Now run an emulator within an emulator for extra acceleration.

If you don’t already, use version control (git or otherwise) and try to write useful messages for yourself. 99% of the time, you won’t need them, but you’ll be thankful that 1% of the time. I’ve seen database engineers hack something together without version control and, honestly, they’d have looked far more professional if we could see recent changes when something goes wrong. It’s also great to be able to revert back to a known good state.

Also, consider writing unit tests to prove your code does what you think it does. This is sometimes more useful for code you’ll use over and over, but you might find it helpful in complicated sections where your understanding isn’t great. Does the function output what it should or not? Start from some trivial cases and go from there.

Lastly, what’s the nature of the code? As a developer, I have to live with my decisions for years (unless I switch jobs.) I need it to be maintainable and reusable. I also need to demonstrate this consideration to colleagues. That makes classes and modules extremely useful. If you’re frequently writing throwaway code for one-off analyses, those concepts might not be useful for you at all. I’d then focus more on correctness (tests) and efficiency. You might find your analyses can be performed far quicker if you have good knowledge about data structures and algorithms and apply them well. I’ve personally reworked code written by coworkers to be 10x more efficient with clever usage of data structures. It might be a better use of your time than learning abstractions we use for large, long-term applications.

I really liked how coupling is described as “knowing.” I find we talk about “does x need to know about y?” more than we do “is x overly coupled to y?” because the former is a relatable indicator of the latter.

I use a UK keyboard, | is pretty easy to access and $ is Shift+4.

I’m guessing you mean more exotic keyboards. I’ve used a Swedish keyboard while helping a friend and I had to ask where every key was. You probably just learn the combinations eventually.

I agree. I use Proton and I have exactly one service which supports GPG. It’s a cherry on top but it’s not all that useful.

The big thing is to use a trustworthy service that you pay for. It’s not bulletproof but at least the incentive is there to keep your email private and away from advertisers.

Funny, that’s in line with the $1 a year WhatsApp was going to charge.

Sounds like just $5 will pay for me and 4 others, so that’s nice.

Have you seen the Star64?

Yeah, I think that comes from the developer having high standards for hardware security. The effort put in is a waste if the hardware fails. I would have thought Samsung would have been suitable too, though.

What about /e/OS or plain old degoogled Lineage? I like it as a phone OS, it’s just a shame the app ecosystem is so dependent on Google’s services.

I need to get into NixOS but I have a similar variation on servers: ansible for state of systems, Borg + Borgbase for data (kept in /srv) and code (including ansible) are in Git.

The separation between data and state is really great. You want to be able to go from a base install and only bring in everything which makes your setup different.

Even some shops working with Windows Server are asking “wait, why are we paying for these licenses?”

Then it comes down to whether it’s cheaper to rewrite legacy applications or continue to pay for licenses.

Yeah and ARM servers are cheap. You can often get twice the processor cores and memory for the same price.

That doesn’t always map to twice the performance, though some benchmarks would suggest it could for certain applications.

I don’t even mind the shortened arguments too much, though it doesn’t help. It’s more that every example seems to smush them together into a string of letters.

I would have found

tar -x -f pics.tar ./pics

to be clearer when I was learning. There’s plenty of commands which allow combining flags but every tar tutorial seems to do it from the beginning.

Absoutely. I mostly use Firefox because I’m so familiar with it by now but the privacy is generally much better and it doesn’t have a massive monopoly on the web. I’m just a lot more comfortable with it.

When I have to, I use ungoogled-chromium on desktop and Bromite on mobile. I recommend those to anyone familiar with Chrome.

I’ve read not to bother with Decentraleyes. The dependencies are often out of date which mean you’ll hit 3rd party CDNs anyway. Unless its coverage is 100℅, it’s less than useless for privacy as the hit pattern to CDNs might even make you stand out.

Privacy Badger is also redundant if you have uBO.

Sounds like someone has sticky fingers.

These two form a “mesh VPN” which use direct encrypted links between any number of devices. You can think of it as forming a virtual LAN where you can communicate with devices, including open ports. A lot of them have clever tricks to overcome CG-NATs, which you seem to be struggling with.

Another option is to just rent a server. You can get massive storage space for less than some VPNs cost and you don’t need powerful hardware if your device supports the codecs you’re using. You could even get a cheapy VPS and reverse proxy to your Jellyfin server through an SSH tunnel or similar. Lots of options here.

Has anyone independently verified that this is the case for the FP4? It’s well known that the FP3 accepts testsigned ROMs, but all discussions regarding the FP4’s trusted keys points back to the same FP3-specific thread on Fairphone’s forum.

It seems so.

I don’t know, it does make flashing custom ROMs easier but I would rather have to install my own signing keys or signing keys for the ROM as this way renders a part of the device security completely useless. I’d at least like to have known when I bought it.

I’m not paranoid which is why I’m still using the device but these three points were each huge disappointments which make me not want to buy another Fairphone.

I think it’s a Qualcomm Snapdragon SM7225.

It’s not really about better, it’s more knowing what I’m getting. It’s not their fault that Qualcomm’s support is only 3 years (at the time) or that it takes them 10 months to develop support for the chosen SoC which eats into part of that 3 years. Still, I got the phone thinking I would have a reasonably secure device for 4-5 years which wasn’t entirely accurate.

I love the idea and, if you’re willing to sacrifice some security for sustainability, that’s great. I just want people to know what they’re getting into because I didn’t.

As the owner of a Fairphone 4, don’t get one.

It’s sold as a 5G phone but crashes intermittently if you actually enable 5G. I bought a 5G phone and I’m still on 4G. I wish I could say that’s the most of the problems, I could live with that.

The software support, in my opinion, is falsely advertised. You do get 5 years of kernel and Android updates but the system-on-chip updates, which aren’t made by Fairphone, end October of this year. That’s a whole important part of the updates which cease only 2 years into support.

Then, there’s the real kicker; the hardware root of trust has the (publicly available) AOSP test keys installed. This means anyone can sign and flash a verified ROM if they have access to the unlocked phone. That’s perhaps not too important for most people, but it screams incompetence and it means you cannot trust a second hand device.

When the SoC support is up, I’m moving to a Pixel. I’m done rolling the dice on Android phone manufacturers and I want a well implemented device.