AI needs to be regulated with an energy cap. If you need more capacity, optimise your AI. Don't just throw more electricity at it.

Corporations don't care about people. This bank doesn't care about you. Banks care for no one but themselves.

They're coming for our VPNs soon enough, be sure of that. Here in Australia they've already flagged wanting to ban them.

Gemini is just a web replacement protocol. With basic things we remember from olden days Web, but with everything non-essential removed, for a client to be doable in a couple of days. I have my own Gemini viewer, LOL. This for me seems a completely different application from torrents. I was dreaming for a thing similar to torrent trackers for aggregating storage and computation and indexing and search, with search and aggregation and other services' responses being structured and standardized, and cryptographic identities, and some kind of market services to sell and buy storage and computation in unified and pooled, but transparent way (scripted by buyer\seller), similar to MMORPG markets, with the representation (what is a siloed service in modern web) being on the client native application, and those services allowing to build any kind of client-server huge system on them, that being global. But that's more of a global Facebook\Usenet\whatever, a killer of platforms. Their infrastructure is internal, while their representation is public on the Internet. I want to make infrastructure public on the Internet, and representation client-side, sharing it for many kinds of applications. Adding another layer to the OSI model, so to say, between transport and application layer. For this application: I think you could have some kind of Kademlia-based p2p with groups voluntarily joined (involving very huge groups) where nodes store replicas of partitions of group common data based on their pseudo-random identifiers and/or some kind of ring built from those identifiers, to balance storage and resilience. If a group has a creator, then you can have replication factor propagated signed by them, and membership too signed by them. But if having a creator (even with cryptographically delegated decisions) and propagating changes by them is not ok, then maybe just using whole data hash, or it's bittorrent-like info tree hash, as namespace with peers freely joining it can do. Then it may be better to partition not by parts of the whole piece, but by info tree? I guess making it exactly bittorrent-like is not a good idea, rather some kind of block tree, like for a filesystem, and a separate piece of information to lookup which file is in which blocks. If we are doing directory structure. Then, with freely joining it, there's no need in any owners or replication factors, I guess just pseudorandom distribution of hashes will do, and each node storing first partitions closest to its hash. Now thinking about it, such a system would be not that different from bittorrent and can even be interoperable with it. There's the issue of updates, yes, hence I've started with groups having hierarchy of creators, who can make or accept those updates. Having that and the ability to gradually store one group's data to another group, it should be possible to do forks of a certain state. But that line of thought makes reusing bittorrent only possible for part of the system. The whole database is guaranteed to be more than a normal HDD (1 TB? I dunno). Absolutely guaranteed, no doubt at all. 1 TB (for example) would be someone's collection of favorite stuff, and not too rich one.

In this year of 2025? No. But it still is basically setting oneself for failure from the perspective of Graphene, IMO. Like, the strongest protection in the world (assuming Graphene even is, which is quite a tall order statement) is useless if it only works on the mornings of a Tuesday that falls in a prime number day that has a blue moon and where there are no ATP tennis matches going on. Everyone else is, like, living in the real world, and the uniqueness of your scenario is going to go down the drain once your users get presented with a $5 wrench, or even cheaper: a waterboard. Because cops, let alone ICE, are not going to stop to ask you if they can make you more comfortable with your privacy being violated.

Suffering from asthma? 9/10 Doctors recommend menthol cigarettes! Peppermint fresh puts the pep in your step!

Realistically, you don't need security, NAT alone is enough since the packets have nowhere to go without port forwarding. But IF you really want to build front end security here is my plan. ISP bridge -> WAN port of openwrt capable router with DSA supported switch (that is almost all of them) Set all ports of the switch to VLAN mirroring mode bridge WAN and LAN sides Fail2Ban IP block list in the bridge LAN PORT 1 toward -> OpenWRT running inside Proxmox LXC (NAT lives here) -> top of rack switch LAN PORT 2 toward -> Snort IDS LAN PORT 3 toward -> combined honeypot and traffic analyzer Port 2&3 detect malicious internet hosts and add them to the block list (and then multiple other openwrt LXCs running many many VPN ports as alternative gateways, I switch LAN host's internet address by changing their default gateway) I run no internal VLAN, all one LAN because convenience is more important than security in my case.