Also @shrugal@lemmy.world.
This UsenetServer discount link gives you 1 trial month for $1, then $50/year after that, and includes a 1TB TweakNews block and a paid PrivadoVPN account.
Trying to finish the Horizon Forbidden West story, but it’s a bit meh. Really sad about that! The HZD stories were great, and the world is as beautiful as ever, but I stopped caring at some point with the newest one. Other than that, I just bought the Age of Wonders 4 season pass and am trying out the new races and traits.
On Usenet altHUB and abook.link.
I just set up a Vouch-Proxy for this yesterday. It uses the nginx auth_request directive to authenticate users with an SSO server, and then stores the token in a domain-wide cookie, so you’re logged in across all subdomains. Works pretty well so far, you don’t even notice it when you’re logged in to your SSO provider.
But you do have to tell the proxy where you want to redirect a request somehow, either by subdomain (illegal.yourdomain.com) or port (yourdomain.com:8787) or path (yourdomain.com/illegal). I’m not sure if it works with raw IPs as hosts, but you can add additional restrictions like only allowing local client IPs.
In my special case I’m using the local Synology SSO server, and I have to spin up an additional nginx server because the built-in one doesn’t support auth_request.
UsenetServer, and I used this discount link.
Can’t talk for the free tier, but my Usenet account comes bundled with a paid Privado account, and that’s working ok so far. The connections have been reliable, fast, and low latency.
My main issue has been that it doesn’t support port forwarding. Also, some GeoIP services locate many of their servers in the Netherlands, instead of where Privado says they are. Idk who’s right, but it’s definitely a problem if you want to pick a specific location.
I’ve been running Gluetun for a few months now, and just the other day discovered that you can use it to seamlessly proxy Twitch streams (using it as http proxy for ttv lol pro), so they load via countries that Twitch doesn’t show ads for. Setting it up was ridiculously easy, and now I have neither ads nor endless loading anymore. The whole thing was a really nice surprise!
I’m no expert on the topic, but I’ve also never heard of a case where a seedbox user was sued because of torrenting. As far as I can tell the seedbox providers only ever get takedown requests, they never have to hand over user data or logs. I believe that’s mostly because of the jurisdictions they operate in, but some also have restrictions like blocking public trackers.
There are probably a bunch of things that contribute to this. Seedbox providers fighting against information requests, their logs not being as valuable in court, law firms not knowing whether the IP they’d get would even lead to an address (as opposed to IPs of providers they know to be cooperative), the fact that you only downloaded from the seedbox and never uploaded anything yourself, and so on. Torrenting lawsuits are already pretty weak, and adding all this uncertainty probably makes it not worth the effort.
The juristiction where the provider operates, and the logging/disclosure requirements are very important! ISPs are often required to keep logs, VPN/Seedbox/Hosting providers usually are not. I’m not a lawyer and so on, but I could also imagine that logs from some VPN showing your IP was used to download/upload something are not as good as evidence as a mandatory (and probably somehow checked/verified) logs of an ISP are.
Another thing are provider incentives. If you’re running a general purpose hosting business you probably don’t want any shady stuff on your servers, and so you’re pretty happy to comply with any reasonable information request in that direction. As a VPN/Seedbox provider your business depends on people feeling safe and private on your servers, so you’ll do everything in your power to fight these requests, and there is a lot that can be done to fight them. And ofc if they do as they say and don’t keep logs then they don’t even have the requested information.
You operate it behind a VPN and the seedbox is just a means to get a 24/7 running Linux machine
I don’t think you need Seedbox + VPN. You can do that of course, but just one is usually enough. The important bit is that other torrent clients don’t see your personal home IP address, and the provider that does know your IP doesn’t have the obligation or incentive to disclose it. But if you want the extra protection you could search for VPN/Seedbox providers that accept crypto as payment, and chain multile VPNs or VPNs and a Seedbox, so none of them have the full picture. I think that’s pretty overkill though, and probably hell to set up and maintain. At that point you should probably go with Tor or I2P instead, because that’s basically how they operate (onion/garlic routing).
seedbox is just a means to get a 24/7 running Linux machine
They usually have very beefy connections, far better than what you get for your home internet, especially when it comes to uploads (asymmetric subscriber lines etc.).
Get a Usenet provider, a download client and a few indexers, set them up, and start downloading. Maybe automate with *arr apps at some point.
Some suggestions:
Most indexers let you search for free on their website, but grabbing download links and using their API with *arr apps is limited (e.g. 10 downloads and 100 API queries per day) unless you pay for VIP access (usually about $10/year/indexer). So you can try out a few, maybe pay for one or two that give you good results, and keep using the rest within the limits of free accounts.
If you don’t want to pay for an account anywhere (VPN/Usenet/Debrid/…), then you might want to try out Torrent + I2P. I haven’t used it myself, but from what I know it’s a slower but completely provider-less alternative to VPNs for anonymization, and Torrents are free ofc.
That being said, you’ll have a much easier time if you pay for a seedbox for example. It’s just a small server in a datacenter somewhere, that happens to be better connected and more private than your typical home internet connection, and that you can use however you like.
I started using their Signal and WhatsApp bridges today, probably one of the easiest setups I ever did. You just run a Docker container for every bridge, and login to your Signal/WhatsApp account by chatting in the app with the Matrix bot it creates.
Literally takes like 5 minutes if you’ve used Docker before, and you don’t need a domain or forwarded ports or anything.
Nothing about what you just wrote has anything to do with closed source software though. You could just as well say that closed source helps them predict the future or draw shinier unicorns. It doesn’t!
Maybe you mean tightly coupled, stripped-down, preconfigured or vertically integrated, but you can do that just as well with open source software. No one is forcing them to make a general purpose chat app or offer the ability to choose a different server. It’s just a matter of being able to see, verify and modify the code.
differentiate above the competition […] charging for it
This is the only thing that comes close imo. But they stated specifically that they don’t want to make money with the chat app itself, so it doesn’t really work as a justification. They could easily offer server-side premium features or create a closed source premium-only version or extension, it’s no reason to make the base app closed source.
security theatre
They don’t have to do that, and they don’t afaik. Matrix itself can do proper e2ee just fine, and Beeper is pretty open about the fact that bridges hosted by them have to break e2ee to translate between platforms. They’d only need theater if their closed source app actually has some bad code in it, which is kind of my point.
Expanding to selling some user metadata, or sniffing the bridges, would be an extra
Again: Their Matrix server and bridges are open source right now, and it wouldn’t stop them from doing what you’re describing.
Too pedantic 😉
I just can’t help it. 😜
the connecting with a majority of people using the same closed source platform
The platform is open, including the part that connects to other closed source platforms. It’s just Matrix and open source bridges after all. And making the client app closed souce doesn’t help with any of that.
I’m sorry if I’m a bit pedantic about this, but it seems like you’re describing an upside to closed source software that’s just not there.
You’re definitely right that people are a bit too doom-and-gloom about it, Beeper did do a lot of good over the last few years!
But I also find it a bit odd that they talk so much about the importance of open source in messaging, and then release a closed source client without at least adressing the topic. Add the fact that they’ve been aquired by another company on the same day, and it starts to smell like another instance of openwashing.
Idk, we’ll have to see how it plays out I guess.
I can answer that: it’s the “I don’t care about security as long as I can send memes and inappropriate messages to most people” experience.
Closed source doesn’t help with that though, you don’t have to care about privacy in open source.
except you do know that the bridges are decrypting all messages anyway
They are working on on-device bridges that preserve e2ee, but making the client closed source kind of defeats the purpose here.
The thing is, we are talking about the Beeper service here. Yes Matrix is good, yes Beeper bridges are good, but a closed source Beeper app is bad. That’s what the criticism is about, and it doesn’t help if you deflect that by arguing about all the other things they are doing or that no one is forced to install it.
What is this “closed source experience” you are talking about? How would making the client open source hinder that in any way, especially when their stated goal is to earn money with premium features instead of the app itself?!
Imo being open source is a VERY big deal for an e2e encrypted chat client! I don’t really care whether most of their stack is open if the app I’m actually using to type and encrypt my messages is not. This makes the whole thing look like a trick, pretending to be open when key parts are not.
Looks like you can create a simple binary executable and make it run as root with setuid.
The ad blocking on desktop doesn’t really work very well in my experience (long loading times, shows ads anyway, …). What has improved the experience for me tremendously is using an extension that automatically mutes ads.
Depends on how you define stealing.
If you say it’s taking something away from the original owner then you’re right, but if you say it’s not paying your share of the costs of a good you’re using then you’re wrong. E.g. if you go to a concert and don’t pay the entrance fee then the concert will probably still happen, but you’re not reimbursing the artists and crew for their costs and effort.
I agree with everyone here that self-hosting email is never easy, but if you still decide to go down this route then here are two tips that I personally found very helpful, especially when you decide to host it at home:
The first is to get an SMTP relay server. That’s just another mail server that yours can log into to actually send its mail, just like an email client would. That way you don’t have to worry about your IP’s sending reputation, because everyone will only see the relay’s reputable IP.
Second is to configure a Backup MX. That’s an additional MX DNS entry with lower priority than the primary, and it points to a special mail server that accepts any mail for you and tries to deliver it to the primary server forever (or something like an entire week). So when your primary server is unreachable other sending servers will deliver mail to the backup, and it delivers the mail to the primary as soon as that’s back online.
You can get these as separate services, but some DNS providers (like Strato for example) offer both with the base domain package. It makes self-hosting an email server much simpler and more reliable in my experience.