Rent-to-own isn’t that common, even though maybe it should be. With most rentals (of anything) you have to keep paying indefinitely. That’s why there’s usually a cost/benefit analysis of renting vs owning.

Renting can sometimes be better for less tech-savvy people, since the company owns the equipment and is familiar with it, and will replace it at any point if it has issues

The article says you can still buy it at a retail store like Best Buy though.

All the data gathered by Cambridge Analytica was gathered through the public API though, after users had consented to share it (by logging into a quiz app that requested the permissions). That’s why the API is very locked down now, and the approval process to get any sort of data access is very strict.

The main issue was that they gathered data from people whose profiles were set to be visible only to friends. If someone logged into the quiz and granted permissions, their friends’ data was also accessible via the API.

With your idea, you either have to list a local IP in your public DNS record, or highjack your local DNS to point to the local IP. Both feel inelegant

The DNS recordz for your internal servers don’t have to be public - they can be only on an internal DNS server if you want to do that. Only the _acme-challenge subdomain has to be public. Let’s Encrypt does follow CNAMEs.

And you have to give your NAS write access to your API key of your DNS registrar

You can use a separate DNS server just for Let’s Encrypt, as it follows CNAMEs. I use acme-dns for this. Let’s Encrypt supports IPv6-only DNS servers so I have my acme-dns instance listening on an IPv6 address in the /64 range on one of my VPSes.

Makes sense - thanks.

Debian is ready - as of Debian Trixie (released in August 2025), all software in the official repo is being compiled with 64-bit time. https://wiki.debian.org/ReleaseGoals/64bit-time

For your home NAS, I’d recommend using Let’s Encrypt with Certbot. You can use it for internal systems, as long as you have a real domain name. Use DNS verification instead of HTTP. Renewal isn’t an issue if it’s entirely automated.

Doesn’t the water evaporate and become part of the water cycle? Water can’t just disappear? Maybe I’m missing something.

It would be good to cut down water usage… Not just for data centers but also for things like lawns and golf courses.

aggressively guard

tbh it’s a hard balance for any social media company.

Guard content too little and you end up with Cambridge Analytica, which was literally because the public APIs allowed too much access (third-party apps could see any data through the API that you could see through your Facebook account, including friends profiles). You also end up with headlines talking about big data leaks which really just end up being compilations of public data (which has happened to both Facebook and LinkedIn).

Guard content too much and you restrict users’ freedom too much.

It’s not too bad if you use an outbound SMTP relay for sending. SMTP2Go is pretty good, and they have a free plan with 1000 emails per month. I use Mailcow and you can configure relays in their web UI, but it works just as well with the sender_dependent_relayhost_maps setting in Postfix.

Sure, it’s not fully self-hosted, but the interesting part to self-host is the storage of your emails, not the sending (which will just relay through other SMTP servers along the way anyways).

That’s probably my fault for not wording it well. I edited my comment to say “they sell plenty of them” instead.

In my experience, no large business would decide to only accept encrypted inbound SMTP

For submission (connections coming from users that have an account on the server) or for relay/target (connections coming from other email clients)? All email clients support encryption so I think requiring encryption for submission is reasonable. Server-to-server (port 25) can’t have it enforced though, like you said.

SMTP is one of the worst protocols I have ever seen so widely used

It’s from a era where everyone trusted everyone else. All connections were unencrypted, spam protection and rate limiting weren’t needed, and security really wasn’t on people’s minds. Modern security and spam protection is hacky because it’s built on top of protocols that weren’t designed for it.

The other major issue with old protocols is that they’re stateful. Modern protocols are mostly stateless since it’s generally easier to deal with. They’ve also had more and more features hacked into them over time, so the specs are enormous.

There’s been one major attempt at modernizing it: JMAP. It’s stateless, uses JSON, and intends to replace both IMAP and SMTP. FastMail started the project. https://jmap.io/why-jmap/

However, they’ve only looked at the “easier” part to replace: Communication between a user and their email server. They’re not looking to replace server-to-server communication at all.

I’ve used that on automated systems. No need to worry about email quota and everything incoming is single-use input for other systems so there’s no need to store messages on the mail server

You can do this with IMAP as well, you just need to delete and expunge the emails. Any good email client or library will have an option for this.

POP is literally just downloading all the emails, then deleting them. That’s it.

You can’t have a script that only downloads emails that match a search (for example emails from a particular sender), since POP doesn’t support search. A basic use case is to check for bills/invoices from certain companies and import them into an accounting system, while leaving other emails untouched.

You can’t receive emails in real-time and have to instead poll, since POP doesn’t support real time notifications. IMAP supports IMAP IDLE.

If you have rules that filter emails into folders, you can’t download them via POP, as it doesn’t support folders.

For automated systems, if you don’t want to store the emails, you can configure the email server to pipe the emails directly to a script. That way they’re not stored at all, and your script gets them immediately rather than having to poll.

I used to use POP for some situations, but the protocol is extremely limited. I don’t think there’s anything POP can do that IMAP can’t.

Yeah, there’s no risk of the mortgage falling through, and not as much dealing with banks. I don’t really know the specifics but it was something I had to be aware of when buying my house. Luckily I was buying while it was a buyers market a few years ago, so prices were lower, fewer people were looking, and there weren’t any competing all-cash offers.

It’s $3/month more than Spotify, and you get both music and videos. That doesn’t seem that bad to me? Tidal is probably a better deal though, since it’s cheaper and all plans come with lossless (FLAC).

I’ve been using a Plex server with my own ripped CDs for a while. Jellyfin is good too. If you listen to the same music a lot of the time, why pay a monthly fee when you can just buy the album once, rip it to your server, and listen to it forever?

I love the libraries in my area because they’re well-funded and pretty much always accept requests for new content (books, movies, etc). If there’s a new book and they don’t have it, I can ask them to order it and it’ll usually be available within a week.

You can also set up a Jellyfin or Plex server and have your own streaming service :)

Even easier is https://monochrome.tf/

For Soulseek you should use a VPN that support port forwarding. AirVPN is the one that’s usually recommended.

Revanced works for Google Music too.