Let’s Encrypt is good practice, but IMO if you’re just serving the same static webpage to all users, it doesn’t really matter.

Given that it’s a tiny raspi, I’d recommend reducing the overhead that WordPress brings and just statically serve a directory with your site. Whether that means using wp static site options, or moving away from wp entirely is up to you.

The worst case scenario would be someone finding a vulnerability in the services that are publicly exposed (Apache), getting persistence on the device, and using that to pivot to other devices on your network. If possible, you may consider putting it in a routing DMZ. Make sure that the pi can only see the internet and whatever device you plan to maintain it with. That way even if someone somehow owns it completely, they won’t be able to find any other devices to hack.

I promise you in a year you’ll be asking the same question about the same group of people.

Wonder if steam workshop scans for this kind of thing, or if it would have otherwise been found quicker.

What client are you using? Those all sound like complaints about the client, not mastodon.

Or your OS* is doing something wrong 😆

But if you’re filling up all RAM and swap, either you needed to upgrade a while ago, or you’re doing something wrong.

Btw it looks like you accidentally quoted the same sentence twice.

Which is a good reminder to everyone to support your local Lemmy instances.

Yeah, I actually kinda like the idea of a whole internet where avoiding virality is somehow built into the system. But I think such a system would naturally evolve into a p2p solution. You couldn’t stop people from taking and rehosting content on their own servers.

And my point was directly in response to your point.

It doesn’t matter if virality is the goal, unless you’re suggesting it be actively prevented, virality is just a natural phenomenon of the internet. The term viral generally implies uncontrolled exponential spread. To this day, stuff goes viral without people intending it to.

And if you architect the system to scale a p2p network proportional to virality (ex. as people share it, they also self-host) you run into a ton of security and abuse challenges. We’re also stretching the definition of “self-hosting” at this point.

Honestly, it’s just a matter of knowing this list:

• CPU
• RAM
• motherboard
• GPU
• hard drive
• case
• power supply

And roughly how they should fit together.

But every time I build a PC I have to figure out what the latest versions of these parts are, make sure they’re compatible, and when I get the parts they might have some unique form factor I have to figure out on the fly. Just going to PC Part Picker and picking out each part is 90% of the way there. After that it’s just a matter of getting them, sticking them together, crossing your fingers that it powers on, and installing an OS. If/when it doesn’t power on, THAT’S when you start learning…

But I would say building a PC is not a fraction as difficult as say, knowing how to work on a car.

In the last 10 years there has been a seemingly noteworthy uptick in hardware bugs in both intel and amd CPUs. Security researchers find and figure out potential attack vectors that rely on these bugs (ex. Specter/Meltdown). Then operating systems have to put workarounds in their kernel code to ensure that these hypothetical attack vectors are accounted for, at the cost of performance and more complicated code.

Linus is saying how annoyed he is with all this extra work they have to do, resulting in worse performance, all to plug vulnerabilities that we’ve never actually seen any real attackers use. He’s saying instead we should just write the code how it should be, and if the hardware is insecure, let it be the hardware company’s problem when customers don’t use the hardware.

The problem is, customers will continue to use the hardware and companies who need a secure OS (all of them) will opt to not use Linux if it doesn’t plug these holes.

I feel like the end goal has always been the incentive for me. I learned to build a PC because, if I wanted to play the games I wanted, there wasn’t another option. I still do always enjoy the process of putting it all together, but I’m always ready to have it all working, booted, and put to use (if not just so I can be relieved that I don’t need to RMA anything, hah).

If the end goal isn’t something that interests you, then maybe it’s just not worth doing it.

*Besides the ones your instance has defederated from

I can’t fault them for not making such a niche product at a large enough scale to make them readily available and cheap. I know we’ve become accustomed to that from other larger companies, but for a small company, that’s either very risky or just not an option. So they just design cool stuff, make just enough so that they know they can safely sell them all and thus make a predictable ROI, and move onto the next cool thing. No pressure for growth or satisfying every potential customer. Sounds like the dream.

I was looking forward to cities 2. When I heard it had crippling performance issues, I decided to wait. Still haven’t gotten back around to it. There are just too many other games that already work for me to put up with broken new releases.

I highly recommend skipping straight to witcher 3 unless you really love the series and want to consume everything it has. Still, 3 + the dlc has a lot.

TBH my favorite part of W3 was all the side quests. The writing and dialogue are intriguing and give you more of a flavor for the dark fantasy of the world.

It’s worth noting that the “scary” parts of the Outer Wilds DLC (are very mild, and) are not mandatory. That is to say, for the most part, if you find solving a part of the game too stressful, try approaching it differently.

I loved the base game and DLC. Should be the top of any backlog IMO.

Agreed with using keepass. If you’re one person accessing your passwords, there’s no reason you need a service running all the time to access your password db. It’s just an encrypted file that needs to be synced across devices.

However, if you make frequent use of secure password sharing features of lastpass/bitwarden/etc, then that’s another story. Trying to orchestrate that using separate files would be a headache. Use a service (even if self-hosted).