I host Synapse using this playbook. I can highly recommend it - the instructions are very clear and detailed and ongoing maintenance is straightforward too (just git pull and redeploy, and 5% of the time modify a deprecated variable).

As for how to delegate to a subdomain - that’s covered here. Basically - you set it up on matrix.example.eu and then have a “well known” file hosted at example.eu that tells other clients/servers where to look.

I agree with parts about entitlement. The expectation of support and treatment of open source software as if it was proprietary is a real problem.

But, the authour makes a similar mistake - they conflate open source software with source-available (proprietary) software. As an example, I strongly disagree with this part:

When software is open-source, it is open-source, not necessarily free and open-source (FOSS), and even if it is FOSS, it might still have a restrictive licence. The code being available in and of itself does not give you a right to take it, modify it, or redistribute it.

If you replace it with this version, I am happy:

When software is source-available, it is source-available, not necessarily open source or free and open-source (FOSS). The code being distributed under a source available license does not give you a right to take it, modify it, or redistribute it.

I think it’s really important that we keep a clear delineation between free/open source software on one side, and source-available (proprietary software) on the other.

A lot of companies are trying to co-opt and blur the meaning of the term so they can say “seeing the source was always the point, none of the other freedoms mattered”, in order to sell you proprietary licenses.

Open source gives you the right to take, modify and redistribute it. Source available does not. And that’s ok, just please don’t blur the terms together.

even if it is FOSS, it might still have a restrictive license

Likewise, this is definitionally untrue. The whole purpose of FOSS is to give you the four freedoms.

For services only I depend on, I have production-only. Since I can only inflict damage on myself, and can often work around problems.

For the XMPP server my friends and family also depend on, I have a dedicated nonprod VPS. My services are driven by ansible playbooks, so I’ll tweak the playbook with whatever change I want to make works in nonprod, before running the same playbook against prod.

Whenever there’s a new Debian Stable release, I’ll rebuild the servers completely, to try and prevent “drift” between the nonprod and prod versions (not that I change things often enough for this to become a big problem). This is also the big test of my backups, which so far haven’t been needed in a “real” emergency 🤞

Distributions handle this for you. Installing your software through a distro, instead of getting it from each individual software authour, means that you trust one organisation instead of hundreds of individuals.

For instance, Debian has a strict set of guidelines for Debian developers (who have the right to upload packages). They will be familiar with the software they are packaging, are often independent from the upstream authours, and are expected to check the package for various issues, including licensing, security, version incompatibilities etc. In addition, every upload is signed, so you can see who is responsible for everything.

And when something slips through, as almost happened with xz, the analysis and recovery all happens completely in the open. There may not have been enough eyes on xz to prevent the vulnerability in the first place, but once it was discovered, there were at at least hundreds of people dealing with the aftermath, all in the open.

Compare this with proprietary software, where you’d be lucky if such a vulnerability was even disclosed, vs just silently patched.

I can highly recommend Mythic Beasts (UK).

There is no upsell or variable pricing and they make money by charging a flat rate on top of the cost from their supplier. See this blog post for more info

I would love for such a fund to invest very liberally in these companies, on the condition that anything it funds must be free and open source - public money, public code! The only way to take down these giant US companies is to work together, and the most effective way to work together is to release everything in the open in such a way that anyone can build on top of it.

If the money just gets funneled into these companies so they can build their own lock-in, the EU would be recreating the same dependency on a few small companies that happened in the US. It wouldn’t increase productivity in the long run, it would instead substitute dependency on a few US companies for a few EU companies.

But, if they invest in open source software, it could spur innovation not only in the companies that are directly funded, but also thousands of other companies throughout the EU that would now have common infrastructure that they can build on top of.

That’s good news, in my opinion. If they’re allowed to just completely disregard copyright when training, then I should be able to completely disregard any attempted copyright on the output too.

Another benefit to postmarketOS is that it runs (close to) mainline linux.

In the android world, vendors fork linux, put their own (often badly written) patches on top to make the device work, and then stop maintaining this fork after a few years.

postmarketOS carries as minimal patches as possible and actively works to mainline what remains. This makes the “10 year support” goal very achievable, as once a device has mainline support, it will get updates as long as the linux kernel itself is maintained.

By making everything standard and relying on the upstream kernel and linux stack as a whole, any improvements made to phones also benefit laptop and PC users, and vice versa. So, we have one big platform that can support any kind of device, sharing resources so everyone benefits.

I donate to Ladybird and Servo, and I hope they succeed. We need serious competition and a check on Mozilla (not to mention Chrome and Safari).

That said, I’m sad that neither Ladybird or Servo are licensed under strong copyleft licenses. We need user-oriented browsers now more than ever, and strong copyleft enables that. I worry that, even if these engines are successful, they will be co-opted by proprietary browsers and eventually superseded by them.

This happened before - both Chrome and Safari ultimately derive from KHTML, Konqueror’s browser engine. If KHTML had been licnesed under the GPL instead of the LGPL, Chrome and Safari (and not just their engines) may have been free software today. Or, at the very least, it would have been much more difficult for Apple and Google to get started.

That said, I wish Ladybird the best. There donation = no influence policy is excellent, and I really, really hope they can stick to it in the long term.

I made a comment about this on another thread, see this comment.

You can do this using JMP Chat, which bridges phone numbers to XMPP. Unfortunately, it’s USA and Canada only, for now.

Alternatively, you can use a “SIP Trunk Provider”. For instance, in the UK, Andrews and Arnold offers this service. You can then connect any compatible SIP client (e.g. Gnome Calls).

I’d prefer having both analogue and digital options for things, but I’m fine with requiring technology, as long as open standards are used throughout. That is the only way to ensure equal and non-discriminatory access.

You should never have to use any particular piece of software, or be forced to sign a terms of service, to go about your daily life. Requiring an app for everything only entrenches iOS and Android, and most apps really don’t cater well for people with disabilities or other requirements.

Meanwhile, open standards allow a variety of software to be built that can cater for everyone’s needs.

I’ve used Mobian stable and pmOS stable on both the Librem 5 and PinePhone Pro.

I also can’t give in an-depth comparison, but apart from the obvious (differences in available packages, versions and OpenRC vs systemd), I found them basically identical. Both had difficulty keeping the modem connected for more than an hour at a time, but otherwise did everything I expected (wifi, text messages, mobile networks, adaptaive apps, cameras, music/podcasts, etc).

For now, I’m sticking with pmOS, as, for the current stable version, Mobian doesn’t offer prebuilt Librem 5 images with full disk encryption support (I can’t remember why - this is specific to the device, and I’m hoping it will be fixed in the next release).

This affects me a lot day to day. I have a phone, but it runs postmarketOS, not iOS or Android. It really shows me the importance of open standards. I feel that every business should be required to support open standards for each of the services they offer.

For me, buying train tickets used to be ok, but is getting harder now. Some train operators are really pushing you to use their app now, and getting rid of the option to download a PDF. It really frustrates me: it’s not like it costs them more to offer PDF download - if anything, it’s much cheaper to offer that functionality than to build and maintain an app for iOS and Android.

Back when I had an Android phone, I used Monzo, and it was so easy to send money to friends, set up standing orders etc. I wish they offered a proper web interface. Now, I use Natwest’s online banking, and it’s a real pain - I use the card reader to authenticate, then the website logs me out seemingly every 2 mins of inactivity. Some features, like pre-notifying that you’ll be travelling abroad, are only available on the app. I only see this trend continuing.

The concert tickets example in the article is insane to me. I can’t think of a use case that is better suited for PDFs, and that’s what we’ve been doing for the last 10+ years without any issues. It really is user hostile and excludes people on the edges of society who don’t fit, for whatever reason, with what the 80-90% do.

Yes, me too! But, only if I have the autonomy to improve things where I can. Otherwise, I just find it demotivating

I agree, it’s a great UI in terms of speed and no JS, but it’s not super intuitive and not helped by the way it’s been split into modules.

Basically, each subdomain (git.sr.ht, todo.sr.ht etc) doesn’t link to the others - the only one that links everywhere is the root “sr.ht”. You can think of sr.ht as a “hub” that links to the others. So - to take an example:

• You can open “tickets” (todo.sr.ht) from https://sr.ht/~delthas/senpai/
• But - if you click on “source” (git.sr.ht), the references to the other pages anymore (including back to the hub)

So, in your case, if you replace git.sr.ht with just sr.ht in the URL, it should take you back to the “hub” for that project. Then, if the tickets feature is enabled, you should see a link to “tickets” there.

To answer seriously: unfortunately, the UK is one step ahead with the Online Safety Act. They’ve already given Ofcom the power to enforce client-side scanning. Ofcom themselves are deciding whether they want to use this power yet and this should happen sometime next year.

The frontends provide other benefits on top of just privacy - e.g. invidious lets you watch youtube videos without javascript, download videos directly on some instances, etc.

Just as a warning, this is licensed under the AGPL, with a CLA that requires copyright assignment. So, they could pull the rug at any time:

2.3 Outbound License. Based on the grant of rights in Sections 2.1 and 2.2, if We include Your Contribution in a Material, We may license the Contribution under any license, including copyleft, permissive, commercial, or proprietary licenses.

On iPhone, I recommend Monal.