sloppy_diffuser

I open the conversation with "Jmp.chat bot" in Cheogram. That particular conversation has two tabs, conversation or commands. On the commands tab I have "Buy account credit by...".

That is a good point, will have to check my benefits. Thanks!

The one that didn't die right array was also a botched update. Never got the firmware over email (Hisense). Vizio, Sony, and Samsung were the ones that died right after warrenty.

I use an external media box so I don't update them anymore.

Most startups I've applied to are Linux friendly.

I currently work for a fortune 100 and managed to get a Linux machine purchased as a "lab" machine.

I'm fully in control. IT doesn't even know it exists. I'm not allowed on the corporate network, but I managed to get some internal corporate access through another department's lab network (IT sanctioned) that has a VPN with a few routes to things like ticketing, time cards, and our internal wiki. Most of the stuff I need to do my job is in AWS and we are allowed to add home IPs to the security groups.

IT still gives me a MacBook. I use it like once every 6 months.

nixos-unstable is the only thing I will use currently.

I'm running bleeding edge stuff like the latest kernel, Hyprland nightly, my own "shell" built from Gnome components and lots of custom stuff using GJS (Gnome JavaScript).

If you get one, and you are free to do whatever on it, encrypt your drives like your job depends on it. I have a memorized passphrase, pin protected hardware key, and a key in TPM. No biometrics.

As far as other nice things to have:

• VPN: https://www.infradead.org/openconnect/ supports some common enterprise VPNs.
• Communication tools (Teams, WebEx, Zoom, Slack, etc.). I tend to have access to 90% of what I need. My team is thankfully accommodating for the couple features I have issues with. Make sure you test things like Screen Sharing especially in Wayland if you use it.
• VM: If you can get a corporate licensed image to run a corporate licensed version of Office, I recommend it. Office365 for web is missing a few features and often renders differently from native.
• Password Manager and encrypt everything. System is encrypted as previously stated. My home volume (BTRFS) is encrypted with a different key/passphrase. My work's sensitive files are encrypted yet again using rclone with different keys. I try to minimize attack surfaces by unlocking only what I need when I need it.
• Backups. I use rclone to backup to our corporate OneDrive. Nixos is immutable and I have it setup with impermanence where every reboot is like a fresh install if I didn't codify it my nixos-config which is tracked in git. I persist a few cache and setting directories in my home directory, but not much. I can restore my setup in like 20 minutes if I ever lost my machine.
• Virtual mic and camera for noise suppression and blurring for communication tools that don't have it built in.
• Evolution EWS works okay as an Exchange email client. I had to hunt some weird settings like tenant ID to get it to work. I've been using Webmail or Outlook in a VM more often though as of late.

I work in software dev as FYI. For the few issues I have, my team has more issues getting stuff working consistently on macOS for our project. I used that as a justification when requesting the laptop: my dev environment should closely match our runtime environment. Most of that is moot now since we use Nix flakes in our repos for local dev envs.

They also don't last. I've bought 6 flat screens since 2006. 4 have died, all in the second year of ownership. 3 of those died on month 13, 1 month after the warranty. 1 of those died the day after the warranty expired...

I swear they plan for them to die right after warranty or I just have the worst luck. Doesn't matter if I spend $500 or $3000+ on name brand. I started saving money on the last two that died by insuring them. At this point I'm just leasing them until they die.

Yeah I don't want locally deleted media (to free up space) to sync those deletions to my remote.

My crypted remotes wrap a B2 Backblaze one which doesn't delete, just hides. Periodically I go clean it up.

You are correct, fixed!

https://github.com/newhinton/Round-Sync. Not in any app store and have to download and install from GitHub.

It is an Android wrapper around ~~rsync~~ rclone.

Setup a remote, setup tasks, and setup triggers. Mine syncs every night. It supports encrypting with your own keys. Large number of remotes supported from self-hosted to cloud.

Looks good to me. Interface to Dest Ports are your match conditions. NAT IP/Port are the translations performed on each packet matched inbound and the Dest.

Traffic going the other way reverses this operation on the Src instead of destination.

That's an over simplification of NAT, but for basic port forwarding the general principal holds.

They can modify the DNS packets still. They aren't encrypted or signed so the authenticity of a response packet cannot be verified. Parental controls from ISP relay on being able to snoop and modify your DNS (and SNI from TLS ClientHello packets).

https://www.goodreads.com/book/show/1098624.When_I_Say_No_I_Feel_Guilty

Its dated and probably misogynistic given the period, but when I did read it many many years ago, the broken record technique is probably the one thing I do remember. It also had some role play dialog for how others may try and break the loop. I found it helpful at the time.

I think I read/heard something similar in one of the Love and Logic parenting books/ebooks. "Maybe so, but " comes to mind. Acknowledge the statement that attempts to break the loop, don't add any new information, and repeat the assertion.

LazyVim. Didn't have time to do everything manually when I wanted to cut over from regular vim. I have quite a few customizations on top, but its a pretty solid base. I use with neovim nightly via nixos.