That’s not the biggest disadvantage “if used properly.” Any account you have should get a passkey on every device you own. Each device has it’s own passkey system. If you have an iPhone, yeah, you get an apple passkey, but then if you have a windows laptop, you have a microsoft passkey, a FLOSS system will have it’s own, and so on. You are already on whatever system would contain the passkey and can easily add different ones each time you get a new device.

The biggest issue is that most people use a small number of devices (including many who use 1). Passkeys work best if you have many devices, so if you lose one, you just use another to access your services. If you have 1, you need to use recovery codes (and people don’t save them).

How many good passwords can you memorize? I can maintain 2-3 in my head long term, especially if only used rarely, and you can be phished if you are typing it in. Not tenable for online accounts. The only real comparison with security parity is a password manager + 2fa generated on-device, compared with passkeys. In both cases, you have “strong” password, no re-use, resiliency to fishing, and requires both “something you know and something you have.” I think a password manager is slightly more usable, but I’m not convinced either is a “good” experience yet.

We have had more outages in our corporate tech services in the last month than the last year before that. Between AWS, Azure, and Teams issues, it’s been crazy.

This comment prompted me to look for a picture of it. Nothing I can find, except in the background behind a baby picture of my now-in-university baby when I was apparently debugging the network connection:

There was a time when I had an old desktop packed full of spinning hard drives in my living room under a CRT television! Yes that works, but a NAS in the furnace room that is accessible from “smart TVs” and everyone’s mobile devices is pretty nice. No more fan noise either.

While true, neither backups nor checksums are exclusive to hosting anything.

Mainly just multi-device access.

Because you are not the customer of the ad networks. They are marketing bs to ad buyers, where you actually viewing the ad is merely incedental.

Yes. Because targeted advertising is just selling something in it’s self. It was always a scam, but the mark os businesses that buy into the idea.

Also the eugenics stuff. Yeah, it was just a low-effort way to set up the premis, but eww (and also very incorrect). They had to make sleepwaling into that kind of thing seem plausible with some explanation. Instead, we didn’t actually need that.

I see that cosmos advertises running your apps on a vpn built-in. That might be worth looking into. When I switched to self-hosting everything on my “tailnet” and closed incoming ports, a lot of the nice features of Yunohost for maintaining DNS and certs for the various apps stopped being that useful. In this day and age, I think being able to self-host and experiment within a safe VPN environment instead of on the open internet is the way to go.

Thanks, I’ll take a look.

Hot take: For personal use, I see no value at all in “availability,” only data preservation. If a drive fails catastrophically and I lose a day waiting for a restore from backups, no one is going to fire me. No one is going to be held up in their job. It’s not enterprise.

However, redundancy doesn’t save you when a file is deleted, corrupted, ransom-wared or whatever. Your raid mirror will just copy the problem instantly. Snapshots and 3,2,1 backups are what are important to me because when personal data is lost, it’s lost forever.

I really do think a lot of hobbyists need to focus less on highly available redundancy and more on real backups. Both time and money are better spent on that.

Do you have a recommendation for consumer-priced outdoor cameras/doorbells? Seems like a minefield.

I agree, but for the reasons above, it’s a terrible outcome for everyone on the internet. The number of people who will keep their router up to date with security patches are abysmal. Fix the ISPs and it would work, but you can’t fix the situation where the majority of residential humans suck at managing routers.

Yes, this really is a situation where ISP managed devices could really be the right option for most -if they weren’t such terrible companies.

The ICC is one of those orgs where not having their data sitting on silicon valley servers is a big friggin’ deal, and they should have probably thought of that years ago.

If that story is at all true, I feel so bad for that kid regarding so much more than the OS on his computer. I honestly hope you have thought about the potential future circumstance that you need to take on an abused teenager.

a) the wording makes it legally ambiguous what exactly would constitute violating the text. If it just said “comply with anti-discrimination laws,” that would be one thing.

b) It applies to the whole organization, not just the group accepting and applying the grant, making it very challenging to meet the requirement.

c) Unlike just about any other grant, the funds can be clawed back in the future if something was violated. This is not normal for a grant, and puts the entire organization’s existence in jeopardy if they suddenly find themselves owing millions of dollars that had already been spent.

It’s very likely their legal council told them under no circumstances should they accept the terms.

Besides the anti-woke bullshit, it’s just a bad idea to accept. It is absolutely not normal for a grant to have stipulations that if you violate some vaguely defined criteria somewhere in your organization, it can be clawed back at a later time. That’s a huge liability for an organization to take on that they may suddenly owe a million dollars some time in the future.