Even if you control your router/modem, they still control the other end, it connects to. And some more infrastructure along the path. So i think it depends a bit where you’re going with this. If you’re worried about them doing packet inspection, or logging IP numbers you connect to, I don’t think there’s a big difference. They could do it anywhere. And they’ll likely do it in some datacenter.

A router interfaces with your local network, though. So in theory a router can be used to connect to your internal devices and computers and maybe you have an open network share without password protection or something like that. But we’re talking violating your constitutional rights here. It’s highly illegal in most jurisdictions to enter your home and go through your stuff.

I’ll buy my own router because I can then configure it to my liking. And my ISP charges way too much for renting one. And what I also do is not use my ISP’s DNS service. That’d just send every domain name I open to their logfiles. Instead I use one from OpenNIC

I’d go with the Debian package. That’s tied into the system. You get nice updates, there’s more eyes on what the upstream developers do, sometimes the Debian maintainers disable things like tracking, fix vulnerabilities in libraries. It’s smaller, less permission issues… It’s just safer and more convenient…

I’ll go for Flatpak once there’s some benefit. For example the sandboxing which is great to have for proprietary software. Or if the package isn’t available in the Debian repositories, and the alternative would be some third-party repo or deb file downloaded from a random website. And in rare cases when I need a specific version and the Debian maintainers are stuck with an old release.

And I feel a large contributing factor is the entire situation we’re in. It’s not like I can decide to use GPT 4 as a coding assistant and that’s it. I’m also aware that half the internet turned to shit with all the fake reviews, comparison sites. Microsoft pushes some Clippy 4.0 on me whether I want that or not, most customer support is unbearable now, thanks to AI. So all of that goes into the mix, not just usefulness. And I think romantic companions and legal advise is a bit due to negative media coverage.

Depends. Sometimes you’ll get a PC magazine or blog cover an upcoming laptop and test Linux compatibility. Or someone writes a long Reddit post after they got it, or updates the Arch Wiki. There definitely are ways to learn about Linux-compatibility with new models. We used to have Amazon comments and reviews…Just be super cautious with all the AI bots and fake comparison sites out there.

And it’s a bit more complicated with gaming stuff. Sometimes they’ll add a weird webcam, or unsupported RGB LED controller, or have weird quirks in the firmware. Some other model lines like a business laptop from Dell or Lenovo tend to be just fine and you’ll get 100% Linux compatibility. There’s no guarantee, but any way, after a few Linux nerds blogged about it you should be fine.

Yes. My question is just, how do you participate in modern life with that? For example if you commute by train, you need a ticket. And the Deutsche Bahn tries to get rid of paper tickets. Their monthly subscription is an App now, available for Android and Apple. Do you install Waydroid and whip out your laptop once the conductor asks for your ticket? Do you also pull it out of your backpack 3 times on the platform to look up all the delays, changed platforms, trains you have to transfer to? What’s with the pkpass file for the concert, cinema, exhibition? I mean we can still print the QR codes. I do that, I have a printer at home and sometimes do the extra effort. I can’t take my laptops and tablets to concerts. And some other things will get more complicated as well. For example Shop & Go is almost impossible without a phone. You’re guaranteed to wait in line at the few cash registers left and waste an extra 10min… You’ll have to apply for a chip card to charge your EV, can’t update some of your electronic gadgets any more… And if you drive by car, how do you listen to Music and Podcasts? With an USB stick or a 12xCD changer in the trunk like in the early 2000s?

Yeah, probably jump ship to a life without a mobile phone, online banking and train tickets. 🙁

deleted by creator

Thanks for the link! As a short aside for the other people here: Try not to spam developers. That usually achieves the opposite and makes them miserable, when we want them to not burn out, and write good software for us. A thumbs-up emoji is the correct reaction for the average person. Or for the pros - a code-review highlighting specific issues within the code.

Uh. I’d really prefer if people experimented with new technology a bit more cautiously and not directly jump to “the biggest release […] ever done”.

I feel Anti-DDOS and Cloudflare as a web application firewall has traditionally been a lot of snake-oil as well. Sure there’s applications for it. Especially for the paid plans with all the enterprise functions. And all the way at the other end of the spectrum, where it serves as a means to circumvent NAT and replace DynDNS. But there’s a lot in-between where I (personally) don’t think it’s needed in any way. Especially before AI.

From my own experience, personal blogs, websites of your local club, church, random smaller projects, small businesses… rarely need professional DDoS protection. I’ve been fine hotsing it myself for decades now. And I’m not sure if people know what they’re paying with. I mean everytime we get a Cloudflare hiccup (or AWS…) we can see how the internet has become very centralised. Half of it just goes down for an hour or so, because we all rely on the same few, big tech services. And if you’re terminating SSL there, or use it to look inside of the packets to prevent attacks, you’re giving away all information about you and your audience/customers. They don’t just get all metadata, but also read all the transferred content/data.

It all changed a bit with the AI crawlers. We definitely need countermeasures these days. I’m still fine without Anubis or Cloudflare. I block their IP ranges and that seems to do most of the job. I think we need to pay a bit more attention to what’s really happening. Which tools we have, instead of always going with the market leader with the biggest marketing budget. Which problems we’re faced with in the first place and what tools are effective. I don’t think there’s a one size fits all solution. And you can’t just roll out random things without analyzing the situation properly. Maybe the correct answer is Cloudflare, but there’s also other way less intrusive and very effective means available. And maybe you’re not even the target of script kiddies or annoyed users. And maybe your your convoluted Wordpress setup isn’t even safe with the standard web application firewall in front.

Anubis is an entirely different story. It’s okay concerning privacy and centralisation. It doesn’t come without downsides, though. I personally hate if that thing pops up instead of the page I requested. I don’t like how JavaScript is mandatory now to do anything on the web. And certain kinds of crawler protection contribute to the situation how we can’t google anything anymore. With all the people locking down everything and constructing walled gardens, the internet becomes way less useful and almost impossible to navigate. That’s all direct consequences of how we decide to do things.

This is the permissive vs copyleft debate. And it’s old as time. I suppose there’s a lot of nuance with licensing. If you’re a company at the receiving end, you probably love permissive licenses. They’re easy, offer the maximum amount of flexibility and freedom. It’s so short you probably don’t even need a team of lawyers… If you write software, it’s a bit more complicated. Do you want to cater to those people, make it as easy as possible to adopt your software? Then maybe consider BSD/Apache/MIT. Do you want to build a community, stop your competitors from just taking code? Want to try to ensure it stays open? Then maybe consider a copyleft license.

I sometimes don’t care. Write some stuff for me (as a hobby) but that’s my entire motivation. I don’t care what people do with the results of my weekend of effort. Never plan to hire a lawyer or bother with it in case something happrns with it. Or it’s just a pile of snippets. I’ll dump it for other people to use and release that either WTFPL or some other permissive license. People can do whatever they like with it. With the stuff I’m a bit more proud of, or I plan to return to, I’ll choose AGPL.

I suppose with operating systems, it’s a bit similar? I mean there is a community for both ideas. Seems there are people who like either of them. They’ll have slightly different ideology, tasks to accomplish and different goals.

Hmmh. I’m not entirely satisfied with any of them. Crowdsec is a bit too complex and involved for my taste. And oftentimes there’s no good application config floating around on the internet, neither do I get any sane defaults from my Linux distribution. Whereas fail2ban is old and eats up way too much resources for what it’s doing. And all of it is a bit too error-prone(?) As far as I remember I had several instances when I thought I had set it up correctly, but it didn’t match anything. Or it was looking for some logfile per default but my program wrote to the SystemD journal. So nowadays, I’ll double-check everything. I wish programs like sshd and webapps came with that kind of security built in in some foolproof way.

For remote management, I just enable SSH, configure it to run on some non-standard port and enable Fail2ban… Make sure I use certificates or secure passwords and also check if fail2ban is actually doing its job. Never had any issues with that setup.

For the services I’ll either use a reverse proxy, plus configure the applications not to allow infinite login attempts, or Wireguard / a VPN.

Hehe. It depends a bit on the social group. But most people will be aware of it before I even open my mouth… Dunno, maybe it’s the long hair, or Debian t-shirt or something like that. But I rarely have to (verbally) disclose the fact I’m a nerd 😉 There’s some danger of confusion with the metalheads, but you know, people can fulfill several stereotypes simultaneously, so… confusion avoided…

“Hey, I never liked Office 365, Microsoft as a company and all the Cloud shenanigans… And have you noticed how their products all become shittier and more invasive by the day? All while they increase subscription price each year now to finance all the AI stuff I rarely use? I’m a long-term fan of this other product, called XYZ which is just better in every aspect. No offense. If you want me to send you a link…”

(Edit: It’ll become easier after a while. At some point they all know you’re a Linux nerd and disassembled your wifi router at home, dishwasher… To get rid of proprietary spy components. And people will deliberately decide to listen to your opinion and lengthy rant, or make an effort to not bring up the topic 😆 At that point, you’re relatively free to speak your mind… Just read the room a bit. The goal isn’t to annoy people.)

I follow a similar strategy. I back up my important stuff. And I’m gonna have to re-rip my DVD collection and redownload the Linux ISOs in the unlikely case the RAID falls apart. That massively cuts down on the amount of storage needed.

That’s correct. I went with OP’s original question, what happens after it happened… Not sure what OP meant, they’re nowhere in the comments… Maybe they’re a bot as well, and we’re subject to the very same thing we’re talking about, right now…

But sure. All the fabricated pull requests, issue reports etc are massively problematic. We got quite some bot activity. Then we also need to protect our servers and platforms from their crawlers who just DDOS everyone… Documentation went down the drain, StackOverflow, Reddit… The industry is trying to get rid of entry level programmer positions, so you’ll have a bad time entering the job market as any programmer… We’re just drowned in all that stuff. Supply chains also get affected by AI, people need to choose between using existing libraries, licensing, money… Or replacing it with something the AI generated, and we get structural challenges in all kinds of projects…

Hmmh, thanks. Yeah, I read the Readme. And they claim it performs better than other methods. I guess I’ll find out soon.

Nothing? I mean an if/else works the same way, no matter if it’s written by a human or an AI or a cat or whatever…

The Linux kernel developers are opinionated, though. Everything gets quite an amount of scrutiny. There will be several people having their eyes on submissions. They’re looking for security vulnerabilities. They’re adamant on maintainability. Have a standard on how to phrase things, indent lines… Send in the patches… They generally have high standards. I mean if someone submits some AI slop, there’s a high chance it just gets declined and they’re getting scolded for doing it.

There’s of course always the chance someone tries to sneak something in. Or it creeps in on its own. But it’s the same for bugs or security attacks. And maybe some of the devs work for companies who push AI and they’ll do silly things. But the Linux community is pretty strong. They’ll find a way to handle it. And maybe in the far future, AI will get as good as human programmers and there won’t be an issue accepting AI code, because it has the same quality as human code. But that’s science fiction as of now.

Thanks! I’ll wait a few days, maybe one of these pops up on Huggingface. Are “abliterated” versions alright these days? Last time I downloaded something with that word in the name, it wasn’t very good.