They should not be worried, they should be educated.

If you worry a new user enough they’ll go back to Windows or Apple because there’s less scary warnings there.

We need to make the transition as pain free as possible. Learning about the joys of kernel compilation and SELinux can come later.
The first step is "Hey, this is as usable as Windows, without stupid ads in the start menu.

There should be an external hard drive full of portable game installs in some drawer that fits the time period.

Should easily kill a week.

Coconut at least…

Currently:

• VR
• Uncategorized

Soon to be added:

• Linux (tested/works on)

Ah, you “work” in “marketing”?

They occupy a strange niche full of contradictions.

Entering the code on the device itself should increase security as opposed to entering it on a compromised computer.

But plugging it into a compromised computer means the data is compromised anyway.

Their security is way harder to audit than a software solution like PGP. The actual “encryption” varies from actual decent setups to “entering the code connects the data pins with no actual encryption on the storage chip”

Not having to instal/use software to use them means they are suitable for non-technical users which in turn means more support calls for “I forgot the pin, it wiped itself, can you restore my data”

They are kind of useful to check the “data is transported on encrypted media” box for compliance reasons without having to manage something bigger.

Wow, that sounds like a decent start for an architecture.

I’m tempted to spin up a few Jellyfin instances to see how it might work…

JellyFed(eration) would be awesome. It should use an anonymous overlay network so federation is not limited to people you trust in copyright-zealous jurisdictions.

It doesn’t. It carries you by having a module for absolutely everything even shooting yourself in the foot.

That’s the equivalent of leaving the door open and hanging a sign “Internet over there” pointing at a wall.

Programs don’t need to respect those registry keys. If you’re worried about internet access, set up a firewall.

Also, if you’re worried about malware, the damage is probably done before anything connects to the internet.

To a certain degree, yes. If someone at Google decides to wage all-out war against ad blockers they have a good chance. But if that costs more money than it generates, odds are that someone will stop it. Google / Alphabet is publicly traded after all and that means profit above all else.

Embedding ads into the stream would be hard to counter, but it’s far away. That would invalidate caches along the way and need extra performance to reencode the stream with the ads inserted.

That’s extra costs that are hopefully orders of magnitude above the lost ad revenue from ad blockers

Ballistomancer

Okay, you got me there. In all fairness, as instruction videos go, that one is on the tame side.

Thanks for posting the instructions here.

Tl;dw:

Append systemd.debug_shell to the boot command line.

No, No, they don’t understand everything and nothing!

I built a custom app to do it since I couldn’t manage to fire the relevant intents from an adb shell without root.

I lifted the code from AAAD

Specifically the InstallAPK method in MainActivity.java

Intent intent;

            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
                intent = new Intent(Intent.ACTION_INSTALL_PACKAGE);
                intent.setData(getUri(file));
                intent.setFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION | Intent.FLAG_ACTIVITY_NEW_TASK);
            } else {
                intent = new Intent(Intent.ACTION_VIEW);
                intent.setDataAndTypeAndNormalize(Uri.fromFile(file), "application/vnd.android.package-archive");
                intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
            }

            intent.putExtra(Intent.EXTRA_NOT_UNKNOWN_SOURCE, true);
            intent.putExtra(Intent.EXTRA_INSTALLER_PACKAGE_NAME, "com.android.vending");
            getApplicationContext().startActivity(intent);
        } 

Basically you construct an Intent ACTION_INSTALL_PACKAGE with data pointing to the APK file and the extras EXTRA_NOT_UNKNOWN_SOURCE=true and EXTRA_INSTALLER_PACKAGE_NAME="com.android.vending" which tells the installer that this APK is not sideloaded and it’s the play store asking to install it.

You might still need to enable unknown sources in Android Auto developer settings (separate from phone developer settings).

If I remember, I’ll try to pull the code for my app from my PC and post it.

The problem is that android auto is restricted to apps installed from the play store.

The F-Droid Version supports Android Auto, but it’s blocked by Google.

I managed to enable it by spoofing the installer-package during installation.

For me, the navigation is near unusable. Location tends to lag behind by a few seconds when running on Android Auto. On my phone it’s fine.

I run a 2 node k3s cluster. There are a few small advantages over docker swarm, built-in network policies to lock down my VPN/Torrent pod being the main one.

Other than that writing kubernetes yaml files is a lot more verbose than docker-compose. Helm does make it bearable, though.

Due to real-life my migration to the cluster is real slow, but the goal is to move all my services over.

It’s not “better” than compose but I like it and it’s nice to have worked with it.

You dynamically request “a port” from the vpn gateway and it returns your port number.
As long as your nat-pmp-client keeps refreshing the port, it should stay the same. The timeout is rather low (60s afaik) so it probably wouldn’t survive restarts.

There’s a docker image that automates this for qbittorrent, but it shouldn’t be overly complicated to adapt the script to other clients, if they can be configured via an API.