that you really need at least three nodes (“servers”) for that to make sense. But also? If you are expanding it is very possible to set up the ceph in parallel to your initial ZFS pool (using separate drives/OSDs), copy stuff over, and then cannibalize the old OSDs. Just understand that makes that initial upgrade more expensive because you need to be able to duplicate all of the data you care about.

I know some people want really fancy NASes with twenty million access methods. I want an SMB share that I can see when I am on my local network. So… barebones cockpit exposing an SMB share is nice. And I have syncthing set up to access the same share for the purpose of saves for video games and so forth.

Unraid vs Truenas vs Proxmox for Services: Personally? I prefer to just use Proxmox to set up a crapton of containers/vms. I used Unraid for years but the vast majority of tutorials and wisdom out there are just setting things up via something closer to proxmox. And it is often a struggle to replicate that in the Unraid gui (although I think level1techs have good resources on how to access the real interface which is REALLY good?).

And my general experience is that truenas is mostly a worst of all worlds in every aspect and is really just there if you want something but are afraid of/smart enough not to use proxmox like a sicko.

Processor and Graphics: it really depends on what you are doing. For what you listed? Only frigate will really take advantage and I just bought a Coral accelerator which is a lot cheaper than a GPU and tends to outperform them for the kind of inference that Frigate does. There is an argument for having a proper GPU for transcoding in Plex but… I’ve never seen a point in that.

That said: A buddy of mine does the whole vlogger thing and some day soon we are going to set up a contract for me to sit down and set her up an exporting box (with likely use as a streaming box). But I need to do more research on what she actually needs and how best to handle that and she needs to figure out her budget for both materials and my time (the latter likely just being another case where she pays for my vacation and I am her camera guy for like half of it). But we probably will grab a cheap intel gpu for that.

External access: Don’t do it, that is a great way to get hacked.

That out of the way. My nextcloud is exposed to the outside world via a cloudflare tunnel. It fills me with anxiety but as long as you regularly update everything it is “fine”.

My plex? I have a lifetime plex pass so I just use their services to access it remotely. And I think I pay an annual fee for homeassistant because I genuinely want to support that project.

Everything else? I used to use wireguard (and openvpn before it) but actually switched to tailscale. I like the control that the former provided but much prefer the model where I expose individual services (well, VMs). Because it is nice to have access to my cockpit share when I want to grab a file in a hotel room. There is zero reason that anything needs access to my qbitorrent or calibre or opnsense setup. Let alone even seeing my desktop that I totally forgot to turn off.

But the general idea I use for all my selfhosted services is: The vast majority of interactions should happen when I am at home on my home network. It is a special case if I ever need to access anything remotely and that is where tailscale comes in.

Theoretically you can also do the same via wireguard and subnetting and vlans but I always found that to be a mess to provide access both locally and remotely and the end result is I get lazy. Also, Tailscale is just an app on basically any machine whereas wireguard tends to involve some commands or weird phone interactions.