My first computer was an old Sinclair ZX81. It was my friends dad’s old computer, I got to borrow it over school summer break as they headed to India during the summer. Spent most of that summer learning the basics of BASIC, but you couldn’t really do terribly much with it.

I think this was 1982.

Got my own ZX Spectrum 48 couple of years later. Glorious times gaming and programming.

Haha, the whole thing here: https://www.youtube.com/watch?v=yoN6XfyQsr4

Thou shalt not steal if there is a direct victim.
Thou shalt not worship Pop Idols or follow Lostprophets.
Thou shalt not take the names of Johnny Cash, Joe Strummer, Johnny Hartman, Desmond Dekker, Jim Morrison, Jimi Hendrix or Syd Barrett in vain.
Thou shalt not think any male over the age of 30 that plays with a child that is not their own is a paedophile. Some people are just nice.
Thou shalt not read NME.
Thou shalt not stop liking a band just because they’ve become popular.
Thou shalt not question Stephen Fry.
Thou shalt not judge a book by its cover.
Thou shalt not judge Lethal Weapon by Danny Glover.
Thou shalt not buy Coca-Cola products.
Thou shalt not buy Nestlé products.
Thou shalt not go into the woods with your boyfriend’s best friend, take drugs and cheat on him.
Thou shalt not fall in love so easily.
Thou shalt not use poetry, art or music to get into girls’ pants. Use it to get into their heads.
Thou shalt not watch Hollyoaks.
Thou shalt not attend an open mic and leave as soon as you’ve done your shitty little poem or song you self-righteous prick.
Thou shalt not return to the same club or bar week in, week out just 'cause you once saw a girl there that you fancied that you’re never gonna fucking talk to.

There’s a second verse, but I think I’ll leave it at that.

Look. FOSS project fundraisers are cool and everything… nothing wrong with that, but you could have given a bit more context instead of going for the “shock value” link. The project you linked to is a LineageOS fork as far as I understand - and I don’t really see how Android ROM would have any relation to Mozilla Corp CEO bonus - or even to Firefox, the community you posted this to?

Well that was a well paid hit piece. For the record, I am happy with Firefox and its functions, I’ve been using it since the start.

I am rather worried about Mozilla’s new laser focus on AI and the Corp CEO compensation bonuses are just bullshit.

I’m hoping we won’t be forced into a completely Google dominated web because I thinking at that point it’s time to abandon it and burn everything to the ground

I regularly remote into in order to manage, usually logged into KDE Plasma as root. Usually they just have several command line windows and a file manager open (I personally just find it more convenient to use the command line from a remote desktop instead of directly SSH-ing into the system)

I’m not going to judge you (too much), it’s your system, but that’s unnecessarily risky setup. You should never need to logon to root desktop like that, even for convenience reasons.

I hope this is done over VPN and that you have 2FA configured on the VPN endpoint? Please don’t tell me it’s just portforward directly to a VNC running on the servers or something similar because then you have bigger problems than just random ‘oops’.

I do also remember using the browser in my main server to figure out how to set up the PiHole

To be honest, you’re most probably OK - malicious ad campaigns are normally not running 24/7 globally. Chances of you randomly tumbling into a malicious drive-by exploit are quite small (normally they redirect you to install fake addons/updates etc), but of course its hard to tell because you don’t remember what sites you visited. Since most of this has gone through PiHole filters, I’d say there’s even smaller chance to get insta-pwned.

But have a look at browser history on the affected root accounts, the sites along with timestamps should be there. You can also examine your system logs and correlate events to your browser history, look for weird login events or anything that doesn’t look like “normal usage”. You can set up some network monitoring stuff (like SecurityOnion) on your routers SPAN, if you’re really paranoid and try to see if there’s any anomalous connections when you’re not using the system. You could also consider setting up ClamAV and doing a scan.

You’re probably OK and that’s just paranoia.

But… having mentioned paranoia… now you’ll always have that nagging lack of trust in your system that won’t go away. I can’t speak to how you deal with that, because it’s all about your own risk appetite and threat model.

Since these are home systems the potential monetary damage from downtime and re-install isn’t huge, so personally I’d just take the hit and wipe/reinstall. I’d learn from my mistakes and build it all up again with better routines and hygiene. But that’s what I’d do. You might choose to do something else and that might be OK too.

Huge respect for quality entertainment. 52 episodes a year for 10 years is just insane.

I hope his break is long and relaxing, it is certainly well deserved.

And I do hope he comes back some day. I would love to see episodic deep dives where he explores one topic in more detail (like let’s say 5-10 episode series about one subject).

Thanks for the share.
Obviously Perens is one of the FOSS OG figures and he makes a lot of good points. Lately the RHEL/IBM situation has shown a mere license text file isn’t going to keep megacorps from finding ways to circumvent the ideology and the purpose behind it. They have simply too many resources both in development and in legal departments and too many ways to work around the legalese of its intended purpose .

Also there’s been an increasing trend where products (Elastic etc) start off with FOSS license and as soon as they gain critical mass, they split their product and switch to their own FOSS-light license and gimped “community edition” downloads. Again, all still legally above the board, but at the same time completely ignoring the intended purpose of the license in the first place.

I think what Perens is proposing is too complicated. I understand that “contract” has far more binding legal fire power compared to a “license”, but as he also points out in the article, it complicates things to the point where it’s hard to adopt. The problem is of course far deeper than just licensing and has its roots deep somewhere in late-stage capitalism and deregulation of corporate entities and those are of course not problems that Perens or the free software community can easily solve. Unfortunately.

It’s clear that something new is needed and I appreciate the work he is doing. I’m not sure it’s the right direction to take, but can’t say I have any rabbits I can pull out of my hat either, so I’ll follow this with interest.

Well, that article was a hot mess.

I appreciate the authors effort and they are correct about lack of “what is VPN” articles that are not written by VPN-vendors in marketing purpose. But I’m not sure if this was it.

Writing an article meant to “debunk” misconceptions and getting two core concepts, Security and Privacy mixed up right from the start wasn’t very good.

A lot of time was spent on explaining HTTPS and how it somehow magically makes you and your data secure on the Internet and it completely missed to mention who the potential threat actors thwarted by HTTPS are?

Could have probably used a chapter on how actual threats (both security and privacy) work and how don’t have much to do with the level of encryption your TCP/IP connection happens to encapsulate.

The last chapter with the first 3 bullets was pretty good though. That could have just been the whole article and it would have been alright.

Oh well. Attempt was made.

Maybe we’ll climb to 4% marketshare!