NaibofTabr

Seriously, fuck Pearson. Garbage company.

Nice save, and a fantastic PSA.

Also I’m a big fan of sleeping on a problem as a path to a solution. I’m not sure how exactly that skill develops, but it’s definitely something that I’ve done a few times over the years.

There are definitely at least 9 circles of emacs filled with tormented souls.

Perfect explanation.

Thank you, I try. It’s always tricky to keep network infrastructure explanations concise and readable - the Internet is such a complicated mess.

People like paying for convenience.

Well, I would simplify that to people like convenience. Infrastructure of any type is basically someone else solving convenience problems for you. People don’t really like paying, but they will if it’s the most convenient option.

Syncthing is doing this for you for free, I assume mostly because the developers wanted the infrastructure to work that way and didn’t want it to be dependent on DNS, and decided to make it available to users at large. It’s very convenient, but it also obscures a lot of the technical side of network services which can make learning harder.

This kind of thing shows why tech giants are giants and why selfhosted is a niche.

There’s also always the “why reinvent the wheel?” question, and consider that the guy who is selling wheels works on making wheels as a full-time occupation and has been doing so long enough to build a business on it, whereas you are a hobbyist. There are things that guy knows about wheelmaking that would take you ten years to learn, and he also has a properly equipped workshop for it - you have some YouTube videos, your garage and a handful of tools from Harbor Freight.

Sometimes there is good reason to do so (e.g. privacy from cloud service data gathering) but this is a real balancing act between cost (time and money, both up-front and long-term), risk (privacy exposure, data loss, failure tolerance), and convenience. If you’re going to do something yourself, you should have a specific answer to the question, and probably do a little cost-benefit checking.

But if I’m reading the materials correctly, I’ll need to set up a domain and pay some upfront costs to make my library accessible outside my home.

Why is that?

So when your mobile device is on the public internet it can’t reach directly into your private home network. The IP addresses of the servers on your private network are not routable outside of it, so your mobile device can’t talk to them directly. From the perspective of the public internet, the only piece of your private network that is visible is your ISP gateway device.

When you try to reach your Syncthing service from the public internet, none of the routers know where your private Syncthing instance is or how to reach it. To solve this, the Syncthing developers provide discovery servers on the public internet which contain the directions for the Syncthing app on your device to find your Syncthing service on your private network (assuming you have registered your Syncthing server with the discovery service).

This is a whole level of network infrastructure that is just being done for you to make using Syncthing more convenient. It saves you from having to deal with the details of network routing across network boundaries.

Funkwhale does not provide an equivalent service. To reach your Funkwhale service on your private network from the public internet you have to solve the cross-boundary routing problem for yourself. The most reliable way to do this is to use the DNS infrastructure that already exists on the public internet, which means getting a domain name and linking it to your ISP gateway address.

If your ISP gateway had a static address you could skip this and configure whatever app accesses your Funkwhale service to always point to your ISP gateway address, but residential IP addresses are typically dynamic, so you can’t rely on it being the same long-term. Setting up DynamicDNS solves this problem by updating a DNS record any time your ISP gateway address changes.

There are several DynDNS providers listed at the bottom of that last article, some of which provide domain names. Some of them are free services (like afraid.org) but those typically have some strings attached (afraid.org requires you to log in regularly to confirm that your address is still active, otherwise it will be disabled).

It’s child exploitation for profit:

investigation: How Roblox is Exploiting Young Game Developers

Roblox Pressured Us to Delete Our Video. So We Dug Deeper.

There is a crow pulling both wolves by the tail called “bedrock linux” that can install packages using both apt and aur.

Oh god… what happens when they both try to pull the same library as a dependency, but slightly different versions because different repos?

Hmm, but you have to install and run the Python environment for that. AWK is typically present on *NIX systems already. Python seem like overkill for basic text processing tasks.

Why does a retail store need a license plate reader?

There’s no place like 127.0.0.1

Obviously the solution is to have thousands of nodes per file transfer to increase the bandwidth.

This is a perfect plan which has absolutely no downsides.

The existence of Wide Area Network implies Narrow Area Network.

meshtastic

Meshtastic is a project that enables you to use inexpensive LoRa radios as a long range off-grid communication platform in areas without existing or reliable communications infrastructure. This project is 100% community driven and open source!

…as in… like… LAN?

OK, so what is a VPN?

A Virtual Private Network is a virtual network that lives on top of a physical network. In the case of the Internet, basically what happens is that your network traffic goes into the VPN on one side and comes out of the VPN provider’s network somewhere else, rather than out of your ISP’s network. All this really does is move any privacy concerns from your ISP to your VPN, which may or may not protect you from any legal inquiries.

For a more thorough explanation look here: https://www.howtogeek.com/133680/htg-explains-what-is-a-vpn/

Is it possible to use torrent without a VPN?

Certainly, however your torrent traffic will be visible to and inspectable by your ISP. If a copyright holder chooses to, they may sue your ISP for the personal information of the person whose IP address matches the illegal traffic that they found. After they have your personal information they can prosecute you directly. A VPN might shield against this by changing the apparent IP address associated with your torrent traffic, but then you are at the mercy of the VPN provider and the government of whichever country they operate in.

It should be noted that if you are not paying the bill for the Internet, and you use it for illegal activity, then the person you are putting at risk is the person who pays the bill. It’s their name attached to the ISP records.

If you are caught, or if they just don’t like torrent traffic on their network, the ISP may decide that you are simply too much trouble and it’s not worth keeping you as a customer, and just cut off your service (for your whole house).

Umm, but then your VPN leads to a server rented from a web host which you are paying with (presumably) a credit card, and if they’re reputable at all then you had to register with a government ID. The ones that don’t check ID are the ones that host ransomware gangs and CSAM distributors.

A VPN provides no privacy at all if it’s linked to an IP address or domain name and hardware that is registered to you.

This is a great point. Do the cameras have microphones? Is it a two-party/all-party consent state?

Now you need to get consent from every person who might end up being recorded.

Might also be worth pointing out in an HOA meeting that if this guy buys and configures the cameras himself then he has access to watch everybody. How much does the rest of the community trust this guy to not be creeping on everyone else?

IP cameras here that have local access only

This is the right way.

No proprietary SaaS portals, no cloud uploads, no apps, no external network links.

Hopefully the local connections are encrypted and the devices on the network are segmented into VLANs, otherwise anyone on the local network could just watch the video stream.