From IPv6.rs FAQs I get the impression that they only provide IPv6 route through their tunnel. I think self-hosting something only reachable via IPv6 would cause you trouble accessing it in IPv4 only networks - which are still far more common compared to IPv6.
Hurricane Electric provides such IPv6 over IPv4 tunnel facility with /48 block routed to your network. I’ve only used this service for testing my IPv6 knowledge, so performance-wise I’m not sure how good it is. Thus, if IPv6.rs provides a significant performance over the HE-TunnelBroker, then I’d suggest you go with IPv6.rs given a decent price for the service.
If you are considering a simple to set-up tunnel utility for your self-hosting applications, I’d suggest you consider other tunneling options which have both IPv4 and IPv6 capabilities. Some widely used ones are Cloudflare Tunnel and Ngrok. You may also use Tailscale to connect both server and client via VPN. Using Cloudflare or Ngrok would involve some privacy concerns, as they can see the traffic passing through the tunnels in plain text.
Few things which makes achieving reproducible/deterministic builds hard are - timestamps of generated/compiled files, continuously updating versions of build tools(+support libraries), output binary difference compiled across different OS.
We can use docker based build system for this, but it would require very carefully configured Dockerfile to keep the build tools+libraries on specific version. And if we do a pre-built Docker Image, then the Reproducibility of that Docker Image has to be proven first. It is indeed a difficult task, but not an impossible one. With F-Droid providing a sound framework for reproducible build generation, I believe we would have majority of large Android Apps reproducible in next few years.
Hi all. I just set-up my first self-hosting server with NextCloud, Immich and a VPN server. I was wondering if there is a tool or layer of tools which would help me monitor my server and the services including running stats, resource usage stats, system logs, access logs, etc?...
I’m a web-app developer myself. So I don’t mind configuring things if needed. I can opt to configure if it meets my goals better. I’d check out nagios. :))
Just a reminder that even though the tunnel itself is encrypted, the whole connection is not E2E encrypted between your remote client and the server. Cloudflare as a CDN/PoP provider can see the traffic in plaintext.
In all other aspects, this is a great solution, as we even get to use the edge caching(over top of all others mentioned above) facility - which further reduces the requests to origin server.
The legal situation is more complex and nuanced than the headline implies, so the article is worth reading. This adds another ruling to the confusing case history regarding forced biometric unlocking.
Not as part of core GrapheneOS, but an app called “Private Lock” can detect sudden force via accelerometer and disable the fingerprint based unlocking for next unlock.
But yeah, an erase passcode feature with opening a decoy profile would be a great feature to have.
I think one should also take into factor that not only software(at OS level), but the hardware(including GSM base-band) is being continuously deprecated in favor of newer and faster(?) hardware. Eg. 5G is pushed aggressively at the cost of lower speeds of 4G and broken connectivity of 3G.
Despite this, if someone is ready to work with a deliberately throttled network, then there is full ecosystem of apps and services which continuously target newer OS versions, in order to get access to better, faster, more secure libraries and OS APIs. If the case is not about smartphones, then the dumb phones don’t need any OS upgrade to continue working. A caution here is - those phones would not be secure to vulnerabilities found afterwards.
Similar situation prevails in Computers as well(stopping OS upgrades and associated browsers/apps stops working after some years on that OS) but the lifespan of a computer is longer than that of a phone.
Regarding custom OS – getting the latest version of Android work on older phone hardware is already tedious task. It requires rewriting the malfunctioning drivers to be compatible with the new OS APIs. The hardware vendors add to the misery and don’t release workable documentations on how to approach writing drivers for a different OS. Now, multiply this effort for all sorts of different hardware made by different vendors! I believe a general purpose phone OS which would support such a large variety of phone hardware would be a humongous task.
E: After reading the petition – I think for the sake of not wasting a decently working hardware we can have some sort of jailbreak. But without a proper working replacement OS after the jailbreak, the situation would not change much. And, if one can provide such reliable OS, it is a potential company idea right there!
By “general purpose OS” I meant “an OS or OSes which are capable to provide features so that the phone can reasonably used as a daily driver”. Similar to bare-bone AOSP. I didn’t stress on a single OS. Sorry, that was not clarified in my response.
Regarding the other parts, the issue is not about the jailbreak or unlock of bootloader - it is already being done. And it is getting increasingly easy for those phones which stop getting updates. I was stressing the fact that even after such unlock, the harder part is to avail/install a workable OS on such a phone, and even harder is to develop such. A lot of reverse engineering needed in such efforts.
Yeah, if we can get the device unlocked, get the full hardware specifications with datasheets and firmware code, and source code of the drivers then we might have a shot.
Sorry, I was not on the same ideological page as you on Anti-Corporate Movement. I’m new here, and wasn’t fully aware of the goal of community. So, my reply was along the lines of technical issues of the approach.
Extending the reply for ‘Sandboxed Play Store … F-Droid … Aurora Store’ -
In case of Sandboxed Play Store - we’d need to login via a Google account in order to be able to download apps. Also, when we allow network access to the Play Store, it may send device info, app downloaded, updated etc related telemetry to Google. Also expect the promoted apps/games ads in the Play Store home screen.
In case of Aurora Store - we can use it via Anonymous User or we can supply our own Google Account. Aurora Store just uses the credentials to download apps from Google Play, but other telemetry is limited compared to Play Store.
In case of F-Droid store - It mostly hosts open-source Apps. And has cautions whenever an app uses proprieray libraries, code or needs access to specific network(eg - Telegram FOSS needs Telegram Servers access to function) in order to work.
I’d recommend you have both - F-Droid and Aurora Store. If you need to access the Play Store subscriptions, then you’d need to install Play Store as well.
Long story short: I don’t like iOS but have been using an iPhone for a couple years due to lack of personally viable hardware options on the Android side of things. I’ve gotten tired of waiting and found a good deal on an open box Pixel 8 Pro which arrives in a few days, I’ll be installing GrapheneOS on it....
Simple Mobile Tools the company behind Simple Apps has been bought by ZipoApps. The repo is no longer maintained by original developers, and it is speculated that ZipoApps would soon introduce advertisements in the Simple Apps.
A fork of SimpleApps is continued as Fossify Apps.
Has anyone checked out this ipv6rs service yet? (ipv6.rs)
From their site:...
Overview of F-Droid apps published with Reproducible Builds · GitLab (gitlab.com)
It’s awesome there are already so many reproduxible builds on fdroid. Why aren’t there more? Do devs simply not care enough? Or is it too difficult?
[Question] Self hosted setup for monitoring Self-hosted services?
Hi all. I just set-up my first self-hosting server with NextCloud, Immich and a VPN server. I was wondering if there is a tool or layer of tools which would help me monitor my server and the services including running stats, resource usage stats, system logs, access logs, etc?...
How are you making services remotely accessible? (kbin.run)
I need help figuring out where I am going wrong or being an idiot, if people could point out where......
Cops can force suspect to unlock phone with thumbprint, US court rules (arstechnica.com)
The legal situation is more complex and nuanced than the headline implies, so the article is worth reading. This adds another ruling to the confusing case history regarding forced biometric unlocking.
Getting an old phone with postmarket OS might be the way to go.
I‘m currently using an old iphone since I bought it before I knew much about apple and it was advertised for its long lifespan....
ELI5: GrapheneOS questions
edit: thank you all for your replies! They are all very helpful. I am reading through them and will ask follow-up questions if needed....
Switching back to Android (GrapheneOS), anything cool I've been missing out on?
Long story short: I don’t like iOS but have been using an iPhone for a couple years due to lack of personally viable hardware options on the Android side of things. I’ve gotten tired of waiting and found a good deal on an open box Pixel 8 Pro which arrives in a few days, I’ll be installing GrapheneOS on it....