Concrete example of threat modeling: if someone found out I was using Signal, for any reason at all, would that cause problems for me?

If yes, then Signal is not a good option. If no, then Signal may be appropriate. Why? Because in their documentation, they explicitly state that while messages are confidential, the fact that you’re using Signal cannot be hidden, and so they don’t make that guarantee.

Tbf, can’t the other party mess it up with signal too?

Yes, but this is where threat modeling comes into play. Grossly simplified, developing a threat model means to assess what sort of attackers you reasonably expect to make an attempt on you. For some people, their greatest concern is their conservative parents finding out that they’re on birth control. For others, they might be a journalist trying to maintain confidentiality of an informant from a rogue sheriff’s department in rural America. Yet others face the risk of a nation-state’s intelligence service trying to find their location while in exile.

For each of these users, they have different potential attackers. And Signal is well suited for the first two, and only alright against the third. After all, if the CIA or Mossad is following someone around IRL, there are other ways to crack their communications.

What Signal specifically offers is confidentiality in transit, meaning that all ISPs, WiFi networks, CDNs, VPNs, script skiddies with Wireshark, and network admins in the path of a Signal convo cannot see the contents of those messages.

Can the messages be captured at the endpoints? Yes! Someone could be standing right behind you, taking photos of your screen. Can the size or metadata of each message reveal the type of message (eg text, photo, video)? Yes, but that’s akin to feeling the shape of an envelope. Only through additional context can the contents be known (eg a parcel in the shape of a guitar case).

Signal also benefits from the network effect, because someone trying to get away from an abusive SO has plausible deniability if they download Signal on their phone (“all my friends are on Signal” or “the doctor said it’s more secure than email”). Or a whistleblower can send a message to a journalist that included their Signal username in a printed newspaper. The best place to hide a tree is in a forest. We protect us.

My main issue for signal is (mostly iPhone users) download it “just for protests” (ffs) and then delete it, but don’t relinquish their acct, so when I text them using signal it dies in limbo as they either deleted the app or never check it and don’t allow notifs

Alas, this is an issue with all messaging apps, if people delete the app without closing their account. I’m not sure if there’s anything Signal can do about this, but the base guarantees still hold: either the message is securely delivered to their app, or it never gets seen. But the confidentiality should always be maintained.

I’m glossing over a lot of cryptographic guarantees, but for one-to-one or small-group private messaging, Signal is the best mainstream app at the moment. For secure group messaging, like organizing hundreds of people for a protest, that is still up for grabs, because even if an app was 100% secure, any one of those persons can leak the message to an attacker. More participants means more potential for leaks.

When I see E2EE and XMPP mentioned, I think of this blog post by Soatok, outlining some very odd cryptographic choices in XMPP + OMEMO: https://soatok.blog/2024/08/04/against-xmppomemo/

I would very much like to see a richer playing field than just Signal for private messaging, but it’s a tough nut to crack. For exactly which aspect that turns me away from XMPP for E2EE, I think this nails it down:

you only need check whether OMEMO is on by default (it isn’t), or whether OMEMO can be turned off even if your client supports it (it can).

When the competition is Signal, these sorts of details matter a lot.

When doing comparisons of the nature posed by the title, it is all-important to establish the baseline criteria. That is, what does the landscape look like just prior to implementing the titular policy?

If starting from the position of the present-day USA, then it is almost certain that free-at-time-of-service universal health care would cause the Bureau of Labor Statistics (BLS) to rewrite their projections for medical personnel jobs, in very much an upward trajectory. After all, middle- and upper-class people that already had decent won’t somehow need more healthcare just because it’s free, but people who have never seen a doctor in their adult life would suddenly have access to a physician. More total patients means more medical staff needed, both short-term and long-term. The latter is because the barrier to annual checkups is all but eliminated, which should also yield better outcomes through early detection of problems and development of working rapports with one’s physician.

If, however, the baseline situation is a functional but private-payer healthcare system in a place with a low Gini coefficient – meaning income is not concentrated in a few people – then it’s more likely that healthcare is already accessible to most people. Thus, the jump in patients caused by free healthcare may be minimal or even non-existent. It may, however, also be that free healthcare would benefit different segments of this population through access to a higher standard of quality care, if removing the private-payer system results in dismantling of legacies caused by racism, colonialism, or whatever else.

After all, that’s one of the tenants of a universal healthcare system: people get the treatment they need, with no regard for who they are or what wealth they have (or not).

Let me make sure I understand everything correctly. You have an OpenWRT router which terminates a Wireguard tunnel, which your phone will connect to from somewhere on the Internet. When the Wireguard tunnel lands within the router in the new subnet 192.168.2 0/24, you have iptable rules that will:

• Reject all packets on the INPUT chain (from subnet to OpenWRT)
• Reject all packets on the OUTPUT chain (from OpenWRT to subnet)
• Route packets from phone to service on TCP port 8080, on the FORWARD chain
• Allow established connections, on the FORWARD chain
• Reject all other packets on the FORWARD chain

So far, this seems alright. But where does the service run? Is it on your LAN subnet or the isolated 192.168.2.0/24 subnet? The diagram you included suggests that the service runs on an existing machine on your LAN, so that would imply that the router must also do address translation from the isolated subnet to your LAN subnet.

That’s doable, but ideally the service would be homed onto the isolated subnet. But perhaps I misunderstood part of the configuration.

I’m a bit short on time, but I think “streaming” needs to be broken down into categories of scale. Streaming video from your home Plex server (shout-out to [email protected]) is a lot different than Netflix’s video delivery system.

The latter intentionally stores the same content in multiple geographies, then with caches at local data centers, and sometimes even caches within your ISP’s network. All of this to distribute the load of millions of users, who can just as easily be in Florida as they might be in Oregon. The duplication and redundancy means a lot of power draw, well more than just a few disks spinning up.

Whereas a home server has just one copy of the content, and since it might not always be streaming a video to you, can save power by spinning down drives or other optimizations. It is simply not possible to describe “streaming” when such radically different delivery mechanisms can all plausible be considered as streaming.

Does a webcomic count as a franchise? https://satwcomic.com/

And here are all of France’s appearances: https://satwcomic.com/the-world/france

No, I want a decentralized go-to place that I can check many points of view over a subject, just like the Fediverse works today.

I disagree with the premise that multiple POVs on every topic will yield better understandings or discussion. It is the same flaw that Ground News or other services have, which purport to curate POVs from different news media outlets, with the implicit assumption that all the outlets have something useful to offer. This assumption is absolutely balderdash.

The Fediverse is no more – or less – immune from disinformation and other ails, but has better user- and instance-level protections: bans and defederation are effective, because if they weren’t, people here wouldn’t log back on. For Mastodon and Lemmy and other forms of social media, the decentralization has clear and obvious benefits.

A decentralized knowledge-store does not.

There is nothing to fear.

There is everything to fear when knowledge is spread out into small libraries across the land. The historical analog is book-burning incidents that dotted human history, whether to suppress paganism, Mayan culture, or the spread of communism. The modern-day analogy is when Vine went defunct and the content was almost wholly lost to the world. The Fediverse example is when an instance unexpectedly disappears, stranding all its users.

But focusing on a knowledge-store, technology has given us the ability to copy data at rates that outpace all of history’s ecclesiastical scribes put together. We can – and do – preserve the largest datasets (see [email protected]) because it is a matter of resilience. Yet that endeavor has become more difficult precisely because of technology. The Internet Archive faces this issue, because they cannot save what they don’t even know exist or cannot see it.

The Fediverse inhabits a very special Goldilocks zone right now, not unlike Wikipedia, where the availability of interest, capabilities, and materiel allow for the existence of this internet experiment. But fragile it is, and instances are no further from risk than by a DMCA notice, a UK age restriction law, a frivolous but expensive SLAPP suit, or just plain ol running out of money.

If I had spare time and energy and were presented with the options to either: 1) set up a decentralized knowledge store of nebulous benefit, or 2) support the online compendium which I’ve personally used for over two decades now and has helped untold numbers of students and researchers with starting the research into a new-to-them topic, and could do so by using my servers to seed the all-Wikipedia torrents… well, I think the choice is clear.

As a website or service, sure. But the Wikipedia has been available to download for offline use since basically its inception. This is how users in places with poor internet connections can still benefit from the Wikipedia. Certainly, the idea of distributing Wikipedia on disc is a bit odd.

But whether it be smuggling books across the Iron Curtain, downloading swaths of paywalled scientific papers from an MIT computer, or accessing information about abortion, the pursuit of knowledge is a chiefly human trait and one not easily suppressed. But if all those, the Wikipedia has the best track record for being openly available and free (as in speech, and as in beer).

Anyone – not just the Wikimedia Foundation – can protest a proposed age restriction against Wikipedia by sending out enough Wikipedia CDs that would rival AOL’s 1990s campaigns. So too could one print a physical volume, just to prove the point that anti-proliferation of information is a lost-cause.

I think we need to start with what Wikipedia is meant to be, before even considering whether it would be aided through federation. By their own words:

Wikipedia’s purpose is to benefit readers by acting as a widely accessible and free encyclopedia; a comprehensive written compendium that contains information on all branches of knowledge.

Encyclopedias are designed to introduce readers to a topic, not to be the final point of reference. Wikipedia, like other encyclopedias, is a tertiary source and provides overviews of a topic.

Content is governed by three principal core content policies – neutral point of view, verifiability, and no original research.

That describes the content intended to go into the Wikipedia, but we need to also mention the distinction between the Wikipedia itself, the MediaWiki software package which powers Wikipedia, and the Wikimedia Foundation.

With MediaWiki, which is FOSS (GPLv2), anyone can set up their own encyclopedia-style volume of articles to host on the web. And that’s exactly what many fandom websites or technical documentation websites do, because that level of detail would not be accepted into the general-knowledge Wikipedia. And you can hardly blame the Wikipedia for wanting to avoid scope-creep.

Likewise, if someone disagrees with how a topic is discussed in a Wikipedia article, they can go in and make the change, provided that they follow the same rules and procedures as everyone else. Yes there are moderators, but even moderators can be moderated. In a way, Wikipedia is a collective effort that somehow democratized editorship and it’s shocking that it hasn’t devolved into major terf wars.

And that’s where the Wikipedia Foundation comes in. They are both the charitable foundation that keeps the Wikipedia servers running, as well as administering the collection, much like how a museum protects cultural treasures. Dissatisfaction with the limited role that the Foundation plays can be solved by forking the Wikipedia; they don’t assert a monopoly on the collective knowledge, and indeed the entire thing can be downloaded for offline use or to host a mirror under separate administration.

With all that said, Wikipedia as a concept hews very closely to the print version of an encyclopedia. It is functionally a really big book, painstakingly edited by untold numbers of people. The fact that it’s not just a bunch of random blog posts is its strength. Wikipedia is not social media; it is distributed editorship.

But supposing you do want a distributed knowledge base, where there might exist multiple versions of an article, please explain why the World Wide Web doesn’t already accomplish that. People have been writing their own thoughts since the 1990s. If the WWW is too general-purpose for your liking for knowledge articles, then perhaps something like the DICT protocol is more palatable?

Despite ostensibly dealing with dictionaries, DICT has been used to offer the CIA World Factbook and the Jargon File, which are more like subject-matter specific encyclopedias. As a standardized protocol – even CURL can fetch DICT entries – the Fediverse doesn’t need another protocol to do the same thing.

I personally think there is value – a lot of value – in the Wikipedia, precisely because of what it’s not. Wikipedia is not a place to express opinions, it is not a popularity contest of ideas, and it is not a space untethered from facts and logic.

I think you’ll have to provide some examples – ideally as photos – of streetwear fashion. Without any prior research, I only know the term to mean “comfy clothes” that would fall below the typical bar for “casual” dress code.

A quick web search shows examples ranging from perfectly reasonable outfits consisting of normally-proportioned shorts, jackets, pants, and shoes. To some outlandish outfits that are prominently displaying designer brands.

And perhaps that’s the crux of the matter: what shows up on the fashion runway or “haute couture” magazines is never descriptive but prescriptive: a designer brand has a vested interest in getting the masses to believe that something is fashion so that they can move product.

Taken to the logical extreme, there is an idea that designer clothes are intentionally outlandish, precisely so that said clothes would never be worn by “normies” in day-to-day activities, and thus can always (and persistently) be projected as high-end.

Commercialized fashion is not a democratic experiment to see what most people want to wear. It is to move product every “fashion season”. “Designer streetwear” is a poor approximation for what normal people wear when they just want to grab a sandwich from the bodega and then return to watch another episode from Season 2 of The Rehearsal. Maybe this should be called “real streetwear” to distinguish it from so-called designer goods.

Whoops, you’re right. I misread the first sentence as though OP’s brother was hired by the company. In OP’s brother’s case, yes, this act would appear to void any clause that would restrict writing a review, whether good or bad.

Sadly, this act only covers “form contracts” for the sale of services or products, and doesn’t look like it would extend to contracts of employment. That is, a consumer cannot be bound by a clause that prohibits writing reviews. And if a consumer of the company’s products is also an employee, then this act doesn’t prohibit a “no reviews” clause in the employment contract.

EDIT: I goofed at reading comprehension of OP’s post. What I wrote is a correct but irrelevant analysis. This act appears to void the clause of the contract.

A phone with battle scars!

The other comments correctly explain why an index fund is probably better suited, and will preserve more value by having lower fees. But I will propound on why “universal life insurance” (whether indexed or not) might not be a good fit for you.

To explain, I have to start with what the point of life insurance even is. At its core, life insurance is supposed to provide some benefit to replace your life. That is, if when you die, you would no longer be generating income to support your family or to honor your debts (only those which continue after you’re dead). Without the benefit of life insurance, the consequences might include destitution for anyone that depends on you, as well as possibly a forced sale of the family home if the mortgage goes into default. In a nutshell, if correctly set up, life insurance should approximate the value of your life, the same way that car insurance should make you whole if something happens to the car.

(I recognize that this sounds extremely morbid, to put a price on your life. But with the current socio-economic system, this is a necessary exercise)

A reasonable approximation for how much life insurance to buy is to consider how much monthly income would it take so that your family could continue as-is financially in the event that you disappeared from their lives. If the amount will cover everything from inflation, to future college funds, plus retirement savings that you would have made, then that’s probably the upper-limit for the correct amount of benefit to purchase.

If you have no debts, and have no family to support, there’s little point in buying life insurance. Indeed, it’s not terribly profitable for insurance companies to offer just life insurance, which is why they market other types which are partially life insurance, and partially an investment. Every form of life insurance – except fixed term life policies – have this mix.

So the question is, do you need life insurance right now? If no, then a dedicated investment vehicle – like an index fund – would make more sense. And if yes, then fixed term life insurance makes more sense because it’s cheap and doesn’t muddle your investment portfolio. If your answer is “no, but I might need life insurance later”, then with very few exceptions, you would just wait until you do need that insurance and then buy a fixed term life policy. You save money by not buying a policy earlier than you need it, but pay for it by a higher premium later in life, precisely because you’re closer to death’s door than you were earlier. So it’s mostly a wash.

I’m of the opinion that mixing one’s insurance objectives with one’s investment objectives is a recipe for disaster, with the extremely narrow situation where the quirks of USA tax law means that wealthy, savvy people that plan ahead could save some tax dollars. Maybe.

The practice of handwritten paystubs is deeply suspicious, in an era where even the most basic of business payroll software can easily generate and print out a paystub directly. But I want to focus on the request for $1232 for 8.8 hours of apparent effort.

That divides out into an hourly rate of $140 per hour! Such a high rate is the near-exclusive domain of a lawyer’s billable hours, as suggested from this 2002 survey by the Oregon State Bar. It is patently absurd to request the services of a lawyer for 8 hours when all it would have taken is an hour for a skilled accountant, or two hours if performed by even the most confused of small-business entrepreneurs.

Unless your employment records extended for decades across multiple corporate entities that went through mergers and acquisitions, that is an unreasonable charge. Your former employer may be confusing the “reasonable fee” provisions for preparing documents persuant to a subpoena.

I legit ran it over with a forklift the other week

I have to ask: what circumstance led to this particular incident?

This doesn’t answer OP’s question, but is more of a PSA for anyone that seeks to self-host the backend of an E2EE messaging app: only proceed if you’re willing and able to upkeep your end of the bargain to your users. In the case of Signal, the server cannot decrypt messages when they’re relayed. But this doesn’t mean we can totally ignore where the server is physically located, nor how users connect to it.

As Soatok rightly wrote, the legal jurisdiction of the Signal servers is almost entirely irrelevant when the security model is premised on cryptographic keys that only the end devices have. But also:

They [attackers] can surely learn metadata (message length, if padding isn’t used; time of transmission; sender/recipients). Metadata resistance isn’t a goal of any of the mainstream private messaging solutions, and generally builds atop the Tor network. This is why a threat model is important to the previous section.

So if you’re going to be self-hosting from a country where superinjunctions exist or the right against unreasonable searches is being eroded, consider that well before an agent with a wiretap warrant demands that you attach a logger for “suspicious” IP addresses.

If you do host your Signal server and it’s only accessible through Tor, this is certainly an improvement. But still, you must adequately inform your users about what they’re getting into, because even Tor is not fully resistant to deanonymization, and then by the very nature of using a non-standard Signal server, your users would be under immediate suspicion and subject to IRL side-channel attacks.

I don’t disagree with the idea of wanting to self-host something which is presently centralized. But also recognize that the network effect with Signal is the same as with Tor: more people using it for mundane, everyday purposes provides “herd immunity” to the most vulnerable users. Best place to hide a tree is in a forest, after all.

If you do proceed, don’t oversell what you cannot provide, and make sure your users are fully abreast of this arrangement and they fully consent. This is not targeted at OP, but anyone that hasn’t considered the things above needs to pause before proceeding.

I mean, at the USA average price of electricity of $0.13 per kWh, then for a halving of 70 Watts, it’s about 11 cents per day, or $40 per year. But at the California average price of $0.35, then the savings is 29 cents per day, or $107 per year.

That’s not small money, especially if it’s free to make these gains by ripping out unneeded functionality. But the point is taken that it’ll be hard to find savings from older hardware, which simply didn’t prioritize energy efficiency.

if you do go to an establishment that pays based on the assumption of tips

In the USA, there are only 7 US States (and Guam) which mandate that the minimum wage be paid prior to consideration of tips. All other states permit some fraction of tips to be considered as part of minimum wage, with some states limiting the employer contribution to as low as $2.13/hr.

This is indeed an absurd situation outside of those seven states, but it also means that it’s nigh impossible to avoid establishments that rely on tips to supplement wages, in the other 43 states.

With this background, I can understand why the earlier commenter views tipping as exploitative, for both the consumer and the staff. The result of either choice – boycotting places that pay less than minimum wage, or not tipping at those places – doesn’t change the fact that the staff are being underpaid, which is the root exploitative practice.

you’re just joining in the exploitation

I think reasonable people can disagree on this point, on whether not tipping constitutes a secondary exploitation. Firstly, this framing places blame on individuals when the whole situation is a systemic machine of abuse. It is no different than the nebulous idea of personal responsibility for greenhouse gas emissions, when large polluters have the actual levers to make real change. Secondly – and this is an economic policy argument which I personally don’t subscribe to – it can be argued that prolonged employment while underpaid is better than no employment at all, based on the premise that the employer would close down if a boycott was successful.

But like I said, the initial exploitation is root. Everything else is collateral. Systemic abuse is fixed by systemic overhaul.