I am a Meat-Popsicle

  • 0 Posts
  • 222 Comments
Joined 1 year ago
cake
Cake day: June 10th, 2023

help-circle
  • Minimum open services is indeed best practice but be careful about making statements that the attack surface is relegated to open inbound ports.

    Even Enterprise gear gets hit every now and then with a vulnerability that’s able to bypass closed port blocking from the outside. Cisco had some nasty ones where you could DDOS a firewall to the point the rules engine would let things through. It’s rare but things like that do happen.

    You can also have vulnerabilities with clients/services inside your network. Somebody gets someone in your family to click on something or someone slips a mickey inside one of your container updates, all of a sudden you have a rat on the inside. Hell even baby monitors are a liability these days.

    I wish all the home hardware was better at zero trust. Keeping crap in isolation networks and setting up firewalls between your garden and your clients can either be prudent or overkill depending on your situation. Personally I think it’s best for stuff that touches the web to only be allowed a minimum amount of network access to internal devices. Keep that Plex server isolated from your document store if you can.










  • I used enlightenment for something like a decade. When Gnome hit the big time I used Gnome because it looked Nice and was very flexible. I went back to Mac and Windows Land for a bit, when I came back I went Gnome again. I just screw around for a day looking and picking plugins and fighting with it to get it exactly how I wanted it. After fighting with one of the older plugins that mustn’t doing what I wanted to do I saw somebody mentioned using KDE. I tried KDE and sure enough every single thing I was plugging the hell out of Gnome for was a default setting in KDE. I’m currently running Plasma. I must say that Cinnamon’s not bad either.




  • I’d vote for anytype or obsidian

    Anytype has a learning curve, But it has built-in encryption and IPFS syncing provided by the company. The templating system is really slick and the relational aspect is pretty solid.

    Obsidian + syncthing fork is a really solid contender. It’s much easier to work with out of the box but the features are a little more generic.

    Neither of these are really self-hosted, so much as they are contained in their own ecosystem. You get some measure of higher availability that you have to really work for if you’re really self-hosting a product.



  • Each distro picks the things it likes the things it doesn’t like and it combines what it wants into a working operating system. Maybe they make some of their own custom stuff, maybe they just borrow other people’s stuff.

    Debian, up until the last couple of revisions, was very big on choosing* only free things. If you wanted to use any non-free products you had to jump through small hoops. So Ubuntu took Debians core, and rewired it to properly support free things making installation and maintenance on newer hardware much easier. Because it was so much easier, they got a huge support community, and became the default for a lot of people just starting out. But then the guys that run Ubuntu also made other decisions, like trying to monetize some of the aspects or pushing for the use of different package managers that people don’t love. Mint came along and kind of filled the gap in between Ubuntu’s up sides and downsides and became the easy default for a lot of people. In the midst of all that turmoil, Debian slipped in their own version of making non-free software seamless. A lot of the support thrown into Ubuntu and Mint also helps Debian.

    Red hat, fedora, and centos have the same kind of story going on, But it’s much less exciting and more about support and payments.

    The next thing you hear about* is immutable operating systems. Like Fedora Silver Blue or NixOS*. They’re extremely secure, because you’re not allowed to make changes to the operating system blindly while it’s running, But it complicates just about everything you do in the name of security.

    The other things you mentioned were window managers. (Gnome, KDE…) They’re basically affecting the look and feel of the GUI for the operating system. It’s your right click and your start menu and your window shades at the top and how windows are moved and snapped and organized. KDE looks and works by default a lot more like Windows, Gnome has a rather flexible plug-in system in tons of plugins available. Most of the other window managers are designed for low memory usage.

    Another thing you’ll run into is X-Windows and Wayland. They mainly deal with backend internals of how the gui does its work. X Windows is ancient and compatible with just about anything that was ever made, Wayland is a bit flashier a little more efficient, and a little more secure, But at the same time it has a lot of compatibility issues with new hardware. Like if you’re going to run auto hotkey you’re going to have a harder time getting it to run under Wayland.

    If you’re running on an x86/64 PC you can choose whatever you want, with the lion’s share of tech support being available for Debian variants (Debian, Ubuntu, Mint)

    If you’re running on Mac, some distros are better supported.

    If you’re running on a Raspberry pi you’re usually best going with one of the ones they recommend.

    When someone says that an application is tested to work with a certain distribution, if most likely can work or be coerced to work with most of the other distributions, But the developer designed it under and tests it under whatever distribution they recommended regularly. So don’t be surprised if you choose something else and you have to fight with it a bit to get it to work or in rare cases it doesn’t work at all.

    • edit: wording, typos and clarifications now that I’m not on mobile.