Notesnook has a desktop app. Does it not work with self hosted implementation?

Hmm, you have typed words that I do not vibe with.

Cus there isnt a reason to change if you are already super familiar with pfSense. They basically do the same stuff.

In that case OPNsense does the exact same thing but with a more intuative GUI. It originally was a fork of pfSense.

What is stopping a CPU manufacturer from close-sourcing part/most of their CPU built on RISC-V. Even if the CPU is fully open, backdoors can be hidden in plain sight with clever design. And beyond the CPU, other components in our PC will remain closed. A new ISA isnt going to fix the systematic problems of capitalism or facism, where the corporations can exist and act without really feeling with any consequences. We must find a way to hold them accountable.

Why?

This is true, the USA is better and it is invading your soul.

Thanks. I don’t like clicking links and therefore didn’t know lol.

Which is?

WebCord supports it.

Nah, Verizon VPN is better

Self hosting has the advantage of keeping your encrypted vault local and under your control.

Self-boting is against ToS. You have to be careful when interacting with the Discord API. Maybe there is a way to run the discord website to fetch text messages.

Maybe inversely because of the increased heat of the tightly packed components.

It isn’t that artists are “less creative” and that is why they are being out-competed. What I was saying is AI can do it so much quicker and at such a low cost to companies. Music making is a long and (often) tedious processes.

What about when a style IS the copyright holder’s (the artist’s) personal style and voice likeness?

I see this as a major loss and just another way for capitalists to cheat artists and outcompete out them using their effectively free labor. It is disgusting and I hate copyright because it only works to benefit the rich and powerful, and never protects smaller artists.

Generally, I think it is better to use a general server OS like Debian or Fedora instead of something specialized like Proxmox or Unraid. That way you can always choose the way you want to use your server instead of being channeled into running it a specific way (especially if you ever change your mind).

That is not how security works. You must protect against known and unknown attack vectors. I am only pointing out weaknesses of Docker and other linux containers that share the kernel with the host or/and run with Root. I’m not saying anything original or crazy, just read up on the security of these technologies and their limits. I am not a malware designer, I am a security researcher.

Look into gVisor and Kata Containers for info on how to improve the security of containers.

Here are some readings for you:

https://redlib.tux.pizza/r/docker/comments/eakd50/help_can_i_safely_run_malware_inside_a_container/
https://www.csoonline.com/article/1303004/vulnerabilities-in-docker-other-container-engines-enable-host-os-access.html
https://www.panoptica.app/research/7-ways-to-escape-a-container
https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/
https://www.securityweek.com/leaky-vessels-container-escape-vulnerabilities-impact-docker-others/
https://www.cybereason.com/blog/container-escape-all-you-need-is-cap-capabilities

It is not speculation, it is reducing attack surface. Security is preemptive. Docker/Podman are not strong isolation solutions. Rare does not mean we shouldn’t protect against the chance of kernel vulnerabilities. The linux kernel around 30 million lines of code long and written in a memory unsafe language. Code isn’t safe just because we dont know the vulnerabilities, this is basic cybersec reasoning.

Docker/Podman and LXC linux containers share the same kernel with the host machine. Root in the container is root period (in the case of rootfull containers). Even without root, much of the data on your machine is readable from any user. With a exploit to escape the container (which are common) the malicious program has root on the machine. This is a known attack vector against linux containers. VMs are much better for isolating untrusted software from the host OS.