@ f32184ee:6d1c17bf

Ads Fueling Freedom

Ross Ulbricht’s "Decentralize Social Media" painted a picture of a user-centric, decentralized future that transcended the limitations of platforms like the tech giants of today. Though focused on social media, his concept provided a blueprint for decentralized content systems writ large. NextBlock’s PROMO Protocol, designed while participating in Sovereign Engineering, embodies this blueprint in the realm of advertising, leveraging Nostr and Bitcoin’s Lightning Network to give individuals control, foster a multi-provider ecosystem, and ensure secure value exchange. In this way, Ulbricht’s 2021 vision can be seen as a prescient prediction of the PROMO Protocol’s structure. This is a testament to the enduring power of his ideas, now finding form in NextBlock’s innovative approach.

[Current Platform-Centric Paradigm, source: Ross Ulbricht's Decentralize Social Media]

Ulbricht’s Vision: A Decentralized Social Protocol

In his 2021 Medium article Ulbricht proposed a revolutionary vision for a decentralized social protocol (DSP) to address the inherent flaws of centralized social media platforms, such as privacy violations and inconsistent content moderation. Writing from prison, Ulbricht argued that decentralization could empower users by giving them control over their own content and the value they create, while replacing single, monolithic platforms with a competitive ecosystem of interface providers, content servers, and advertisers. Though his focus was on social media, Ulbricht’s ideas laid a conceptual foundation that strikingly predicts the structure of NextBlock’s PROMO Protocol, a decentralized advertising system built on the Nostr protocol.

[A Decentralized Social Protocol (DSP), source: Ross Ulbricht's Decentralize Social Media]

Ulbricht’s Principles

Ulbricht’s article outlines several key principles for his DSP: * User Control: Users should own their content and dictate how their data and creations generate value, rather than being subject to the whims of centralized corporations. * Decentralized Infrastructure: Instead of a single platform, multiple interface providers, content hosts, and advertisers interoperate, fostering competition and resilience. * Privacy and Autonomy: Decentralized solutions for profile management, hosting, and interactions would protect user privacy and reduce reliance on unaccountable intermediaries. * Value Creation: Users, not platforms, should capture the economic benefits of their contributions, supported by decentralized mechanisms for transactions.

These ideas were forward-thinking in 2021, envisioning a shift away from the centralized giants dominating social media at the time. While Ulbricht didn’t specifically address advertising protocols, his framework for decentralization and user empowerment extends naturally to other domains, like NextBlock’s open-source offering: the PROMO Protocol.

NextBlock’s Implementation of PROMO Protocol

The PROMO Protocol powers NextBlock's Billboard app, a decentralized advertising protocol built on Nostr, a simple, open protocol for decentralized communication. The PROMO Protocol reimagines advertising by: * Empowering People: Individuals set their own ad prices (e.g., 500 sats/minute), giving them direct control over how their attention or space is monetized. * Marketplace Dynamics: Advertisers set budgets and maximum bids, competing within a decentralized system where a 20% service fee ensures operational sustainability. * Open-Source Flexibility: As an open-source protocol, it allows multiple developers to create interfaces or apps on top of it, avoiding the single-platform bottleneck Ulbricht critiqued. * Secure Payments: Using Strike Integration with Bitcoin Lightning Network, NextBlock enables bot-resistant and intermediary-free transactions, aligning value transfer with each person's control.

This structure decentralizes advertising in a way that mirrors Ulbricht’s broader vision for social systems, with aligned principles showing a specific use case: monetizing attention on Nostr.

Aligned Principles

Ulbricht’s 2021 article didn’t explicitly predict the PROMO Protocol, but its foundational concepts align remarkably well with NextBlock's implementation the protocol’s design: * Autonomy Over Value: Ulbricht argued that users should control their content and its economic benefits. In the PROMO Protocol, people dictate ad pricing, directly capturing the value of their participation. Whether it’s their time, influence, or digital space, rather than ceding it to a centralized ad network. * Ecosystem of Providers: Ulbricht envisioned multiple providers replacing a single platform. The PROMO Protocol’s open-source nature invites a similar diversity: anyone can build interfaces or tools on top of it, creating a competitive, decentralized advertising ecosystem rather than a walled garden. * Decentralized Transactions: Ulbricht’s DSP implied decentralized mechanisms for value exchange. NextBlock delivers this through the Bitcoin Lightning Network, ensuring that payments for ads are secure, instantaneous and final, a practical realization of Ulbricht’s call for user-controlled value flows. * Privacy and Control: While Ulbricht emphasized privacy in social interactions, the PROMO Protocol is public by default. Individuals are fully aware of all data that they generate since all Nostr messages are signed. All participants interact directly via Nostr.

[Blueprint Match, source NextBlock]

---

Who We Are

NextBlock is a US-based new media company reimagining digital ads for a decentralized future. Our founders, software and strategy experts, were hobbyist podcasters struggling to promote their work online without gaming the system. That sparked an idea: using new tech like Nostr and Bitcoin to build a decentralized attention market for people who value control and businesses seeking real connections.

Our first product, Billboard, is launching this June.

Open for All

Our model’s open-source! Check out the PROMO Protocol, built for promotion and attention trading. Anyone can join this decentralized ad network. Run your own billboard or use ours. This is a growing ecosystem for a new ad economy.

Our Vision

NextBlock wants to help build a new decentralized internet. Our revolutionary and transparent business model will bring honest revenue to companies hosting valuable digital spaces. Together, we will discover what our attention is really worth.

Read our Manifesto to learn more.

NextBlock is registered in Texas, USA.

@ 502ab02a:a2860397

ช่วงหลัง ๆ มานี้ ถ้าใครเดินผ่านชั้นนมในซูเปอร์ฯ แล้วสะดุดตากับกล่องสีเรียบ ๆ สไตล์สแกนดิเนเวียนที่เขียนคำว่า "OATLY!" ตัวใหญ่ ๆ ไม่ต้องแปลกใจ เพราะนี่คือเครื่องดื่มที่กำลังพยายามจะทำให้ทุกบ้านเชื่อว่า "ดื่มข้าวโอ๊ตแทนนมวัวคือสิ่งที่ดีต่อสุขภาพ ต่อโลก และต่อเด็ก ๆ"

Oatly ไม่ได้มาเล่น ๆ เป็นดาวรุ่งของวงการ plant-based dairy ทางเลือก ด้วยการตลาดที่เฉียบคมและอารมณ์ขันแบบขบถ เพราะบริษัทนี้เขาวางโพสิชั่นของตัวเองว่าเป็นนักสู้เพื่อสิ่งแวดล้อม ต่อต้านโลกร้อน และเป็นทางเลือกที่รักสัตว์รักโลกจนพืชยังปรบมือให้ แต่เบื้องหลังที่ดูคลีน ๆ กลับซ่อนกลยุทธ์ทางการตลาดที่แสบสันไม่เบา โดยเฉพาะการรณรงค์ในโรงเรียน และเทคนิคในการ “ซ่อนความหวาน” ได้อย่างแนบเนียนจนน้ำตาลยังงง

หวานแบบซ่อนรูปสูตรลับที่ไม่อยู่ในช่อง Sugar โอ๊ตมิลค์ของ Oatly มีคาร์บต่ำจริงตามฉลาก แต่ที่หลายคนไม่รู้คือ Oatly ใช้ เอนไซม์ย่อยแป้งจากข้าวโอ๊ต ให้กลายเป็นน้ำตาลมอลโทส ซึ่งมีรสหวานพอ ๆ กับน้ำตาลทราย แต่ไม่ต้องแสดงในช่อง Total Sugar บนฉลากโภชนาการ เพราะมันเกิดขึ้น "ตามธรรมชาติจากกระบวนการ" ซึ่งตรงตามเกณฑ์ FDA เป๊ะ

ความเจ้าเล่ห์ของระบบนี้คือ มอลโตสที่เกิดจากการย่อยแป้งด้วยเอนไซม์ ไม่ต้องนับเป็น “น้ำตาล” ในช่อง Sugar ของฉลากโภชนาการ เพราะมันถือเป็น “naturally occurring sugar” หรือ “น้ำตาลที่เกิดขึ้นเองตามธรรมชาติ” พูดง่ายๆ คือ หวานเหมือนโค้ก แต่ไม่ต้องบอกว่าใส่น้ำตาลเลยแม้แต่นิดเดียว! ในขณะที่เด็กๆ ดื่มแล้วบอกว่า “อร่อยมาก!” ผู้ใหญ่ก็เห็นฉลากแล้วบอกว่า “น้ำตาลแค่นิดเดียวเอง ดีจัง”… ความเข้าใจผิดแบบสองชั้นนี้คือการตลาดที่ชาญฉลาดแต่แฝงความไม่โปร่งใส

และเมื่อคุณไปอ่านงานวิจัยจะเจอว่า น้ำตาลมอลโตสที่ได้จากโอ๊ตผ่านกระบวนการย่อยแบบนี้ มีค่าดัชนีน้ำตาลสูงถึง 105-110 ซึ่งสูงกว่าโค้กเสียอีก (Coke อยู่ประมาณ 63) ส่งผลให้ระดับน้ำตาลในเลือดพุ่งอย่างรวดเร็ว และถ้าใครมีภาวะดื้อต่ออินซูลินหรืออยู่ในขอบเขต prediabetes ก็ยิ่งน่ากังวลเข้าไปใหญ่ พูดง่าย ๆ คือ Oatly หวาน แต่ไม่ต้องบอกว่าใส่น้ำตาล คนทั่วไปเลยเข้าใจผิดว่า “อ้าว มันไม่หวานนี่นา”

บางโรงเรียนในอังกฤษและสวีเดนเริ่มตั้งคำถามว่า การเปลี่ยนนมวัวที่อุดมไปด้วยไขมันดี โปรตีนสมบูรณ์ และแคลเซียม เข้าสู่ร่างกายเด็กๆ ให้กลายเป็น “นมโอ๊ตหวานแบบซ่อนรูป” แบบนี้ มันคือความยั่งยืนจริงๆ หรือเป็นเพียงการใช้ภาพรักษ์โลกบังหน้า แล้วขายคาร์บอย่างแนบเนียน โดยเฉพาะ The Telegraph ได้เผยแพร่บทความชื่อ “The truth about the great oat milk 'con'” ซึ่งกล่าวถึงการที่หน่วยงานกำกับดูแลโฆษณาในสหราชอาณาจักร (Advertising Standards Authority - ASA) สั่งห้ามโฆษณาบางรายการของบริษัท Oatly เนื่องจากพบว่ามีการให้ข้อมูลที่ทำให้ผู้บริโภคเข้าใจผิดเกี่ยวกับประโยชน์ต่อสิ่งแวดล้อมของการเปลี่ยนจากนมวัวเป็นนมจากพืช รวมถึง ภาพลักษณ์ “plant-based ดีต่อโลก” ถูกใช้เป็น เครื่องมือโฆษณาเชิงอารมณ์ โดยลดคุณค่าของนมวัวแท้ ๆ และสิ่งที่น่าตลกร้ายก็คือ…บริษัท Oatly เคยออกมาโจมตีอุตสาหกรรมนมวัวว่า “ไม่โปร่งใส” ขณะเดียวกันพวกเขาเองกลับโดนฟ้องร้องเรื่องการใช้โฆษณาเกินจริง และพยายามซุกซ่อนกระบวนการผลิตที่ทำให้เกิดน้ำตาลแบบ “ซ่อนในตาราง” เสียเอง

ไม่แปลกที่หลายคนในแวดวงโภชนาการแซวว่า "Oatmilk is the new Coke" เพราะมันหวานแบบไม่รู้ตัว ดื่มเพลินเหมือนน้ำอัดลม แต่สื่อสารราวกับเป็นน้ำเต้าหู้สายโยคะ โอเคเรื่องพวกนี้เอาจริงๆเคยคุยกันแล้วในรายการ ลองไปดูย้อนได้ครับ

แต่นั่นยังไม่เท่ากับสิ่งนี้ครับ “Normalize It!”: รณรงค์เข้ารร.แบบซอฟต์พาวเวอร์ ถ้าคิดว่าแค่ขายในซูเปอร์คือจุดหมาย ขอบอกว่า Oatly เล่นเกมไกลกว่านั้น เพราะเขาเปิดแคมเปญชื่อ “Normalize it!” ในหลายประเทศในยุโรป เช่น เยอรมนี สวีเดน และเนเธอร์แลนด์ โดยรณรงค์ให้ เครื่องดื่มจากพืชถูกบรรจุเป็นส่วนหนึ่งของ "โครงการนมโรงเรียน" ที่มีอยู่เดิมในระบบรัฐ ซึ่งแต่เดิมให้เฉพาะนมวัวเท่านั้น

ในโฆษณาแคมเปญนี้ มีการเล่นภาพเด็ก ๆ ที่แอบเอาโอ๊ตมิลค์ใส่กล่องนมโรงเรียน พร้อมประโยคชวนสะอึกว่า “เด็กควรต้องทำเองเหรอ?” (เหมือนจะบอกว่ารัฐควรรับหน้าที่แทน) ดูความแสบได้ที่นี่ https://youtu.be/D3d_GfGVq_I?si=3pi6VKnlJC2SDleW

มันฟังดูดีใช่ไหม...แต่ประเด็นคือ ใครเป็นคนได้ประโยชน์? คำตอบคือ บริษัทที่ขายโอ๊ตมิลค์นั่นแหละ

เพราะหากสำเร็จ โรงเรียนจำนวนมากในยุโรปจะต้องซื้อผลิตภัณฑ์จากพืชแทนหรือควบคู่กับนมวัว ทำให้บริษัทที่ขายเครื่องดื่มพืชกลายเป็นผู้ได้สัมปทานทางอ้อมในชื่อ “ความยั่งยืน”

Lobby แบบ “รักษ์โลก” แต่ก็ไม่ลืมรักษาผลประโยชน์ แคมเปญนี้ไม่ได้แค่โฆษณาเล่น ๆ แต่ยังมีการล็อบบี้ทางนโยบายในระดับสหภาพยุโรป (EU) โดยผลักดันให้เครื่องดื่มจากพืชที่มีการเสริมแคลเซียมได้รับการยอมรับเท่าเทียมกับนมวัว Oatly จึงไม่ได้แค่เป็นแบรนด์ข้าวโอ๊ตอีกต่อไป แต่กลายเป็น "นักกิจกรรม" ที่มีเป้าหมายใหญ่คือการเข้าไปอยู่ในระบบอาหารภาครัฐ โดยเฉพาะสำหรับเด็ก ๆ

ปัญหาคือไม่ใช่แค่ “พืช” แต่คือ “วิธีการสื่อสาร” ไม่มีใครเถียงว่าเด็กควรมีทางเลือกในอาหาร แต่เมื่อ “ข้อมูล” ที่ใช้สร้างภาพลักษณ์ผลิตภัณฑ์ถูกเรียบเรียงให้ดูดีเกินจริง โดยเฉพาะเมื่อซ่อนความหวานไว้ในกลไกทางเคมี และรณรงค์ให้เข้าสู่ระบบโรงเรียน มันก็กลายเป็นประเด็นที่เราควรถามว่า “เรากำลังให้เด็กกินอะไร เพราะอะไร และใครได้ประโยชน์จากสิ่งนั้น?” เครื่องดื่มจากพืชไม่ใช่ปีศาจ และนมวัวก็ไม่ใช่เทวดา แต่สิ่งที่น่ากลัวคือกลยุทธ์ที่หลอกให้คนเชื่อว่าทางเลือกหนึ่ง “ดีกว่า” โดยไม่ให้ข้อมูลครบถ้วน หรือยิ่งแย่กว่านั้นถ้าเป็นการตัดริดรอนสิทธิ์ในการเลือก

วันหนึ่งถ้าเด็ก ๆ ทุกคนได้ดื่มโอ๊ตมิลค์ที่หวานแต่ไม่เรียกว่าน้ำตาล เพราะใครบางคนบอกว่า “ดีต่อสุขภาพ” เราควรถามว่า “สุขภาพของใคร?” และ “ใครนิยามว่าอะไรคือดี?” เพราะบางครั้ง โลกที่ดูยั่งยืน อาจมีรากฐานมาจากการตลาดที่ยืนนาน

เรื่องนี้ไม่ได้เกี่ยวกับการเกลียดพืช หรือรังเกียจข้าวโอ๊ต หรือนมโอ้ต แต่มันเกี่ยวกับ ความจริงที่ถูกแต่งหน้าให้ดูดีเกินจริง ในนามของสุขภาพและสิ่งแวดล้อม ซึ่งอาจกลายเป็นการเปลี่ยนเด็กๆ ให้คุ้นชินกับเครื่องดื่มหวานแบบไม่รู้ตัว ในขณะที่เราเคยพยายามลดโค้กจากโรงเรียนไปเมื่อสิบปีก่อน

อย่าลืมว่า ไม่ใช่แค่น้ำตาลที่ต้องดู แต่ต้องดูว่ามันมาจากไหน ถูกสร้างขึ้นอย่างไร และร่างกายตอบสนองอย่างไร

สำคัญที่สุดคือ เรามีสิทธิ์ในการเลือกไหม ในอนาคต

#pirateketo #กูต้องรู้มั๊ย #ม้วนหางสิลูก #siamstr

@ d34e832d:383f78d0

For Secure Inheritance Planning and Offline Signing

---

The setup described ensures that any 2 out of 3 participants (hardware wallets) must sign a transaction before it can be broadcast, offering robust protection against theft, accidental loss, or mismanagement of funds.

---

1. Preparation: Tools and Requirements

Hardware Required

• 3× COLDCARD Mk4 hardware wallets (or newer)
• 3× MicroSD cards (one per COLDCARD)
• MicroSD card reader (for your computer)
• Optional: USB data blocker (for safe COLDCARD connection)

Software Required

• Sparrow Wallet: Version 1.7.1 or later
  Download: https://sparrowwallet.com/
• COLDCARD Firmware: Version 5.1.2 or later
  Update guide: https://coldcard.com/docs/upgrade

Other Essentials

• Durable paper or steel backup tools for seed phrases
• Secure physical storage for backups and devices
• Optional: encrypted external storage for Sparrow wallet backups

Security Tip:
Always verify software signatures before installation. Keep your COLDCARDs air-gapped (no USB data transfer) whenever possible.

---

2. Initializing Each COLDCARD Wallet

1. Power on each COLDCARD and choose “New Wallet”.
2. Write down the 24-word seed phrase (DO NOT photograph or store digitally).
3. Confirm the seed and choose a strong PIN code (both prefix and suffix).
4. (Optional) Enable BIP39 Passphrase for additional entropy.
5. Save an encrypted backup to the MicroSD card:
   Go to Advanced > Danger Zone > Backup.
6. Repeat steps 1–5 for all three COLDCARDs.

Best Practice:
Store each seed phrase securely and in separate physical locations. Test wallet recovery before storing real funds.

---

3. Exporting XPUBs from COLDCARD

Each hardware wallet must export its extended public key (XPUB) for multisig setup:

1. Insert MicroSD card into a COLDCARD.
2. Navigate to:
   Settings > Multisig Wallets > Export XPUB.
3. Select the appropriate derivation path. Recommended:
4. Native SegWit: m/84'/0'/0' (bc1 addresses)
5. Alternatively: Nested SegWit m/49'/0'/0' (starts with 3)
6. Save the XPUB file to the MicroSD card.
7. Insert MicroSD into your computer and transfer XPUB files to Sparrow Wallet.
8. Repeat for the remaining COLDCARDs.

---

4. Creating the 2-of-3 Multisig Wallet in Sparrow

1. Launch Sparrow Wallet.
2. Click File > New Wallet and name your wallet.
3. In the Keystore tab, choose Multisig.
4. Select 2-of-3 as your multisig policy.
5. For each cosigner:
6. Choose Add cosigner > Import XPUB from file.
7. Load XPUBs exported from each COLDCARD.
8. Once all 3 cosigners are added, confirm the configuration.
9. Click Apply, then Create Wallet.
10. Sparrow will display a receive address. Fund the wallet using this.

Tip:
You can export the multisig policy (wallet descriptor) as a backup and share it among cosigners.

---

5. Saving and Verifying the Wallet Configuration

1. After creating the wallet, click Wallet > Export > Export Wallet File (.json).
2. Save this file securely and distribute to all participants.
3. Verify that the addresses match on each COLDCARD using the wallet descriptor file (optional but recommended).

---

6. Creating and Exporting a PSBT (Partially Signed Bitcoin Transaction)

1. In Sparrow, click Send, fill out recipient details, and click Create Transaction.
2. Click Finalize > Save PSBT to MicroSD card.
3. The file will be saved as a .psbt file.

Note: No funds are moved until 2 signatures are added and the transaction is broadcast.

---

7. Signing the PSBT with COLDCARD (Offline)

1. Insert the MicroSD with the PSBT into COLDCARD.
2. From the main menu:
   Ready To Sign > Select PSBT File.
3. Verify transaction details and approve.
4. COLDCARD will create a signed version of the PSBT (signed.psbt).
5. Repeat the signing process with a second COLDCARD (different signer).

---

8. Finalizing and Broadcasting the Transaction

1. Load the signed PSBT files back into Sparrow.
2. Sparrow will detect two valid signatures.
3. Click Finalize Transaction > Broadcast.
4. Your Bitcoin transaction will be sent to the network.

---

9. Inheritance Planning with Multisig

Multisig is ideal for inheritance scenarios:

Example Inheritance Setup

• Signer 1: Yourself (active user)
• Signer 2: Trusted family member or executor
• Signer 3: Lawyer, notary, or secure backup

Only 2 signatures are needed. If one party loses access or passes away, the other two can recover the funds.

Best Practices for Inheritance

• Store each seed phrase in separate, tamper-proof, waterproof containers.
• Record clear instructions for heirs (without compromising seed security).
• Periodically test recovery with cosigners.
• Consider time-locked wallets or third-party escrow if needed.

---

Security Tips and Warnings

• Never store seed phrases digitally or online.
• Always verify addresses and signatures on the COLDCARD screen.
• Use Sparrow only on secure, malware-free computers.
• Physically secure your COLDCARDs from unauthorized access.
• Practice recovery procedures before storing real value.

---

Consider

A 2-of-3 multisignature wallet using COLDCARD and Sparrow Wallet offers a highly secure, flexible, and transparent Bitcoin custody model. Whether for inheritance planning or high-security storage, it mitigates risks associated with single points of failure while maintaining usability and privacy.

By following this guide, Bitcoin users can significantly increase the resilience of their holdings while enabling thoughtful succession strategies.

@ a8d1560d:3fec7a08

Based on the Free Speech Flag generator at https://crocojim18.github.io/, but now you can encode binary data as well.

https://free-speech-flag-generator--wholewish91244492.on.websim.ai/

Please also see https://en.wikipedia.org/wiki/Free_Speech_Flag for more information about the Free Speech Flag.

Who can tell me what I encoded in the flag used for this longform post?

@ d34e832d:383f78d0

What is pfSense?

pfSense is a free, open-source firewall and router software distribution based on FreeBSD. It includes a web-based GUI and supports advanced features like:

• Stateful packet inspection (SPI)
• Virtual Private Network (VPN) support (OpenVPN, WireGuard, IPSec)
• Dynamic and static routing
• Traffic shaping and QoS
• Load balancing and failover
• VLANs and captive portals
• Intrusion Detection/Prevention (Snort, Suricata)
• DNS, DHCP, and more

Use Cases

• Home networks with multiple devices
• Small to medium businesses
• Remote work VPN gateway
• IoT segmentation
• Homelab firewalls
• Wi-Fi network segmentation

---

2. Essential Hardware Components

When building a pfSense router, you must match your hardware to your use case. The system needs at least two network interfaces—one for WAN, one for LAN.

Core Components

| Component | Requirement | Budget-Friendly Example | |---------------|------------------------------------|----------------------------------------------| | CPU | Dual-core 64-bit x86 (AES-NI support recommended) | Intel Celeron J4105, AMD GX-412HC, or Intel i3 6100T | | Motherboard | Mini-ITX or Micro-ATX with support for selected CPU | ASRock J4105-ITX (includes CPU) | | RAM | Minimum 4GB (8GB preferred) | Crucial 4GB DDR4 | | Storage | 16GB+ SSD or mSATA/NVMe (for longevity and speed) | Kingston A400 120GB SSD | | NICs | At least two Intel gigabit ports (Intel NICs preferred) | Intel PRO/1000 Dual-Port PCIe or onboard | | Power Supply | 80+ Bronze rated or PicoPSU for SBCs | EVGA 400W or PicoPSU 90W | | Case | Depends on form factor | Mini-ITX case (e.g., InWin Chopin) | | Cooling | Passive or low-noise | Stock heatsink or case fan |

---

3. Recommended Affordable Hardware Builds

Build 1: Super Budget (Fanless)

• Motherboard/CPU: ASRock J4105-ITX (quad-core, passive cooling, AES-NI)
• RAM: 4GB DDR4 SO-DIMM
• Storage: 120GB SATA SSD
• NICs: 1 onboard + 1 PCIe Intel Dual Port NIC
• Power Supply: PicoPSU with 60W adapter
• Case: Mini-ITX fanless enclosure
• Estimated Cost: ~$150–180

Build 2: Performance on a Budget

• CPU: Intel i3-6100T (low power, AES-NI support)
• Motherboard: ASUS H110M-A/M.2 (Micro-ATX)
• RAM: 8GB DDR4
• Storage: 120GB SSD
• NICs: 2-port Intel PCIe NIC
• Case: Compact ATX case
• Power Supply: 400W Bronze-rated PSU
• Estimated Cost: ~$200–250

---

4. Assembling the Hardware

Step-by-Step Instructions

1. Prepare the Workspace:
2. Anti-static mat or surface
3. Philips screwdriver
4. Install CPU (if required):
5. Align and seat CPU into socket
6. Apply thermal paste and attach cooler
7. Insert RAM into DIMM slots
8. Install SSD and connect to SATA port
9. Install NIC into PCIe slot
10. Connect power supply to motherboard, SSD
11. Place system in case and secure all components
12. Plug in power and monitor

---

5. Installing pfSense Software

What You'll Need

• A 1GB+ USB flash drive
• A separate computer with internet access

Step-by-Step Guide

1. Download pfSense ISO:
2. Visit: https://www.pfsense.org/download/
3. Choose AMD64, USB Memstick Installer, and mirror site
4. Create Bootable USB:
5. Use tools like balenaEtcher or Rufus to write ISO to USB
6. Boot the Router from USB:
7. Enter BIOS → Set USB as primary boot
8. Save and reboot
9. Install pfSense:
10. Accept defaults during installation
11. Choose ZFS or UFS (UFS is simpler for small SSDs)
12. Install to SSD, remove USB post-installation

---

6. Basic Configuration Settings

After the initial boot, pfSense will assign: - WAN to one interface (via DHCP) - LAN to another (default IP: 192.168.1.1)

Access WebGUI

1. Connect a PC to LAN port
2. Open browser → Navigate to http://192.168.1.1
3. Default login: admin / pfsense

Initial Setup Wizard

• Change admin password
• Set hostname and DNS
• Set time zone
• Confirm WAN/LAN settings
• Enable DHCP server for LAN
• Optional: Enable SSH

---

7. Tips and Best Practices

Security Best Practices

• Change default password immediately
• Block all inbound traffic by default
• Enable DNS over TLS (with Unbound)
• Regularly update pfSense firmware and packages
• Use strong encryption for VPNs
• Limit admin access to specific IPs

Performance Optimization

• Use Intel NICs for reliable throughput
• Offload DNS, VPN, and DHCP to dedicated packages
• Disable unnecessary services to reduce CPU load
• Monitor system logs for errors and misuse
• Enable traffic shaping if managing VoIP or streaming

Useful Add-ons

• pfBlockerNG: Ad-blocking and geo-blocking
• Suricata: Intrusion Detection System
• OpenVPN/WireGuard: VPN server setup
• Zabbix Agent: External monitoring

---

8. Consider

With a modest investment and basic technical skills, anyone can build a powerful, flexible, and secure pfSense router. Choosing the right hardware for your needs ensures a smooth experience without overpaying or underbuilding. Whether you're enhancing your home network, setting up a secure remote office, or learning network administration, a custom pfSense router is a versatile, long-term solution.

---

Appendix: Example Hardware Component List

| Component | Item | Price (Approx.) | |------------------|--------------------------|------------------| | Motherboard/CPU | ASRock J4105-ITX | $90 | | RAM | Crucial 4GB DDR4 | $15 | | Storage | Kingston A400 120GB SSD | $15 | | NIC | Intel PRO/1000 Dual PCIe | $20 | | Case | Mini-ITX InWin Chopin | $40 | | Power Supply | PicoPSU 60W + Adapter | $25 | | Total | | ~$205 |

@ 9bde4214:06ca052b

“The human spirit should remain in charge.”

Pablo & Gigi talk about the wind.

In this dialogue:

• Wind
• More Wind
• Information Calories, and how to measure them
• Digital Wellbeing
• Rescue Time
• Teleology of Technology
• Platforms get users Hooked (book)
• Feeds are slot machines
• Movie Walls
• Tweetdeck and Notedeck
• IRC vs the modern feed
• 37Signals: “Hey, let’s just charge users!”
• “You wouldn’t zap a car crash”
• Catering to our highest self VS catering to our lowest self
• Devolution of YouTube 5-star ratings to thumb up/down to views
• Long videos vs shorts
• The internet had to monetize itself somehow (with attention)
• “Don’t be evil” and why Google had to remove it
• Questr: 2D exploration of nostr
• ONOSENDAI by Arkinox
• Freedom tech & Freedom from Tech
• DAUs of jumper cables
• Gossip and it’s choices
• “The secret to life is to send it”
• Flying water & flying bus stops
• RSS readers, Mailbrew, and daily digests
• Nostr is high signal and less addictive
• Calling nostr posts “tweets” and recordings being “on tape”
• Pivoting from nostr dialogues to a podcast about wind
• The unnecessary complexity of NIP-96
• Blossom (and wind)
• Undoing URLs, APIs, and REST
• ISBNs and cryptographic identifiers
• SaaS and the DAU metric
• Highlighter
• Not caring where stuff is hosted
• When is an edited thing a new thing?
• Edits, the edit wars, and the case against edits
• NIP-60 and inconsistent balances
• Scroll to text fragment and best effort matching
• Proximity hashes & locality-sensitive hashing
• Helping your Uncle Jack of a horse
• Helping your uncle jack of a horse
• Can we fix it with WoT?
• Vertex & vibe-coding a proper search for nostr
• Linking to hashtags & search queries
• Advanced search and why it’s great
• Search scopes & web of trust
• The UNIX tools of nostr
• Pablo’s NDK snippets
• Meredith on the privacy nightmare of Agentic AI
• Blog-post-driven development (Lightning Prisms, Highlighter)
• Sandwich-style LLM prompting, Waterfall for LLMs (HLDD / LLDD)
• “Speed itself is a feature”
• MCP & DVMCP
• Monorepos and git submodules
• Olas & NDK
• Pablo’s RemindMe bot
• “Breaking changes kinda suck”
• Stories, shorts, TikTok, and OnlyFans
• LLM-generated sticker styles
• LLMs and creativity (and Gigi’s old email)
• “AI-generated art has no soul”
• Nostr, zaps, and realness
• Does the source matter?
• Poker client in bitcoin v0.0.1
• Quotes from Hitler and how additional context changes meaning
• Greek finance minister on crypto and bitcoin (Technofeudalism, book)
• Is more context always good?
• Vervaeke’s AI argument
• What is meaningful?
• How do you extract meaning from information?
• How do you extract meaning from experience?
• “What the hell is water”
• Creativity, imagination, hallucination, and losing touch with reality
• “Bitcoin is singularity insurance”
• Will vibe coding make developers obsolete?
• Knowing what to build vs knowing how to build
• 10min block time & the physical limits of consensus
• Satoshi’s reasons articulated in his announcement post
• Why do anything? Why stack sats? Why have kids?
• All you need now is motivation
• Upcoming agents will actually do the thing
• Proliferation of writers: quantity VS quality
• Crisis of sameness & the problem of distribution
• Patronage, belle epoche, and bitcoin art
• Niches, and how the internet fractioned society
• Joe’s songs
• Hyper-personalized stories
• Shared stories & myths (Jonathan Pageau)
• Hyper-personalized apps VS shared apps
• Agency, free expression, and free speech
• Edgy content & twitch meta, aka skating the line of demonetization and deplatforming
• Using attention as a proxy currency
• Farming eyeballs and brain cycles
• Engagement as a success metric & engagement bait
• “You wouldn’t zap a car crash”
• Attention economy is parasitic on humanity
• The importance of speech & money
• What should be done by a machine?
• What should be done by a human?
• “The human spirit should remain in charge”
• Our relationship with fiat money
• Active vs passive, agency vs serfdom

@ 9bde4214:06ca052b

"With the shift towards this multi-agent collaboration and orchestration world, you need a neutral substrate that has money/identity/cryptography and web-of-trust baked in, to make everything work."

Pablo & Gigi are getting high on glue.

Books & articles mentioned:

• Saving beauty by Byung-Chul Han
• LLMs as a tool for thought by Amelia Wattenberger

In this dialogue:

• vibeline & vibeline-ui
• LLMs as tools, and how to use them
• Vervaeke: AI thresholds & the path we must take
• Hallucinations and grounding in reality
• GPL, LLMs, and open-source licensing
• Pablo's multi-agent Roo setup
• Are we going to make programmers obsolete?
• "When it works it's amazing"
• Hiring & training agents
• Agents creating RAG databases of NIPs
• Different models and their context windows
• Generalists vs specialists
• "Write drunk, edit sober"
• DVMCP.fun
• Recklessness and destruction of vibe-coding
• Sharing secrets with agents & LLMs
• The "no API key" advantage of nostr
• What data to trust? And how does nostr help?
• Identity, web of trust, and signing data
• How to fight AI slop
• Marketplaces of code snippets
• Restricting agents with expert knowledge
• Trusted sources without a central repository
• Zapstore as the prime example
• "How do you fight off re-inventing GitHub?"
• Using large context windows to help with refactoring
• Code snippets for Olas, NDK, NIP-60, and more
• Using MCP as the base
• Using nostr as the underlying substrate
• Nostr as the glue & the discovery layer
• Why is this important?
• Why is this exciting?
• "With the shift towards this multi-agent collaboration and orchestration world, you need a neutral substrate that has money/identity/cryptography and web-of-trust baked in, to make everything work."
• How to single-shot nostr applications
• "Go and create this app"
• The agent has money, because of NIP-60/61
• PayPerQ
• Anthropic and the genius of mcp-tools
• Agents zapping & giving SkyNet more money
• Are we going to run the mints?
• Are agents going to run the mints?
• How can we best explain this to our bubble?
• Let alone to people outside of our bubble?
• Building pipelines of multiple agents
• LLM chains & piped Unix tools
• OpenAI vs Anthropic
• Genius models without tools vs midwit models with tools
• Re-thinking software development
• LLMs allow you to tackle bigger problems
• Increased speed is a paradigm shift
• Generalists vs specialists, left brain vs right brain
• Nostr as the home for specialists
• fiatjaf publishing snippets (reluctantly)
• fiatjaf's blossom implementation
• Thinking with LLMs
• The tension of specialization VS generalization
• How the publishing world changed
• Stupid faces on YouTube thumbnails
• Gaming the algorithm
• Will AI slop destroy the attention economy?
• Recency bias & hiding publication dates
• Undoing platform conditioning as a success metric
• Craving realness in a fake attention world
• The theater of the attention economy
• What TikTok got "right"
• Porn, FoodPorn, EarthPorn, etc.
• Porn vs Beauty
• Smoothness and awe
• "Beauty is an angel that could kill you in an instant (but decides not to)."
• The success of Joe Rogan & long-form conversations
• Smoothness fatigue & how our feeds numb us
• Nostr & touching grass
• How movement changes conversations
• LangChain & DVMs
• Central models vs marketplaces
• Going from assembly to high-level to conceptual
• Natural language VS programming languages
• Pablo's code snippets
• Writing documentation for LLMs
• Shared concepts, shared language, and forks
• Vibe-forking open-source software
• Spotting vibe-coded interfaces
• Visualizing nostr data in a 3D world
• Tweets, blog posts, and podcasts
• Vibe-producing blog posts from conversations
• Tweets are excellent for discovery
• Adding context to tweets (long-form posts, podcasts, etc)
• Removing the character limit was a mistake
• "Everyone's attention span is rekt"
• "There is no meaning without friction"
• "Nothing worth having ever comes easy"
• Being okay with doing the hard thing
• Growth hacks & engagement bait
• TikTok, theater, and showing faces and emotions
• The 1% rule: 99% of internet users are Lurkers
• "We are socially malnourished"
• Web-of-trust and zaps bring realness
• The semantic web does NOT fix this LLMs might
• "You can not model the world perfectly"
• Hallucination as a requirement for creativity

@ 9bde4214:06ca052b

"The age of the idea guys has begun."

Justin & Gigi vibe about Zig.

Articles mentioned:

• LLMs as a tool for thought by Amelia Wattenberger
• Micropayments and Mental Transaction Costs by Nick Szabo
• How our interfaces have lost their senses by Amelia Wattenberger

Talks mentioned:

• The Art of Bitcoin Rhetoric by Bitstein

Books mentioned:

• Human Action by Ludwig von Mises
• Working in Public by Nadia Eghbal

In this dialogue:

• nak
• Files
• SyncThing (and how it BitTorrent Sync became Resilio Sync)
• Convention over configuration
• Changes & speciation
• File systems as sources of truth
• Vibe-coding shower thoughts
• Inspiration and The Muse
• Justin's LLM setup
• Tony's setup (o1-pro as the architect)
• Being okay with paying for LLMs
• Anthropomorphising LLMs
• Dialog, rubber-duck debugging, and the process of thinking
• Being nice and mean to LLMs
• Battlebots & Gladiators
• Hedging your bets by being nice to Skynet
• Pascal's Wager for AI
• Thinking models vs non-thinking faster models
• Sandwich-style LLM prompting, again (waterfall stuff, HLDD / LLDD)
• Cursor rules & Paul's Prompt Buddy
• Giving lots of context vs giving specific context
• The benefit of LLMs figuring out obscure bugs in minutes (instead of days)
• The phase change of fast iteration and vibe coding
• Idea level vs coding level
• High-level vs low-level languages
• Gigi's "vibeline"
• Peterson's Logos vs Vervaeke's Dia-Logos
• Entering into a conversation with technology
• Introducing MCPs into your workflow
• How does Claude think?
• How does it create a rhyme?
• How does thinking work?
• And how does it relate to dialogue?
• Gzuuus' DVMCP & using nostr as an AI substrate
• Language Server Protocols (LSPs)
• VAAS: Vibe-coding as a service
• Open models vs proprietary models
• What Cursor got right
• What ChatGPT got right
• What Google got right
• Tight integration of tools & remaining in a flow state
• LLMs as conversational partners
• The cost of context switching
• Conversational flow & how to stay in it
• Prompts VS diary entries
• Solving technical vs philosophical models
• Buying GPUs & training your own models
• Training LLMs to understand Zig
• Preventing entryism by writing no documentation
• Thin layers & alignment layers
• Working in public & thinking in public
• Building a therapist / diary / notes / idea / task system
• "The age of the idea guys has begun."
• Daemons and spirits
• Monological VS dialogical thinking
• Yes-men and disagreeable LLMs
• Energy cost vs human cost
• Paying by the meter vs paying a subscription
• The equivalence of storage and compute
• Thinking needs memory, and memory is about the future
• Nostr+ecash as the perfect AI+human substrate
• Real cost, real consequence, and Human Action
• The cost of words & speaking
• Costly signals and free markets
• From shitcoin tokens to LLM tokens to ecash tokens
• Being too close to the metal & not seeing the forest for the trees
• Power users vs engineers
• Participatory knowing and actually using the tools
• Nostr as the germination ground for ecash
• What is Sovereign Engineering?
• LLVM and the other side of the bell-curve
• How nostr gives you users, discovery, mircopayments, a backend, and many other things for free
• Echo chambers & virality
• Authenticity & Realness
• Growing on the edges, catering to the fringe
• You don't own your iPhone
• GrapheneOS
• WebRTC and other monolithic "open" standards
• Optimizing for the wrong thing
• Building a nostr phone & Gigi's dream flow
• Using nostr to sync dotfile setups and other things
• "There are no solutions, only trade-offs"
• Cross-platform development
• Native vs non-native implementations
• Vitor's point on what we mean by native
• Does your custom UI framework work for blind people?
• Ladybird browser & how to build a browser from scratch
• TempleOS
• Form follows function & 90's interfaces
• Lamentations on the state of modern browsers
• Complexity & the downfall of the Legacy Web
• Nostr as the "new internet"
• Talks by Ladybird developer Andreas Kling
• Will's attempt of building it from scratch with Notedeck & nostr-db
• Justin's attempt with rust-multiplatform
• "If it doesn't have a rust implementation, you shouldn't use it."
• Native in terms of speed vs native in terms of UI/UX
• Engineer the logic, vibe-code the UI
• From Excalidraw to app in minutes
• What can you one-shot?
• What do you need to care about?
• Pablo's NDK snippets
• 7GUIs and GUI benchmarks for LLMs
• "Now we're purpose-building tools to make it easier for LLMs"
• "Certain tools really make your problems go away."
• Macros and meta-programming
• Zig's comptime
• UNIX tools and pipes
• Simple tools & composability
• Nostr tools for iOS & sharing developer signing keys
• Building 10 apps as one guy
• Simplicity in a community context
• Most people are on phones
• Most people don't install PWAs
• Zapstore & building our own distribution channels
• Web-of-trust and pushing builds quickly
• Improving homebrew by 10x
• (Micro)payments for package managers
• Guix and bitcoin-core
• Nix vs Guix
• Reproducible builds & web-of-trust
• Keet vs "calling an npub"
• Getting into someone's notifications
• Removing the character limit was a mistake

@ d34e832d:383f78d0

The Domain Name System (DNS) is a foundational component of the internet. It translates human-readable domain names into IP addresses, enabling the functionality of websites, email, and services. However, traditional DNS is inherently insecure—queries are typically sent in plaintext, making them vulnerable to interception, spoofing, and censorship.

DNSCrypt is a protocol designed to authenticate communications between a DNS client and a DNS resolver. By encrypting DNS traffic and validating the source of responses, it thwarts man-in-the-middle attacks and DNS poisoning. Despite its security advantages, widespread adoption remains limited due to usability and deployment complexity.

This idea introduces an affordable, lightweight DNSCrypt proxy server capable of providing secure DNS resolution in both home and enterprise environments. Our goal is to democratize secure DNS through low-cost infrastructure and transparent architecture.

---

2. Background

2.1 Traditional DNS Vulnerabilities

• Lack of Encryption: DNS queries are typically unencrypted (UDP port 53), exposing user activity.
• Spoofing and Cache Poisoning: Attackers can forge DNS responses to redirect users to malicious websites.
• Censorship: Governments and ISPs can block or alter DNS responses to control access.

2.2 Introduction to DNSCrypt

DNSCrypt mitigates these problems by: - Encrypting DNS queries using X25519 + XSalsa20-Poly1305 or X25519 + ChaCha20-Poly1305 - Authenticating resolvers via public key infrastructure (PKI) - Supporting relay servers and anonymized DNS, enhancing metadata protection

2.3 Current Landscape

DNSCrypt proxies are available in commercial routers and services (e.g., Cloudflare DNS over HTTPS), but full control remains in the hands of centralized entities. Additionally, hardware requirements and setup complexity can be barriers to entry.

---

3. System Architecture

3.1 Overview

Our system is designed around the following components: - Client Devices: Use DNSCrypt-enabled stub resolvers (e.g., dnscrypt-proxy) - DNSCrypt Proxy Server: Accepts DNSCrypt queries, decrypts and validates them, then forwards to recursive resolvers (e.g., Unbound) - Recursive Resolver (Optional): Provides DNS resolution without reliance on upstream services - Relay Support: Adds anonymization via DNSCrypt relays

3.2 Protocols and Technologies

• DNSCrypt v2: Core encrypted DNS protocol
• X25519 Key Exchange: Lightweight elliptic curve cryptography
• Poly1305 AEAD Encryption: Fast and secure authenticated encryption
• UDP/TCP Fallback: Supports both transport protocols to bypass filtering
• DoH Fallback: Optional integration with DNS over HTTPS

3.3 Hardware Configuration

• Platform: Raspberry Pi 4B or x86 mini-PC (e.g., Lenovo M710q)
• Cost: Under $75 total (device + SD card or SSD)
• Operating System: Debian 12 or Ubuntu Server 24.04
• Memory Footprint: <100MB RAM idle
• Power Consumption: ~3-5W idle

---

4. Design Considerations

4.1 Affordability

• Hardware Sourcing: Use refurbished or SBCs to cut costs
• Software Stack: Entirely open source (dnscrypt-proxy, Unbound)
• No Licensing Fees: FOSS-friendly deployment for communities

4.2 Security

• Ephemeral Key Pairs: New keypairs every session prevent replay attacks
• Public Key Verification: Resolver keys are pre-published and verified
• No Logging: DNSCrypt proxies are configured to avoid retaining user metadata
• Anonymization Support: With relay chaining for metadata privacy

4.3 Maintainability

• Containerization (Optional): Docker-compatible setup for simple updates
• Remote Management: Secure shell access with fail2ban and SSH keys
• Auto-Updating Scripts: Systemd timers to refresh certificates and relay lists

---

5. Implementation

5.1 Installation Steps

1. Install OS and dependencies: bash sudo apt update && sudo apt install dnscrypt-proxy unbound
2. Configure dnscrypt-proxy.toml:
3. Define listening port, relay list, and trusted resolvers
4. Enable Anonymized DNS, fallback to DoH
5. Configure Unbound (optional):
6. Run as recursive backend
7. Firewall hardening:
8. Allow only DNSCrypt port (default: 443 or 5353)
9. Block all inbound traffic except SSH (optional via Tailscale)

5.2 Challenges

• Relay Performance Variability: Some relays introduce latency; solution: geo-filtering
• Certificate Refresh: Mitigated with daily cron jobs
• IP Rate-Limiting: Mitigated with DNS load balancing

---

6. Evaluation

6.1 Performance Benchmarks

• Query Resolution Time (mean):
• Local resolver: 12–18ms
• Upstream via DoH: 25–35ms
• Concurrent Users Supported: 100+ without degradation
• Memory Usage: ~60MB (dnscrypt-proxy + Unbound)
• CPU Load: <5% idle on ARM Cortex-A72

6.2 Security Audits

• Verified with dnsleaktest.com and tcpdump
• No plaintext DNS observed over interface
• Verified resolver keys via DNSCrypt community registry

---

7. Use Cases

7.1 Personal/Home Use

• Secure DNS for all home devices via router or Pi-hole integration

7.2 Educational Institutions

• Provide students with censorship-free DNS in oppressive environments

7.3 Community Mesh Networks

• Integrate DNSCrypt into decentralized networks (e.g., Nostr over Mesh)

7.4 Business VPNs

• Secure internal DNS without relying on third-party resolvers

---

8. Consider

This idea has presented a practical, affordable approach to deploying a secure DNSCrypt proxy server. By leveraging open-source tools, minimalist hardware, and careful design choices, it is possible to democratize access to encrypted DNS. Our implementation meets the growing need for privacy-preserving infrastructure without introducing prohibitive costs.

We demonstrated that even modest devices can sustain dozens of encrypted DNS sessions concurrently while maintaining low latency. Beyond privacy, this system empowers individuals and communities to control their own DNS without corporate intermediaries.

---

9. Future Work

• Relay Discovery Automation: Dynamic quality-of-service scoring for relays
• Web GUI for Management: Simplified frontend for non-technical users
• IPv6 and Tor Integration: Expanding availability and censorship resistance
• Federated Resolver Registry: Trust-minimized alternative to current resolver key lists

---

References

1. DNSCrypt Protocol Specification v2 – https://dnscrypt.info/protocol
2. dnscrypt-proxy GitHub Repository – https://github.com/DNSCrypt/dnscrypt-proxy
3. Unbound Recursive Resolver – https://nlnetlabs.nl/projects/unbound/about/
4. DNS Security Extensions (DNSSEC) – IETF RFCs 4033, 4034, 4035
5. Bernstein, D.J. – Cryptographic Protocols using Curve25519 and Poly1305
6. DNS over HTTPS (DoH) – RFC 8484

@ d34e832d:383f78d0

Minecraft remains one of the most popular sandbox games in the world. For players who wish to host private or community-based servers, monthly hosting fees can quickly add up. Furthermore, setting up a server from scratch often requires technical knowledge in networking, system administration, and Linux.

This idea explores a do-it-yourself (DIY) method for deploying a low-cost Minecraft server using common secondhand hardware and a simple software stack, with a focus on energy efficiency, ease of use, and full control over the server environment.

---

2. Objective

To build and deploy a dedicated Minecraft server that:

• Costs less than $75 in total
• Consumes minimal electricity (<10W idle)
• Is manageable via a graphical user interface (GUI)
• Supports full server management including backups, restarts, and plugin control
• Requires no port forwarding or complex network configuration
• Delivers performance suitable for a small-to-medium number of concurrent players

---

3. Hardware Overview

3.1 Lenovo M710Q Mini-PC (~$55 used)

• Intel Core i5 (6th/7th Gen)
• 8GB DDR4 RAM
• Compact size and low power usage
• Widely available refurbished

3.2 ID Sonics 512GB NVMe SSD (~$20)

• Fast storage with sufficient capacity for multiple Minecraft server instances
• SSDs reduce world loading lag and improve backup performance

Total Hardware Cost: ~$75

---

4. Software Stack

4.1 Ubuntu Server 24.04

• Stable, secure, and efficient operating system
• Headless installation, ideal for server use
• Supports automated updates and system management via CLI

4.2 CasaOS

• A lightweight operating system layer and GUI on top of Ubuntu
• Built for managing Docker containers with a clean web interface
• Allows app store-like deployment of various services

4.3 Crafty Controller (via Docker)

• Web-based server manager for Minecraft
• Features include:
• Automatic backups and restore
• Scheduled server restarts
• Plugin management
• Server import/export
• Server logs and console access

---

5. Network and Remote Access

5.1 PlayIt.gg Integration

PlayIt.gg creates a secure tunnel to your server via a relay node, removing the need for traditional port forwarding.

Benefits: - Works even behind Carrier-Grade NAT (common on mobile or fiber ISPs) - Ideal for users with no access to router settings - Ensures privacy by hiding IP address from public exposure

---

6. Setup Process Summary

1. Install Ubuntu Server 24.04 on the M710Q
2. Install CasaOS via script provided by the project
3. Use CasaOS to deploy Crafty Controller in a Docker container
4. Configure Minecraft server inside Crafty (Vanilla, Paper, Spigot, etc.)
5. Integrate PlayIt.gg to expose the server to friends
6. Access Crafty via browser for daily management

---

7. Power Consumption and Performance

• Idle Power Draw: ~7.5W
• Load Power Draw (2–5 players): ~15W
• M710Q fan runs quiet and rarely under load
• Performance sufficient for:
• Vanilla or optimized Paper server
• Up to 10 concurrent players with light mods

---

8. Cost Analysis vs Hosted Services

| Solution | Monthly Cost | Annual Cost | Control Level | Mods Support | |-----------------------|--------------|-------------|----------------|---------------| | Commercial Hosting | $5–$15 | $60–$180 | Limited | Yes | | This Build (One-Time) | $75 | $0 | Full | Yes |

Return on Investment (ROI):
Break-even point reached in 6 to 8 months compared to lowest hosting tiers.

---

9. Advantages

• No Subscription: Single upfront investment
• Local Control: Full access to server files and environment
• Privacy Respecting: No third-party data mining
• Modular: Can add mods, backups, maps with full access
• Low Energy Use: Ideal for 24/7 uptime

---

10. Limitations

• Not Ideal for >20 players: CPU and RAM constraints
• Local Hardware Dependency: Physical failure risk
• Requires Basic Setup Time: CLI familiarity useful but not required

---

11. Future Enhancements

• Add Dynmap with reverse proxy and TLS via CasaOS
• Integrate Nextcloud for managing world backups
• Use Watchtower for automated container updates
• Schedule daily email logs using system cron

---

12. Consider

This idea presents a practical and sustainable approach to self-hosting Minecraft servers using open-source software and refurbished hardware. With a modest upfront cost and minimal maintenance, users can enjoy full control over their game worlds without recurring fees or technical hassle. This method democratizes game hosting and aligns well with educational environments, small communities, and privacy-conscious users.

---

@ 3ad01248:962d8a07

The trade war between Trump and the rest of the world has kicked of in earnest with Trump's unveiling of sweeping tariffs on so called "Liberation Day". The entire world was essentially put on notice that there is a new sheriff in town and things will be done different from now on.

The is the sentiment that won Trump the election so it is no wonder that Trump would follow through on changing how the world relates to America. President Trump hit the entire world with reciprocal tariffs and some places where people don't live which I find hilarious

I wonder who was in charge of making this tariff list because they need fired to be honest. Screams incompetence but that for another day. Will Bitcoin benefit from the trade war?

Bitcoin will benefit because the world now believes that the United States can not be trusted to honor its word or commitments. Why would any country want to to business with a country that says one thing and does another. Trump has upended the very economic order that the US created in the first place! Is this a smart idea? Only time will tell to be honest.

The worst thing Trump did was created doubt and uncertainty for the bond market. The bond market is the main engine of economic power for the US government. Having the world buy your bonds gives the United States unparalleled economic power to flex all around the world. The US might have military bases all over the world and uses it to conduct foreign policy but its the economic power of the US that gives it the influence that it has right now.

All that comes into question now. When you shit on your friends and buddy up with your adversaries it not a good look and allies will respond accordingly. Why piss off Canada and Mexico? What policy objective is that accomplishing? Picking fights with Europe? Not smart politics. I get wanting allies to pick up the slack on their end or have better trade relations but there is the right way to do it and a wrong way to do it. Trump undoubtedly goes about it the wrong way.

Has he not heard the saying 'You catch more flies with honey than vinegar?" When you are cordial with people and they like you its a lot easier to get people to do things for you or see things from you perspective versus talking shit and bullying them into submission.

Most countries are not going to tolerate this type of political brinkmanship and will decide that they need to take their money elsewhere. You can expect for them to withdraw their money from the stock market and the bond market over the next 12-24 months. Guess what happens after that? Bond yields go through the roof and the stock market takes a shit! You can kiss your 401k goodbye! You'd have to be suicidal to have your money in the stock market right now.

In this scenario which is mostly likely to occur, Bitcoin goes to the moon because governments are going to be looking for a neutral reserve asset that can't be manipulated like US bonds. Bitcoin is the perfect solution to their problem. Once one major government or central bank puts Bitcoin on the balance sheet its game over for the dollar and the bonds. We might be closer to the end game than we think, and that is scary to think about. "Sometimes there are decades where nothing happens and there are weeks where decades happen." ~ Lenin

Crazy to quote a communist but he isn't wrong about history. We are living through a life alter paradigm shift. It is scary and exhilarating all at the same time. What a time to be alive ladies and gentlemen! Buckle up! Its going to get interesting!

@ ba36d0f7:cd802cba

| Pieza | Movimiento | Reglas Especiales | | --------- | ---------------------------------- | --------------------------- | | Peón | 1 casilla adelante (o 2 al inicio) | Captura al paso, coronación | | Torre | Líneas rectas | Enroque | | Caballo | En "L" (2+1) | Salta piezas | | Alfil | Diagonales | Atrapado en un color | | Dama | Cualquier dirección | Ninguna | | Rey | 1 casilla en cualquier dirección | Enroque, jaque mate |

---

1. Peón (♙ / ♟️)

• Mueve: 1 casilla adelante (o 2 en su primer movimiento).
• Captura: En diagonal (1 casilla). > Especial: >- Captura al paso: Si un peón rival avanza 2 casillas, puedes capturarlo como si hubiera movido 1. > - Coronación: Al llegar a la 8ª fila, se convierte en cualquier pieza (¡usualmente Dama!).

---

2. Torre (♖ / ♜)

• Mueve: Líneas rectas (sin límite de casillas).
• Especial: Participa en el enroque.

---

3. Caballo (♘ / ♞)

• Mueve: En "L" (2 casillas en una dirección + 1 perpendicular).

• Única pieza que salta sobre otras.

4. Alfil (♗ / ♝)

• Mueve: Diagonales (sin límite).

• Siempre permanece en el mismo color de casilla.

5. Dama (♕ / ♛)

• Mueve: Cualquier dirección (recto o diagonal).
• ¡La pieza más poderosa!

---

6. Rey (♔ / ♚)

• Mueve: 1 casilla en cualquier dirección.
  

  Especial:
  - Enroque: Cambia de lugar con una torre (si no hay obstáculos/jaques). - Jaque mate: Pierde si queda atrapado sin escapatoria.

---

Cómo mover

1. Un movimiento por turno.

2. Elige tu pieza y colócala en una casilla legal.

3. Solo tu color: Blancas mueven primero, luego negras, alternando.

4. No pasar: Debes mover si es tu turno.

---

Cómo capturar ("comer")

• Ocupa la casilla de una pieza rival: Reemplázala con tu pieza.

• Peones capturan solo en diagonal (no de frente).

• Los reyes no pueden ser capturados (el jaque mate termina el juego).

✔ Jaque: Ataca al rey enemigo (debe escapar en su siguiente turno).
❌ Ilegal: Mover a jaque o dejar a tu rey en jaque.

---

Movimientos especiales

|Movimiento|Regla Clave|Notación| |---|---|---| |Enroque|Rey + torre, sin movimientos previos|0-0| |Coronación|Peón→cualquier pieza en 8ª fila|e8=D| |Captura al paso|Captura un peón que avanzó 2 casillas|exd6 a.p.|

---

1. Enroque ("La escapatoria del rey")

• Qué: Rey y torre se mueven juntos en un turno.
  Cómo:

• Rey mueve 2 casillas hacia una torre.

• Torre "salta" al lado opuesto del rey.
  

  Reglas: - Sin jaques: El rey no puede estar en jaque ni pasar por casillas atacadas. - Sin movimientos previos: Ni el rey ni esa torre deben haberse movido antes.

Tipos:
- Corto (lado del rey, rápido): 0-0 - Largo (lado de la dama, seguro): 0-0-0

---

2. Coronación ("Coronar")

• Qué: Peón llega a la 8ª fila → se convierte en cualquier pieza (usualmente Dama).

• Cómo: Reemplaza el peón (incluso si ya tienes esa pieza).

Dato curioso: Puedes tener 9 damas (1 original + 8 coronaciones).
Ejemplo: Peón en h8 se convierte en Dama → h8=D.

---

3. Captura al paso (Del francés "en passant")

• Cuándo: Un peón rival avanza 2 casillas y queda al lado del tuyo.

• Cómo: Captúralo en diagonal (como si hubiera movido 1 casilla).
  

Regla: Debes hacerlo inmediatamente (solo en el turno siguiente)

---

Recurso digitales

Guia para principiantes - Lichess.org https://lichess.org/study/Hmb28fbv/QRyxzgre

Ajedrez desde cero - Youtube.com https://www.youtube.com/watch?v=YPf9fSY_K2k&list=PLWgqlpb234bHv38g6zXoi3WIJJonzZSAl&index=8

@ 9223d2fa:b57e3de7

9,322 steps