This. Get in writing the specific legally binding policies for personal use of their network resources. Not just the personal opinion of the IT people. They don’t write the legally binding policy that you are responsible for following.
I get the idea of wanting that lifeline in case of an emergency, but I agree, constant tracking is toxic. I’d never give a corporation my kids’ information just for some small convenience like that. Basically selling their future for almost nothing. By the time they grow up, potential employers and governments will know every place they ever visited as a kid, even places that might have been technically trespassing or politically divisive in the future. Kids need to learn and explore and be guided on what’s right and wrong, not be punished for minor stuff they did as children their entire lives.
Yeah, other countries have similar or even more strict requirements, so yeah it all depends on the jurisdiction. You have to also understand that just hosting something externally, doesn’t mean you don’t fall under laws of another country. It’s the internet. And if you live in a country, you may be held responsible for obeying their laws. I’m not a lawyer, so it’s something to be careful of even if externally hosted.
This is especially necessary to consider if you live in the US right now. One of the things the current administration is pushing for even harder than past administrations is removal of Section 230 of the communications act that was enacted in the 90s. This provides a defense against liability for the content you host as long as you make a reasonable effort to remove content that is illegal. Problem is that this makes it really difficult to censor (maliciously or otherwise) content because it’s hard to go after the poster of the content and easier to go after the host or for the host to be under threat to stop it from being posted in the first place. But it’s a totally unreasonable thing, so it basically would mean every website would have to screen every piece of content manually with a legal team and thus would mean user generates content would go away because it would be extremely expensive to implement (to the chagrin of the broadcast content industries).
The DMCA created way for censors to file a complaint and have content taken down immediately before review, but that means the censors have to do a lot of work to implement it, so they’ve continued to push for total elimination of Section 230. Since it’s a problematic thing for fascism, the current administration has also been working hard to build a case so the current biased supreme court can remove it since legislation is unlikely to get through since those people have to get reelected whereas supreme court justices don’t care about their reputation.
So, check your local laws and if in the US, keep an eye on Section 230 news as well as making sure you have a proper way to handle DMCA takedown notices.
Are there any guides to using it with reverse proxies like traefik? I’ve been wanting to try it out but haven’t had time to do the research yet.
Not offering a solution here exactly, but as a software engineer and architect, this is not a Linux only problem. This problem exists across all software. There are very few applications that are fully self contained these days because it’s too complex to build everything from scratch every time. And a lot of software depends on the way that some poorly documented feature worked at the time that was actually a bug and was eventually fixed and then breaks the applications that depended on it, etc. Also, any time improvements are made in a library application it has potential to break your application, and most developers don’t get time to test the every newer version.
The real solution would be better CI/CD build systems that automatically test the applications with newer versions of libraries and report dependencies better. But so many applications are short on automated unit and integration tests because it’s tedious and so many companies and younger developers consider it a waste of time/money. So it would only work in well maintained and managed open source types of applications really. But who has time for all that?
Anyway, it’s something I’ve been thinking about a lot at my current job as an architect for a major corporation. I’ve had to do a lot of side work to get things even part of the way there. And I don’t have to deal with multiple OSes and architectures. But I think it’s an underserved area of software development and distribution that is just not “fun” enough to get much attention. I’d love to see it at all levels of software.
Problem is that unless the person was paid for contributing, what goods or services are being exchanged with the project. I mean if Microsoft received money from that person for a subscription or something I might see them having to ban the user and refund the money. But what did the project receive that would violate sanctions? Volunteer work is usually not covered or else relief organizations and religious missionaries would be banned and the US historically loves sending those. What am I missing?
Rust crates manifest file requires a license be set to be hosted on crates.io and the example manifest file uses:
[package]
license = "MIT OR Apache-2.0"
Something like the Java’s jar manifest doesn’t have a predefined license property for interpreters to parse. Maven has a property, but it’s not required.
Yes, but punish the government and those who support those governments. The majority of people who live in a fascist country do not agree with the government otherwise fascism wouldn’t be necessary.
I live in the US and I don’t agree with nor apologize for the anti-trans, anti-women, anti-immigrant, and racist policies the federal government has recently implemented. In fact many policies directly affect me and my wellbeing.
I voted against them, but unfortunately we weren’t given an option to vote for something better because of the way things work here. And many of these countries don’t even have that. Nor do I think anyone else who lives in or visits the US should be punished for the actions of its government. Same goes for any other country.
And in this case it looks like it may just be someone visited one of those countries sometime in the past, though details are scarce. I get then need to sanction people involved with the bad stuff, but people who just visit or live there with no other connection to the bad stuff is a little extreme. Especially since contributing to this project, for free, is not producing profit for or supporting any government.
I think its just that the language having built in licensing is a newer concept as opposed to just having a companion document. And MIT and Apache are the licenses the pieces of the language is licensed under, so they made those default. That way it’s a conscious decision to make it more restrictive.
I think it’s unlikely to be enforced for normal use. If you use them for spam or to store a ton of data or some other abusive usage, they might shit down your accounts, but it would be pretty customer-unfriendly to do that for someone with just two accounts and not abusing it. Most privacy respecting services are too young to have gotten to the screw customers, only short-term profit phase of capitalism.
I don’t think it’s Rust exactly. I think Rust is just newer and this attracts developers with less experience with licensing. It’s not really something developers want to think about very much so they often just use the default. Heck, most code on github, etc., didn’t have any licenses at all for a really long time until businesses realized they couldn’t use the code without them due to copyright laws being applied by default but patents not being default in many countries, etc.
There are consequences to using copyleft as opposed to more permissive libre licenses, and vice versa, that may not be well understood by a lot of developers in general until they get into a situation where it matters. Either their code can’t be used by people they wanted to sue it, or companies are abusing the code without proper attribution, etc.
Censorship isn’t bad in itself. It’s a necessary evil just like imprisoning someone who imprisons others. Both are removing freedom, but one was for the benefit of an individual and the other is for the benefit of everyone else in the society. Regulation of freedoms is always necessary.
Problem is these days the far-right tries to say all regulation is too costly. But if one innocent person loses their rights compared to millions of innocent people losing their lives, its a big difference. Similarly, someone abusing their right to speak losing their right is not the same as someone using their right to speak responsibly, losing it.
Last time I checked, it depended on where you live and if the laws in that area require them to allow you to delete certain information. It’s on the a cache thing, it’s in your account. You can set up a new account, but if you use other Meta applications like Facebook, WhatsApp, Threads, etc, you may have to abandon those as well.
Might be possible to use a VPN or something to pretend to be in a country that they allow to have more detailed deletion of data, but I’m not totally sure if it’s just your current location or if the account has to have been created in that location or of you can change your account-level location, etc.
If you want to keep your LDAP as the source of truth, then Keycloak is also a very good option. I did that originally, but decided I only had a couple of things needing LDAP and that wasn’t worth keeping it around. Authentik was a good way to emulate an LDAP but with a different back end. But Keycloak is definitely my recommendation in your case.
Keycloak. Took me a bit to learn the basics, but it has been way easier to troubleshoot than Authentik and has more features. If you need something that mimics LDAP rather than syncing with an existing LDAP, then Authentik is pretty good. I don’t use LDAP, though.
Primarily Lemmy and Mastodon to replace Reddit and Facebook respectively. Those are the only social media platforms I used extensively, really, anyway. And I’m hosting a Mobilizon instance to replace the lost event organizing of Facebook that moved to chat rooms on Signal for now.
Only the owner of a domain can publish a package attributed to that domain. Otherwise you’d have random hackers publishing malware as an Apache project or something. All you can do is try to contact the owner of the domain and see if they are willing to transfer ownership to you, or better yet, set up a nonprofit LLC, or whatever it’s called in your country, to have it transfered to.