rho50

Yeah, but it'll be Secure Enclave in data centre hardware, not on your phone. Basically they're just using their own proprietary HSMs to encrypt data on the server.

Not convinced that this will really add any privacy benefits over other confidential computing solutions already offered by AWS/Google Cloud/Azure. That said, it is fairly private - just not as good as on-device.

Ideally you want something that gracefully degrades.

So, my media library is hosted by Plex/Jellyfin and a bunch of complex firewall and reverse proxy stuff... And it's replicated using Syncthing. But at the end of the day it's on an external HDD that they can plug into a regular old laptop and browse on pretty much any OS.

Same story for old family photos (Photoprism, indexing a directory tree on a Synology NAS) and regular files (mostly just direct SMB mounts on the same NAS).

Backups are a bit more complex, but I also have fairly detailed disaster recovery plans that explain how to decrypt/restore backups and access admin functions, if I'm not available (in the grim scenario, dead - but also maybe just overseas or otherwise indisposed) when something bad happens.

Aside from that, I always make sure that all of all the selfhosting stuff in my family home is entirely separate from the network infra. No DNS, DHCP or anything else ever runs on my hosting infra.

(6.9-4.2)/(2024-2018) = 0.45 "version increments" per year.

4.2/(2018-1991) = 0.15 "version increments" per year.

So, the pace of version increases in the past 6 years has been around triple the average from the previous 27 years, since Linux' first release.

I guess I can see why 6.9 would seem pretty dramatic for long-time Linux users.

I wonder whether development has actually accelerated, or if this is just a change in the approach to the release/versioning process.

If you include ChromeOS that's very likely.

You can restrict what gets installed by running your own repos and locking the machines to only use those (either give employees accounts with no sudo access, or have monitoring that alerts when repo configs are changed).

So once you are in that zone you do need some fast acting reactive tools that keep watch for viruses.

For anti-malware, I don't think there are very many agents available to the public that work well on Linux, but they do exist inside big companies that use Linux for their employee environments. For forensics and incident response there is GRR, which has Linux support.

Canonical may have some offering in this space, but I'm not familiar with their products.

At least in some circumstances, the risks of sharing your DNA include having children...

Tbf 500ms latency on - IIRC - a loopback network connection in a test environment is a lot. It's not hugely surprising that a curious engineer dug into that.

Android still doesn't have shake-to-undo. I use iOS and Android and switch between them regularly for work, and every time I typo something or accidentally delete a bunch of text on Android, it's incredibly jarring to not have the undo capability.

Ohh, my bad! I thought the person you were replying to was asking about Gitea. Yeah, Forgejo seems truly free and also looks like it has a strong governance structure that is likely to keep things that way.

This sadly isn't true anymore - they now have Gitea Enterprise, which contains additional features not available in the open source version.

From here:

• SAML
• Branch protection for organizations
• Dependency scanning (yes, there are other tools for this, but it's still a feature the open source version doesn't get).
• Additional security controls for users (IP allowlisting, mandatory MFA)
• Audit logging

Don't use Gitea, use Forgejo - it's a hard fork of Gitea after Gitea became a for-profit venture (and started gating their features behind a paywall).

Codeberg has switched to Forgejo as well.

Also, there's some promising progress being made towards ActivityPub federation in Forgejo! Imagine a world where you can comment on issues and send/receive pull requests on other people's projects, all from the comfort of a small homeserver.