I’m a fan of NestedText. It’s no panacea but I’d argue it’s the most well-considered and useful file format for structured data in plain text.

They seem to be in bed with livekit.io and OpenAI. They’re also still using Telegram and X. That means Huly isn’t a fit replacement for anything.

This can be true and the example you’ve provided demonstrates the point well enough. There are certainly unhelpful emotions though. I have a panic disorder which can be triggered by a few things. I’m already aware of why this happens and understand that my fear, paranoia, and sense of impending doom are byproducts of chemical imbalance. I know they’re trying to help me survive an expected threat that doesn’t exist. Those experiences offer no actionable insight. Only disruption.

It helps if I’m able to recognize that emotional reactivity as bad and worth breathing through instead of addressing or intellectualizing. They’re just bad and need to pass so I can get back to being me.

This is an edge case and most emotional processing is trying to tell us something helpful. Not always though!

You’ve got some excellent replies to this question already. I want to add something a therapist told me about therapy that I’ve found helpful.

Therapy isn’t about fixing everything that’s “wrong”. It’s mostly about identifying coping mechanisms we developed during childhood which no longer work for us as adults. Different techniques are used to help clients start opening up to doing therapeutic work or starting it in earnest. The goal though, regardless of the technique, is for the client to know themselves better and use that knowledge to build better emotional and social tools. To replace the coping mechanisms we’ve outgrown with better ones.

A comparison I’ve made is that therapy is like working with an occupational therapist. What’s “best” is conditional and is often usefully defined by what we find difficult or limiting. The best way to pick up something we’ve dropped varies person to person. The important bit is having healthy ways of picking it up again (with or without direct assistance).

Therapy ought to focus on self-understanding which helps us function in reality. In my experience most modern therapists advocate for this even if they aren’t forward about it.

Any therapist who councils you to capitulate to narcissists or ignore your disability should be reported to the relevant licensing authority for negligence at a minimum.

You’re correct.

Check out “The Separation of Church and Hate” by John Fugelsang. It’s an almost comprehensive teardown of Christofascist ideology using the words of Jesus directly. No extras and no oulled punches. It’s excellent. The author is a comedian and while the content is serious and presented well it’s dressed up as an easier read than I expected.

I grew up Christian in the American South. I left religion in college and faith generally a few years later. I was initially compelled to leave organized Christianity exactly because it demanded exercising cruelties which Jesus clearly opposed.

Fugelsang’s book gathers all of the major contradictions between Jesus and modern right-wing Christianity then dismantles any justification for each one just by quoting Jesus. I’m recommending this book to every reasonable person I know as required reading for the present moment. Not just in the US but the world over.

Fascism respects nothing and if it takes root in a land with the means to export then no shore is necessarily safe harbor.

Absolutely. VMs and Containers are the wise sysadmin’s friends. Instead of rolling my own ip blocker I use Fail2Ban on public-facing machines. It’s invaluable.

That sounds pretty good to me for self-hosted services you’re running just for you and yours. The only addition I have on the DR front is implementing an off-site backup as well. I prefer restic for file-level backups, Proxmox Backup Server for image backups (clonezilla works in a pinch), and Backblaze B2 for off-site storage. They’re reliable and reasonably priced. If a third party service isn’t in the cards then get a second SSD and put it in a safety deposit box or bury it on the other side of town or something. Swap the two backup disks once a month.

The point is to make sure you’re following the 3-2-1 principal. Three copies of your data. Two different storage mediums. One remote location (at least). If disaster strikes and your home disappears you want something to restore from rather than losing absolutely everything.

Extending your current set up to ship the external SSD’s contents out to B2 would likely just be pointing rsync at your B2 bucket and scheduling a cron or systemd timer to run it.

After that if you’re itching for more I’d suggest reading/watching some Red Team content like the stuff at hacker101 dot com and sans dot org. OWASP dot org is also building some neat educational tools. Getting a better understanding of the what and why around internet background noise and threat actor patterns is powerful.

You could also play around with Wazuh if you want to launch straight into the Blue Team weeds. Education of the attacking side is essential for us to be effective as defenders but deeper learning anywhere across the spectrum is always a good thing. Standing up a full blown SIEM XDR, for free, offers a lot of education.

P. S. I realize this is all tangential to your OP. I don’t care for the grizzled killjoys who chime in with “that’s dumb don’t do that” or similar, offer little helpful insight, and trot off arrogantly over the horizon on their high horse. I wanted to be sure I offered actionable suggestions for improvement and was tangibly helpful.

You can meaningfully portscan the entire internet in a trivial amount of time. Security by obscurity doesn’t work. You just get blindsided. Switching to a non-standard port cleans the logs up because most of the background noise targets standard ports.

It sounds like you’re doing alright so far. Trying not to get got is only part of the puzzle though. You also ought to have a backup and recovery strategy (one tactic is not a strategy). Figuring out how to turn worst-case scenarios into solvable annoyances instead of apocalypse is another (and almost equally as important). If you’re trying to increase your resiliency, and if your Disaster Recovery isn’t fully baked yet, then I’d toss effort that way.

Agreed. Check out Grayjay: https://grayjay.app/ https://gitlab.futo.org/videostreaming/grayjay

It’s a client for following creators across platforms while the user retains control. YouTube is one of the platforms Grayjay can access but you don’t have to let YouTube play adverts, track you, etc. It lets users turn the screen off and keep playing audio, bypass intros or sponsored ads, download whole videos, and other quality of life features.

You can also avoid YouTube entirely and only stream from PeerTube, NewPipe, SoundCloud, etc. You just tap the plugins you want and it respects your choices.

It’s still under active development during an ongoing arms race with YouTube but I’ve been using it for over a year and have only encountered two bugs that kept me from using it. It’s been a refreshing experience overall and I find myself watching more of the stuff I care about, more meaningfully supporting the artists I care about, and disallowing Google to abuse those interactions.

I’m not affiliated with them in any way. Just a happy convert.

Signal.

Wired had an interview with Signal’s President last year that I found enlightening and provided an entry point for me to self educate further. Here’s an archive.org snapshot of it: https://web.archive.org/web/20240828100224/https://www.wired.com/story/meredith-whittaker-signal/

For the click-averse here’s an excerpt I find compelling:

Going back to your sense of Signal’s new phase: What is going to be different at this point in its life? Are you focused on truly bringing it to a billion people, the way that most Silicon Valley firms are?

I mean, I … Yes. But not for the same reasons. For almost opposite reasons.

Yeah. I don’t think anyone else at Signal has ever tried, at least so vocally, to emphasize this definition of Signal as the opposite of everything else in the tech industry, the only major communications platform that is not a for-profit business.

Yeah, I mean, we don’t have a party line at Signal. But I think we should be proud of who we are and let people know that there are clear differences that matter to them. It’s not for nothing that WhatsApp is spending millions of dollars on billboards calling itself private, with the load-bearing privacy infrastructure having been created by the Signal protocol that WhatsApp uses.

Now, we’re happy that WhatsApp integrated that, but let’s be real. It’s not by accident that WhatsApp and Apple are spending billions of dollars defining themselves as private. Because privacy is incredibly valuable. And who’s the gold standard for privacy? It’s Signal.

I think people need to reframe their understanding of the tech industry, understanding how surveillance is so critical to its business model. And then understand how Signal stands apart, and recognize that we need to expand the space for that model to grow. Because having 70 percent of the global market for cloud in the hands of three companies globally is simply not safe. It’s Microsoft and CrowdStrike taking down half of the critical infrastructure in the world, because CrowdStrike cut corners on QA for a fucking kernel update. Are you kidding me? That’s totally insane, if you think about it, in terms of actually stewarding these infrastructures.

Near as I understand it: years ago some dumb engineering decisions were made, acknowledged, and corrected. Is there some recent scandal I’m out of the loop on?

Sure! That’s an SMTP Relay. A lot of folks jumped on the poopoo wagon. It’s common wisdom in IT that you don’t do your own email. There are good reasons for that, and you should know why that sentiment exists, however; if you’re interested in running your own email: try it! Just don’t put all of your eggs in one basket. Keep your third party service until you’re quite sure you want to move it all in-house (after due diligence is satisfied and you’ve successfully completed at least a few months of testing and smtp reputation warming).

Email isn’t complex. It’s tough to get right at scale, a pain in the ass if it breaks, and not running afoul of spam filtering can be a challenge. It rarely makes sense for even a small business to roll their own email solution. For an individual approaching this investigatively it can make sense so long as you’re (a.) interested in learning about it, (b.) find the benefits outweigh the risks, and (c.) that the result is worth the ongoing investment (time and labor to set up, secure, update, maintain, etc).

What’ll get you in trouble regardless is being dependent on that in-house email but not making your solution robust enough to always fill its role. Say you host at home and your house burns down. How inconvenient is it that your self-hosted services burned with it? Can you recover quickly enough, while dealing with tragedy, that the loss of common utility doesn’t make navigating your new reality much more difficult?

That’s why it rarely makes sense for businesses. Email has become an essential gateway to other tooling and processes. It facilitates an incredible amount of our professional interactions. How many of your bills and bank statements and other important communication are delivered primarily by email? An unreliable email service is intolerable.

If you’re going to do it make sure you’re doing it right, respecting your future self’s reliance on what present-you builds, and taking it slow while you learn (and document!) how all the pieces fit together. If you can check all of those boxes with a smile then good luck and godspeed says I.

Would you elaborate on this concern? I’m not sure I understand but I’d like to.