I once owned a bunch of WiFi connected devices. One day I inspected my router logs and found out that they were all making calls to a bunch of services that weren’t the vendor - things like Google, and Facebook.

WiFi connected devices require connecting to a router; in most homes, this is going to be one that’s also connected to the internet - most people aren’t going to buy a second router just for their smart home, or set up a disconnected second LAN on their one router. And nearly all of these devices come with an app, which talks to the device through an external service (I’m looking at you, Honeywell, and you, Rainbird). This is a privacy shit-show. WiFi is a terrible option for smart home devices.

ZigBee, well, I haven’t had any luck with it - pairing problems which are certainly just a learning curve in my part and not an issue with the protocol. I chose ZWave myself because I read about the size and range limitations of ZigBee technology, versus ZWave, but honestly I could have gone either way. Back then, there was no appreciable price difference in devices. Most hubs support both, though, and I can’t see why I wouldn’t mix them (other than I need to figure out how to get ZigBee to work).

In any case, low-power BT, ZigBee, or Zwave are all options, whereas I will not allow more WiFi smart devices in my house. I’m stuck with Honeywell and Rainbird, for… reasons… but that’s it. I don’t need to be poking more holes in my LAN security.

They can’t won’t even hold stop supplying Israel with weapons and financial backing to persecute the war back currently.

(“They” =~ “We”, sigh)

Seconded. OP, if you can write Markdown, Hugo will turn it into a website.

Go ahead… you can whisper it to me

Opening an office is a completely different thing; there is an enormous difference between offshore contractors and offshore employees. That much, I’ll agree with.

In the US, though, it’s usually cost-driven. When offshore mandates come down, it’s always in terms of getting more people for less cost. However, in most cases, you don’t get more quality code faster by throwing more people at it. It’s very much a case of “9 women making a baby in one month.” Rarely are software problems solved with larger teams; usually, a single, highly skilled programmer will do more for a software project than 5 junior developers.

Not an projects are the same. Sometimes what you do need is a bunch of people. But it’s by far more the exception than the rule, and yet Management (especially in companies where software isn’t the core competency) almost always assumes the opposite.

If you performed a survey in the US, I would bet good money that in the majority of cases the decision to offshore was not made by line managers, but by someone higher in the chain who did not have a software engineering degree.

Thing is, outsourcing never stopped. It’s still going strong, sending jobs to whichever country is cheapest.

India is losing out to Indonesia, to Mexico, and to S American countries.

It’s a really stupid drive to the bottom, and you always get what you pay for. Want a good development team in Bengaluru? It might be cheaper than in the US, but not that much cheaper. Want good developers in Mexico? You can get them, but they’re not the cheapest. And when a company outsources like this, they’ve already admitted they’re willing to sacrifice quality for cost savings, and you - as a manager - won’t be getting those good, more expensive developers. You’ll be getting whoever is cheapest.

It is among the most stupid business practices I’ve had to fight with in my long career, and one of the things I hate the most.

Developers are not cogs. You can’t swap them out like such, and any executive who thinks you can is a fool and an incompetent idiot.

I think Android updates intentionally made the Pixel C slower. It was a noticeable process, up to the point they stopped supporting it. I’d downgrade to an earlier version, but there’s such poor support in Lineage, I’m barely able to run the version that’s on there now.

Such a shame, because it’s still an amazingly beautiful device.

I’m 100% with you. I want a Light Phone with a changeable battery and the ability to run 4 non-standard phone apps that I need to have mobile: OSMAnd, Home Assistant, Gadget Bridge, and Jami. Assuming it has a phone, calculator, calendar, notes, and address book - the bare-bones phone functions - everything else I use on my phone is literally something I can do probably more easily on my laptop, and is nothing I need to be able to do while out and about. If it did that, I would probably never upgrade; my upgrade cycle is on the order of every 4 years or so as is, but if you took off all of the other crap, I’d use my phone less and upgrade less often.

The main issue with phones like the Light Phone is that there are those apps that need to be mobile, and they often aren’t available there.

since all apps are designed to run well on budget phones from 5 years ago, there’s no reason to upgrade.

5 years, maybe, but any more is stretching it. And not getting system upgrades anymore is problematic. Unless you own a particular model of phone, de-Googled Android can be hard to come by.

For example, I have a 7-year old Pixel C. By the time Google stopped using system updates for it, I wasn’t wanting them as every release made the device slower and more unstable. After some effort, I was finally able to install a version of Lineage, which itself has problems including no updates in years. There’s a lot of software that is incompatible with my device, both from Aurora and FDroid.

Android isn’t Linux; Google doesn’t care about maintaining backward compatability on old devices, much less performance, and there’s no army of engineers making sure it is because there’s a served running in walled-up closet no one can find.

Google deprecates features and ABIs in Android, apps update and suddenly aren’t backwards compatible.

5 years, maybe. The entire industry is addicted to users upgrading their phones, and everyone gets a piece of that pie. There’s no actors, except perhaps app developers, who have any interest in keeping old phones running. Telecoms upgrade their wireless network - the internet connection in my 8 y/o car, and half its navigation features, died the day AT&T decided to stop supporting 3G; Phone makers make no money if you don’t buy new phones; and maintaining backwards compatibility costs Google money which they’d rather siphon off to shareholders.

Sure. I’m just saying, I think OP is looking for something that doesn’t require either buying the book again or pirating it.

Decades ago, there was a small, local company named Copper Cricket in Oregon that sold and installed rooftop solar water heaters which worked really well - despite the fact that the Willamette Valley, where most of the population lives, got something like only 3 months worth of cloudless days peer year (July, the month with the fewest cloudy days, has an average 40% cloud cover during the month).

This is pre-internet history, and I’m unable to find references, but when the company went out of business the rumor going around was that power companies were funding zoning lawsuits against Copper Cricket, and this eventually shut the company down.

And I think they want a solution that’ll index audio books, too. An LLM that’ll listen to, transcribed, and index audio books.

It’s listed as the “profile” in the screenshots you’re listing, but that’s the ruleset you’re altering.

I used nft or iptables, and my interaction with ufw has been sparse, and mostly through the UI, because the rulesets the GUI generates are incomprehensible. There should be a command in ufw to report which profile is active.

I’m going to guess this is a dead-end, since you’ve been using the CLI and I have to believe it uses the active profile by default, unless you tell it otherwise. However, in the GUI, if you edit rules in a profile it doesn’t automatically apply to your current ruleset. And if you alter your current ruleset, it doesn’t automatically persist it. So, even if you change a rule on the Home profile, and the Home profile is active, it doesn’t automatically get applied to the running ruleset; you have to take another action to apply it.

Mind you, that’s all through the UI; I’ve never used the ufw command line, so this is (again) probably a red herring. I find ufw to be obtuse at best, because of the Byzantine rulesets it generates.

Are you using the GUI?

Make sure you’re applying them to the active profile.

I use it for everything, but then, I wrote it. All of the desktop secret service tools have desktop dependencies (Gnome’s uses Gnome libraries, KDE’s pulls some KDE libraries) and run through DBUS; since I don’t use a DE, it’s a fair bit of unnecessary bloat. And I don’t like GUI apps that just hang around in the background consuming resources. I open KeePassXC when I need to make changes to the DB, and then I shut it down. Otherwise, it hangs out in my task bar, distracting me.

Rook is for people who want to run on headless systems, or want to minimize resources usage, or don’t use a desktop environment (such as Gnome or KDE), or don’t run DBUS, or don’t run systemd. It’s for people who don’t want a bunch of applications running in the background in their task bar. KeePassXC providing a secret service is great, but it’s overkill if that’s most of what it’s providing for you, most of the time.

I don’t think took is for everyone, or even for most people. It’s for people who like to live mostly in the command line, or even in VTs.

KeePassXC can’t be run in headless mode, and the GUI is tightly coupled to the app. You have to have all of X installed, and have a display running, to run it.

Here’s the runtime dependencies of KeePassXC:

linux-vdso.so.1
libQt5Svg.so.5
libqrencode.so.4
libQt5Concurrent.so.5
libpcsclite.so.1
libargon2.so.1
libQt5Network.so.5
libQt5Widgets.so.5
libbotan-3.so.5
libz.so.1
libminizip.so.1
libQt5DBus.so.5
libusb-1.0.so.0
libQt5X11Extras.so.5
libQt5Gui.so.5
libQt5Core.so.5
libX11.so.6
libstdc++.so.6
libm.so.6
libgcc_s.so.1
libc.so.6
/lib64/ld-linux-x86-64.so.2
libgssapi_krb5.so.2
libproxy.so.1
libssl.so.3
libcrypto.so.3
libbz2.so.1.0
liblzma.so.5
libsqlite3.so.0
libdbus-1.so.3
libudev.so.1
libGL.so.1
libpng16.so.16
libharfbuzz.so.0
libmd4c.so.0
libsystemd.so.0
libdouble-conversion.so.3
libicui18n.so.75
libicuuc.so.75
libpcre2-16.so.0
libzstd.so.1
libglib-2.0.so.0
libxcb.so.1
libkrb5.so.3
libk5crypto.so.3
libcom_err.so.2
libkrb5support.so.0
libkeyutils.so.1
libresolv.so.2
libpxbackend-1.0.so
libgobject-2.0.so.0
libcap.so.2
libGLdispatch.so.0
libGLX.so.0
libfreetype.so.6
libgraphite2.so.3
libicudata.so.75
libpcre2-8.so.0
libXau.so.6
libXdmcp.so.6
libcurl.so.4
libgio-2.0.so.0
libduktape.so.207
libffi.so.8
libbrotlidec.so.1
libnghttp3.so.9
libnghttp2.so.14
libidn2.so.0
libssh2.so.1
libpsl.so.5
libgmodule-2.0.so.0
libmount.so.1
libbrotlicommon.so.1
libunistring.so.5
libblkid.so.1

I don’t know why it links to a systemd library. Here are the runtime dependencies of rook:

linux-vdso.so.1
libresolv.so.2
libc.so.6
/lib64/ld-linux-x86-64.so.2

Don’t get me wrong: KeePassXC is one of my favorite programs. But don’t leave it running all the time, and it can’t be run on headless systems.

This is what recommend as well. The various KeePasses all to pretty good jobs of merging databases, in case of sync conflicts, and you can utterly ignore whether you’re online or not. Plus, there’s a really fantastic tool, written by a veritable genius of a developer, that lets you use a KeePass DB as a secret service on your desktop.

I don’t know anything about the Zero Trust network you’re working with, but this is essentially the same as what I’m doing with Home Assistant. It runs on the LAN, because it’s controlling everything in my house. The server is on a battery backup, most of my devices are z-wave, and several are battery powered. I can lose internet and power to the house, and still disarm the alarm and unlock the front door, at least until the UPS runs out, which is several hours.

Since HA is on my LAN, accessing it while traveling requires exposing my server to the internet, which terrifies me. I do have VPSes, though, and I have one locked down s.t. it’s only accessible via VPN. It’s not exposing any ports to the WAN except the Wireguard ports. To get to my HA, I connect to that one VPS via the VPN, which is on a VPN subnet with my home server.

The downside is that it is not possible to access my LAN (and, therefore, my HA server) without a pre-configured client. If I don’t have my laptop or phone, I can’t get to my LAN. If my VPS went down, I couldn’t get to my LAN. And, obviously, if my home internet goes down, I can’t get to my LAN. I’d rather be safe than sorry, though.

The emojis are something everybody in the family loves, and uses a lot. I don’t know that it’s a complete deal-breaker 🤷‍♂️