It certainly looks interesting - see https://docs.numeraire.tech/swissknife
nostr:nprofile1qqs2q3ar03rnu48yc9x4x3kj2w6dyla84jmfjma2vhltdvudml95xtqvtwlku I looking at maybe self-hosting Numeraire SwissKnife as it looks like it handles sats (NIP-05 identifiers and Lightning "zap" payments) and well as Bitcoin, also allowing Bitcoin to/from external wallets. If this does away with all the external connectors and other interlinking, it may be a far better solution actually.
Here are screenshots of my GetAlby account, as well as my self-hosted Alby Hub. My sats are all gone since the connector closed earlier today.
If I had any control over it I would at least see my balance still there(my wallet was not actually in my self-hosted hub). Nostr was my first experience with Lighting wallets, and it was way more complicated than Bitcoin.
This has not been a good experience, yet I still have my Bitcoin. Right now, I'm thoroughly unimpressed with the Lightning network (or at least the connectors). It certainly does not inspire me at all go want to go deeper into it.
Because it is complicated, I don't know why/who/where it went wrong. All I know is, I did nothing to it today, and I have 0 sats now. Someone must have my sats now. There is no way I'm paying for another connector to connect 0 sats.
All I'm saying is I had a fully functional self-hosted Alby Hub. It had a balance this morning showing, now it shows 0 sats. That was not in my control. If it was I'd still see the balance I had. It means in fact the balance was not really in my hub at all. Seems it had something more to do with the connector then. I should have been able to pick a different connector, and carried on using what balance I had in my Hub. It appears that the connector actually had the control. I don't have my sats now, I don't see them on the GetAlby site account, so I assume the connector has it. That was not under my control then at all.
I do have a Muun wallet with Lightning I see
Thanks yes I certainly have all my keys backed up. I just don't want any more wallets that are connected via channels that are going to disappear. This is not how Bitcoin and other crypto works - your wallet should be your wallet.
Yes, I see now from Megalith LSP there is this comment on the Alby guides: "Your channel stays open longer if you send or receive at least one payment per 30 days". So despite daily posting I obviously never received any sats for the last month, and I had not sent either, so the channel just got closed and I have lost my sats. No warning, and no value whatsoever in actually self-hosting the Alby Hub. I'm certainly not going to burn my fingers again on the Lightning network. This has just never happened to me with Bitcoin - my offline wallets retain my find no matter what (that is proper control). The self-hosting was a farce (my self-hosted Hub wallet still shows 0 stats).
nostr:nprofile1qqsrxra3gv0lnkxz2pcxh0xuq9k4f9dr7azwq3aypqtnay4w0mjzmtqve7c2c Thanks for responding,
It is difficult now a year later to remember which/what channel it was (EDIT: the link in the e-mail took me to Megalith LSP). All I know is there was no warning at all, and no sats have re-appeared in my self-hosted Alby Hub under Node as the e-mail said it should. So the point is then that my Lightning Wallet was never under my control from what I'm seeing.
So without warning the channel is gone, and all my sats. I used the network every day so this cannot be from "not being used".
Sadly, this is going to be a real showstopper for any other users of the Lightning Network and/or Alby.
I'm a computer programmer and understand tech - I really cannot see how this will ever attract ordinary users. The mail I got came from "Your Alby Team" informing me the channel was closed. So it is true that maybe the real issue is with the channel - no idea which channel now, and certainly don't want to get involved with other channels if this is how it is going to go.
Despite having a self-hosted Alby Hub, this goes to show I was never in control of my sats at all. Otherwise they would have showed up there still. It was certainly connected every single day, as it was being used to authenticate my access to Nostr. Now I don't even know if I'll be able to access Nostr tomorrow after rebooting my computer. This may be the end of my access altogether.
nostr:nprofile1qy08wumn8ghj7mn0wd68yttsw43zuam9d3kx7unyv4ezumn9wshsz9mhwden5te0wfjkccte9ehx7um5wghxyctwvshsz8rhwden5te0dehhxarj95cjumnzduhxzmn8v9hxjtnrduhszrnhwden5te0dehhxtnvdakz7qgkwaehxw309ajkgetw9ehx7um5wghxcctwvshsz9thwden5te0wfjkccte9ejxzmt4wvhxjme0qqsyv47lazt9h6ycp2fsw270khje5egjgsrdkrupjg27u796g7f5k0shjk534 not quite true. My channel was just closed after 12 months. All my sats are gone amd it saiod they shoud re-appear in my Node on my Alby Hub. Well they have not appeared after many hours now. It seems I have to buy another channel now, but that channel costs the same as the sats I actuially had. So it si really a washout for me, and I don't know what the point was of me even self-hosting the Hub was. Seems tyhat channel is the big catch. My Hub was in daily use, was connected, and had funds movement. If this is how much the channel is going to cost every 12 months, then this is absolutely not worth it for me.
Ah very nice! Well it is ongoing as home labs are never static. I must still look at Prometheus, actually.
Well good to know at least I'm not alone. The mail said the balance I had would now appear on my Hub under Node. But that shows 0 sats.
"One of your lightning channels was closed. If you had a spending balance in this channel, these sats will be returned to your savings balance visible on the "Node" page of your Hub. Your funds will be returned to your savings balance within a few on-chain block confirmations."
Maybe it will still re-appear there, but it seems you can do nothing with the channel. To buy another channel means I basically lose all the sats I have. So not sure then what the point of self-hosting the hub is. I probably also cannot get that balance out anywhere without channel either.
nostr:npub1getal6ykt05fsz5nqu4uld09nfj3y3qxmv8crys4aeut53unfvlqr80nfm why did I get a mail saying my lightning channels was closed? I did not close it. It was all configured and working until this morning (I logged in with my browser extension and it showed my SATS balance). Now my SATS show 0.
I have a self-hosted Alby Hub running 24/7 on a VPS, and that is fully operational and reachable. Now it shows I must "buy my first channel". I already did buy a channel. It has been operational daily. What is asks for now to buy a channel, is my entire SATS balance.
Not understanding this?
Peep show: 40K IoT cameras worldwide stream secrets to anyone with a browser
“Security researchers managed to access the live feeds of 40,000 internet-connected cameras worldwide and they may have only scratched the surface of what's possible. The US was the most affected region, with around 14,000 of the total feeds streaming from the country, allowing access to the inside of datacenters, healthcare facilities, factories, and more. Bitsight said these feeds could potentially be used for espionage, mapping blind spots, and gleaning trade secrets, among other things.”
After all the previous warnings, and even sites published that show these camera feeds, I can't believe this is still such a big thing.
There are essentially two ways to quickly stop this with any of your cameras:
1. Prevent any Internet access for the cameras at all: Put them on a VLAN that has no Internet access, or on a guest network that has Internet disabled, and make sure UPnP is disabled on your router (that automatically opens firewall ports), etc.
2. Log into each camera and change the default password or set a password.
The problem is most of these cameras come with an enabled API, and also a default username and password (which are known).
It is clear that too many people are just bringing home any old IP camera or IoT device and plugging them in on their home (well in many cases work too it seems) networks. Yes it may work fine, but it could be punching holes through your firewall. This is not malicious really, as some devices try to get time sync from the Internet, or they want to check for updated firmware, etc. But they can expose your video and your network.
These IoT devices are becoming a bigger and bigger problem, as default security is just about non-existent (remember Microsoft wanting to keep things simple and enable everything so as not to complicate things for users?), and they often have no way of really getting proper security patch updates either.
Unfortunately, as I mentioned in a post about two months back around IoT and security, ease of use and security are diametrically opposed to each other. Security is not easy, and easy is usually not secure...
See https://www.theregister.com/2025/06/10/40000_iot_cameras_exposed
#technology #security #vulnerabilities
Linux Foundation unveils decentralised WordPress plugin manager
“A collective of former WordPress developers and contributors backed by the Linux Foundation has launched the FAIR Package Manager, a new and independent distribution system for trusted WordPress plugins and themes.”
An interesting development. Something like this is needed, and maybe if the other WordPress parties are not managing to get the issues sorted out, this may be another way forward.
WordPress is probably the most used content management system across the Internet. The biggest weakness, as far as vulnerabilities goes (for most platforms, actually), is the 3rd party plugin system.
#technology #vulnerabilities #security
OpenAI slams court order to save all ChatGPT logs, including deleted chats
This is going to become more and more of a privacy problem in the coming years, mainly because: Millions of people use ChatGPT daily for a range of purposes, OpenAI noted, “ranging from the mundane to profoundly personal.”
The other problem is one that the US is causing for the free world. Most of the mainstream (centralised) social media as well as AI tools are controlled by the US. With the US more and more placing restrictions on the freedoms of speech, and legally compelling companies in its jurisdiction to hand over the data of their users (this is not new though as there has long been the PATRIOT and CLOUD Acts), there is more interest in citizens elsewhere in the world to preserve their privacy, protect minorities, defend their rights of association, etc.
I very nearly did a post recently about Venice, an AI tool: Venice.ai is hosted on a decentralised GPU computing network provided by third-party companies such as Akash, which operate data centres and GPU cards distributed around the world. This decentralised infrastructure supports Venice's privacy-first architecture by processing user inputs without storing or logging prompts or model responses on centralised servers. Chat records are stored locally on the user's device and can be deleted at any time, while the company only accesses users' IP addresses, which can be masked with a VPN.
The challenge was that Venice is legally registered and operates under the jurisdiction of the state of Wyoming, United States. So I left that post undone.
It is no wonder that there is a bigger and bigger ground swell towards self-hosting and alternative social media today. I have done hundreds of posts about both of these types of alternatives, and it is good to see them all flourishing.
But AI itself is growing quickly, and I hope that we see more alternatives outside of US control as well, as the world does need some balance. You cannot have just one country dominating social media, AI, and other technology when the world is full of a diversity of cultures and beliefs, and we need to create safe spaces for everyone to participate in. It also brings home to me what I was recently reading about in the book 'Careless People: A Cautionary Tale of Power, Greed, and Lost Idealism', that when you are operating on a global scale, you do need to navigate some very difficult, diverse, and challenging waters, and you do need to actually care about all of that if you want to be a global player.
The coming year may be an interesting one for technology globally (and maybe even broader than just technology). I still cling to my old mantra: Be careful of what you wish for, because you may just get it. Being a global and caring player in technology, means thinking in the global context, and especially of the cause and effect that will result down the line. South Africa has certainly already experienced this itself. In quite a few ways, South Africa is ahead of what may come to be in the US (not politically, but more around technology). The irony is some companies had headquartered outside of the US for tax purposes, and maybe the same thing will happen for privacy purposes in future...
Of course everyone has long had the opportunity to use alternative tools, alternative social networks, etc, so no-one can say they are forced to use anything. We do in fact have freedom of choice, but it is often our own friends and family who shackle us to something. The network effect is one of the most powerful rip currents I know of, that works against individuals and corporations.
But like I discovered myself over the last 12 months or so, after switching medical insurance, banks, social networks, e-mail provider, and more, sometimes once you've mad e change you wonder why you did not make the move a few years earlier. The grass is not always greener on the other side, but there are many lawns out there, and sometimes your eyesight just gets too accustomed to the colour and texture of one's own grass (it becomes a box, which you need to think outside of).
#technology #privacy
Self-Hosting Isn’t Just for Nerds Anymore—Here’s Why You Should Care
“Let's face it, we use the internet for just about everything. We even use the internet for sensitive things, be that banking, sending sensitive data, or just storing our photos. With all of that, privacy is expected (and not an unreasonable request, either). However, privacy is rarely given by the companies that house all of that data, even if that means skirting the law to achieve what they want. Companies will often tout that your privacy is at their core—but is it really?”
The article goes into this point as one of the driver's for self-hosting for many. It is also the reason we are seeing so many decentralised and federated social networks springing up as well. Others want to self-host to save money on expensive cloud storage costs, whilst some in South Africa do it so they have services to still enjoy when the grid is busy load-shedding.
But whatever the reason, most of us start out small, and the habit keeps growing as you realise self-hosting works pretty well. I started out with one Raspberry Pi, and by the time I had my 3rd Raspberry Pi going, I realised I need to migrate to an Intel NUC, which then migrated to a Lenovo M720q. Exactly the same has happened with the storage side, and only from this month have I finally moved to a proper RAID 1 storage solution. Only last month, I finally built my first own network cabinet.
Most of my YouTube videos over the last year or two have been about various solutions I have self-hosted, and been finding very useful.
So, do not be intimidated by expensive looking home labs that some YouTubers show off (the flashing lights usually serve no functional purpose). Any self-hosting can start off with a Raspberry Pi and an SD card. Your next step may be to just attach an old hard drive to that Pi, and it goes from there at whatever pace works for you (in many cases, your spouse with reign you in any way).
See https://www.howtogeek.com/self-hosting-isnt-just-for-nerds-anymore-why-you-should-care
#technology #selfhosting
PowerTOP is a Linux tool created by Intel to monitor and diagnose power usage by running apps and services
“It's best used for devices with internal batteries, and you need a way to work out what's draining your internal power source between charges, or those that run continuously, and efficiency is a priority. It's interesting in that the tool lets you manipulate power management settings to experiment with different configurations. Released in 2007, the tool has since been updated to work with modern hardware.”
Modern power supplies adjust their power usage according to their loads over time, so apps or services using a lot of processing power over time, are going to use more energy. This is especially noticeable if the device is battery powered like a laptop.
This also does not only work for Intel processors, but also AMD and ARM as well.
The linked article also has a link at the end to another similar tool as well, which exports to Prometheus.
See https://www.xda-developers.com/reasons-powertop-is-the-most-powerful-linux-tool or GitHub site at https://github.com/fenrus75/powertop
#technology #energy #environment #opensource
Jelly Music App is an open source app that turns Jellyfin into a true Spotify alternative
I wondered why this was not integrated into Jellyfin before realising it is a third party front-end app that bolts onto Jellyfin. So you have your existing Jellyfin server with the music on it, and there is an additional docker container that runs for Jelly Music App that connects to the Jellyfin server.
Yes, the UI is better, but it also brings additional features such as the ability to download songs for offline listening. You can save individual tracks, playlists, or albums for offline playback. You can also set the auto-download feature to trigger for any new tracks that you add to your playlist.
It is a bit of a pity that Jellyfin has not been expanding the music side more. I did post a week back about the self-hosted Navidrome, but that is a standalone option, and does not integrate with Jellyfin.
#technology #music #selfhosting #opensource
Packet is a Linux app that uses Android’s native Quick Share feature to exchange files
“Anyone with an Android phone near your device can send/receive files to/from you via Packet. They don’t have to install an app on their device since the feature is built-in, and the Quick Share protocol uses end-to-end encryption for (relative) peace of mind.”
I have been using LocalSend up to now, which has worked well, but it does require the app to also be installed on the Android device. So for anyone visiting your home, for example, that is a bit of an extra step. Packet looks really low-friction and may fill the gap to wirelessly fling files, photos, videos and whatever else between Android and Linux devices.
There is a link to the open source GitHub project at the bottom of the linked article.
See https://www.omgubuntu.co.uk/2025/06/packet-linux-android-file-transfer-app-quick-share
#technology #filesharing #opensource
Statistics for Strava is a self-hosted tool that gives you full control over your fitness data
This is an open source self-hosted tool that allows you to download your Strava data and to not only be a backup of that Strava data, but also allow you to perform more detailed analysis on it.
It does not replace using Strava as Strava is still used to upload your data to (and this service connects to your Strava account), and to do the all important peer pressure and competitiveness that Strava offers in the cloud.
For non-premium users of Strava, though, this service could well offer a bit extra. It is the perfect companion app if you already use Strava. And if Strava does ever get discontinued, you'd have a very usable history of your data.
See https://www.xda-developers.com/ditched-strava-premium-self-hosted-stats-dashboard
#technology #opensource #selfhosting #health #fitness
Nextcloud in 2025: How 25 Million Users Escaped Big Tech's Data Prison
“Nextcloud powers 400,000+ servers worldwide, giving organizations like the German federal government complete control over their data while escaping Big Tech surveillance. Discover why millions choose open-source collaboration over Microsoft and Google's data-mining platforms.”
“Today, ITZBund operates Nextcloud for 300,000 employees across the German federal government. The French Ministry of Interior runs it for their 300,000 staff. Schleswig-Holstein deploys it across 25,000 systems. Swedish federal agencies, Dutch ministries, universities across Europe, hospitals, law firms, and millions of home users rely on Nextcloud for file storage, video conferencing, document collaboration, email, calendars, and now AI assistance. These organizations discovered they could have enterprise-grade collaboration tools while maintaining complete control over every byte of their data. No surveillance capitalism. No vendor lock-in. No data held hostage in Silicon Valley.”
NextCloud actually has way more functionality inside it than MS Office will ever have. But the real point is you have ownership and control over your services as well as your data.
But what about AI? For better or worse, AI now comes in a lot of applications. Nextcloud Assistant 3.0 also brings AI agency features to everyone, and not just those who pay for OpenAI. It is supposedly more than just chatbot functionality.
It's true too though that apart from data sovereignty and cost savings of around 50-80% you will also miss out on Microsoft license audits, and surprise price hikes (remember Microsoft moving from per CPU licensing to per core licensing).
See https://doingfedtime.com/nextcloud-in-2025-how-25-million-users-escaped-big-techs-data-prison
#technology #opensource #selfhosting #datasovereignty
How to set up a self-hosted newsletter using listmonk
“Listmonk is an amazing feature packed self-hosted email newsletter manager. It offers loads of features like analytics (clicks, opens, bounces), templates, public subscription pages, importing subscribers and much more!”
Listmonk is not perfect, as it cannot by default trigger from an RSS feed (although there is a GitHub-based workaround) and it does still need to connect to a mail service. The latter could be a pro or a con, as it certainly gives flexibility and can for example connect to a free service like Gmail.
It does track opening of mails, mail bounces, etc and whilst some may not like this, the point is it is the individual sending the newsletter who tracks and acts on this. It is not some 3rd party corporate who is doing who knows what else with the addresses or embedded tracking.
I started using a “free” mailing subscription service, and I am regretting it now, as I'm getting suspicious of the embedding I did on my website to get it working (this after I removed Google tracking and other similar services).
I do like that listmonk offers the basics of having to actively opt into a mailing list, there are easy opt out options, wiping of user data, and it does all the basics most probably need. The pain though is sometimes finding a good mailing service you don't have to pay for. Good one's, for example Proton, don't allow this type of functionality.
Interestingly, too, I see listmonk can connect using HTTP webhooks to send SMS, Whatsapp, FCM notifications, or any type of messages in fact.
So, I'll be looking into this open source offering in future to migrate my own mailing list.
See https://4rkal.com/posts/listmonk
#technology #opensource #selfhosting #maillists
Thousands of Asus routers are being hit with stealthy, persistent backdoors
“Thousands of home and small office routers manufactured by Asus are being infected with a stealthy backdoor that can survive reboots and firmware updates in an attack by a nation-state or another well-resourced threat actor, researchers said.”
It is called ViciousTrap, and it basically embeds a public encryption key for access to the device through SSH. So this is one way it can be detected. Some vulnerabilities have been patched, but a good 9,500 plus devices were already affected.
It all comes down though again to the old issue of whether there are still updates available for routers that are a few years old, and also whether their owners are even bothering to check for and apply the patches.
In the case of Asus, there is the third party Merlin software available that does support the routers a bit longer, but even Merlin at some point freezes updates a while after Asus stops providing updates.
Which is why I made a clean break and decided to go with OPNsense, which keeps updating pretty well much like Linux does. OPNsense uses FreeBSD though, but the same theory applies.
#technology #routers #vulnerability
KOReader is an ebook reader application supporting many formats, running on Cervantes, Kindle, Kobo, PocketBook and Android devices
KOReader is actually intended to replace your existing ebook reader software that runs on a Kobo or Kindle ereader. For Kindles, this will also mean you have to jailbreak them. But it can also install on Android, Linux and other OSs.
It does provide a much richer and more customisable experience than Kobo or Kindle offers, and the real power also kicks in with plugins that enable Wallabag read-it-later service, RSS news feeds, integration with Calibre, etc.
It supports fixed page formats (PDF, DjVu, CBT, CBZ) and reflowable e-book formats (EPUB, FB2, Mobi, DOC, RTF, HTML, CHM, TXT). Scanned PDF/DjVu documents can also be reflowed with the built-in K2pdfopt library. ZIP files are also supported for some formats.
The linked article below gives some feedback on usage experience, but I have also provided the link to the source code site of the product. If you want to see it in action, you can watch some videos on Stefan Svartling's channel.
See https://matija.suklje.name/trying-out-koreader-and-wallabag-the-first-few-days-and-months and https://github.com/koreader/koreader
#technology #opensource #reading #koreader