Looks like I’ll finally get a reason to cut off another website I hate using, but never found the willpower to get rid off.

Good

Ever since I played watchdogs and shadowrun, I wanted to work in cybersecurity, especially as a Red Teamer, which is literally Shadowrun - you run complex ops that have to break in, and steal stuff from largre banks without anyone but the management knowing about the test, with almost nothing being off-limits, as long as it doesn’t cause some kind of damage.

Five years later, I do work as a Red Team Lead. Hpwever, our company was just scrambling to start doing RT since thats the buzzword now, and while we did have amazing pentesters, unfortunately pentesting and Red Teaming requires vastly different skills. Ypu never need to avoid EDRs, write malware with obscure low-level winapi, or even know what kind of IoC ajd detections will a command you run create, when you are doing a pentest.

But since no one knew better, and I love learning and researching new stuff, while also having Red Teaming romabticized, my interrest in it eventually led to me getting a Lead position for the barely scrambling team.

Mind you, I was barely out of being a junipr, with only three years of part time pentesting experience. It was NOT a good idea.

I quickly found out that RT is waaay harder and requires the best of the best from cybersec and maleare development. We didnt have that. Also, turns out that I love to learn now stuff and take on a challenge, but being a Lead also means you are drowning in paperwork and discussions with client, while also everyone from the team doesn’t know what to do and turns to me about what should we do. Which I didn’t know, and barely managed to keep learning it on my own. Our conpany didnt want to give us much time for learning outside of delivery, I was only working parttime, and I was slowly realizing that we don’t have almost any of the skills we need.

We were doing kind of a good job, most of our engagement turned out pretty well, but it was atrocious.

Turns out, I’m not good at managing and planning projects, or leading people. I’m better just as a line member.

This is actually a great question, in the context of the Fediverse.

Usually, every social network or forum has in their ELUA that anything you post is theirs, and you can’t do anything about i.e Reddit using your data to train AIs.

Hlwever, here, we’re on private instances of regular people. We can make our own rules, can’t we? If an instance would say that anything you post is copyrighted by the author, i.e by CC, would it be enforcable if someone would decide to scrape (or repost) the content for profit?

This is a great point, and I definitely agree, and I haven’t thought about it in this way. I don’t think that I’ve ever ran into a group where our expectations would be so much different that it would cause an issue, but it’s a great thing to keep in mind. Now that I read it again, I think I should add that I don’t think that it’s wrong to play RPGs as a board game, and I don’t really mind if someone does even in our group and I’m having fun either way, but I mostly felt like it’s a little bit shame that it may not even occur to some people that you don’t have to focus mostly on rules - since thats what most of the game book is about, and can do it differently, especially when you’re starting out. Which is also a good thing to keep in mind, to discuss and make the options and expectations clear before starting.

I agree, and I think that what may have also helped was that I was still basically a child when I was introduced to the dice-only RPGs. Also, it’s definitely way more difficult for the GM, which I was fortunate enough to have a really experienced and amazing one.

It’s true that if the whole group including the GM is starting out, going with something like Fate is better choice, which I also prefer nowadays. Or more experimental ones like Dread or the candles one.

I’m really glad that my first introduction to RPGs, when I was on a summer camp and like 13yo, was with a GM who didn’t use any rules (aside from a D10) and instead focused on RP, and resolved actions based on what exactly we described, intuition and a D10 roll without a set goal or number.

It has taught me an entirely different approach to pen&papers that has carried really well over to when I started playing more rules heavy systems, which is especially apparent when I play with groups who never really played without rules, where most of the combat or actions are reduced to playing a board game and a lot of talk revolves around stats and numbers, instead of on the RP, which is a shame. Which is understandable, since if your first experoence with RP is a rule heavy system, it’s not exactly intuitive to just ignore the stats and rolls, because they seem important.

I’m used to paying almost no attention to stats aside from vaguely knowing what my character is better at, and threat them and the rolls in same way as I did when starting - don’t care what are the odds, don’t care about the roll, I just start with describing an action I want to do and figure out the stats as an afterthought. And it makes for such a better experience, and I higjly recommend for anyone starting a new group or having inexperienced players - just go with a single d10 for the first session, and guess the results based on a vague gut feeling based on the situation and the number rolled. Its suprisingly intuitive once you start from the GM side, and it teaches the new players way better habbits in how to approach the game and what is important, that will stay with them even after they add rules to the mix.

You actually don’t need a Youtube Account, unless you are a paying subscriber to some creators!

Check out FreeTube, it’s a desktop app similar to NewPipe on Android, that allows you to subscribe to creators while still not requiring an account, and without ads.

As for Android, I don’t know what phone you have, but if you’re ever buying a new one, I highly recommend just getting a (paradoxically) Google Pixel and installing GrapheneOS. An older Pixel is OK, just check which versions are still supported and for how long on the Graphene website. And the installation is super easy, and can actually be done in a browser without any issues, and takes like 15 minutes.

I’ve recently switched to Graphene and it’s amazing. I have a separate profile for apps that refuse to work without Google Services, so they are contained, and additionally Graphene sandboxes the google play services, so they can’t do anything you won’t let them, in contrast to any other Android phone where Google Services can basically do whatever they want without any way to limit it.

I also run Mullvad VPN on my phone all the time, but I don’t think that it’s neccessary.

Its such a different experience compared to rules-heavy RPGs. Everyone should try it at least once, just to get a glimpse of what RPGs should be about, especially when starting. Its really sad when i play with players who spent most of the game talking about numbers and action names, and almost never RP.

Im not saying that its not possible to RP with a rules heavy game, and ive met a lot of amazing players who still put RP first, but for a lot of new players it can be hard to get used to it, and the rules and numbers take away the focus from it, to the point where they tend to play it as a regular board game, not realizing thats not what it is about.

It is difficult for the GM, that’s for sure. I was never competitive, so I didn’t mind just loosing for the sake of story or wasn’t invested in my character performing well - quite the contrary, I’ve always enjoyed underpowered RP characters more than all-powerful warriors, and just having one D10 to worry about introduced just enough randomness for it to still be interressting with critical misses, while also letting the GM to give us an experience that would be fun and enjoyable, because there are no rules that would say “you can’t do this”. And from my experience GMing one such game (on the same summer camp, once I was older), it’s surprisingly intuitive experience - I never really had to think about “Ok, how much for this skill check?”, but always just let them describe the action, roll, and then have a pretty clear gut feeling on whether it was enough or not. I was pretty nervous during that game, since it was one of my first time GMing and for people I didn’t know, and without a rule system to hide my decisions behind, but it just worked well and everyone enjoyed it.

But you are right, I now much more prefer some rules-light systems that give you and the GM at least some base to go on. Or Dread. Dread is the best system I’ve ever used, and to this day is one of my most favorite examples of unique and really clever game design.

My first experience with Pen&Papers was on a summer camp, where a bunch of older guys were mastering RPGs for us. They didn’t use any kind of rules system, and just told us to describe what we’re trying to do and they would roll a D10 and just kind of improvise from there.

I’m really glad they did that, because it made us, teens having their first experience with Pen&Paper, focus much more on roleplaying rather than rules and numbers. And even when I later switched to rule-based systems, this experience has stuck with me, and all of my friends who played there too, and even though we did have rules and numbers now, we still kept focusing on the RP side and never really paid them much attention.

I’ve once played with a new group of people at my new job, who were obviously used to playing with rules, and it was such a massive difference in how they approached the game. They usually thought and talked about numbers first, and then figured out some kind of RP to go with it, but it should be the other way around! The game felt so bland, most of the talk was OOC, and it just felt more like a board game than a Pen&Paper.

So, in my opinion, as much rolls as possible should just be done by the GM without the knowledge of the player. It just makes the experience a lot better. Even though I’m actively trying to pay no mind to the dice rolls when playing, and have no problem with separating IC and OOC knowledge, playing to entertain and not to win, just seeing that failed perception/WP roll will nag you and influence you, no matter how you try to avoid it. It’s better to just not know. If it would be feasible, I’d preffer for the DM to do all rolls in secret, and handle each players rules, just asking them for reaction if it’s appropriate. But that would be almost impossible and put a lot of strain on the already busy GM.

But, if you’ve never tried it, try running a session with no rules, and GM just rolling D10 and improvising of the number he gets, based on the action you’re describing. It’s a lot more fun, and especially for new players, it teaches them an important aspect of the Pen & Paper RPGs - the rules and numbers are there as an afterthought, you are not supposed to think about them. You are supposed to live and roleplay the character, describe his actions, and cooperate with others to build a nice and immersive story. And if it turns out that what you just described is something your character is bad at? Who cares, it’s going to be fun.

You are right I shouldn’t have equaled bitcoin with the rest of the crypto ecosystem. While most crypto is utter scam, it’s true that there have been some slight advances here and there, and there are coins that may be actually useful for some cases, mostly Monero and I suppose Ethereum. I’d still say that crypto has done more harm than good in the world, and I say that as someone who’s really focused at privacy, care about it a lot and have invested significant amount of time and effort into staying as private as possible.

But it’s great that Ethereum managed to solve most of the issues with Bitcoin - unless I’m mistaken, it’s not really used for investment speculation, and if it managed to keep the energy requirements low, that’s good. But last time I remember researching about blockchain (it was few months, so feel free to correct me), isn’t it running into serious issues with ledger size, that makes it infeasible for long-term (decades) of use, without sacrificing some of it’s guarantees? Which is one of the main issues with blockchain tech in general, that I don’t think has been solved so far.

I just hope bitcoin will finally die. It’s literally just wasting absurd amount of energy, only to allow scammers to scam billions of dollars from victims, and regular people to steal from eachother by investing into it. I mean, if the only use of bitcoin by now is for speculation and investment, then it means that any dollar you made, you literally stole from someone else who will be left with useless bitcoin once it’s all over. There’s no value, and with the ledger getting bigger and bigger, and bitcoin more expensive to mine, it will eventually be worthless. And we all know it, so anyone who makes thousands of dollars, there’s someone who probably financially ruined himself by making a wrong and stupid investment at the wrong time.

I hate crypto so much :D.

700kWh per transaction? That’s absurd amount of power. That’s 70 EUR of energy per one transaction at current (EU) exchange price.

Is there anyone here knowledgeable enough about this issue to say whether those numbers are correct, or just an overestimate? It feels wrong.

After several of my favorite songs disappeared from Spotify, I’ve adopted a different approach to music.

If I see on on a band show merch stand, I buy a cassette. It’s more of a novelty item and a way to slightly support the band. While I do have a portable tape player, I only rarely take it out. I switched from LPs to tapes because of the costs and huge effort associated with playing or storing them (that is, if you do it right are are not OK with fucking up your LPs), but tapes are cool and don’t have that many storage or playing problems.

Other than that, I’ve stopped paying for any kind of streaming services, and save the 10$ per month to just buy one or two (new or old) albums from my favourite artists on Bandcamp, that I’ve spend the last month listening to the most. The albums I buy I add to my NAS library, which usually replaces stolen copies of said albums that I’ve previously got from Redacted.

This allows me to keep a pretty expansive library, by just stealing what I need, but with a promise that I’ll eventually buy the album (using the money I saved on streaming services), if it’s something that I’ve listened to extensively. I’m also not at mercy of streaming services, that can take away my music whenever they decide to.

So far I’ve been doing this for a few years, and even increased my budget for just buying albums if I can’t immediately find them on Redacted.

You will probably have to get a domain, but some of the ugly TLDs can cost few bucks for a year, so it’s not that bad.

As for being able to access your Nextcloud from outside, if you don’t use it to share large amount of data often, I recommend looking into Cloudflare Tunell. It’s pretty easy to set up, and allows you to not only put a configurable firewall in front of your Nextcloud instance that you can for example geoblock traffic from other countries, but you also don’t have to deal with port forwarding, DDNS, or exposing your home network directly into the internet.

The setup is simple, you just download their cloudflared service, install it with a token generated in their web management (that ties it to a domain and tells it what port it should expose) on your Nextcloud machine, and it will automatically connect to Cloudflare server that will act as a port forward, but without you having to expose anything on your home network directly.

I don’t really access my Nextcloud from the internet that often, don’t use it to stream or share large files with large number of people, so I never had issues with it. But I’ve been told that it’s against Cloudflare ToS to use it for large data sharing, streaming or high-volume data transfers, so keep that in mind.

But it’s perfect for accessing my Home Assistant and Nextcloud when I need it.

Nigel Stanford has some amazing videoclips. I love Robots vs. Music the most (especially since the tune and the whole Automatica album is amazing), but Science vs. Music is also great.

And he also did a few making of videos. While I’m sure most of the final result is CGI anyway, it’s still a nice touch.

I work part-time as a game developer, and part time as a pentester, so I do search for technical questions quite a lot.

Hmm, now I wonder whether I’m just used to it. I haven’t used any other search engine in more than a year. I’ll have to compare the results more, but as far as I remember every time I couldn’t find what I needed on DDG and resorted to !g, the Google results were even worse.

I’ve just switched to it literally yesterday, and while you will probably not avoid Play Services, being able to install it into a different profile that’s only limited to the few apps that need it is nice.

Also, just the fact that on Graphene Play Services do not have the special privileges as on any android phone, and are subjected to the same limitations as any other app (which are even stricter on Graphene) helps a lot. It also means that even if you end up just running the play services at all times, they can’t do as much as they can on other android phones, and the data they can access without your explicit permission is really limited. So, even that helps by a lot.

While I don’t believe you can degoogle that quickly, because some of their services take quite some time to properly switch, such as email, in the end it’s not too hard, but just takes time and some work.

Changing email is easy, if you don’t mind it being a slow process. Just forward your google email, and start slowly replacing any service you notice in the following months/years to your new address.

Google Drive is harder to replace, I went for just running a NAS with Nextcloud, which takes care of most of Google Drive/Docs/Calendar stuff. If self-hosting isn’t your cup of tea, Proton is slowly setting up usable google alternatives - they have Drive and Calendar IIRC.

Now for phone, that’s the hardest task. You wouldn’t help yourself by getting an IPhone. While it would de-google you, there’s basically no point in switching google for apple. Getting android to be usable for stuff like banking, MFA and other bullshit you need your phone for while being degoogled is hard, due to the bullshit Google Services. The only solution I found is to either just go with dumb phone with an obscure OS, or just get a Google Pixel and run GrapheneOS.

Maps are another issue, but thankfully we have a local https://mapy.cz/ , which is a pretty OK alternative to Google maps for our country, and I guess they even work worldwide. I don’t drive a car, so I don’t really need it that often.

The only remaining Google service I use is GCloud VPS, because I have some websites running there on the free instances that I’m too lazy to move. But I’m slowly migrating it to Amazon. Not that it would help much, anyway. And also Youtube, but I’m trying to go through the alternative front-ends as much as possible.

And for browser, I’m using https://mullvad.net/en/browser. Fuck chromium.

If you have a Pixel, why not go all in with https://grapheneos.org/?