Been running a Meshtastic node for awhile now. Really amazing piece of kit. I regularly make 2 mile distant contacts in an urban area with an indoor antenna. Soon I hope to be able to have an exterior mounted one.
It's a lot about height + antenna selection. I've had better luck with Rak stuff than the more popular and super cheap Heltec V3 (but the V3 is a great little gateway into Meshtastic, and isn't too bad in certain areas).
I feel like Meshtastic is a lot like what ham radio felt like 50ish years ago. People experimenting with antennas and radios... dealing with the FCC and band allocations...
I do find there's proportionately more "prepper" types on the mesh, at least here in the Midwest, than I encounter online. Makes sense, though, considering how a lot of it is described.
I've got a mix of LilyGo and Rak devices, and a sew Station G1's. LilyGo gets criticized, but after I switched to Rak antennas on them they work great.
The meshtastic discord definitely leans pepper as well. I live in a coastal urban area and the nodes here seem to be more general hobbyist.
I'm hoping to have some sort of automated BBS type node to play around with
If you think using containers provides improved security over WASM I don't think you understood the paper. At no point did they demonstrate compromising the host of the WASM program, just corrupting the state of POC's. There are obviously risks associated with that, but nothing that improves by going with isolated/containerized native code.
Yes currently lacking ASLR and read-only memory sites increase some risks, but strongly typed function pointers, control flow restricted to function entry points and call stack isolation more than make up for it
It's a 4 year old paper, and the biggest issue it brought up, malleable read-only data, is currently being addressed with the memory control proposal. The fact that a virtual environment can't prevent all types of erroneous program behavior is not particularly noteworthy. The fact of the matter, in particular when comparing WASM against containers, WASM is a generational step forward in terms of permissioning and isolation.
It's a lottery with these novelty TLDs. If you use them, setup your configuration such that you can move to another TLD easily.
.nets and .coms increase in price too, but they don't tend to jump by 100% in a single year like these novelty ones, which were created purely to make money for the registry.
That's what I did with a couple .uk domains from Cloudflare. I bought ten years at $4.30 per year so I don't have to worry about renewal price increases for a long time. I also liked that it was suck a short TLD and not from some sketchy country.
I spend way more in a bar in one night than on my domains yearly, so I always find 'oh I need one super-duper cheap, below $2/y otherwise it's way too much' comments a bit.. too frugal.
I also spend more in a bar in one night than on charging my phone for whole year. If the cost to charge it went up by 10x I would still be displeased though.
> If the cost to charge it went up by 10x I would still be displeased though.
Sure anyone would be, but... maybe don't choose .furniture[0] as the TLD for your own small private LAN DNS and don't have the unpleasant surprises?
The prices for the registrations (and renew) are going up steadily (just like everything else? inflation is a thing), but there is always an option to get the information about the renewal price upfront and maybe even use the multi-year sale.
Just looked in Dynadot's CSV, there are ~100 TLDs with sub $10 renewals and additional ~100 with < $15.
Also dug my records[1], privacy is baked in now, so the total effective rise is $1 for `.one` and... -$2 for `.com`.
While I personally would stick to reputable TLDs for anything you want to keep I still think that a 10x price increase on any TLD is super sketchy, especially when it isn't communicated up-front to buyers. My comment was just about those super high rises that to me feel like they are exploiting people who can't easily switch. It was not intended to be about slight price adjustments to match inflation, rising operating costs and the like.
The real question is: Why should people have to pay to some registrar for an internal-use only home network anyway just to avoid nasty security warnings – even if it's not very much by the somewhat dubious benchmark of "cheaper than a night of drinking"?
You always have an option to run an internal PKI, without paying anyone.
The public PKI is built on the public DNS system. If you want a cert to be trusted by default and don't want to bother with your own internal PKI then you need to leverage the existing public infrastructure, which doesn't give it away as a free beer but sells it.
Have you tried that with various devices these days? It's getting increasingly difficult to convince various mobile OSes to accept internal root CAs (largely for good reasons, but that's a different discussion).
> you need to leverage the existing public infrastructure, which doesn't give it away as a free beer but sells it.
No, it's the opposite these days. The existing PKI these days is free (Letsencrypt and others), but getting a public domain that any browser-acceptable CA will issue certificates for isn't. Your domain registration/renewal fees don't pay for that PKI.
I think it's urgently needed for browser vendors, the IETF etc. to get together and figure out a solution for accessing "mymediocreiotdevice.home" without a barrage of "zomg no HTTPS!!", "zomg self-signed cert!" etc. warnings, as these will only desensitize users further to actual problems on publicly-accessible sites.
This is what I said in the first place - public DNS is not free. The costs to get in range but the minimal isn't that much ($5/year to be precise), so the question is between any amount at and no at all.
It’s more the principle of the thing… if I buy a domain for $3 and it’s $30 next year, I’m just going to switch my stuff over to .com or .net where the price is predictable.
I did this for a while back when freenom existed. Then, I moved and learned that I was exceptionally lucky to have working loopback NAT in my previous house, and would have to split off a local.<domain> entry for clients on the internal network. No idea why most ISPs don't have routers that work like that.
I haven't bothered doing DNS auth to get certs since I started using paid domains.
Really nice workflow for a really common 3d print use case. I'd like to see the lid re-worked to print without support (the tall standing orientation is also asking for it to get knocked over). Not sure why they insist on 0.1mm layer height. That makes prints take forever.
It looks like it could be printed flat and they are forcing everything in one print. That also increases the chance of failure and maximizes the resulting waste. I have wasted enough material with long multipart prints that I limit myself to ~8h if I can.
Have half a dozen M5Stack based devices using ESPHome. There's a big community supporting that. When I tried developing using an IDE found them more troublesome.
ESPHome is really a game changer when it comes to developing IoT devices. Unless I'm working with some esoteric hardware like GPS or LoRA, I'll load ESPHome on the device for when I'm prototyping.
As much as I despise IDE's for embedded systems development, I've become quite a fan of the PlatformIO IDE solution .. its quite comfortable, and being able to switch to PlatformIO-CLI tooling has made for a "best of both worlds" scenario.
I was half tempted to get a quest after playing beat saber on a friend's device. it's kind of amazing how much better it is than the next best thing you could do on one, some team just knocked it out of the park designing and implementing that game
Pistol whip is pretty good too. Those two get your light saber sword fight fantasy, and the Matrix Gun-Fu fantasy :)
And though I haven't an athletic bone in my body, the fitness / boxing apps are actually a great way to get some exercise in.
Generally, quest 2 was one of the things I haven't had any interest whatsoever until after a year's campaign, my friend basically forced me to try it during a visit :-). I have one now, largely for those 3 apps.
The biggest difference between enigma and Lorenz was Lorenz was broken without seeing a physical machine. It was broken as a very long message was transmitted twice with minor changes. That allowed recovery of of the plaintext and key stream
If I use Redis software on AWS, am I getting the most value, or does AWS? Exactly by offering ready to go implementations of known open source projects, are they increasing or decreasing my AWS lock in? Does it even matter? If they didn't offer these, which are saving me effort (thus money) today, wouldn't I just be running these myself on an EC2 or ECS setup?
Wouldn't that apply to all cloud providers, not just AWS? All of them are heavily based on open source software, from Linux, KVM/Xen, and K8s to MySQL/Postgres, Kafka, Cassandra, etc.?
I don't think OP is right at all. Just because a company offers managed instances of any random FLOSS service that does not mean they are profiting out of that service.
From the customer standpoint, the choice is between running self hosted instances on bare VMs or use managed instances, and if managed instances are not available then they don't have a lot of alternatives. Managed instances are cheaper to run and operate, and are more reliable, thus it's more advantageous to use those services. For the cloud provider, they are getting paid either way.
It's not like function-as-a-service offerings, where cloud providers charge users a premium for computational resources that run on spare cycles and allow far higher utilization rates, thus getting paid in two or three different ways.
Hope they're able to protect their bandwidth