I have an iPhone and a gl.inet gl-e750 portable cell router, and my SIM card stays in the router. I don’t actually restrict my phone the way you’re talking about, but this gives me vpn to my home network without needing the vpn running on each client device. And if I wanted to block connections to big tech company services, I could do that.

I host my own for mspencer dot net, used this 15-ish step walkthrough from linuxbabe dot com. Only maybe three instances of spam in two years, gmail and outlook receive my messages just fine, etc. (Successful spammers were using legitimate services, and those services took action when notified. Greylist delays emails by a few minutes but it’s extremely effective against most spammers because they never come back to retry messages after a few minutes, while legitimate senders will.) I don’t know if I would accept blanket advice against self hosting.

Fundamentally if your mail server can see the addressee, it can see the content. SMTPS encrypts both in the same channel. So at the point where you accept messages and store them in a mailbox, the messages have to be readable.

Encrypting them at rest isn’t something I currently do, but if you’re going to later serve those messages to an email client that expects to receive clear text, your server needs both the keys and the messages. They can be stored in different places.

Most of your needs could be met with full disk encryption on the box hosting Dovecot. If you’re worried about being compelled to decrypt, there’s always the deck of cards trick: The pass phrase for full disk encryption consists of a memorized portion plus the letters and numbers of the top N cards in this deck of cards you keep by the server. If someone were to shuffle that deck of cards, and the server were powered down, the encrypted volume would be impossible to recover.

I’m eager to learn what other Dovecot tricks people can recommend to improve security.

I use a USB BD-R burner and disks for this. I don’t have a solution for Bad USB protection though unfortunately.

I think I was in favor of this four months ago. https://programming.dev/comment/8513741

Oh. That’s why they do that. Ok good to know.

Hey no botting!

NEW

Start early in the commit history, see if you can understand the general shapes and concepts the project was using at the start.

Then sort of binary-search your way forward in different sized jumps and see how quickly you can get to present day without sacrificing your sanity. Completely at least.

I’m not sure I follow. Why would a needle be reused? That’s never ok to do.

The pictured injector is single use. The weird workaround would never be ok’d by any doctor, and even if it was, a clean needle would be used to withdraw and administer medicine from the hypothetical medicine ampule for each dose. I’m not qualified to measure loose liquid medicine, and she’s on the second highest dose anyway.

A better design would be more like the pen used by the original senaglutide medication this is related to, ozempic. Screw on a disposable pen needle, dial your dosage on the twisty knob on the other end, inject, dispose of needle. But instead they deliberately designed this thing, with a latching device that starts squirting medicine with no way to stop it. If the user is not familiar with needles and jerks away, the needle comes back out but medicine is still squirting.

It’s a good medicine, except supply issues are making it difficult. My wife’s refill at the hospital pharmacy has been pending since end of February. It’s a weekly injection but her last dose was 15 days ago as of this morning.

I use Due on iOS for repeating timers/reminders where I need it to be persistent and annoying because the task is important. Like paying rent, or physical therapy “homework” I kept forgetting. The persistence might be good if you’re worried you’ll just dismiss a normal alarm or forget to start the next timer.

And those jobs are critical to the process of making new developers.

An important part of my education - the part that grad school can’t teach you, you have to learn it on the job - was being new and terrible, grinding on a simple problem and feeling like a waste of money. Any of the experienced guys sitting behind me could have done this thing in a few hours but I’ve been working on it for a week. “What’s the point? Any minute now they’re going to tap me on the shoulder and tell me I’m done, it’s time to go find another job.”

But that never happened.

Those early problems weren’t fun. At home I would have never chosen to work on them. I’d leave them for someone else. “But now that I’m collecting a paycheck for it, this isn’t up to me. I have to work on it. I can’t give up. I can ask for help, but I need to show my peers that I belong. I can solve difficult problems. I can persevere.”

As a mediocre professional developer, I had to struggle to learn that. I wasn’t getting far on my own, without mentorship and motivation. Homework, pursuing degrees, wasn’t getting me there. (And even now, I seem to have about two weeks of attention span, for projects at home.)

I feel like we need different ways to share and learn things about harmful posts and comments. Like, sure maybe your server aggregates the posts, and because you own the server you can remove or edit things if you really want to. But I should be able to say “this is objectively wrong in a dangerous way, and here’s proof” in a side channel that the server owner can’t block.

And for it to have any point at all, clients should be able to subscribe to feeds. Like, a science educator I respect can say “I trust this foundation that fights harmful disinformation” and I should be able to click a button and see their stuff. Without the server owner banning me for some weird reason.

It sounds like you’ve got enough familiarity with the whole development lifecycle, as applied to a smaller single-dev-sized project, that you’d be great as an SDE 2 at a larger company, ready within a few years to step up to Senior. There are companies with hundreds of developers who only rarely hire straight out of college, where your level of experience is exactly what they want.

(There are also companies with hundreds of developers who do hire straight out of college, and I’m not trying to disillusion recent grads.)

When I last had to job hunt (2016) - I just jinxed it didn’t I? - I was complimented by interviewers for separately listing “Classroom experience” and “Professional experience”

I think you get a lot of points for a resume that says “I may or may not be the best fit for you, and that’s ok. Here’s accurate information, so you can make that determination for yourself. I trust you.”