That’s fair, but since OP doesn’t have the machine to immediately check the model number, and 2010 is within spitting distance of 2012, I figured I’d provide some additional info, just in case it’s older than originally estimated.

That said, a 2010 machine would be fairly ancient. But then again, it’s 2026 and DDR3 is somehow relevant again…

If that MacBook is old enough that it’s part of the first generation of Intel Mac products, you may have to do a few extra things to account for the 32-bit EFI – not UEFI; that would come later – that those machines used. I recall dealing with this myself, back when older versions of Ubuntu provided the ISO for specifically this scenario. Instead, you might want to review this page which describes the problem and how to address it: https://ctrl-alt-rees.com/2024-08-13-operating-system-options-for-32-bit-efi-mac-macmini-11-21-macbook-imac-64-bit-usb-install.html

Note that a 32-bit EFI does not prevent you from installing a modern 64-bit OS. The complexity is just with getting the system to boot from the installer disc.

Ok, I’m curious as to the DPI claims. Fortunately, AmneziaWG describes how it differs from WG here: https://docs.amnezia.org/documentation/amnezia-wg/

In brief, the packet format of conventional WireGuard is retained but randomized shifts and decoy data is added, to avail the packets with the appearance of either an unknown protocol or of well-established chatty protocols (eg QUIC, SIP). That is indeed clever, and their claims seem to be narrow and accurate: for a rule-based DPI system, no general rule can be written to target a protocol that shape-shifts its headers like this.

However, it remains possible that an advanced form of statistical analysis or MiTM-based inspection can discover the likely presence of Amnezia-obfuscated WireGuard packets, even if still undecryptable. This stems from the fact that the obfuscation is still bounded to certain limits, such as adding no more than 64 Bytes to plain WireGuard init packets. That said, to do so would require some large timescales to gather statistically-meaningful data, and is not the sort of thing which a larger ISP can implement at scale. Instead, this type of vulnerability would be against particularized targets, to determine if covert communications is happening, rather than decrypting the contents of said communication.

For the sysadmins following along, the threat of data exfiltration is addressed as normal: prohibit unknown outbound ports or suspicious outbound destinations. You are filtering outbound traffic, right?

Insofar as USA law might apply, it may be useful for you to review the legal case involving Internet Archive’s CDL program: https://en.wikipedia.org/wiki/Hachette_v._Internet_Archive

Since the realm of copyright law is inextricably tied to the question, I’m going to try to clarify some points. Firstly, “theft” has never been the correct legal analogy for copyright infringement. That misconception comes from a false equivalency in the late 20th Century to warn would-be infringers of the steep penalties; many Americans will remember the phrase “you wouldn’t steal a car”, even though the feds cannot charge copyright infringement as theft (which requires a tangible, non-duplicable item, like car theft or wage theft).

In the US at least, it’s illegal to stream movies you don’t own or don’t have the license to stream.

Only the second part is correct: all copyrighted works are used per the license granted from the owner. Such a license may restrict the format that the work is delivered, but not always. The license that accompanies physical media is: 1) irrevocable, and 2) follows the disc’s owner (recognized in USA law as the “doctrine of first sale”). So long as the disc is owned and intact, the license is good. Furthermore, under “fair use”, it is allowed to make copies of works for either: a) time shifting (ie recording a live broadcast to watch it later) or b) to change the format, aka compatibility. The latter is why it’s allowable to rip a DVD into a personal Jellyfin server. It’s valid so long as the license is still good, which applies so long as you still own/possess the disc.

By participating in the co-op, when you stream a movie, ownership of that physical media and the digital copy is temporarily transferred to you.

Two counterexamples come to mind, the first being the Internet Archive case that I linked earlier. The second is a Supreme Court ruling against a company that rented miniature TV receivers located in metro areas across the country. In that case, SCOTUS found that although it’s fine to rent out a TV receiver, the license for the over-the-air transmission was only valid within physical range of the signal. So conveying the TV content beyond the metro area created a copyright infringement, and the company was actively facilitating that. That company doesn’t exist anymore, due to the crushing legal liability.

They are expensive for the library and don’t have great selection

Most libraries are funded from a budget, and negotiate e-book and e-movie access based on an approximate estimate of concurrent users, not on a per-user basis. Otherwise, those libraries would have uncontrolled costs if everyone decides to stream Die Hard (1988) at the same time on Christmas Day; it’s definitely a Christmas film. Quite frankly, most libraries would be thrilled if more people obtained library cards and used the services, because it justifies the budget for the library and proves its value to the community.

If you aren’t finding the content you want at your library, the best thing to do is to request what you want. Libraries are always buying new materials or access to more services. But unless library cardholders voice an opinion, the librarians will just choose generically. Be the change you want to see.

Technologically, creating a co-op is always an possibility. But always remember that the very concept of a public library is “grandfathered” and if we had to reintroduce it, the establishment would never allow it. Cherish libraries as the crucial community resources that they are. The precise form might change, but the library role must always endure.

TL;DR: the idea is legally unsound. Instead, buy discs to form a community library and share the discs, basically a Blockbuster co-op. Or advocate for a better public library.

Because of the AI-induced scraping traffic? While not perfect, Anubis and similar are coarse-but-effective solutions for self-hosting repos.

And if it it were acceptable to outsource such protection to a CDN (eg Cloudflare) in order to retain firm control over the repo, then that’s a choice that’s also available. Not everyone agrees that CDNs have a role in self-hosting – fair enough – but when a project’s very repo and existence can be wiped off the internet, owning a domain name and the affirmative upstream repository is a tractable and intermediate goal, even if it doesn’t achieve full independence.

Self hosting is an exercise in harm reduction.

I’m of the opinion that hashtags are one of the most egalitarian things recently devised, because they require no advanced arrangements to use, can be created by anyone, can by adopted by everyone, and are amplified solely by their enduring usage. It is very much a popularity contest if a hashtag comes into vogue or if it is abandoned and something else is used, or maybe the specific community isn’t as large as imagined. So for any given hashtag, I’d say just try it and see if it sticks. The Internet Police will not issue citations for improper hashtag use.

As for the underlying exercise of inviting LinkedIn people to break into your homelab, I’m not sure I see their incentive to do so. Why would unsolicited people (as in, not the AI bots) have any interest in doing so? If they had the chops to break into a network, why expend that time and effort for bragging rights, when instead that sort of work is billable?

As a general rule, I’m not thrilled when there’s an implicit assumption that other people’s labor is being valued at $0.00/hr. There’s a fine line where it might be OK to ask an expert for a bit of help or advice, but the premise of your request is to get pentest professionals to do work for no compensation, and it’s not even for a charitable, educational, or otherwise enriching purpose. Why should they?

I’m reminded of the email exchange referenced in this blog post, where an “unbreakable” encryption scheme is presented to an audience of highly capable cryptographers, and they proceed to demolish the scheme as being wholly broken, because the person who presented it could not take no for an answer. Do not be like this person.

In American English (AmE) and British English (BrE), the verb “to table” is used in legislative debates. But the meaning is diametrically opposite: AmE uses the verb to mean the abandonment of a bill, analogized as though leaving it on the bargaining table to rot. Whereas the BrE verb means to introduce legislation, as in “bringing a bill to the table”.

Both clearly share the same origin – a piece of furniture – and yet diverged as to what act is described by the word.

Other confusion arises from the verb “to sanction” which can mean “to allow” but sometimes also “to prohibit” or “make punishable”.

And a more modern addition in slang vernacular: “to drop”. In the context of artists, “dropping a mix tape” would mean to introduce new music. But “dropping a vocalist” means that the band has fired their singer. It would be confusing if both uses were found in the same sentence.

TIL the EAS broadcast on WX band doesn’t include a digital sub carrier with a text version of the audio warning. That’s an amazing omission, since even the nationwide timekeeping signal out of Colorado has both an audio and digital mode.

Admittedly, I haven’t finished reflashing my formerly-Meshtastic LoRA radios with MeshCore yet, so I haven’t been able to play around with it yet. Although both mesh technologies are decent sized near me, I was swayed to MeshCore because I started looking into how the mesh algorithm works for both. No extra license, since MeshCore supports roughly the same hardware as Meshtastic.

And what I learned – esp from following the #meshtastic and #meshcore hashtags on Mastodon – is that Meshtastic has some awful flooding behavior to send messages. Having worked in computer networks, this is a recipe for limiting the max size and performance of the mesh. Whereas MeshCore has a more sensible routing protocol for passing messages along.

My opinion is that mesh networking’s most important use-case should be reliability, since when everything else (eg fibre, cellular, landlines) stops working, people should be able to self organize and build a working communications system. This includes scenarios where people are sparsely spaced (eg hurricane disaster with people on rooftops awaiting rescue) but also extremely dense scenarios (eg a protest where the authorities intentionally shut off phone towers, or a Taylor Swift concert where data networks are completely congested). Meshtastic’s flooding would struggle in the latter scenario, to send a distress message away from the immediate vicinity. Whereas MeshCore would at least try to intelligently route through nodes that didn’t already receive the initial message.

Very interesting! Im no longer pursuing Meshtastic – I’m changing over my hardware to run MeshCore now – but this is quite a neat thing you’ve done here.

As an aside, if you later want to have full networking connectivity (Layer 2) using the same style of encoding the data as messages, PPP is what could do that. If transported over Meshtastic, PPP could give you a standard IP network, and on top of that, you could use SSH to securely access your remote machine.

It would probably be very slow, but PPP was also used for dial-up so it’s very accommodating. The limiting factor would be whether the Meshtastic local mesh would be jammed up from so many messages.