The media in this post is not displayed to visitors. To view it, please go to the original post.
Folks, @rania40, like @joynewacc and @aseelfromgz are volunteering with Gaza Verified even as they face the same inhumane conditions forced upon Palestinians by Israel.
If you can, please help as a tiny way of saying thank you 💕
@gaza_verified_campaigns This week, I received only $10 while living in extremely harsh displacement conditions. We lack basic necessities like food, water, medicine, and shelter. We are not asking for luxury—only the minimum to survive. Any help, even small, makes a difference. Please donate or share. Thank you for your humanity. chuffed.org/project/161851-hel… @aral @kathimmel @fabio @casey
my name is kat & i live in scotland. i've started this campaign for my friend, aya rizq, who lives with her mum & siblings in the rubble of a destroyed gaza.
The media in this post is not displayed to visitors. To view it, please go to the original post.
During any #press event, I prefer to stay awake all day on-site, away from my family, to document the moment. Here’s glimpse of the vids I captured at night at Nasser Hospital, documenting the return of patients who completed their medical treatment abroad & returned to #gaza via the Rafah crossing At this location,returnees reunite with their families. For some, however, the moment of arrival is met with heartbreak as they receive news for the first time of the martyrdom of their loved ones
We put a lot of work into both #Fedilab and #HolosSocial. We will never neglect one for the other, both deserve attention. Holos allowed us to push boundaries like E2EE DMs over ActivityPub and portable identity, but Fedilab is the app we've been working on since 2017 and will keep integrating new features. This is your app, not ours. Alongside all this, we are volunteers, so if you can help us financially, that would really help. Thank you.
I'm tagging my friend @tio 'cause this is relevant. He made a documentary series in 2023 talking about the problems of our world, if interested you can watch it on the website here - tromsite.com/documentaries/tro…
TROM II: A Message to the Aliens Year: 2023 / Duration: 4 parts, 5 hours We live in a world where everyone is busy, everyone is consumed, everyone seems confused. Money, social credits, ads, data collection, prices and billionaires.
#Holos is designed around one device per account since each phone runs its own ActivityPub server. Currently, activities are removed from the relay once synced, so multi-device isn't possible yet. However, we could introduce trusted devices linked to an account, where activities are only removed once synced with all of them. This would also need some work on our E2EE DMs feature.
Face recognition technology is so dangerous that government should not use it at all—least of all our federal government’s out-of-control immigration agencies. eff.org/deeplinks/2026/02/yes-…
Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP) have descended into utter lawlessness, most recently in Minnesota. The violence is shocking. So are the intrusions on digital rights and civil liberties.
As the main developer of Fedilab, I've never used Open Collective funds for personal needs like buying a phone or paying repairs (yes, plugging/unplugging daily has consequences). I feel uncomfortable about how to use those funds. In April I'll need to pay for server hosting. I also need a more powerful computer. Are those kinds of expenses ok for you? Like repairing my phone due to a worn-out USB connector?
You have put a lot of effort into developing these apps, so you deserve the money people donated you. Now if the project have other major contributers then you can ask them about the matter as well, but I don't think they'll disagree much. Getting your phone repaired is important, and depending on the condition of your current laptop/PC getting a new one might also be necessary to continue your work - these are not useless spendings IMO.
@TimePencil Thank you, I appreciate that. I was genuinely unsure whether repairing my phone felt right, even though it's directly caused by development and testing. Your words help.
A lawyer mate of mine once told me, "*Anybody* can steal from an employer, if they are a trusted employee."
Now, donors are not your employer, but they are your supporters, and they trust you. As you know "right from wrong" you'll also know if you've abused that trust.
Be open and honest, apply good judgement, and you'll be fine!
These are all absolutely fine. Even If you'd make it a really good computer you "part-time" use for gaming. You need to be able to work comfortably without every little computation or rendering taking ages. If you'd tell us that actually you also need a new Playstation bcs you wanna port it, I'd say that mayyyy stretch it a bit.
idk, estimate how much labor you've spent on this project, multiply by a living wage, and that's approximately the amount of money that I think you should spend however you need or even want to 🤷 the expenses of a tech project include the labor of the workers, which includes the living requirements of the workers Plus, in this case, they seem like things that also affect your ability to work on this project regardless of your ability to live, which imo is no longer a personal expense
As a dev, ceo and donator at different times, I suggest looking at it like this:
If you did not do this job youre getting paid for (open collective), would you have the amount of costs you have now (you wouldnt) and if you do, they're personal (rent, food, vacation) and if not, they're work related (mobile dev = mobile phone business expense, same for laptop that wears out etc.)
If you want to feel extra ethical, buy a dedicated work phone that is separate which you use the money for.
I'm fine with everything. Use them for things you need.
To maybe ease your mind a bit: A computer also supports app development. And a phone is needed for testing the app. Emulators can only bring you so far. So that would be something directly benefiting app development.
It really depends on what you wrote on the Open Collective requests. My plans if the LibreFaso project was ever successful enough to justify a full-time job¹ was to have a separate tip jar for the project-related expenses and for my own salary, so that people could choose what they want to fund. Basically, as long as you're entirely transparent, it should be fine.
I would be really frustrated if the money going to a software project did not at all contribute to the basic computing needs of the main developer of that project. Like obviously there's a limit at which the opportunity costs become too big but a phone repair does not approach that cost
@Fedilab Apps I would see nothing wrong with you using the funds for things that directly impact the app, I mean you need a phone for actual testing, right? And a computer to create the program? To me that seems to be what the funds are for
I donate to projects because I want them to stay and best case improve/ grow/... So if the money is used for anything that helps in that way I am happy. If that means you can work on the project half-time, full-time or whatever and spend the money on rent, food, cinema or anything else that makes you happy, that is great. I would stop donating if you became a multi-millionair. But I doubt we will ever have to worry about that ;)
On the plugging / unplugging front, have you considered a sacrificial cable / connector board. We use these between dev boards and cables for hotplug or similar testing.
Use your own domain for your ActivityPub identity. No instance to host, pure ActivityPub from your phone. Your identity is no longer tied to the relay. Switch anytime.
Add your domain, configure a CNAME record, verify and activate. Followers are notified via a Move activity.
@lexinova Migration is fully supported! Holos implements the ActivityPub Move activity, so you can migrate from another instance to Holos or from Holos to any other ActivityPub instance. Your followers will be automatically notified and redirected, just like with standard Mastodon migration.
Regarding F-Droid, the submission is currently in progress.
it would also help if you'd publish releases with their corresponding APKs attached. Only that way, Reproducible Builds can be supported (which we and @fdroidorg have, see e.g. izzyondroid.org/about/security… for a short intro).
I don't know about the size of your APK, so I cannot tell if we could take it in at IzzyOnDroid – but if it's below 30 MB, be welcome to apply (once the APKs are available, as we always ship the APKs built & signed by their devs) @lexinova
@IzzyOnDroid Unfortunately the APK is around 170MB due to the embedded Node.js libraries needed to run the local server. We reduced it by dropping one of the three Node.js builds (from three to two), but it's still well above the 30MB limit. That's why we never submitted to IzzyOnDroid and went directly to F-Droid instead. @fdroidorg @lexinova
aw gosh: yeah, NodeJS (and other frameworks) are a size-hell because of their native libs. There are a few tricks there, though – but if those 170 MB were per-ABI, we don't stay a chance. Having an APK at hand, I could check – but at that size, chances are rather minimal. We might et it down to 90 MB, probably, but that would still be too big… @lexinova
@juergen Android is the primary platform for now, but an iOS version is planned. Distribution will likely go through AltStore, as mainstream app stores may flag apps with embedded servers.
Regarding multi-device access, Holos follows a "one device, one instance" philosophy. Your phone is your server, with your keys and data living locally. This is what gives you true ownership. Multi-device sync isn't currently supported but is being considered for the future.
Hmmm interesting. So this is basically trading the ability to use the fediverse from multiple devices vs. having a transferable user name independent from the proxy used? I am really curious if this will be embraced by many users.
@juergen It's currently designed as one device per account since your phone is the server. But this can be improved by allowing the relay to dispatch activities to multiple devices per account instead of removing them once consumed. Right now the relay immediately deletes an activity once it's been synced (via WebSocket or during app launch), but reworking this to support multiple devices is definitely possible.
@juergen We will introduce that option, a lot of people are asking for multi-device support. That would need some work on our latest feature (E2EE DMs).
#Holos is designed around one device per account since each phone runs its own ActivityPub server. Currently, activities are removed from the relay once synced, so multi-device isn't possible yet. However, we could introduce trusted devices linked to an account, where activities are only removed once synced with all of them. This would also need some work on our E2EE DMs feature.
I do have my own instance, but it's on GoToSocial. YunoHost, vps. Longing Holos to be usable on iOS so I could have such as elettrona@holos.plusbrothers.net - so that I create mess then LOL!
So Mullvad VPN has decided to move to WireGuard only and removed support for openVPN since January 15th 2026. And like everyone who had been using OpenVPN to connect to their servers I also had to move to WireGuard. However I had been using their VPN so far with inclusive split tunneling, meaning only a few apps/services will be routing their traffic through the VPN and the rest of my traffic will be unaffected. And I was able to do it thanks to a
So Mullvad VPN has decided to move to WireGuard only and removed support for openVPN since January 15th 2026. And like everyone who had been using OpenVPN to connect to their servers I also had to move to WireGuard. However I had been using their VPN so far with inclusive split tunneling, meaning only a few apps/services will be routing their traffic through the VPN and the rest of my traffic will be unaffected. And I was able to do it thanks to a guide they wrote explaining how to do split tunneling using OpenVPN. But I couldn’t find a similar guide explaining how to do the same in WireGuard, so I was left alone to figure it out myself. And in this post I will explain how I did it.
The new socks5 proxy
So the way this split tunneling had worked in OpenVPN is that you had to manually set up a socks5 proxy in the apps/services you want to route through the VPN, as explained in this guide. For OpenVPN this proxy used to be 10.8.0.1 on port 1080 but for WireGuard you need to use 10.64.0.1 on the same port. Also for WireGuard there is an additional multi-hop feature which you can use through port 10.124.x.x where x can be different numbers depending on which VPN server you want to route through (port is same 1080 as usual). You can get a list of these socks5 proxies for different servers thanks to a project called Mullvad socks proxy list which keeps the list updated by running a script every day using github actions. Alternatively you can also use the socks5 proxy address mentioned in Mullvad servers page which looks like domain names (e.g. al-tia-wg-socks5-003.relays.mullvad.net).
Beware of DNS leaks
If you are using these socks5 proxies there is a chance for DNS leaks, on browsers like Firefox you get an option called Proxy DNS when using SOCKS v5 which you can enable to avoid these leaks, but you may not find such options on other apps/services that you may use this proxy with. So I recommend setting up a custom DNS for your entire system to reduce this problem a bit, pick a good one that you can trust, here is a list of recommended ones - privacyguides.org/en/dns/#reco…
You can check for DNS leaks by visiting this website - ipleak.net
Binding VPN to torrent client
You can of course set up your torrent client to use the socks5 proxy to route all of its traffic through the VPN, but in my experience it is better for connectivity if you can actually bind your VPN to the torrent client directly without needing to use a proxy - as explained in this guide from the qBittorrent Wiki and also shown in this YouTube tutorial:
The solution
Method 1 (doesn't support binding VPN to torrent client)
In your WireGuard configuration you can see this line under the [Peer] section:
AllowedIPs = 0.0.0.0/0,::0/0
As you can see by default this is set to 0.0.0.0/0, ::0/0 which includes all IPv4 and IPv6 addresses, meaning all of your traffic will be routed through the VPN. But if we want to only allow the socks5 proxy addresses to go through the VPN we can change it to this:
AllowedIPs = 10.64.0.1/32, 10.124.0.0/22
The /32 is used to indicate that it's a single IPv4 address (10.64.0.1) and the /22 indicates that it's a subnet (ranging from 10.124.0.1 to 10.124.3.254). This should make it so that only traffic to these IP addresses would go through the VPN.
Notice a change in the logs
So now when you start up WireGuard via the wg-quick up command you will notice a change in its logs... This was the log from before I made the change:
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip -6 route add ::/0 dev wg0 table 51820
[#] ip6tables-restore -n
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n
And this is the log after I changed the AllowedIPs option:
[#] ip link add dev wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add [REDACTED]/32 dev wg0
[#] ip -6 address add [REDACTED]/128 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a wg0 -m 0 -x
[#] ip -4 route add 10.64.0.1/32 dev wg0
[#] ip -4 route add 10.124.0.0/22 dev wg0
Looking at these logs I realized that the ip route command is the one that configures which traffic gets routed through the VPN, and that WireGuard will automatically configure it according to the AllowedIPs option.
Limitations
Like I put up in the heading this method won't be suitable if you want to bind your VPN to your torrent client, since we explicitely made it so that only traffic to a specific subset of IP addresses will be allowed through the VPN it rejects any other traffic. But I still wanted to explain this method here because it is good enough for anyone who only cares about the socks5 proxy and it is also the simplest solution.
Method 2 (works for both use cases)
Some context
So in order to archive this we need to do three things: 1. Allow all traffic to be accepted through the VPN, which means we will have to keep this line as is:
AllowedIPs = 0.0.0.0/0,::0/0
Stop WireGuard from automatically configuring all traffic to be routed through the VPN despite the AllowedIPs option.
We need to only route traffic to Mullvad's socks5 proxy addresses (10.64.0.1/32 and 10.124.0.0/22) through the VPN.
So based on these findings this is the solution I came up with, just add these lines under the [Interface] section of your WireGuard configs:
Table = off
PostUp = ip -4 route add 10.64.0.1/32 dev wg0; ip -4 route add 10.124.0.0/22 dev wg0
PreDown = ip -4 route delete 10.64.0.1/32 dev wg0; ip -4 route delete 10.124.0.0/22 dev wg0
You can put it right under the DNS option. On Linux you can run this command to automatically do this for all the .conf files you have in a folder:
sed -i '/^DNS = / a Table = off\nPostUp = ip -4 route add 10.64.0.1/32 dev wg0; ip -4 route add 10.124.0.0/22 dev wg0\nPreDown = ip -4 route delete 10.64.0.1/32 dev wg0; ip -4 route delete 10.124.0.0/22 dev wg0' *.conf
Explanation
The Table = off option disables WireGuard's automatic routing. And then we use the ip route commands to manually add routing for our socks5 proxy addresses when WireGuard starts, and also deletes these routes when WireGuard stops. You might notice that the ip route commands I use are exactly the same ones we saw on the logs I shared above, and yes that made it easy for me to figure this out. And if you're curious this is how the log looks like after I changed to this new method:
[#] ip link add dev wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add [REDACTED]/32 dev wg0
[#] ip -6 address add [REDACTED]/128 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a wg0 -m 0 -x
[#] ip -4 route add 10.64.0.1/32 dev wg0; ip -4 route add 10.124.0.0/22 dev wg0
Not much different from the logs of method 1, just the last two lines are combined into one.
I'm truly in awe at the level of skill I witnessed in this video! I've always admired this guy as a programmer ever since I found his channel, inspiring fellow 🙂
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
I think you've introduced me to a few Queen songs before. And a cousin of mine recommended me to watch the Bohemian rhapsody movie, I started listening to more of their songs after that lol
I imagine it probably uses publicly available data like the posts you replied to, liked or reshared. Apparently the code used to run the bot is FOSS, you can see it here - github.com/Roboron3042/mastoes…
> Using external server was not possible; result may be inaccurate.
I think probably because you're on Friendica it might've failed to get the data from your instance directly so instead relied on federated posts - which are probably incomplete and likely explains why you're seeing people who you don't know. In my case everyone in there was either a friend or some popular account or project that I knew of.
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
- considering branches as "sticky notes" is nice but also somewhat weird, since they're exactly not sticky, but move along when creating a new commit. - Instead of `git reflog` I recommend `gitk --reflog` to see the graph of commits.
Thank you to those who are helping TROM monthly! Our first goal is to reach 100 monthly donors to kickstart a new video series for TROM, bring back TROMnews and provide 20GB storage space for our Nextcloud install (TROM Files) for everyone.
We have a lot of projects and hundreds, if not thousands of people are using our services.
> What powers the global internet? The answer might surprise you: not satellites, but hundreds of thin cables that run along the ocean floor. They’re an absolutely essential technology that’s also incredibly fragile — so fragile that in the beginning, most people thought they couldn't possibly work. Today on the show: the story of a man who *did* think they could work… and the lengths he went to to try and connect the world.
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
Hello Fediverse I want to make a short announcement about the social.trom.tf Friendica instance run by my friend @tio
Currently that instance is going through a big server migration process and it will take a couple of hours for it to get finished. So if you mention or send anyone messages during this time it might not reach them.
Auf YouTube findest du die angesagtesten Videos und Tracks. Außerdem kannst du eigene Inhalte hochladen und mit Freunden oder gleich der ganzen Welt teilen.
> Since October 7th, while the world has focused its attention on Gaza, the Israeli government has tightened the screws on the three million Palestinians in the West Bank in all sorts of dramatic ways. We travel to the West Bank to see these changes in person.
Since October 7, Israel has intensified restrictions on West Bank Palestinians while global attention focused on Gaza. We travel to the West Bank to see these changes in person.
Mohammed🍉
in reply to Mohammed🍉 • • •#gaza #genocide #palestine #press
✔️Taken by my Camera
reshared this
Sarah W, Rokosun and Misha reshared this.