I voted for Kamala Harris and encouraged others to do as well, and even I think it’s naive to blame leftists and pro-Palestine advocates for the Democrats’ loss in 2024. The Democratic establishment campaign was basically just, “We’re not as horrible as the other guy”. That was plainly not enough to excite people to vote. It worked in 2020 at the start of a global pandemic, but it was not going to work again. People stayed home not because they internalized some message from chronically online leftists, but because Democrats failed to give them a reason to take time off work and stand in line.

It’s in the data. Across four battleground states, over 900,000 registered Democratic voters stayed home compared to 2020; Trump only won those states by 500,000. If you look at analyses of the data (Cooperative Election Study, Pew Research Center, Catalist), many of them conclude that it’s because the Democrats failed to provide a real plan to improve the lives of their own voter base, especially in economically disadvantaged, nonwhite communities. It’s not even a question of the plan being too progressive or not enough—there was just no clear plan.

In contrast, look at Zohran Mamdani’s mayoral primary campaign in New York City where they saw the highest voter turnout in history. Early voting more than doubled compared to 2021. His campaign was grounded in actually solving problems for everyday people, especially with regard to affordability, and it worked. Establishment Democrats who are in the pockets of billionaires are so terrified of this that they are pouring their money and endorsements into a guy who resigned in disgrace following sexual harassment allegations, instead of the guy who won the primary. What ever happened to “vote blue, no matter who?”

If the Democrats want to actually win elections, they need to deliver a plan to the American people that shows they can follow through on making life materially better for everyone, not just their billionaire and corporate donors. Otherwise, they just seem like controlled opposition and no one will care to show up at the polls.

Color is mostly a biological sensation. In low light, humans lose color acuity because rods are activated more than cones. Objects reflect the same wavelengths, but our cones can’t activate due to low energy. Does this mean color fades in low light? It depends on the physiology of the perceiver.

Humans have three color receptors peak-sensitive to red, green, and blue. Dogs have only two: yellow and blue. This means they can’t distinguish certain wavelengths. To dogs and colorblind humans, red and green look the same because their receptors are activated similarly. Color isn’t just a property of light; it’s a biological perceptual experience.

A signature only tells you where something came from, not whether it’s safe. Saying APT is more secure than Docker just because it checks signatures is like saying a mysterious package from a stranger is safer because it includes a signed postcard and matches the delivery company’s database. You still have to trust both the sender and the delivery company. Sure, it’s important to reject signatures you don’t recognize—but the bigger question is: who do you trust?

APT trusts its keyring. Docker pulls over HTTPS with TLS, which already ensures you’re talking to the right registry. If you trust the registry and the image source, that’s often enough. If you don’t, tools like Cosign let you verify signatures. Pulling random images is just as risky as adding sketchy PPAs or running curl | bash—unless, again, you trust the source. I certainly trust Debian and Ubuntu more than Docker the company, but “no signature = insecure” misses the point.

Pointing out supply chain risks is good. But calling Docker “insecure” without nuance shuts down discussion and doesn’t help anyone think more critically about safer practices.

You know container image attestations are a thing, right?

So the end result of this is… companies race to burn fossil fuels into plastic to take water away from municipal or agricultural sources, remove as much safety filtering as they legally (or illegally) can “because it’s cheaper and more competitive” and buy up as much water rights and other water bottling companies as they can with the centralized capital because economies of scale mean better margins. And then once they have a monopoly, they jack up the price and screw over everyone who doesn’t have free water in their taps (which is everyone because the cities all got priced out and had to sell their water rights so now people have to buy bottled water).

Regulation in this scenario doesn’t work because the water companies are operating in some country across the world which has no money or army to enforce its laws. Or the local politicians are corrupt. There is no competition because people don’t have any real choice: they have to drink water which means they have to buy it from some company (as opposed to getting it for free as a human right). That is the big lie we’re all told about capitalism: that competition is a given in every market, government regulation is “in the way” and that the free market will somehow lead to the best outcome for all. At least for water (and also for web browsers), that is patently and obviously not true.

Edit: link formatting

And there is no aspect, no facet, no moment of life that can’t be improved with pizza.

Why not ask whoever is taking care of your cat to send pics / videos?

Would be great if we could just take off all of August like Europe does.

Adding onto what TheMrDrProf said: basically LetsEncrypt just wants to know you actually control the domain you’re using to get the certificate. With HTTP challenges, your domain has to resolve to a working HTTP server. With DNS challenges, you need API access to your DNS provider so that Certbot can set a temporary record that proves ownership.

If you’re using NPM to manage your certs, then as TheMrDrProf said as long as the HTTP request from LetsEncrypt can make it to your NPM through the VPS proxy, you should be able to pass the challenge and get a certificate. The IP address of the domain doesn’t really matter as long as the request makes it all the way to the challenge HTTP server, which in this case is NPM.

In NPM, you should see “Use a DNS challenge” option. If you use that and your DNS Provider is supported (if not, I recommend Cloudflare), then your VPS proxy does not even need to be working in order to renew certificates. This has a few advantages such as being able to shut off unencrypted traffic on port 80 completely.

1. The certificate and private key need to be on your home server since that’s where the TLS is decrypted.
2. You should be able to tunnel TLS traffic through WireGuard, so no port forwarding is needed.
3. You’d probably want to move Nginx Proxy Manager to your home server as an ingress gateway (and you can keep all the config + TLS certificates). Then on your VPS, you would no longer need the complexity and something like HAProxy, vanilla Nginx, or Traefik would suffice. Seems like NPM has an open issue to add support for TLS passthrough, but in my opinion it’s simpler to just have your VPS forward all traffic to one port on your home server.

For added security, you can make sure the proxy on the VPS only routes traffic for the correct domain using SNI. That way if someone hits your IP randomly, it only goes to your home server if the correct domain name was requested as well.

What you’re doing makes sense to me. Good luck!

The AT protocol that Bluesky runs on is designed to address this specific limitation of ActivityPub.

An app that’s like Uber or Lyft, but it only calls your friends who have cars and would be willing/able to give you a ride. It shows you how far they are (if they share location with the app) and how long it would take to get you to your destination. Based on the trip distance and current prices, it could also suggest how much you would owe if you wanted to cover their gas.

I have an inside joke with a friend who lives nearby that if she ever needs a ride she should download an app that’s like Uber but it only calls me. I think if I actually made it, she would actually put it in her rideshare folder and use it instead of forgetting to message me! So yeah if you made it and it was open source I might actually use it haha

I made a web app like this long ago! https://how2pizza.com, you could send a link out in advance of an event and then people could suggest types of pizza and vote for all the ones they liked. After all the votes, the organizer would decide how many people per pizza, and the app would tell you what to order.

The algorithm was designed to balance popular options with the needs of those with dietary restrictions. It recognizes that some folks only have a few menu options they can actually eat, and it guarantees they won’t get stuck with cheese. The way it worked is the “pickiest” people (i.e. those who only voted for one or two types of non-cheese pizza) would be guaranteed a pizza they can eat first. If the individual voted for more than one type, then the more popular option is favored. Cheese was a special case and there was logic to make sure it was only chosen after everyone got a slice of something they specifically wanted.

We used it a bunch in university for club events and stuff, and it worked great. Hopefully this is helpful and a good inspiration. Be warned about the code quality—the all hasn’t been updated in 8 years old!

If you’re curious, the main algorithm can be found here: https://github.com/ianonavy/how2pizza/blob/master/how2pizza/pizza/static/main.js

I use different types, cultivars, or alternative names for potatoes. Device names over the years have included: russet, yukon gold, ranger, marispiper, vivaldi, ratte, snowden, spud, and tater.