The sink. It never occurred to me that people regularly brush their teeth in the shower until now.

I used to brush without wetting the toothbrush, but ever since I saw a fruit fly on my toothbrush, I’ve rinsed it off before using.

It’s better than the default, but such firewalls are installed at the user level while Google’s services are installed at the root level and are known to bypass VPNs and VPN-style firewalls, including RethinkDNS, on occasion.

Nice, that’s a better rugged laptop than I imagined. Seems to be a fortified variant of a regular Latitude, so you should have access to interchangeable parts for years to come.

It is on the back of my mind, but there’s only so much I can do as a civilian. And I’ve already got enough personal stuff to keep me busy for a while.

The cheap secondary phone is the approach I have gone with for work apps. Powered up only when needed and doesn’t connect to my main home network.

Great for my tablet which is too weak to run IronFox smoothly. One annoyance is that it’ll insist on a refresh if your internet connection is interrupted or changes in any way. The reason for it is not immediately obvious and neither is the option to turn it off (Settings > Homepage > Ask to restart on connection change)

I won’t pretend that I have self-hosted storage that is reliably accessible from beyond my home, but most people who have set up a self-hosted cloud drive report that it can be done in a matter of hours on cheap second-hand hardware, which would also save you on subscription costs. You’ll also be spending some time migrating files over in either case already.

A fine start, but I think the plan could be made a bit more sustainable.

1. Make a threat model. Hardware that is impenetrable today might not be as secure five years later as new security vulnerabilities are found. Who or what do you want to defend against?

2. If you don’t use an OS that phones home, options without AI-enhanced wiretapping will still be around for years to come. There’s also several existing layers of hardware-related wiretapping to consider: the Intel ME, AMD PSP, BIOS, embedded controller firmware, SSD firmware, input peripherals, etc.

3. I’d be happy to be proven wrong, but what you have sounds like specialty hardware, for which parts will become increasingly rare and expensive over 8 to 9 years. Ironically, common business-class laptops could be more future-proof by this metric, unless perhaps you plan on using one out in the field or in a metal foundry.

4. Laptops are fundamentally like desktop computers, just in a portable form factor. Any security measure on a laptop can be more or less replicated on a desktop computer.

Glove Prints

Problem: Thin gloves like surgical gloves can still leave fingerprints on surfaces.

Source: https://en.wikipedia.org/wiki/Glove_prints

Mitigation: Wear thick, textured gloves

Finally found an explanation for why my phone’s fingerprint sensor works through thin gloves.

Baidu and Alibaba might have you covered. But Chinese web services tend to require a laundry list of personal details and sometimes government ID to register for an account, if they’re even available to foreigners. Other considerations aside, the “security checks” and other knickknacks on Chinese web services are also just plain annoying. Is there anything that keeps you from self-hosting?

Have a NAS, Jellyfin server, and LLM on my LAN so far. Next step is to make them available outside my home, but I’ve been procrastinating.

6 to 8 hours depending on the day. If it were up to me, I’d have a polyphasic system for a sum of 8 hours: 6 hours at night plus a 2-hour siesta.

Never. Data privacy aside, I can’t be bothered to fill out yet another form or create yet another account just for one item I purchased. I also can’t remember the last time I had something break on me before the warranty expired.

It’s tempting to cut it off like mold on bread, but like mold on bread, it can extend far deeper than whatever mole or irregularity you see. See a doctor. Skin cancer is not something that can be treated with home remedies.

I daily drive Debian and have a few loose .deb packages and tarballs installed. Also enabled the Librewolf repo. It mostly comes down to an issue of manageability and possible conflicting dependencies. The ones I have installed don’t introduce any dependencies, so they’ve been trouble-free and have survived the Bookworm to Trixie upgrade. They are installed as a last resort option in the absence of a satisfactory equivalent via the official repo, Flatpak, or AppImage.

Loose .deb packages can be installed and uninstalled like any other normal Debian package, but won’t be automatically updated and don’t have any compatibility guarantee. Tarballs are nothing more than a collection of files, which may need to be placed in system directories. You’re on your own for those since there’s no standard and automated way to manage them and it’s possible to overwrite important system files if unpacked and copied in blindly. It’s a good idea to keep a manual record of what was put where in case any issues with them pop up down the road.

My personal ranking:

Official Debian repo > Flatpak > AppImage > Docker/Podman > Snap >> Reputable and known compatible third-party repo > Loose Debian .deb > tarball > Loose Ubuntu .deb >> Unfamiliar third-party repos and PPAs

There are certain occasions where a loose .deb or tarball won’t hurt, but sticking to options further up the list closes off the biggest routes of breaking Debian.

I only have enough lucidity to reverse an incident and prevent a nightmare from taking hold. Like if I drop a fresh lasagna on the floor in a dream, I’ll think to myself, “hey, isn’t this just a dream?”, after which I get time to briefly reverse and the lasagna flies back into its correct place. Then I’ll continue with the dream, without the incident and without any further lucidity.

The firmware isn’t open source and I only chose it for the employee discount, but the blue Yubico security key has held up well over hundreds of uses and several years jingling around in my keychain.

I’m more concerned about rogue browser extensions that may be innocent when you install them, but then change owners, and after an update that you don’t even notice are going to do bad things.

Exactly why the only extensions on my browser are uBlock Origin and LibRedirect. Was a victim of one user agent switcher extension that went rogue back in the day.

Using redlib to lurk on a handful of niche subs. Mostly as inspiration for my hobbies. Chief among them was r/thinkpad, but I’ve since weaned off them as they seem to be developing a phobia or even contempt for my favorite old ThinkPads. Yes, they’re over a decade old and not for everyone, but that doesn’t mean they belong in the e-waste pile. Or maybe they do so I can come pick them up.

It’s also still home to many helpful support threads and tutorials, unfortunately.

Seems reasonable to me, although I might be lacking perspective since my latest hardware is already 6 years old.

In previous years, my criteria was to upgrade once the hardware was holding back my workflow and productivity. But with Moore’s Law coming to a plateau, I’ve upgraded my RAM, GPU, and SSD not because I have to, but just because I got an very good deal on them.