Just something to keep in mind for those not in the security space. When a security company does an audit, its generally a checklist of commercial and custom security software along with a couple people poking around looking for more manual harder to find stuff. But there’s a reason companies like Mullvad have a bug bounty program… Just because cure53 didn’t find it, it doesn’t mean some bored hacker won’t…

Absolutely better than nothing though.

Just don’t run an exit node? We need more guard and relay nodes anyway. I fail to see the issue.

Chances are this is a kid or NEET and all his friend wants is a super simple website with basic info for his local business. Dad is either doing him a favor, or giving him some pocket change so he’ll stop bothering him for money for a month. This is what happens when you don’t teach your children to be adults, and give them everything instead. Seen it too many times.

Based on this interaction alone and his dad deciding the price for him, I’m going to make the wildly assumptious assumption this is a 20s/30s(/40s?) unemploymed guy living at his dad’s house rent free.

If my assumptions are incorrect, sorry mate, you did not win the dad lottery.

ProtonVPN, RiseupVPN and BrightVPN(only for windows), limited ones Windscribe and PrivadoVPN

Where did you get this idea?

Mullvad, IVPN, Perfect Privacy, and a few others have had independent audits of their no-log behavior and in some cases, law enforcement audits. They sure as hell don’t proxy your traffic. They all accept Monero and cash. They all have multihop.

Edit: I see you said free. Yeah, I wouldn’t trust a free VPN, regardless. If you’re not paying for the product, you are the product.

Yes you can but for people that are looking to set one up today, not someone that’s been running one for 5 years and has basically a whitelisted reputation, it takes a lot to set it up and keep your domain and IP space reputation solid, along with DKIM/SPF/etc records, all the latest stuff like Google’s new mandatory unsubscribe header that will keep coming up. Even if a couple people on your hosting provider start spamming, if they’re in the same IP space as you, You’re going to be getting filtered more heavily for using a “bad neighbor” host. The big corporate/“nonprofit” guys like Spamhaus and Google and Microsoft are basically those controlling corporations for emails, what they say in their spec pretty much goes. They’re making it h em oarder for people to set up and run their own email servers, whether that is the outright intended effect for their mandatory changes or not.

Don’t get me started on trying to set up a business newsletter account on your new corporate mail server, holy hell, the warm-up itself is pulling hairs. There’s a reason companies like MailChimp, Zapier, et al make so much money.

Facebook was all those things in the beginning.

Reddit was all those things in the beginning.

Twitter was all those things in the beginning.

LinkedIn was all those things in the beginning.

The Internet in general was all those things in the beginning.

I’ve never used IG/TT but I assume they were all those things in the beginning.

Lemmy will probably be said to be most of those things in the beginning.

With age comes wisdom, which comes once you’ve seen the pattern happen enough times, which can only come with age.

Sincerely,

One of those old people.

The Y2K38 Epochalypse bug hit 2 years early due to Microsoft’s rushed implementation of Windows Subsystem for Linux under CEO Elon Musk, causing all newer systems running Windows to combust due to a combination of the bug, and a cyberattack on Musk’s new chip fab plant in the state of Mexas. The only widespread choices after that are WacOS and Ubuntrue, both parent companies owned by Elon Musk after winning in his presidential prelection in 2026 and removing all antitrust legislation. However there is a hobbyist Unix distribution still being passed around called Briarch that fixed the 2038 problem in 2025 when development started, but you have to be in close proximity to someone with it to get it, which is easy in the country of California but not as easy east of the Nutah border, you really have to trust someone to even ask if they have it.

Year of the Linux Desktop! 1999-2035!

Is docker virtualized or otherwise emulating something? It’s just a way to package things, like an installer? Then it’s bare metal.

I had to look this up too, I thought docker containers were virtualized.

That would make sense if the cause is some looping from hanging DNS lookups. Someone should (and likely has) notified the devs about this.

Another possible solution, from https://help.nextcloud.com/t/server-hangs-and-then-is-fine-for-a-bit-then-hangs-again/153917/16

Exactly this. There’s a massive difference between providing a product and laying it all out plainly in the terms of service, and providing a product to remotely hack phones through said service with no prior agreement by the user to be hacked.

First sentence of the article:

NSO Group, the maker of one the world’s most sophisticated cyber weapons, has been ordered by a US court to hand its code for Pegasus and other spyware products to WhatsApp as part of the company’s ongoing litigation.

NSO Group has been ordered to hand over the Pegasus malware code that allows them to silently infect phones via WhatsApp, so Meta can fix it. This isn’t NSO Group being forced to hand over WhatsApp source code.

There will be at most 5 software developers who have access to the code, on a non-networked machine, surrounded by a group of lawyers the entire time. No one will have the ability to leak the Pegasus code. After that, it will probably be handed to the random mormon-looking plainclothes guy nobody in the room can figure out, who will take it back to the NSA so they can scour it for any non-WhatsApp 0days they don’t already have.

It’s worth noting that NSO Group is an Israeli company, as are many ‘legal’ entities of hacking software and hardware used by many nations.

lol, is it methadone? I’d love methadone gummies. I only get the nasty wafers that dissolve in water really quick, or the nasty liquid.

Why can’t anyone just run a pharmacy without jumping through hoops chasing infinite growth?

They can and they do. That would likely be any local, or privately owned pharmacies if there are still any near you. When a company goes public it becomes mandatory that they grow as much and as fast as they. They are now beholden to the board and other shareholders and if they aren’t chasing growth, they can get into big trouble.

It’s completely their decision to go public however, and they go public knowing what they’ll have to do.

I really need to get everything transferred over to CVS.

Maybe it’s different where you live but here I would simply need to tell my doctor “hey actually I want to use CVS now. Can you send the prescriptions to CVS at the corner of X and Y Street? Thanks”

Then when you get to CVS you’ll need to give them your ID, phone number, signature, etc. and they’ll fill your script and that’s your new pharmacy. You can also use multiple pharmacies (I use Walgreens for one script and Kroger for the rest). If your doctor is disorganized with their notes and sends it to Rite Aid next time, just call CVS and tell them you want to get them transferred and they will call them and handle it for you.

HOWEVER

There is a MASSIVE strike of pharmacy workers across the country now. Mainly CVS and Walgreens but I asked my (local branded) Kroger pharmacy tech yesterday when I picked up a prescription if it’s affecting them and she said yeah they’re short staffed and she’s never seen the pharmacist so busy. So it’s likely to be affecting all pharmacies for the next few weeks as they play catch up.

This is only a couple weeks after 75,000 Kaiser employees went on strike which makes me think it’s an industry-wide issue and we’ll see more issues in the near future. Support your local pharmacy people, if you still have one.

Also

Plugging GoodRx here. If you don’t have drug insurance or your drug isn’t covered, they’re a massively helpful cost-saving company. You just type in the drug name and dose and the pharmacist enters it like regular insurance. They save me a couple hundred each month.

You’re looking at it very black and white, as if you can’t live in a peaceful more remote area but still visit with friends and have them over, socialize at work, etc. After all, if you live in a city you don’t live with or talk to all the people you see, they’re just there, noise in the background.

In theory, if I were to use an online solution, bad actors wouldn’t be able to pull my vault from memory.

It’s the same issue once you login to your vault via browser extension. They have to download your vault locally on login to decrypt it when you enter your password anyway*. Even if they don’t store your vault password in memory, they either store the entire vault (unlikely for size reasons) or a more temporary key to access the vault. Local compromise is full compromise already.

*If they don’t, then they either made a giant technological leap, or they’re storing your passwords on a simple database on their servers and that’s not what you want from a password manager.

Yup, I have been using KeePassXC locally since (one of) the first big LastPass breaches. I thought “password manager company… they know encryption” and then kept some of the most important things stored in my vault including notes of Bitcoin seedphrases etc. Thought "even if they get hacked, they wouldn’t let anyone exfil the huge amount of data from the USER VAULT SERVER… thought “my passphrase is like 25-30 chars long, nobody will crack that”…

5 years after my last login and I find out the breach happened, user vaults were exfil’d, the encryption was absolute shit, and the notes weren’t even encrypted.

I don’t trust cloud companies to keep promises or know what they’re doing today. and anything self-hosted isnt Internet accessable unless it’s on dedicated hardware subnetted off and wouldn’t matter if it got hacked.

I thought NewPipe only worked with decentralized services? Does it work with YouTube proper?