There are a bunch of aluminium Lily58 cases out there, they're not cheap tho.
Most of the time keys popping out means your plate is too thick or the switch holes aren't a good fit. You can often improve it (and the sound) with some foam between the plate and the pcb - you can buy laser cut neoprene plate foam for lily58s, or you can always freehand it with a knife and a sheet of 2-3mm foam (it's not that hard and doesn't have to be perfect).
It's pretty common for Alice-style keyboards to have two Bs (the one in the pic in the article does) as on a normally-staggered keyboard the B key is basically equidistant from the home keys so it's common to use either.
But it would be a bit of a problem for keycap sets, some come with extra Bs to accomodate Alice keyboards, but none that I'm aware of have extra G/H/T/Y. That would mean you'd be into buying two sets or using weird keys, so it's probably unlikely to be a popular choice.
That said, there's so many custom keyboards out there, and it's easier than you think to design and build your own - if you feel strongly about it go for it.
I did have that problem a little when learning to type on a split, but I very quickly corrected after hitting the table a few times haha. I actually think it's arguably easier to learn to type on a split as it'll quickly force you to break some bad habits.
Yeah I have a couple of recent Samsung OLEDs and they're fine without an internet connection despite reports that they wouldn't be. If I press one of the annoying streaming service buttons on the remote it'll give me a setup popup which needs to be dismissed, otherwise they work fine, albeit without any built in streaming support.
I'd read reports that Q-Symphony (audio from the TV speakers and soundbar simultaneously) wouldn't work, but it does.
I stuck an OSMC (https://osmc.tv/) box to the back of both of them so they can play stuff from my NAS. They're not the cheapest solution and I realise Kodi/XBMC on which they're based isn't everyone's jam (I grew up with XBMC on an Xbox so it is very much mine) - but they play everything, have wifi, HDMI-CEC, integrated RF remote, and work out of the box.
Model numbers if anyone cares: Samsung QE65S95C, Samsung QE77S95F. I believe S95, S90 and S85 (at least up to F) are all very similar so they should all work but ofc ymmv.
This OSMC box looks interesting, but does it allow to run arbitrary programs like a plain Linux box? What I have in mind here are things such as VacuumTube (YoutubeTV front end), a Web browser to stream from various online sources, etc. I found KODI (as running on Linux) far too restrictive when it comes to streaming from the Internet, and the add ons to be terrible. (In particular the YouTube add-on requires an API key registered with Google, which makes it a far worse proposition than using VacuumTube anonymously.)
Yeah that OSMC box is just running Debian with their stuff coming from its own package repo. You can get a root shell. I realise I could have built something myself (and have in the past) but it's absolutely worth the money to me to get everything in a tiny package and working perfectly from day one.
I wouldn't recommend Kodi for streaming, it kinda works but the experience isn't great. I use it exclusively for playing stuff from my server full of legally acquired public domain videos (ahem).
I do watch YouTube videos on it, but I use TubeArchivist (basically a fancy wrapper for yt-dlp) to pull them onto the server first, and a script to organise them into nicely-named directories.
Thanks for mentioning VacuumTube, it sounds useful.
I’m using a Minix Z100 running Gnome and Kodi. I use a simple Bluetooth keyboard, the interface is clunky but it does the job. I use Samba to also share files to VNC running on iOS and Android on the same network.
I tried using fancier solutions but anything that browses content without involving directories always break for some specific content in unpredictable ways.
That has been my experience as well. So far nothing has come close to the flexibility of Gnome (upscaled) with an airmouse. I am keeping an eye on the Plasma Bigscreen project however (10-foot UI for Plasma).
An alternative could be some x86 Android TV build like Lineage, but I have not seen very convincing demonstrations that this is truly viable.
You’ll need to have some plausible amount of non-ssh traffic otherwise your account will be automatically re-assigned as an Enterprise Infrastructure Account. It will be temporarily suspended while you apply for a license.
EIAs are £452.17/month (a statutory amount originally defined in The Online Safety Act’s 2027 update, subject to triple-lock inflation), licensed, and subject to inspection. There’s a four month waiting list for licensing due to backlogs at the local County Court.
The alternative is therefore to use up a strike and apply to have the account repurposed back to a Citizen User Account. CUAs must remain below a 50:1 down/up ratio and must have p90 non-https “control” traffic of 48kbps or less. They are expensive too but you get a 25% discount if you install your ISP’s mobileconfig / MDM profile though. With the profile discount the price is now only £64.99 a month.
(This assumes you run an Approved Platform capable of mobile device management. Anything else — Linux based, old versions of macOS, Windows <= 13 etc. — has to pay the full price and CUAs are limited to one Custom Access device per connection.)
You can get it down to £49.99 a month if you sign up for a 12-month trial of their home security system — cameras, door “e-locks”, that sort of thing. The devices are locked down but you can see the last 48h of events on their cloud portal. The devices have tamper detectors and the traffic is encrypted e2e but luckily that doesn’t count towards your CUA agreement’s limits on opaque traffic.
Good luck having the general public using SSH connections to route their traffic. You’re not a hermit (or you wouldn’t be on HN). You live in a society and what affects your peers and their behaviours also influences your life.
If a VPN ban happens, I (a US citizen) and others will happily provide your people with easy to understand plain English circumvention instructions and tools, designed for the “regular Joe”, regularly adapting to whatever the latest conditions are. Maybe SSH based, maybe a VPN over SSL, maybe Tor, most likely some combination designed to evade detection.
If your society is anti freedom of information, your society deserves a spanking.
You should look at your own society before criticising others. Your own US states are already implementing age-verification laws, your own government is attacking its own citizens and foreigners, you’re know for mass surveillance of your own citizens (the name Snowden ring a bell?) and others (which is exactly why other countries are avoiding US companies), and your government is hiding inconvenient files (Epstein) and ordering the erasure of scientific information (climate change). You’re not the bastion of freedom you believe you are, and you’re definitely not one to school others on “freedom of information”.
I have the capacity to fight for freedom of information both at home and abroad, and yes there is urgent need in both places.
My primary complaint with the UK and EU right now is that they have been attempting to restrict US freedom of information, versus say China who doesn’t make an effort overseas. Not only are the UK and EU exerting pressure against US companies to change their global policies, but especially in the case of the UK, they are attempting to change the legal framework governing the internet by claiming that sites are somehow subject to UK law unless they proactively block the UK. All this on top of long time EU/UK participation in shady “counter-misinformation” efforts that have spun up a web of state-funded NGOs who attempt to influence US policy against freedom of information. So yeah, I’m pissed at your countries in particular.
My experience of working with Perl as a primary language from late 90s to today: Perl was dead long before Perl 6/Raku was a real thing. By the time that happened it had already lost massive ground to PHP, Python, Java, etc.
PHP had replaced CGI as the easiest way to get code on a webserver, Python and Java were easier to read and understand, easier to structure large systems with, and generally easier to use. Ruby came along and MVC frameworks became the thing for complex web platforms.
Meanwhile Perl was sorta keeping up, the "Modern Perl" movement helped dispel myths about "write only" code, things like Moose, DBIC, Catalyst, Mojolicious, etc meant you could write pretty modern stuff with it. But the community was smaller, fractured by Perl 6 and dominated by some ahem divisive characters which made it intimidating for newcomers, and it just slowly died from there.
By the time Stack Overflow came along it was easy to see that other languages had vibrant communities surrounding them and for me it never really recovered.
> “Consent or pay” models differ from a “take it or leave it” model, as the presence of a “pay” option means that accessing the service is not solely conditional on people providing consent.
I feel like this is ... slimy.
I suppose it does at least make things explicit - your data is very obviously a form of payment at that point.
SSH tunnelling is an utter necessity in the ridiculous corporate environment I work in. Incredible amounts of bureaucracy and sometimes weeks of waiting to get access to stuff, get ports opened, get some exception in their firewalls and vpn so someone can access a thing they need to do their job.
This guide mentions -D but doesn't really articulate quite how powerful it is if you don't know what it does.
ssh -D 8888 someserver, set your browser's SOCKS proxy to localhost:8888 (firefox still lets you set this without altering system defaults). Now all your browser's traffic is routed via someserver.
That was pretty much my standard way to browse the web away from home in the mid 2000s. But when I actually got a corporate job they had whitelisted IP addresses so I couldn't even get an SSH connection to some random box on the net. I was so miserable I started to look into setting up http tunnel and somehow getting a box I controlled whitelisted. But instead of going that far I just changed jobs.
It isn't a good idea to circumvent corporate environment networks. they're there for a reason, and doing it shows a lack of professionalism and dis-respect for the organization process, procedures, and security. Yes it takes weeks/months to get access, then it takes weeks/months to get access. You don't want to be held liable for opening a backdoor to confidential information, or compromising their security.
Exactly. It's not a good idea to bypass policies at work. Just because you don't know why the policy is there or you disagree with the reason, it doesn't mean you can ignore the policy.
If you can't get your job done, then escalate the issue to your manager. You not being able to get your work done because of other teams is the kind of problem they're supposed to be solving.
If you let me ssh on that server and I am allowed to ssh from there elsewhere that is not bypassing anything. You allowed me to do that unless it says somewhere that tunnels are not allowed. The question is mainly for which purposes you allowed me to use these things and whether I comply with that. E.g. if I was given a ssh route to reach the some internal LDAP system for software development reasons and I abuse it to stream cat videos on youtube that is on me. But if I use it to reach another internal server that I use for software development, then it is on them.
The alternative would be asking a babysitter for each connection you are making. Sounds like a good way to never get work done.
Also: A good sysadmin will have lines in their /etc/ssh/sshd_config that prevent me from tunneling if they don't want me to do it.
This is the approach I take too. If I need it and I can do it then I'm going to. If you don't want me to then block me.
I must say I've had some raised eyebrows over that approach but if the alternative is not getting my shit done then I'm gonna do it unless explicitly forbidden.
Bypassing corporate policy at work is risky. You might bring down negative consequences on yourself or your workplace. You have to understand what you are doing. You have to understand likely reactions.
But also, bypassing corporate policy can have benefits. If I'm more productive or get a reputation as the guy who gets things done or don't get seen as a complainer or just generally produce results because I bypassed a policy, those are all benefits. If I can transform "hey boss, it's gonna be another week on this project because I'm waiting on a policy exemption" to "here it is", that's a benefit.
You have to weigh whether the benefits outweigh the risks for you.
Depends on what you mean by bypassing. If it is a workaround that is not prohibited but rather just not known by ICT and most users, there's as good as no personal risk.
If on the other hand, it is sabotaging or disabling safety systems, e.g. exposing the internal network to outside the corporation or writing passwords on a paper lying on your desk, then you can get blamed.
My experience is that this will always be a kind of cat and mouse game and that is just fine. It keeps ICT sharp while there always are possible ways to cut some corners if things need to move forward. Alternatives would mostly be ultimate chaos or crippling bureaucracy.
I do agree, but I'm not sure people are actually thinking about the potential risks. Because it's easy to say "what risk can there possibly be?" but it's hard to actually answer that dismissive question.
Also, the if there is risk analysis it may be overly focused on the short term. I've worked with "here it is" kind of people... and had to deal with the messes they leave behind. Those people get praised in the moment at the expense of the future (some of those cases were actually recognized eventually and the people were let go).
Sometimes they are. Sometimes that reason is long forgotten, or isn't really valid anymore, or is an overprotective measure and not really a good reason in the first place. Quite often it doesn't justify waiting weeks or months to get it changed.
[...] they're there for a reason [...] Yes it takes weeks/months to get access, then it takes weeks/months to get access.
Not exactly. Everyone has to evaluate for themselves how legit the rules are and act accordingly. More often than not, boilerplate rules are thoughtlessly applied and there is no pragmatic process to handle the exceptions to those rules.
Admittedly, it's a risk to break such rules. One has to be an adult and use good judgement. It's OK, most of the time.
In many corporate cases, SSH tunneling is the desired way of accessing a closed by default port on a firewall. Very often from a predefined bastion host.
If you don't want to open a range of IPs, it allows only people with their ssh key registered on either a selected bastion host or the server to open a specific port.
It can also be a way to authenticate users. For example if you want to secure the access to an open source version of an app for which only the proprietary enterprise tier allow authentication by ldap/AD/oauth2. You can have ssh authenticate against LDAP/AD/oauth2 and leave the app running without authentication enabled or with a single user. As long as you don't need RBAC/privilege separation or some kind of auditing of what each user does on the app this is a particularly valid solution.
I will do everything by the book if your company gives me a person that can help me within half an hour. If every request needs days to complete and then doesn't work and then I have to make another request – if I wouldn't know better I would call it sabotage.
From the CIA simple sabotage field manual: Insist on doing everything through “channels.” Never permit short-cuts to be taken in order to expedite decisions.
"Waiting for corporate to punch a hole through three firewalls for me to get access to the test server :P"
I was on a project once where a consultant had dropped their laptop and it had taken a week or two to get fixed. After that everyone had to use a laptop provided by the client. When we scaled up the project with 3 more developers the project manager who had set up this policy discovered that the lead time for 3 dev laptops meant that the new developers got to be bored for a month at a fairly high hourly rate.
That is an awfully specific question. Here are a few examples of what could happen though:
- Malicious code on a webpage compromises your computer.
- You download unauthorized software to install, which possibly even comes from a known-bad source.
- Your employer could have trouble establishing that their patent is legitimate because you accessed documentation from a competitor.
Even if the worker avoids liability for costly mistakes, the company will be set back. You can also be fired for breaking rules like that even when there are no actual damages.
I came here to say this. Yes I know https://no-www.org/ is a thing, but browsers have a ctrl+enter shortcut that'll top and tail the domain with https://www. and .com - having that go to an error page is not great particularly given the reason to do it was partially ease of access by customers.
Even running your own local resolver, if you generate enough traffic they'll still block you. I think their definition of open relay is based on traffic volume.
(which is their right, of course - just a warning that might help someone not find this out at 4am like I did)
Yes, because Spamhaus is a commercial enterprise. My own experience with their "free tier" limit is that it's generous and sufficient for personal use.
Most of the time keys popping out means your plate is too thick or the switch holes aren't a good fit. You can often improve it (and the sound) with some foam between the plate and the pcb - you can buy laser cut neoprene plate foam for lily58s, or you can always freehand it with a knife and a sheet of 2-3mm foam (it's not that hard and doesn't have to be perfect).