Also new people are still motivated to change stuff. They are not yet worn down by bureaucracy.

Where comments are useful most is in explaining why the implementation is as it is. Otherwise smart ass (your future self) will come along, rewrite it just to realize there was indeed a reason for the former implementation.

One problem is that they need to put a price tag and therefore a timeline on such a project. Due to the complexity and the many unknown unknowns in theses decades worth of accumulated technical debts, no one can properly estimate that. And so these projects never get off and typically die during planning/evaluation when both numbers (cost and time) climb higher and higher the longer people think about it.

IMO a solution would be to do it iteratively with a small team and just finish whenever. Upside: you have people who know the system inside-out at hand all the time should something come up. Downside of course is that you have effectively no meaningful reporting on when this thing is finished.

It only needs to work long enough for the current management to cash in on their savings. Then it’s their successors problem.

*gelachst

But why? If you don’t need moving parts, don’t use moving parts. Simplicity is king.

I have a few projects where parts are Java, parts are Go and parts are C. Having that in a single workspace can be convenient.

clion is also strictly separated.

IDEA isn’t Java-only. Most of the other languages are available as plugins. IDEA is typically the go-to IDE for multilanguage projects.

My password database contains a few hundred entries. Good luck memorizing that.

Enpass uses the open source library sqlcipher (which is an sqlite fork with encryption). So while Enpass as a whole is not fully open source, you can still exfiltrate your passwords with open source tools, should they ever vanish or radically change their business model. You can then use for example enpass-cli.

That gives me enough confidence to trust in Enpass, since they can’t easily hold my data hostage.

Sorry, but log files can contain any amount of PII that is absolutely unsuited to be sent over an unencrypted channel to a person/company that should not even need some details.

I sure as hell also skim over logs before I send anything out and remove anything that I don’t want to leak.

So you didn’t fully read the mails either, did you?

Many security experts I know consider AV software to be snake oil. I do so too. They are so complex and need so far reaching permissions to be somewhat effective, that they become the attack vector and/or a large risk factor for faulty behavior.

Add in lots of false positives and it just numbs the users to the alerts.

Nothing beats educating users and making sure the software in use isn’t braindead. For example Microsoft programs that hide file extensions by default is a far bigger security problem than a missing AV tool. Or word processors that allow embedded scripts that can perform shit outside the application. The list goes on …

Happy to help.

Replacing a python service (searxng) by one written in rust? Count me in.

I mean … that’s basically how the internet works today. And even if you don’t “run” proprietary stuff on your end, their service as a whole is still proprietary. So it seems like a pointless battle, IMO.

I would rather ensure to use a browser where I trust its sandbox to properly isolate the shit it has to run inside.

But he said “proprietary software to run”, not to “setup” or “register” or whatever.

But as I said: once the DNS entries are set up, everything is routed directly to your machine. What runs there is completely in your hands. Same with VPS/root server: SSH is free. Pick the client you like.

I don’t know of a single registrar or hoster that I can’t run without libre software.

What exactly do you mean? Typically you go to a website, register the domain, setup payment and then setup the nameserver. No need to install anything on your end.

Same with hosting. You sign up, setup payment, order a machine (root or virtual) and then you get SSH credentials and are good to go.