Or it gets them into a negative feedback loop since AI hardly ever tries to contradict you.

But yeah. At least they’re opening up to someone/something.

If you’re behind a conventional router they still do NAT afaik.

Per default your IPv6 address should be an internal one if it’s enabled.

Yeah, we managed to recreate that in a lab. Those old OS’s are super vulnerable.

EOL means no more security updates, which means attack vectors don’t get patched.

If you keep using a Windows installation (or any OS for that matter) that isn’t patched regularly you are very likely to be victim to some malicious actor eventually. It’s not manual hacking anymore, it’s bots scraping the whole internet exploiting known vulnerabilities completely automated.

The risk is much lower if you’re in a home network with NAT, where your PCs IP is not publicly reachable, but if you communicate with any webservices you’re still vulnerable.

As example. If you nowadays put a Windows XP machine live on the internet with a public IP, it will be compromised within minutes.

So yeah. Good call switching to Mint, but please don’t use unpatched Windows.

Isn’t the Wikipedia article usually already the summary of the topic?

If there’s an article with more than 20 references to papers it’s usually already abridged enough.

Just auto-generate videos with AI images and voiceover and add subway surfers gameplay on the side for those who think this slop is needed.

I use Hugo for static site generation and it makes the RSS stuff for me.

Glad it worked out for you!

But it’s definitely one of the deadly sins of selfhosting.

Everyone that thinks self hosting E-Mail is easy, I urge you to run your own mailserver and see how many mails actually reach their targets.

Your mailserver won’t be trusted by anyone, which makes your email always be delivered as spam, if they don’t get blocked outright.

Otherwise this scoring system seems to be quite alright. Even though it could use some more detail and citing some sources for the numbers would be great.

As I’ve said. Nextcloud is a great example of FOSS working out for a business, haha.

I guess we just have to agree to disagree then. Which is fine.

Your points are valid and thank you for detailing them for me. If I was in their shoes making others able to steal my IP, even if they’re not allowed due to licensing and having to deal with constant scrutiny of the source code are k.o.-criteria, which hinder the project and lead to potential revenue loss.

Well said.

Then that’s a moot point I guess, haha.

Still a great way to pay for Obsidian to support the development though.

It’s not just about syncing files. It’s also the fact I can edit stuff on my tablet and see the changes in almost real time on my laptop with Obsidian Sync. I believe most other solutions wouldn’t play nice with such a workflow.

That’s a bit naive imho. Remaining closed source is a form of IP protection and that’s really ok for what Obsidian is (a markdown editor). There’s just not any benefit for them other than appreciation from FOSS enthusiasts. Also maintaining an open source repository causes a higher workload and they lose a lot of freedom.

If privacy is your concern you don’t need source code anyway. It’s quite easy to sandbox an application like that and analyse network traffic and such. Also Obsidian is built using Electron. That means with enough motivation one could quite easily reverse engineer most of the app. Most of the applications behaviour can also be observed via the integrated dev console, which lets you view source code.

In short I don’t really see the need, unless I want to build or maintain it myself. And I think the negatives far outweigh the positives from the perspective of Obsidians team.

I don’t necessarily like a few takes in the comments here.

Vibes wise the Obsidian team seems to be great and they don’t seem to have shown any reason why I should distrust them. I love FOSS but gifting others my work doesn’t put food on my table, so in that sense they need to have a lucrative business model which they seem to have established.

I could use SyncThing, Git or other solutions to do synchronisation between my devices but I choose to buy their Sync offer, since I want to support them (they also have EU servers, which need to be GDPR compliant by law afaik).

The closest comparison I could make is NextCloud. NextCloud open sources their software, but they sell convenience. Sure, you could self host it, but paying them to do so for you may be more attractive. In comparison Obsidian is not really complicated to set up or maintain. It’s literally just a MD-editor. So the only convenient thing to sell is synchronisation if you don’t want to put a price tag on the software.

If they open source all their code, some tech wizard will implement a self hosted obsidian sync server with the same convenience as theirs in a day, and the company will lose their revenue stream.

We’ve all been burned by tech bros in one way or another, but I think it’s ok for people to profit off of their IP. And they seem to be doing so with a positive vision. Feel free to let me eat my words if they ever go rogue, but that’s my 2 cents.

Agreed. It’s really shit for new code, but if I’m writing glue code stuff or repetitive code it saves a lot of time spent on typing.

Introducing a Captcha on a form on my website basically blocked bots 100% of the time. It’s arguably good enough from a practical standpoint.

If someone really wants to exploit my site, then they will find a way. You can only make it harder but never truly impossible if you don’t want to dispose of all convenience.

Unfortunately I can’t help you with Nobara, but I’m surprised you’re having troubles with EndeavourOS.

EOS has been working out of the box for me for almost everything.

I’d have recommended it as well.

Popular stuff is usually available in most languages.

Thanks for the response. Seems like I can’t assume other CS degrees are comparable.

We definitely have a strong focus on security in my degree, but I still believe that awareness of what you’re running on your machine and potential dangers of those programs fall into the category of common sense. Mishandling secrets, having bad authentication or not knowing how to setup SSL is definitely experience stuff though.