@pertho signal-desktop seems to work fine for me. I don't do video chats, but I have done screensharing. Granted, I'm on #HardenedBSD not #FreeBSD, but it should work just the same on FreeBSD.
signal-desktop is available as a port, btw, so no need for the linuxulator.
@bagder because you seem to me to be somewhat confused. Like statements like "if they're transparent, what's there to support?"
But, whatever, I already maintain a patch for #HardenedBSD users to remove the prohibition. The problem is solved on HardenedBSD.
@bagder Essentially, #curl commit 0ae0abbe72514a75c10bfc4108d9f254f594c086 broke updating #HardenedBSD packages for certain users who use HardenedBSD behind a fully Tor-ified network (a network that uses transparent Tor proxying).
Those users were unable to update their HardenedBSD systems since the package manager uses libcurl behind-the-scenes. Some of these users live in malicious environments (malicious to human life), with actively-exploited applications.
So, this prohibition had a real negative impact, putting our users in harm's way.
If curl had a way to bypass the prohibition, we would've been able to keep our users safe.
This is why I mention #Radicle: they, too, do not support the .onion TLD by default, but can be configured to provide that support.
Radicle has three options:
.onion domain lookups will fail..onion lookups succeed..onion lookups succeedcurl is missing that third option.
I wonder if there's qcow2 images of #BSD - like #HardenedBSD or #FreeBSD or something :3
85F outdoors, 73.2F in the #HardenedBSD dev/build infrastructure server room.
Looks like my suspicions were correct: we're likely going to have cooling issues this summer.
I'm probably going to start an official fundraiser for a mini-split HVAC dedicated for the server room.
I did some basic calculations last year, it would've come to between $5,000 USD and $7,000 USD. I'm thinking that might be a bit on the low side today.
Before I kick off any official fundraiser, I'll see if I can get any quotes, hoping for discounts for tax-exempt 501(c)(3) charitable organizations.
In the end, Exquisite.social was down for seven hours, from 13:30 to 20:30. I owe our members a sincere apology for that. So, incredibly sorry :flan_heart: And thank you for bearing with us - and a heartfelt gratitude to those whom reached out through different channels with supportive messages. You know whom you are!
With the migration done:
-stable and are good for the many upcoming years of this lovely community,The irony is not lost on me - by causing this downtime, we'd have way less downtime in the future :flan_XD:
Again, terribly sorry for this downtime and the inconvenience. And thank you for being a part of Exquisite :flan_heart:
h3artbl33d out.
🧵 4/4
In the end, Exquisite.social was down for seven hours, from 13:30 to 20:30. I owe our members a sincere apology for that. So, incredibly sorry :flan_heart: And thank you for bearing with us - and a heartfelt gratitude to those whom reached out through different channels with supportive messages. You know whom you are!
With the migration done:
-stable and are good for the many upcoming years of this lovely community,The irony is not lost on me - by causing this downtime, we'd have way less downtime in the future :flan_XD:
Again, terribly sorry for this downtime and the inconvenience. And thank you for being a part of Exquisite :flan_heart:
h3artbl33d out.
🧵 4/4
I updated our Cavium ThunderX1 arm64 server and disabled TCP Segment Offloading (TSO). The server has been building packages for over 24 hours now without networking issues.
I'm hoping the good luck continues. We may just be able to bring back #HardenedBSD arm64 support for the hardened/current/master branch.
To save monthly #HardenedBSD costs, I'm wondering about self-hosting our main site.
Right now, the main site is our one and only leased server (at a discount). Having this leased server enables us to still serve packages and hbsd-update builds even while the dev/build infrastructure might be offline.
Moving it to my self-hosted solution at home for the dev/build infrastructure would mean that applying updates to the infrastructure would cause a service disruption for our main site. That means for that maintenance period (which usually never lasts more than four hours), our package repos, our main site, our OS binary updates would be unavailable.
That's a bit sub-par, but there's a certainly a balance to strike between cost and availability.
I'm currently leaning towards "keeping the leased server", but it's still something I'm thinking about.
If you have any thoughts, I'd like to hear them.
The server powering the #HardenedBSD main site surpassed 10TB of traffic in April 2025.
The #HardenedBSD April 2025 status report is out! https://hardenedbsd.org/article/shawn-webb/2025-05-01/hardenedbsd-april-2025-status-report
@mms while I don't have any desktops, I do have several laptops running #HardenedBSD. :-)
I have two goals for this week:
bsdinstall(8) and we need to match.Looking forward to a #FreeBSD Hackathon weekend with a few fellow FreeBSD committers at a (not my) family retreat in Colorado.
Hoping to have a proof-of-concept patch for optional #rustlang userland components in base ready by the close of the weekend
I'll include this #hackathon in the #HardenedBSD April Status Report in the coming days.
The latest version of the #FreeBSD package manager (pkg) does a lot of extra work in determining dependencies, so much so that it's really prolonging our package builds.
We ( #HardenedBSD ) may need to scale back our monthly installation/updater builds to quarterly because of just how much the new package manager prolongs building packages.
The problem then becomes, what do we do when there's a #FreeBSD Security Advisory? We may have to adopt a more formal approach to handling security advisories for the base OS. That would be a good thing to have overall, but hasn't really been needed until now-ish.
Our exploit mitigations and security hardening techniques generally mitigate a large portion of security advisories, so waiting for the next monthly build has been an acceptable compromise. That changes if we go to quarterly builds.
Current status: Building a new version of #hbsdfw (a #HardenedBSD fork of #OPNsense ).
I"ll do a limited test deployment this week. If it works well enough, I'll publish it.
@AlexanderMars We've partnered with the fine folks at #Protectli to develop a fully open source and hardened system based on #HardenedBSD. You can find the original post here: https://hardenedbsd.org/article/shawn-webb/2024-09-23/hardenedbsd-and-protectli-collaborates-censorship-and-surveillance
This should arrive today for my home office: https://www.amazon.com/dp/B01FKOW4LS?ref=fed_asin_title
This will help me organize some of the smaller devices in my office, enabling me to keep my desk cleaner.
I'll keep the #HardenedBSD mesh network R&D devices in there. I'm somewhat thinking of pivoting to #ReticulumNetwork rather than using BATMAN for the censorship- and surveillance-resistant mesh network development.
This also means that, from a technological point of view, we're good to go to start hosting regular #HardenedBSD hacking sessions.