Perhaps I’ve been naieve.

I have local incremental backups and rsync to the remote. Doesn’t syncthing have incremental also? You have a good point about syncing a destroyed disk to your offsite backup. I know S3 has some sort of protection, but haven’t played with it.

I have tailscale mostly set up. What’s the issue with USB drives? I’ve got a raspberry pi on the other end with a RO SD card so it won’t go bad.

This reminds me that I need alerts monitoring set up. ; -)

I’ll have to check this out.

I attended some LUGs before covid and could see something like this being facilitated there. It also reminds me of the Reddit meetups that I never partook in.

That’s something that I hadn’t considered!

I wasn’t aware of the untrusted setting. That sounds like a good option.

Yes. It’s the “put a copy somewhere else” that I’m trying to solve for without a lot of cost and effort. So far, having a remote copy at a relative’s is good for being off site and cost, but the amount of time to support it has been less than ideal since the Pi will sometimes become unresponsive for unknown reasons and getting the family member to reboot it “is too hard”.

You’re exactly right on both counts. When you hear it from politicians, the sound bite (byte?) is “to protect the children” which is ambiguous. I take it to mean to protect the data of my children, somebody else takes it to mean to protect my children from being brainwashed and the children running the social media companies take it to mean it’s protecting their right to wealth. It’s win win win!

If the US govn’t were serious about protecting people, they’d implement GDPR and put data privacy into the hands of the individual.

One thing I forgot to add to this was a different article by the same author: https://pluralistic.net/2024/08/19/apologetics-spotters-guide/

Referencing a book, the article lays out the corporate BS playbook for pushing back on changes. In the anti monopoly ad space, they’re currently running play 1: there is no problem, people want targeted ads.

I feel like the whole advertising machine needs to be reimagined. I’m not opposed to learning about new and better products, but I’ve been conditioned to immediately distrust anything coming to me in the form of an ad. Pair this with the mindset of advertisers that they can’t do their job without stalking every individual and it’s a recipe for a global-level human rights violation.

that could be, but reading between the lines, it seems that the judges have just been brainwashed to think like the media companies want. The article mentions “users WANT targeted ads” and yet when given the option, 90% of FB users shut off targeting.

I like the Van Halen brown M&M version. https://www.smithsonianmag.com/arts-culture/why-did-van-halen-demand-concert-venues-remove-brown-mms-from-the-menu-180982570/

Take some time and really analyze your threat model. There are different solutions for each of them. For example, protecting against a friend swiping the drives may be as simple as LUKS on the drive and a USB key with the unlock keys. Another poster suggested leaving the backup computer wide open but encrypting the files that you back up with symmetric or asymmetric, based on your needs. If you’re hiding it from the government, check your local laws. You may be guilty until proven innocent in which case you need “plausible deniability” of what’s on the drive. That’s a different solution. Are you dealing with a well funded nation-state adversary? Maybe keying in the password isn’t such a bad idea.

I’m using LUKS with mandos on a raspberry PI. I back up to a Pi at a friend’s house over TailScale where the disk is wide open, but Duplicity will encrypt the backup file. My threat model is a run of the mill thief swiping the computers and script kiddies hacking in.

I was about to correct you because I’ve done lyft on web, but it looks like it’s not supported anymore.

https://ride.lyft.com/not-supported

You’re doing God’s work!

Over my career, it’s sad to see how the technical communications groups are the first to get cut because “developers should document their own code”. No, most can’t. Also, the lack of good documentation leads to churn in other areas. It’s difficult to measure it, but for those in the know, it’s painfully obvious.

🤔

I haven’t been out there in 15 years. I’ll have to check it out again!

I don’t know the legal side, but employers don’t want you to talk about your compensation with anyone. Maybe it’s legal, but definitely frowned upon.

Consider what would happen if employees across the globe posted to an open database about their employer, position title, salary bonus and health care information. I’m sure we’d all be sued. How is this legal?