can’t see how this can possibly be a good thing, you know it will mean funding with conditions.

Well, the things they are funding will get funded? How is that a bad thing?!

The conditions range from very broad, like “fix bugs” (curl), over somewhat specific like “improve cross-platform compatibility and the Linux RNG” (Wireguard), to very specific like “create a test-suite and drive development on the Fediverse account migration functionality” (ActivityPub).

You can see more for yourself at https://www.sovereign.tech/tech

All of these seem to be rather tame conditions that are just there to ensure the funds get used in the way they were intended to be used. And I don’t really see how that gives the STF any sort of direct control over these projects, while it gives those projects resources to achieve more than they might have otherwise. There are no long-term funding models that would enable implicit control over these projects.

android auto

First I heard of this, but since it seems to be just some software that runs on the hardware of car manufacturers it seems rather unlikely. But very theoretically possible, if the car manufacturer was using default process scheduling in a CPU constrained machine and now switches to real-time scheduling in an update. But that was possible for years before this news, the code has just been mainlined to the default kernel now. If the car manufacturer cared about that they would probably have done it already with a patched kernel.

Oh yeah, can’t use the same IP range as your LAN, that will lead to problems. :D Glad it’s fixed.

Out of curiosity, does forwarding work now without the output (-o) command in PostUp?

Like I said in another thread on this post, I’m pretty sure that’s because they are forwarding input but not output in the PostUp rules. Setting a /32 in AllowedIPs works fine for me.

What are you trying to say? That reply also shows AllowedIPs set to a /32 on the server side.

I don’t think that’s what the setting does. Anyway, I have them set to a /32 IP in my server config and it works nonetheless. I get full access to the /24 behind the server from the client.

You have ALL traffic being routed over Wireguard here.

Please correct me if I’m wrong, but isn’t it the other way around? All Wireguard traffic is forwarded to the local interface.

I think the problem might be your PostUp/PostDown lines have an in-interface (-i) but are missing an out-interface (-o) for the forwarding. Try this:

PostUp   = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE

Linux users can’t even agree […] so how am I supposed to pick one with any confidence?

Easy. You make a post like the OP, count the positive mentions of distros in the comments, and bam, you have your distro of choice. It’s called the Linux newbie roulette and works kind of like the magic hat in Harry Potter that sorts you into your house.

(not actually everything, but I get your hyperbole)

How is it hyperbole? All artificial neural networks have “hallucinations”, no matter their size. What’s your magic way of knowing when that happens?

there must be a bit more to it than that. AIM, Skype, and several others were viable options with existing userbases.

Once upon a time in a messenger landscape far far away there lived a king called XMPP. It had a lot of powerful children, WhatsApp, Facebook Messenger, Google+, and even Skype amongst them. And they all worked together in a big federation towards the commonwealth of all, freely sharing their metadata. But then some of the children grew greedy, jealously guarding their own gardens behind higher and higher walls, breaking down the federation. And thus the era of the warring messengers began. But prophecy foretells of a prince to unite all the disparate standards in one big Matrix again, completing yet another revolution of the XKCD 972 wheel of time.

For real though it was phone numbers. WhatsApp always worked based off of phone numbers, which is an identity confirmation method that was immediately familiar to most people at the time, even more so than email.

Oh you are right, I misread that. Thanks for pointing it out.

it’s definitely more pro-privacy than Brave or FireFox. I’ve never had to jump through a captcha to use Google in those browsers.

You have this backwards. Google showing you captchas is basically them saying they can’t match your browser to any know (shadow) profile they have already stored. So they aren’t sure you are a human and if so which one specifically. Getting harassed with a captcha is essentially like a badge of honour for your browsers privacy settings.

Firefox has no extensions so no Adblock.

That’s because so far every browser on iOS had to use WebKit as it’s HTML rendering engine, meaning that even if you installed another browser manually you were basically still using Safari under the hood. IIRC the new DMA rules include allowing other browser engines like Gecko, so Mozilla is probably already working on making addons available. I mean they are available on Android, so why wouldn’t they make them available on iOS now that they finally can?