Not familiar with opnSense, but on your PC, you can check the address it assigns - if it’s /128, it’s a single address.

My ISP does not assign a prefix for delegation unless you specifically ask for it. I had to add “request_prefix 1” to my dhclient.conf file to get a /64 I assume opnSense has a friendly setting somewhere for that. For me, the key phrase was ‘prefix delegation.’ After I got that, I could search around and get my solution.

Pretty sure that reflects its stage in the legislative process, not support/opposition. i.e.: out of 100 bills that get introduced, only 1 becomes law.

Beyond “whomever holds the highest office at the moment,” there’s “whomever gets the biggest media coverage.” That might be Gavin Newsom, who’s not very popular, even in his home state. Bernie Sanders and AOC always get good coverage, but that’s partly because they’re so far outside the mainstream.

US isn’t really set up for singular leaders at the national level, which is part of what makes Trump so unusual.

Because US businesses will only compete and innovate if you force them. Leave them safe behind ramparts of protective trade policies, and they’ll keep coasting on 1990s technology, as the country as a whole slowly becomes a backwater.

Logging power use by my server was one of the motivators to add homeassistant. That also showed me that specific containers use a (relative) ton of background power. Immich and authentik each raised power consumption by 2-3 watts, so I leave them down unless I have specific need.

fud: Fear, Uncertainty and Doubt. A tactic for denigrating a thing, usually by implication of hypothetical or exaggerated harms, often in vague language that is either tautological or not falsifiable.

Making the government small enough to fit into every aspect of your life. No crevice too small.

Shelly makes miniature switches and power monitors that are small enough to fit inside a 1-gang electrical box beside a manual switch or outlet. It’s tight, but it’s a fair way to convert existing hardware. Zigbee/bluetooth/wifi https://us.shelly.com/products/shelly-1-mini-gen4

That’s just systemd adding a birthdate field to their userdb. Doesn’t require that it be filled out or accurate, and especially doesn’t require it to be validated against a government database. I don’t see it as fundamentally any different from adding a userdb field for favorite color, phone number, or blood type.

Without 3rd party validation, I really don’t see the privacy issue with an age field. Without verification, it is, at worst, one more byte available to hash into a unique identifier, but you can feed that field from /dev/random at every query and poison even that hypothetical.

If you only need it to be accessible inside your home, then you just need to run your own DNS. Have your dhcp point at your DNS and your DNS declare itself the master for your domain.

To get full functionality, you’ll probably want to have your registrar point to the public IP you get from your ISP as the domain’s authoritative name server.You should be able to script it to update the registrar when your ISP changes your IP, but that usually happens infrequently enough to do manually. Obviously can’t do that if you’re behind CGNAT.

To get Lets Encrypt certificates, you can do the DNS challenge. If your ISP gives you a (even inconsistent) public IP, you can do fancy ‘views’ with your selfhosted DNS, where it responds with private IPs inside your network and your ISP-given IP outside your network. I have certbot set up to expose my DNS & web server just before it starts its renewal process, then close the firewall after. Once you have the certificate, you can move it to where ever it will actually be used.

Get a 20x20x4" filter, and the fan will suck it right to itself. Don’t even need mounting materials.

To me, the nonstandard port is mostly nice for reducing log spam from scripts. The risk is that using a nonstandard port lulls one into a false sense of security and overlook good sshd practices. Good sshd practices will prevent the script-kiddies just as well as the non-standard port, while a non-standard port will not challenge a targeted attack. And, if you interact with multiple servers, it can be inconvenient to remember a different port for each one.

On the one hand, that reads like a lot of messages written by abusive parents to (mostly) blameless children. On the other, this one is directed at Pete Hegseth.

In the game, you have to improve your properties to charge more rent. In reality, the monopoly can reduce quality and raise price at the same time.

You can start by experimenting on your current computer. Install docker, get some service that sounds interesting, and just access it on localhost. You’ll miss out on anything the service does overnight or downtime, and you won’t be able to access it from off-site, but it’s a fine way to wet your toes and see how it goes.

Docker: https://docs.docker.com/desktop/setup/install/windows-install/

Photo library: https://docs.immich.app/install/docker-compose/

Some maintainers even provide handy windows installers

Media library: https://jellyfin.org/docs/general/installation/windows

My nephew has a new baby. Her parents are constantly waving their phones in her face; sending pics back and forth; generally doing ‘millenial things’ with their phones when not actively attending the baby. Then proceed to get all freaked out when the baby expresses interest or curiosity in the phone.

Kids mimic their parents behavior and interests. If you want kids with healthy internet use, you have to have parents model healthy internet use.

The trouble with living in a panopticon is that becomes suspicious to not be on a list.

I have a n ESP32 with a thermocouple stuffed down my (gas) oven chimney, so I can tell what temperature it actually is (about 40°F/20°C cooler than the dial).

I have one plugged into an addressable LED matrix, which has yet to get mounted, but will eventually be a closet/dressing light. There’s a few places where I’d like a ‘normal’ warm white light, with the option to switch to a blinding daylight for chores, and maybe a low-light, colorful animated nightlight.

I have a Pi-0w reading temp/humidity/CO2 in a grow tent that’s a good candidate for ESP32-ification. I have an air quality sensor plugged directly into a Home Assistant server that could go on ESP32 if I wanted it in a different location. Humidity in the bathroom, with a controller for the bathroom fan is another good candidate.

If I can come up with a good way to put them on battery, with a 6-12 month lifetime, then temperature in the attic, and on the input/output sides of the HVAC would be useful.

I only one I know about https://socprime.com/blog/cve-2025-27840-vulnerability-in-esp32-bluetooth-chips/ which is a bluetooth thing, presumably meaning that you’d have to be in bluetooth range to exploit it.

My paranoid concern is that I’m going to buy these $2 ESP32 boards from some unknowable Chinese company, and how could I know if there’s an extra, malicious supervisor element added. So, my ESP32 devices live in the ‘untrusted’ VLAN. They could, theoretically, discover each other and send their sensor data to some nefarious broker, but they don’t have microphones or cameras. I don’t even see how they could get enough information to discover my physical address, without cooperation from my ISP.

I was really intimidated by ESP32. Liked RPi, back in the 3b days, because I could comfortably sit in the python interpreter, play with sensor interfaces, and get immediate feedback of what & where I screwed up. Familiarity led me to RPi4 for libreelec and 0w for more sensors.

Recently took the plunge on some ESP32s, though, and, just…wow. I mean, I’m going through esphome, but every sensor and control I’ve checked is just a couple of lines of YAML away. And low enough power that I’m starting to think about batteries. ESP32 is still pretty intimidating for noobs, but the ecosystem that’s grown up around it is fantastic once you get over that hump.