

There’s a disclaimer in the readme: https://github.com/juanfont/headscale/?tab=readme-ov-file#disclaimer
The maintainer Tailscale contributes happens to be the lead developer by commit count at the moment.
i’m lizard
There’s a disclaimer in the readme: https://github.com/juanfont/headscale/?tab=readme-ov-file#disclaimer
The maintainer Tailscale contributes happens to be the lead developer by commit count at the moment.
They also had a major ass security issue that a security company should not be able to get away with the other day: assuming everyone with access to an email domain trusts each other unless it’s a known-to-them freemail address. And it was by design “to reduce friction”.
I don’t think a security company where an intentional decision like that can pass through design, development and review can make security products that are fit for purpose. This extends to their published client tooling as used by Headscale, and to some extent the Headscale maintainer hours contributed by Tailscale (which are significant and probably also the first thing to go if the company falls down the usual IPO enshittification).
I haven’t seen proper reporting but the Play Integrity install source thing is accurate. There’s a reasonably good overview straight from the devil himself.
Lots of things that have very valid reasons on paper that also just happen to give Google a stupid amount of control and will backfire for a somewhat small percentage of people in very bad ways. We’ve been at “you can’t use pretty much any bank unless you agree to either Google or Apple terms” for quite some years now, now we’re giving those same app developers ways to detect if their device has accessibility APIs enabled (useful to protect against bot farms, but also a functional check for “you’re able-bodied”) or is in security support (also a functional check for “not reliant on hand-me-downs”).
The store page is kinda confusing. I don’t think the line “Join forces with other players to take on the creeping night and the dangers within featuring 3-player co-op.” along with both singleplayer and co-op listed as valid playing styles is something most reasonable people would interpret the way that it really is: be exactly 3 players with external voice chat available because all other ways of playing the game will suck hard.
They’ve been sorta honest about that in interviews and such but those don’t have the same reach as their huge marketing campaign.
Not them but between those two I’d recommend Kanboard if you’re going to be the only user. Far lighter and easier to administer piece of kit, has everything you’d want from a fancy task list but not much more. WeKan is rather heavy software but does have a few features that are probably quite important for large team use.
PUID
is indeed handled inside the container itself, it’ll run a container-provided script as whatever the container’s UID 0 happens to be first which then drops to whatever $PUID
happens to be inside the container. user=
is enforced by Podman itself before the container starts, but Podman will still run as root in that setup. That means Podman is running “rootful”, while if you started the container manually as $uid using the regular Podman CLI, it would be “rootless”. That is a major difference in a lot of respects, including security, and you can find quite a bit of documentation on the differences between those operating modes online; it wouldn’t fit in a comment. Rootless is generally considered the better mode, though there are some things that still require a rootful container.
In the upcoming NixOS 25.05 or current unstable, there are some tools you can use to run containers rootless as another user more easily using a new $name.podman.user = "";
setting. From what I understand they’ll still be root-managed systemd system services that require sudo to operate, but that means privileges get dropped by systemd before running Podman, instead of dropped by Podman before running the container. This stuff is recent and I haven’t used it, I just happen to know it exists, relevant nixpkgs commit if you wanna dig into it yourself: https://github.com/NixOS/nixpkgs/commit/7d443d378b07ad55686e9ba68faf16802c030025
FWIW, your domain will most likely eventually get used by spammers and then it’ll be an endless string of somewhat expected but unpredictable failures from there on onwards, with no actions you can take to reduce it. It’s good to keep an eye on what comes in but I wouldn’t invest too much effort into failure alerting.
My crappy electric Philips toothbrush from the internet of shit era. If you press the single button it has slightly wrong it goes into some Bluetooth pairing mode or whatever that you can’t take it out of until it gives up 2 minutes later.
There are both dumps with full history and ones that are just the current set of articles. The full dump happens once a month on the 1st, but will often take ~2 weeks to run to completion, so you probably have to look back to the April 1 2025 dump for those. The metawiki dumps page has all the info.
Darts. World champion level stuff is vaguely watchable but remove the announcer/referee’s energy and it’s like a bad sitcom with the laugh track removed. I was brought to a tournament as a kid and I’ve never been in a room where everyone was that level of bored watching random people throw a fifty or whatever for hours on end.
Windows prefers to deactivate or minimize the write cache on removable devices, most of the common Linux distros generally don’t make such changes. Microsoft has a very good reason for that default: not a lot of people actually use the “safely remove hardware” option and if the cache is enabled, using and waiting for that is a hard requirement for the data to have actually made its way onto the drive.
Github: https://github.com/suitenumerique/docs
Self-hostable, but it seems like an absolute behemoth of an application if their “non-production-use-only” docker-compose file is to be believed, and I couldn’t find any production-ready deployment instructions on a quick skim. No obvious signs of federation and I didn’t see anything on their roadmap, not sure it would make a lot of sense for this though.
Gives them excuses to punish “weird”/non-perfectly-conforming kids. The definition of the actual law is broad and open to more or less any interpretation you want it to have.
Borg or the like with ‘hardcoded’ plaintext/regularly full-disk-encrypted key is acceptable. Someone that has your unencrypted private key sitting on your server has almost certainly already obtained access to the entire set of data you’re backing up, with the backup key itself only meaningfully guarding access to older backups.
The more important thing is to securely keep extra copies in case the server fails. I keep mine in a group in my password manager, one per repo.
The good stuff is usually hidden in low view hell (or in text form, stuck on personal blogs nobody reads). Getting an audience is mostly a property of marketing, not quality. There’s not a lot of natural overlap between those that can teach well and those that can market well.
For what it’s worth, this game was formerly “Monolith”. Fantastic twinstick bullet hell shmup roguelite. Difficulty is somewhat on the hard side but it’s learnable.
Acts as access point, if you connect to it from another device you get access to stuff on the SD card (via app or built-in webserver)… at least in theory. Quality varies.
The email ecosystem is changing in recent years but yeah, it’s best to expect that there is at least one opportunity for any given email to be sent over the internet unencrypted. MTA-STS has been slowly changing the landscape but adoption isn’t going all that great.
For current exports, it’s some custom .csm/.csd file combo. Not sure if there’s any tools for working with it, seems like it’d be more annoying than just using a normal archive format either way.
Dual nominations for Paper Mario: Sticker Star & Paper Mario: Color Splash. The only thing I really remember about them is that I played them and they left me without any feelings about them whatsoever.