no Federation with instances that use altered versions or proprietary versions of AP.
It's especially funny given (the last time I checked) neither kbin nor lemmy actually followed the spec properly. They ignore the jsonld requirements and resort to field names, that, by the spec, should be dropped.
Edit: lemmy is actually good now!
I can easily imagine the future where “good” instances will then stop federating with the ones that don’t have threads blocked, all thanks to these lists.
isn’t threads already several times larger than the whole of the “fediverse”?
In iOS 13 or later and iPadOS 13.1 or later, devices may use an Elliptic Curve Integrated Encryption Scheme (ECIES) encryption instead of RSA encryption
(from apple docs).
If you’re curious about it all, I'd suggest studying some notes from the protocol researchers instead of taking to the pitchforks immediately. Here's one good post on the topic.
FWIW Sourcegraph chrome extension adds a neat “open in Sourcegraph” to github pages and SG is just superior. Why would you use Github's mediocre search either way ¯\_(ツ)_/¯
Regarding firewall stuff, disable it on your machine and you are fine.
How do you know OP doesn’t have a bunch of unsecured services sticking out into their LAN ready to be a target for the next cryptolocking scam?
Slightly sarcastic, but yeah, OP, do not just turn your firewall without understanding pros and cons of doing such. At the very least, see what your server exposes to the network (ss -tunlp will give you a good starting point), and see if there’s nothing unexpected in there that might be abused.
IANAL and you really should ask a lawyer about this. The answer very much depends on your work contract and country of residence (the latter due to the fact that some generic contracts’ statements might be legally unenforceable in specific jurisdictions).
I’ll throw in a random fact: the contract might say that whatever you write as a programmer is still company's property even off the clock and it will be legal in some US states.
I went looking into how that works, and, apparently, tailscale adds individual node routes (in table 52). So yeah, you have very low chances of getting into trouble even if you have an interface with 100.64/10.
Yeah, you’re absolutely correct. I misread that thinking OP would have the CG NAT endpoint and taikscsle on the same physical device, which, I still think, would be a problem: you'd have two interfaces for 100.64.0.0/10. But if CG NAT terminates on the modem and you run taikscale on devices connected to it them there's surely no issue at all.
Sorry, I meant the OPs modem.
I’m actually not sure you can easily get tailscale up and running om such as a setup as it uses the same cgnat ip range.
But lemmy doesn’t use “plain json”, it annotates some fields with the schema, just not all of them, which makes it a mess. You either do json-ld proper, or you don’t do it at all.