I think a lot of it was frog and hot plate situation. If they had done all this stuff all at once people would have dumped them immediately, but they did it slowly always seeming reasonable and considered at each step.

And a lot of people still adopt their product because for better or worse, it is the best known and relatively easy to use.

I don’t use Plex. I have never used Plex. But based on the one time I tried, this doesn’t surprise me even a little bit.

Years ago I installed it on my NAS, it was a one click download package. I installed it and hit the button to set it up. And then it prompted me to make a cloud account.

Why do I need a cloud account? I am logging into my local server and I am not sharing anything with anybody nor am I subscribing to any cloud services. I have no need of a cloud account. But, the way they built the thing, you need a cloud account to log into your local system.

I did not create a cloud account. I uninstalled it. I concluded that a company that claims to care about user privacy, but requires cloud integration in an area that absolutely does not require cloud anything, does not actually give a shit about privacy. I Googled and found that the requirement for a cloud account was, at the time, a fairly new thing. Lots of people didn’t like it. I concluded that this company was beginning to enshittify, although this was years ago and none of us had heard that word yet. But either way, it was obvious that the company was moving in a not customer-friendly direction and I did not want to be along for the ride.

My choice has been proven right several times over the years since. And yes, every time they remove a feature, or make some other customer unfriendly decision, I retell this story.

The moral here is that a company either cares about its customers or it doesn’t, and it’s usually pretty easy to tell which one fairly quickly. When one bad decision is made, and not corrected, others will follow.

Synology is the latest example of that. For anyone not paying attention, they have recently announced that their 2025 series units will only work with Synology branded hard drives, which are of course more expensive than standard Seagate or Western Digital drives (which work just fine). But if you look, the bread crumbs are there and form a trail. Over the last few years they have removed features, for example the device is no longer can decode h.265 surveillance video, and the units will no longer display SMART data for ‘unsupported’ drives. I say no longer because they used to, but an update changed that so they no longer do.

Bottom line though is don’t do business with companies that don’t respect you.

Yes it can.

The fob has no idea what it has access to, in most systems it just has a serial number. When you tap it on the reader, the reader scans its serial number. The system has a list of which key numbers are allowed to open which doors at which times, if your key matches it opens the door. These almost always have some kind of log of which key opened which door when. Whether the building management knows how to access that is anyone’s guess.

If he loves in a building with fobs there’s probably cameras also.

So if he’s worried about after the fact investigation into his movements, he should live somewhere else.

Yeah exactly. I tried to set it up once, installed it on a NAS box, and it starts talking about me making a cloud account. Why do I need a cloud account to log into my own hardware on my own network?

I do not want the cloud
I do not need the cloud
I will say it very loud
No cloud, no cloud, no cloud.

But apparently it’s set up so the only way to log into your own locally hosted software on your own locally hosted hardware is with an external cloud account.

To that I said no thank you and uninstalled it.

Not sure about better but I can add a step. Fire up Microsoft word, then write a macro which outputs a shortcut that launches Internet explorer with a URL that loads and local HTML page which after 1 second redirects to a .exe. then click open instead of save as. That only works with really old school internet explorer of course not the modern edge version.

The beauty of self hosting is most of it doesn’t actually require that much compute power. Thus, it’s a perfect use for hardware that is otherwise considered absolutely shit. That hardware would otherwise go in the trash. But use it to self host, and in most cases it’s idle most of the time so it doesn’t use much power anyway.

I would return that UPS and for about the same price or not too much more you could get a cyberpower unit that puts out a real sine wave. Obviously your server does not like Riello’s fake sine wave, so why not feed it the good stuff rather than trying to force it to eat garbage?

Not really because their rights have not been violated, nothing was stolen from them. They were presented with a software product that had a limited license, and they accepted that. As far as they are concerned, the developer has fulfilled their contractual obligation to them; they were never offered a GPL license so they got exactly what they were offered.

The author of the GPL’d code however is another story. They wrote software distributed as GPL, Winamp took that code and included it without following the GPL. Thus that author can sue Winamp for a license violation.

Now if that author is the only one who wrote the software, the answer is simple- Llama Group pays them some amount of money for a commercial license of the software and a contract that this settles any past claims.

However if it’s a public open source project, it may have dozens or hundreds of contributors, each of which is an original author, each of which licensed their contribution to the project under GPL terms. That means the project maintainer has no authority to negotiate or take payments on their behalf; each of them would have to agree to that commercial license (or their contributions would have to be removed from the commercial version of the software that remains in Winamp going forward). They would also each have standing to sue Llama Group for the past unlicensed use of the software.

Unless you are one of the original developers who wrote the GPL code included in Winamp, you have no standing to sue them anyway.

Not necessarily. It means that Llama group, and perhaps the original Nullsoft, have violated the license of whatever open source developer wrote that code originally. So the only ones who could actually go after them to force anything are the ones who originally wrote that GPL code. They would basically have to sue Llama group, and they might also have a case against Nullsoft / AOL (who bought Nullsoft) for unjust enrichment over the years Winamp was popular.

Chances are it would get settled out of court, they would basically get paid a couple thousand bucks to go away. Even if they did have a legal resources to take it all the way to a trial, it is unlikely the end result would be compelling a GPL release of all of the Winamp source. Would be entertaining to see them try though.

Complicating that however, is the fact that if it’s a common open source library that was included, there may be dozens of ‘authors’ and it would take many or all of them to agree to any sort of settlement.

Here’s the story:
Company buys the rights to Winamp, tries to get the community to do their dev work for free, fails. That’s it.

The ‘Winamp source license’ was absurdly restrictive. There was nothing open about it. You were not allowed to fork the repo, or distribute the source code or any binaries generated from it. Any patches you wrote became the property of Llama Group without attribution, and you were prohibited from distributing them in either source or binary form.

There were also a couple of surprises in the source code, like improperly included GPL code and some proprietary Dolby source code that never should have been released. The source code to Shoutcast server was also in there, which Llama group doesn’t actually own the rights to.

This was a lame attempt to get the community to modernize Winamp for free, and it failed.

Of course many copies of the source code have been made, they just can’t be legally used or distributed.

The only way you can do this, is if the only service you use the provider for is storage. Encrypt the data before you send it to the provider and then they don’t know what they’re storing.

If they have to do any processing on it at all, then conceptually they need a plain text copy of it to feed into the CPU. And if they have that, there is nothing you can do to stop them from stealing it or using it.

There has been some research in this field, the concept is called homomorphic encryption. That is where you encrypt something in a way that allows a third party to manipulate the data without possessing a key. It is still very limited, and likely always will be due to the extreme difficulty of the question.

with an outside control interface that’s quite literally about as optimal as it can be.

Which is probably true, as long as you make one assumption- that the operator dedicates a significant amount of time to learning it. With that assumption being true- I’ll assume you’re correct and it becomes much more efficient than a Nano/Notepad style editor.

I’m happy to concede without any personal knowledge that if you’re hardcore editing code, it may well be worth the time to learn Vim, on the principle that it may well be the very most efficient terminal-based text editor.

But what if you’re NOT hardcore editing code? What if you just need to edit a config file here and there? You don’t need the ‘absolute most efficient’ system because it’s NOT efficient for you to take the time to learn it. You just want to comment out a line and type a replacement below it. And you’ve been using Notepad-style text editors for years.

Thus my point-- there is ABSOLUTELY a place for Vim. But wanting to just edit a file without having to learn a whole new editor doesn’t make one lazy. It means you’re being efficient, focusing your time on getting what you need done, done.

A text editor that doesn’t need a tutor because the interface is intuitive enough that someone who has been using text editors (as a concept) for years can more or less instantly pick it up and start working without needing a tutorial to simply edit a config file.

Yes exactly. This is a big part of why some repressive countries are starting to require identity registration in order to participate in social media. Arresting people is unnecessary if you can simply stamp out non-preferred speech at the point of discussion.

All the crypto in the world won’t help if you do stupid stuff and have crap OPSEC.

A big part of that is stay under the radar. If I were NSA I’d be running a great many TOR nodes (both relay nodes and exit nodes) in the hope of generating some correlations. Remember, you don’t need to prove in order to raise suspicion.

So for example if you have an exit node so you can see the request is CSAM related, and you run a bunch of intermediate nodes and your exit nodes will prefer routing traffic through your intermediate nodes (which also prefer routing traffic through your other intermediate nodes), you can guess that wherever the traffic goes after one or two relay hops through your nodes is whoever requested it.
If you find a specific IP address frequently relaying CSAM traffic to the public Internet, that doesn’t actually prove anything but it does give you a suspicion ‘maybe the guy who owns that address likes kiddy porn, we should look into him’.

Doing CSAM with AI tools on the public Internet is pretty stupid. Storing his stash on cell phones was even more stupid. Sharing any of it with anyone was monumentally stupid. All the hard crypto in the world won’t protect you if you do stupid stuff.

So speaking to OP- First, I’d encourage you to consider moving to a country that has better free speech protections. Or advocate for change in your own country. It’s not always easy though, because sadly it’s the unpopular speech that needs protecting; if you don’t protect the unpopular stuff you jump down a very slippery slope. We figured that out in the USA but we seem to be forgetting it lately (always in the name of ‘protecting kids’ of course).

That said, OP you should decide what exactly you want to accomplish. Chances are your nation’s shitty law is aimed at public participation type websites / social media. If it’s important for you to participate in those websites, you need to sort of pull an Ender’s Game type strategy (from the beginning of the book)- create an online-only persona, totally separate from your public identity. Only use it from devices you know are secure (and are protected with a lot of crypto). Only connect via TOR or similar privacy techniques (although for merely unpopular political speech, a VPN from a different country should suffice). NEVER use or allude to your real identity from the online persona. Create details about your persona that are different from your own- what city you’re in, what your age and gender are, what your background is, etc. NEVER use any of your real contact info or identity info.

Mainly conflicts with mDNS. However it’s shitty IMHO that the mDNS spec snarfed a domain already in widespread use, should have used .mDNS or similar.