I honestly forgot that this game existed. I remember it being very well made, but I could never fully get into it for some reason.

For sure. What the aforementioned bits of information provide is the ability to be confident in the privacy of software if one were to treat it as a black box, ie an average consumer.

Hm, I feel that it’s inaccurate to say “we wouldn’t be able to tell”. It’s not exactly a black box system — the app would have to run on an operating system, and if you are able to know what the operating system is doing, and what instructions are being executed by the CPU, then you can know exactly what the app is doing.

What the aforementioned bits of information provide is the ability to treat software as a black box and be sure of its safety without having to fundamentally audit it.

Five Guys have better service that is free

It wasn’t free — they were charging money for it:

Jetflicks, which charged $9.99 per month for the streaming service

Yeah, take a look at the solution at the top of the post.

Windows -> Ubuntu -> Arch Linux

Without it being open source and not providing reproducible builds, the privacy claims are borderline weightless.

But it’s icky so many people still think it should be illegal.

Imo, not the best framework for creating laws. Essentially, it’s an appeal to emotion.

That’s a loaded question.

Alternate source: “Fed-up Texan changes name to ‘Literally Anybody Else’, runs for president” Global News (2024-03-26T21:05Z).

No it’s not — all it needs is an email. Just grab a temporary email, and you should be able to read it for free.

• EDIT (2024-03-25T05:39Z): These downvotes are interesting. I never said that there wasn’t an obstacle in the way of reading the article — there is (you have to provide an email) — but it is factually incorrect to say that the obstacle is a “paywall”. Perhaps my comment is being interpereted to say that the issue inconsequential (such a belief would most likely be viewed with contempt here); however, this wasn’t my intent. The solution is relatively straightforward, but I certainly will not deny that it is inconvenient and poor UX.

so might run into more roadblocks with its use.

This has been my experience with Podman. That’s not to say that these roablocks aren’t without reason, nor merit, but there is always a trade off of convenience when optimizing for security.

Podman is […] “better” because it doesn’t run as root, but other than that I don’t know of any advantages to it that are not a derivation of “it runs as a regular user”.

Podman can run in rootless mode (with some caveats), but it is still able to run as root — it doesn’t only have the capability to run as a “regular user”.

doas, afaik, was originally made for FreeBSD, so some of its features aren’t compatible with/haven’t been implemented for Linux. That may or may not be an important issue for you to consider.

I am curious what kind of performance you’re seeing for DNS requests considering how old and anemic the first gen Pi is

I haven’t done any rigorous tests to gather empirical data for an accurate comparison, but, annectdotally, it, at least, doesn’t feel any slower than when I had my router (Linksys E8450) resolving to Cloudflare.

I could be misunderstanding your comment, but you don’t seem to have answered my question of why I don’t see my rules anymore.

Now that it is up and running, do you think it’s is a good service?

That’s a good question. The service itself is well made — it functions as advertised, it has satisfactorily intuitive UX, a sizeable community, and a good amount of documentation. I’m not sure, yet, if it’s a service that I personally need — I set it up mostly for the benefit of others.

While you may not like the setup

The main pain points were the sparse, vague, and misleading documentation that I encountered — I understand that documentation is difficult, but for a company like Raspberry Pi, my standards, and expecations are quite a bit higher. I probably won’t use Podman anymore, as I don’t find its setup overly user friendly, currently, as compared to something like docker. I had never used Podman before, and I was considering switching my existing services over to it, so this was sort of meant to be a trial run on something with little impact. I will keep an eye on Podman, but I will stick with Docker for the time being.

do you enjoy the results?

I personally don’t notice its effects as much, but I do like what I’m seeing for others. It has also made me aware of some other issues that I’ll have to look into, so that is good.

It’s a raspberry pi 1. Those things have 256mb of RAM

The exact model that I am using, which I referenced in my post, actually has 512MB of RAM.

Given the extremely limited resources: why bother with containers?

While, from what I can see, containers virtually don’t add any resource overhead, it’s honestly moreso that I favor consistency. Containerization is well documented, it is well supported, and its behaviour (if one is familiar with the platform) tends to be more predictable than running a service natively.

See the post for the solution.