[1] https://www.arrl.org/news/russian-buzzer-disappears-chinese-...

It seems like you're saying voice encryption is not permitted, but data encryption is? This is not true in the US. Any encoding used for the purpose of "obscuring meaning" is not permitted on amateur frequencies. Even using code phrases like "the eagle has landed" is arguably not allowed. There are some narrow exceptions for things like satellite control codes, but nothing that applies to hobby mesh nets.

Here is the relevant Part 97 rule: https://www.ecfr.gov/current/title-47/part-97#p-97.113(a)(4)

> No amateur station shall transmit: [...] messages encoded for the purpose of obscuring their meaning, except as otherwise provided herein; obscene or indecent words or language; or false or deceptive messages, signals or identification.

Comments URL: https://news.ycombinator.com/item?id=46359568

Points: 1

# Comments: 0

> Jeff finished off the email mentioning the US GPS system failed over successfully to the WWV-Ft. Collins campus. So again, for almost everyone, there was zero issue, and the redundancy designed into the system worked like it's supposed to.

So failures in these systems are potentially correlated.

The author mentions another solution. Apparently he runs his own atomic clock. I didn’t know this was a thing an individual could do.

> But even with multiple time sources, some places need more. I have two Rubidium atomic clocks in my studio, including the one inside a fancy GPS Disciplined Oscillator (GPSDO). That's good for holdover. Even if someone were jamming my signal, or my GPS antenna broke, I could keep my time accurate to nanoseconds for a while, and milliseconds for months. That'd be good enough for me.

Weirdly, that number is different than Immich’s estimate of my photo library (95 GB vs 150 GB), but perhaps good enough to get you in the ballpark.

What I’m not sure about is how to backup things like iMessages, Notes, and my Contacts. Every time I’ve looked, it appears the only options are random GitHub scripts that have reverse engineered the iMessage database.

1. https://immich.app/

https://en.wikipedia.org/wiki/JBIG2#:~:text=Character%20subs...

Meta: recently it seems like the community has been way too loose with the downvote button, but I'm not sure if I'm just noticing it more because it's getting on my nerves, or if there has actually been a change in behavior.

> This allows for some interesting new deployment models for DuckDB, for example, we could now put an encrypted DuckDB database file on a Content Delivery Network (CDN). A fleet of DuckDB instances could attach to this file read-only using the decryption key. This elegantly allows efficient distribution of private background data in a similar way like encrypted Parquet files, but of course with many more features like multi-table storage. When using DuckDB with encrypted storage, we can also simplify threat modeling when – for example – using DuckDB on cloud providers. While in the past access to DuckDB storage would have been enough to leak data, we can now relax paranoia regarding storage a little, especially since temporary files and WAL are also encrypted.

The best you can do is check FARM if available and perform a long burn-in with something like badblocks. Then compare the SMART data before and after the burn in. Checking the serial number against the manufacturers database if available is also a good precaution.

These are probably things you should be doing whether or not the drive is allegedly new.

[1] https://www.heise.de/en/news/Hard-disk-fraud-Larger-disks-wi...

I took a second look at ad blockers on the app store, and many report that they collect various bits of data. Are you saying that there's a special content blocker component to all of these that can't collect data because they're isolated by iOS? I'm not sure how anyone who isn't a iOS developer is supposed to navigate this. To uBlock's credit, their App Store page reports that they collect no data, but is this enforced by iOS? Or just a checkbox that the developer clicked?

Personally I’ve settled on blocking at the DNS level with unbound and a blocklist. It’s not perfect but it limits the blast radius.

> is ordering via ssh secure?# you bet it is. arguably more secure than your browser. ssh incorporates encryption and authentication via a process called public key cryptography. if that doesn’t sound secure we don’t know what does. [1]

I think this is wrong though for exactly the reasons described in this post. TLS verifies that the URL matches the cert through the chain of trust, whereas SSH leaves this up to the user to do out-of-band, which of course no one does.

But then the author of this article goes on to say (emphasis mine):

> This result represents good news for both the SSL/TLS PKI camps and the SSH non-PKI camps, since SSH advocates can rejoice over the fact that the expensive PKI-based approach is no better than the SSH one, while PKI advocates can rest assured that their solution is no less secure than the SSH one.

Which feels like it comes out of left field. Certainly the chain of trust adds some security, even if it's imperfect. I know many people just click through the warning, but I certainly don't.

[1] https://www.terminal.shop/faq

[1] https://www.bee-link.com/products/beelink-eq14-n150?variant=...

I ended up going with TP-Link Omada and have been happy so far (a managed switch and wifi 6 WAPs). I am a bit concerned about their security track record given how bad their soho products are, so I ended up sticking with my opnsense router at the perimeter as the first line of defense.

I’m curious to hear what you think you’re missing out on with Omada.