Frankly, being taken for $100 on a phone is probably a lot better than putting your life savings into one of Trump’s memecoins or Truth Social, which some people did.

My impression is that Trump mostly just licenses his name to these ventures for a payment and isn’t affiliated with them otherwise. I don’t think that he likely cares much what happens to the phone buyers or sellers. He’s made his money either way.

EDIT: Yeah:

https://www.trump.com/lifestyle/trump-mobile

Trump Mobile, its products and services are not designed, developed, manufactured, distributed or sold by The Trump Organization or any of their respective affiliates or principals. T1 Mobile LLC uses the Trump name and trademark pursuant to the terms of a limited license agreement which may be terminated or revoked according to its terms.

It’s some third-party fly-by-night organization doing the actual deal.

Truth Social?

Desktop PC with a lotta hard drives in it and big fans that don’t have to spin fast and make a lot of noise.

I use a USB DAS JBOD enclosure with fans, which is also an option if you have a mini-PC and just want a bunch of drive space.

https://www.amazon.com/dp/B0DCDDGHMJ

This particular enclosure has physical buttons that lock in place so that the power state is restored on power loss, something that (to my surprise) a number of USB DAS enclosures apparently don’t do.

You could try reducing the fan speed. That might be okay, if the hardware doesn’t actually need the cooling. If the BIOS has fan curves, go fiddle with that. If it doesn’t, dedicated fan controllers do exist.

If the server is a standard ATX motherboard and if your rack has vertical space, you can also probably get a new ATX case of whatever sort you want, preferably taller, and get something with larger, slower fans and transplant the hardware. A lot of rack servers are vertically-cramped to let a datacenter put as many in a rack as possible, so you get stuff like 1U machines with those dinky 30mm fans. In general, the larger the fan, the less noise per airflow.

searches

https://www.amazon.com/RackChoice-Mini-ITX-Rackmount-Chassis-Standard/dp/B0D296DVD8

I’ve never used that, but it’s a 3U and has three 120mm fans.

If you don’t care about cost, there are also sound-isolated racks. These have some sort of sound-blocking material like plywood on the outside and sound-absorbing foam on the inside. I have been interested in these in the past, because I would like one, but everything I’ve seen has been absolutely obscenely-priced, probably because datacenters don’t care about noise, and few people are running racks in homes or offices. I doubt that the people that sell them get much volume.

EDIT: Example sound-isolated rack:

https://tripplite.eaton.com/smartrack-quiet-server-rack-18u-sound-suppression~SRQ18U

I’d like to have standardized LFP battery form factors and BMS interfaces. I’m not really enthusiastic about everyone rolling their own battery form factor for a given product that isn’t going to be available forever, even if it can save a bit of space. That battery is going to degrade over time, and unless I’m going to throw the product out soon, at some point I may want to replace the battery.

We had this solved with traditional cells (AA, AAA, C, D, etc).

Sounds like trying to compete with Steam’s Big Picture Mode.

On the other hand, then your mobile provider can’t see what you’re doing, so six of this, half a dozen of the other.

So would it be possible for a whole bunch of people to ddos google/other big popular websites ipv4 to ipv6 translation such that their services would still function over ipv6 but make everyone’s day awful if running ipv4. Enough angry customers and pissed off users seems like a very effective way to get isps and mobile service providers to get their act together and start issue sing ipv6 to people.

Trying to DDoS attack Google’s IPv4 services to get your mobile provider to provide IPv6 support seems kind of…indirect.

For a given user, I suppose that depends largely upon whether what a given end user wants to use character.ai for is copyrighted characters.

EDIT: I’d also add that copyrighting of characters and settings is something of a pet peeve of mine. Historically, many of our great works, like, say, the collection of literature dealing with Greek mythology or around Robin Hood or that sort of thing relied on many unaffiliated authors being able to write about the same set of characters and in the same settings.

But most copyright holders don’t permit that. H. P. Lovecraft was something of an exception, which is why you see so much Cthulhu stuff in random places.

I do think that if you’re Disney, you should have some route to make it clear that you are the original-rights-holder to, say, the Star Wars IP, so that someone else can’t pass off their work as canon as being endorsed by them. You should have some way to distinctly identify yourself, maybe via use of trademark. But I also have grave doubts that we would be unable to fund the creation of fictional works if characters and settings had a fair use exemption, so that a third party was guaranteed the ability to be able to create works in the same fictional universe.

QUIC works hand-in-hand with HTTP/3’s multiplexed connections, allowing multiple streams of data to reach all the endpoints independently, and hence independent of packet losses involving other streams. In contrast, HTTP/2, which is carried over TCP, can suffer head-of-line-blocking delays if multiple streams are multiplexed on a TCP connection and any of the TCP packets on that connection are delayed or lost.

SCTP was going to do that too. It hasn’t seen much uptake.

https://en.wikipedia.org/wiki/Stream_Control_Transmission_Protocol

Features of SCTP include:

• Delivery of chunks within independent streams eliminates unnecessary head-of-line blocking, as opposed to TCP byte-stream delivery.

Honestly, a lot of people are probably posting in !selfhosted@lemmy.world when their questions really are better-suited to another community. Not just on hardware, but on other technical questions. I don’t think that it’d be a bad thing if they posted in the other places.

However.

End of the day, you need to split up a community when either (a) the traffic is too much of a firehose of content to be able to identify the most-interesting stuff, which isn’t the case for me for this at all or (b) there’s too much unrelated stuff showing up and people are getting a lot of stuff that they don’t want thrown at them. I think that there’s enough overlap between the interests and knowledge of most of the subscribers here and what’s covered that it’s probably not producing a lot of stuff that they aren’t interested in or where their knowledge isn’t relevant.

Like, we have a handful of video-game-specific communities, but they see so little traffic that just using general-purpose video gaming communities like !games@lemmy.world still works pretty well. Maybe some genre-specific communities, like !shmups@lemmus.org.

I think that if we, say, grew the Threadiverse userbase by a factor of ten, then some of the higher-traffic communities that exist now really should split up. But as it is, I personally am not too fussed about having more-centralized stuff from a user standpoint. As things stand, I tend to say “I’d like to have more traffic in the communities I’m in” than “there’s too much traffic and I need help in filtering it down”.

change the default SSH port

Any port scanner — take nmap — is going to turn this up. $ nmap -p0-65535 <hostname> takes a little longer than checking a single port, but what’s the threat that you’re worried about? Someone brute-forcing a password? That’s going to take a hell of a lot longer than that, and you use strong passwords that will make that wildly impractical, right? A zero-day remote exploit in OpenSSH’s sshd? If someone gets one of those, they probably aren’t going to waste it on you.

SSH is also trivial to fingerprint as a protocol. Here’s me running netcat to my local SSH instance:

$ nc localhost 22
SSH-2.0-OpenSSH_10.0p2 Debian-7+deb13u2
^C
$

It ain’t rocket science to identify an SSH server.

I personally think that port-knocking isn’t a great idea and just adds hassle and brittleness to something, but I’d do a port-knocking setup before I tried running sshd on a nonstandard port.

If you honestly don’t trust SSH, then okay, fine, wrap it with a VPN or something with real security so there’s another layer (of course, that raises the issue of whether you trust the VPN software not to have remote exploits). Or have one host that you can reach and bounce from there to another host or something.

There are ways that I’d say are useful to try and secure an SSH instance. Use keys rather than passwords. Whitelist user accounts that can be connected to remotely.

But anyone who is likely to be a real risk to your system is going to be able to find an ssh server running on a nonstandard port.

I’m rather concerned about what I do when my Surface Pro 7 dies

Well, most of what I’ve seen expects memory prices to be coming down in 2028. So if it’s got two years of use in it, you’re probably good.

If you’re desperate for a laptop sooner and cheaper, you can get used laptops on eBay (well, maybe somewhere else if you’re not in the US; dunno what the used PC market is like globally).

so I figured that using pipewire to co-ordinate this would be the easiest way forward, except it turns out that it’s a (GUI) user space process, which doesn’t make sense on a server with no GUI users.

I’m not entirely sure what you mean by “(GUI) user space process”, but if it’s that it’s a systemd user process (e.g. it shows up when you run $ systemctl --user status pipewire rather than $ systemctl status pipewire, which appears to be the case on my system, where there’s one instance running per user session), then you probably can run it as a systemwide process, where there’s just one always-running process for the whole system. IIRC, PulseAudio could run in both modes. I don’t know if you have concerns about security on access to your mic or something, but that could be something to look into.

searches

Sounds like it’s doable. Not endorsing this particular project, which I’ve never seen before, but it looks like it’s possible:

https://github.com/iddo/pipewire-system

PipeWire System-wide Daemon Package (Arch Linux)

This package configures PipeWire, WirePlumber, and PipeWire-Pulse to run as a single system-wide daemon as the root user. This setup is optimized for headless media servers, HTPCs, or multi-user audio environments.

every hardware website I’ve checked so far, either don’t have any mini pcs, nucs or similar, or they have zero information about the hardware.

Well, if they give you the manufacturer and model number, you should be able to look them up with the manufacturer.

I’m not on there, but you might have more luck in !localllama@sh.itjust.works

You might also want to list the hardware that you plan to use, since that’ll constrain what you can reasonably run.

Ah, so I bet what they’re doing is looking like a single VPN from the Android OS level, setting a default route into that, and then doing routing in userspace.

I have not used such a configuration, but I believe that it’s fine to have multiple WireGuard VPNs concurrently up, at least from a Linux client standpoint. I have no idea whether your phone’s client permits that — it could well be that it can’t do it.

Your routing table would have the default route go to a host on one of them (and your Internet-bound traffic would go there), but you should be able to have it be either. Or neither — I’ve set up a WireGuard configuration with a Linux client where the default route wasn’t over the WireGuard VPN, and only traffic destined for the LAN at the other end of the WireGuard VPN traversed the WireGuard VPN.

From Linux’s standpoint, a WireGuard VPN is just like another NIC on the host. You say “all traffic destined for this address range heads out this NIC”. Just that the NIC happens to be virtual and to be software that tunnels the traffic.

EDIT:

It sounds like this is an Android OS-level limitation:

https://android.stackexchange.com/questions/261526/are-there-technical-limitation-to-multiple-vpns

In the Android VPN development documentation you can find a clear statement regarding the possibility to have multiple VPNs active at the same time:

There can be only one VPN connection running at the same time. The existing interface is deactivated when a new one is created.

That same page does mention that you can have apps running in different profiles using different VPNs at the same time. That might be an acceptable workaround for you.

https://en.wikipedia.org/wiki/.wtf