Fail2ban config can get fairly involved in my experience. I’m probably not doing it the right way, as I wrote a bunch of web server ban rules — anyone trying to access wpadmin gets banned, for instance (I don’t use WordPress, and if I did, it wouldn’t be accessible from my public facing reverse proxy).

I just skimmed my nginx logs and looked for anything funky and put that in a ban rule, basically.

And probably only the second half of the 2nd amendment.

Windows is just as hard as linux, harder even with all the layers of obscurity.

With Windows, there is 1 current version of Windows (11), 1 “almost current” (10), 1 “outdated but you’ll maybe see it” (8.x) and only a few “you’ll probably only see this in obscure situations” versions. Linux has as many “parent” distros/package management systems (apt, rpm, pacman, etc.). This definitely complicates things, as each distro family does things slightly differently.

And we haven’t even touched the window manager/DE choices, of which there are a ton (as opposed to Windows). “Combinatorical explosion” maybe isn’t the right phrase, but you get the idea — Debian with i3wm is wildly different from Fedora Plasma.

This is all a good thing though, as Linux users tend to like the choice and flexibility — but it does mean that the “right way” to do something on Linux is very dependent on your particular setup, which isn’t the case with Windows.

(I have used Linux for the last 20+ years, and it’s definitely my preferred setup, and am lucky enough that I rarely use Windows for work, and never for personal use.)

I’m gonna try to guess the most likely LLM response to your post, trained on reddit data:

“This.”

How’d I do?

And many folks have headless setups — raspberry pis, home servers, VPSs, etc. It’s kinda overkill to install a desktop environment on a headless box if the only reason you need it is so you can VNC into it for a simple task that could be done over ssh.

For some (most?) of us, we don’t have ssh access open to the world, so everything is over a VPN. So I can just use NFS over WireGuard which afaik is fairly secure, if you trust your endpoints, and works great over the Internet.

On linux you can"t install or uninstall anything if you are not root

That’s not true at all. You generally can’t use your distribution’s package manager to install or uninstall without elevated privileges. But you can download packages, or executables with their own installer, and unpack/install under your home directory. Or, you can compile from source, and if you ./configure’d it properly make install will put it under your home.

Standard Linux distributions don’t place restrictions on what you can and cannot execute; if it needs permissions for device access of course you’ll need to sort that out.

But this is a weird thing to lie about — the only reason to implement toner DRM is to get people to buy your cartridges. But if your public statement is, “it’s ok to buy off brand cartridges,” then…well… that’s kinda weird.

Not saying you’re wrong, and they could be trying to have their cake and eat it too (court the anti-DRM crowd but also scare people into sticking with their toner). I’m just saying your snarky/sarcastic response seems unwarranted here.

Brother deny the claims: https://arstechnica.com/gadgets/2025/03/brother-denies-using-firmware-updates-to-brick-printers-with-third-party-ink/

Lemmy is not encrypted, my comments are public, your comments are public, we both know that. Anyone with a raspberry pi or an old netbook can scrape them.

If I use an encrypted service and all of a sudden everything that I thought was encrypted was decrypted by the service provider without my consent? That’s breaking encryption.

If on the other hand I use an encrypted service and they tell me that they can no longer offer the service, my data will be destroyed after X days, and I need to find another way of storing my encrypted data because of privacy invading government policies? That is not breaking encryption.

For many things I completely agree.

That said, we just had our second kid, and neither set of grandparents live locally. That we can video chat with our family — for free, essentially! — is astonishing. And it’s not a big deal, not something we plan, just, “hey let’s say hi to Gramma and Gramps!”

When I was a kid, videoconferencing was exclusive to seriously high end offices. And when we wanted to make a long distance phone call, we’d sometimes plan it in advance and buy prepaid minutes (this was on a landline, mid 90s maybe). Now my mom can just chat with her friend “across the pond” whenever she wants, from the comfort of her couch, and for zero incremental cost.

I think technology that “feels like tech” is oftentimes a time sink and a waste. But the tech we take for granted? There’s some pretty amazing stuff there.

Yes, but your wine futures would be worthless, what with his unlimited water-to-wine abilities.

Yeah, I think the issue is that the other racist, xenophobic, antivax, generally incompetent policy choices are actually kind of what he campaigned on.

The tarrifs — even though he campaigned on them — are antithetical to his promise of lowering cost of living expenses.

That said, it’s the WSJ editorial page — their coverage of the Second Coming of Jesus would be its impact on your 401(k), so this type of coverage (and not e.g., social justice) is their bread and butter.

No, but I think it’s good when someone with credibility among certain people reiterate something, even if it adds nothing of value to you and me.

Democratic and left-of-center politicians (or “liberal elite economists”) can say this until they’re blue in the face but Trumpers will dismiss it as I dunno, woke butthurtism or something. But when someone like Buffet says it, at least they (maybe) have to think a little bit before coming up with some mental gymnastics to dismiss him. And maybe along the way they’ll question, if only a little bit, the sanity of Trump’s policies.

Newer macOS is not Unix certified.

It’s UNIX 03 compliant https://en.m.wikipedia.org/wiki/Single_UNIX_Specification

One or two Linux distros were (are?) UNIX certified, though.

Haha yeah that was the counter example I was thinking of. I agree completely — you could make a Gentoo from source beginner distro, and I think you could make it reasonably “idiot proof,” but it would still be a bad user experience most likely (too much time spent compiling).

If your distro can’t be forked into a “beginner distro” then it’s fundamentally flawed IMHO.

To be clear, I’ve used Arch as my daily drivers for a while, and while it’s not the best fit for my needs (I use Debian mostly), there’s nothing that I experienced that was incompatible with a “beginner” distro.

You can also drop cache for debugging by running something like echo 3 | sudo tee /proc/sys/vm/drop-caches

But remember that the kernel knows best — this RAM will automatically be freed up when needed and you should never run this except for debugging (or maybe benchmarking).

I have one SSID with pihole (which I use), and one without. Works pretty well, if you’re ok with a VLAN-aware network.