So, not carbonara. Pasta with lemon is awesome, I also love pasta with tuna, both also work together, but it’s not a carbonara.

I will go out on a limb here and guess those were not ravioli and some form of pelmeni instead? There are types of them that are usually eaten with sour cream and jam. But the dough used is quite different from the ravioli one, and the filling is cheese (not meat or ricotta/spinach).

Was that the case?

It actually makes sense, because Italian history is far from a continuum. In fact, most “Italian cuisine” is actually less than 100 years old!

Most of Italian recipes are very simple. The focus usually is on quality on the ingredients and if they are good, a pizza with just mozzarella and tomatoes is already delicious. That said, even in Italy there are plenty of types of pizzas, but most of them don’t have 20 ingredients, I suppose the point is that you actually want to taste what you eat, which is not the case when you mix many different things. There is a very messy and rich pizza (capricciosa) with a lot of toppings though (more than one obviously, but this is the most common).

Personally I am a margherita person, simple and boring is perfect, as long as it tastes great.

P.s. Giuseppe :)

It’s not about being right, it’s about making something that tastes good. Besides that, there are also well established cultural traditions. But as long as people call their garbage pizzas “NY pizza”, or whatever and it’s well distinguished by “Italian pizza” (or Neapolitan, etc.), I don’t see the problem.

Completely different dough in terms of consistency and taste. Bread and pizza are quite different, so many ingredients that work on pizza don’t work on sandwiches and vice versa. Having said that, people can eat what they please.

For what is worth, that’s not how (most?) Italians think about pizza. It’s not a “container” in which you put a bunch of things, but each pizza type is basically a separate dish.

I personally don’t care what people put on their pizza, I simply avoid places that make “pizzas” in a non-italian fashion, like the american (supposedly NY style) ones where you get crust, 2 fingers of industrial cheese and a whole plant of oregano.

It’s very similar for pasta, which many people think as a bread replacement.

I can’t really make an exhaustive comparison. I think k3s was a little too opinionated for my taste, with lots of rancher logic in it (paths, ingress, etc.). K0s was a little more “bare”, and I had some trouble in the past with k3s with upgrading (encountered some error), while with k0s so far (about 2 years) I never had issues. k0s also has some ansible role that eases operations, I don’t know if now also k3s does. Either way, they are quite similar overall so if one is working for you, rest assured you are not missing out.

Yeah, but you don’t need anything besides the runtime with kubernetes. Podman is completely unnecessary since kubelet does the container orchestration based on Kubernetes control plane. Running podman is like running docker, unnecessary attack surface for an API that is not used by anybody (in Kubernetes).

I run k0s at home, FWIW, tried k3s too :)

Why would anybody use podman for k8s…containerd is the default for years.

For too long it told men they can treat women however they want

This is demonstrably false, as we have certain narratives that are literally millennia old (latin literature) about courtship, romantic gestures, protection and all the other stuff usually associated with how men should treat women. Usually this is some form of protection/care for a lower/weaker being, but it is absolutely a way society has been telling men how to tell women for centuries.

I would say that what you said applies not to feminism in general (who historically had strong links to class struggle and anticapitalism), but to a part of the modern status quo feminism which is focused purely on individuals and has been absorbed by the ruling class (e.g., once the CEO is a woman, the goal is reached). This is not a representation of feminism in general though, and I would say the same can apply to many other movements as well (e.g., ambientalism, antiracism, etc.) that (in part) lost their revolutionary nature and are left fighting for small changes within the status quo.

I think that in fact in at least some cases the lack of respect (or general ability to live a relationship with a man in a mutually loving way) is exactly due to that education. At the end of the day the flipside of the “subservient” attitude is that the man in the relationship is represented as a provider, with all the gender stereotypes that come with it: lack of emotions, self-reliance and of course the expectation for him to be a provider. I would say that most of the examples of bad relationships in this thread boil down to exactly these dynamics.

Also we are not anymore in the 1950, so that education today mostly happens implicitly, but it also gets mixed up with a lot of other messages from the wider society.

I personally also disagree about the fact that men are not taught how to fit in their gender role. I think they are, since very little, symmetrically to how women are too and possibly even more explicitly: you need to protect women (incl. sacrificing because that’s what heroes do), the whole courtship thing, the fact that as a man you are responsible to provide for others, that there are certain activities that are manly, etc… Essentially is the exact same problem: gender stereotypes and sexism go both ways and impact both genders, although in different ways.

Sure! FYI, simplelogin can create aliases with prefix! I usually get service-{random 5 chars}@simplelogin.com, so you can still sort by folder using prefixes.

You should definitely be! I take backups every 6h for my self hosted vaultwarden (easier to manage and to backup, but not official, YMMV). You can also restore each backup automatically and have a “second service” you can run elsewhere (a standby basically), which will also ensure the backup works fine.

I have been running bit/vaultwarden now for I think 6 years, for my whole family and I have never needed to do anything, despite having had a few hiccups with the server.

Don’t take my word for it, but the clients (browser plugin, desktop app, mobile app) are designed to keep data locally I think. So the term cache might be misleading here because it suggests some temporary storage used just to save web requests, with a relatively quick expiration. In this case I think the plugin etc. can work potentially indefinitely without server - something to double-check, but I believe it’s the design.

Interesting! That’s very close to this blog post I read long time ago (unfortunately medium.com link)! Are you actually sending emails from those addresses? Like if you need to drop an email to your bank, do you use the banking one or your personal (or something else)?

Fwiw, I do something similar. I use a mix of domain aliases without address (e.g. made-up-on-the-fly@domain.com) and actual aliases. Since I have proton family (and the same when I used ultimate) I have unlimited hide-my-email aliases, so I have it integrated with my password manager, and I generate a random password and email for everything I sign up now. These though are receive-only addresses. In fact, with this technique I probably use 3-4 addresses in total, but I have probably 30 domain addresses that go to the catch-all one.

Spam on these addresses are basically non-existing and you can still create folders based on recipient without having a full address (e.g. bank1@domain.com, bank2@domain.com). You can make folder categorization based on recipient regex and this way you also have the “stop bothering me” option: if some email gets into the wrong hands, you can create a spam rule for that dedicated address. However, my approach is that all of these are used just to receive emails, to send I have just a handful of actual addresses or -if really needed- I can create on-the-fly an address from a catch-all one, send the email and then disable it again (so it doesn’t count towards the limit, but I still get inbound email to the catch-all).

Nice setup anyway!

Your requirements are totally fair tbh.

That said, I think you can use aliases for the use-case you have, you don’t need full addresses. Proton supports “+ aliases” as well, so name+service@domain works, and most importantly they support catch-all addresses if you have your own domain. I now use actual aliases (the ones from simplelogin), which I generate on the fly, but if you can use whatever@domain and it will be redirected to your configured address. You don’t even need to create this beforehand, so many times I was around and had to give an email address for some reason and I just made up an address on the fly. As long as you use your domain, the catch-all will get the email.

So the 10 addresses only include actual addresses, the ones you can write from. You can have as many as you want to receive emails (which is generally the use case for signing up to services, right?). Just a FYI in case tuta supports the same and you are making more effort than needed!

If XMPP were to replace emails, that would’ve been great

Who knows :) But XMPP also needed all kind of extensions to support even relatively old security measures.

Anyway, I still don’t trust Proton. Have a great day.

That’s fine, you can trust who you want, of course. The important thing is to have clear the risk model.

Encrypted or not, the fact that someone else has it stored somewhere in their computers is dangerous.

Of course. You are simply over-representing this risk, though. Besides, regular people realistically don’t need to worry about Proton being backdoored, because their device is 10-100x more likely to be breached instead. Security is not a binary, it’s a shade. Performing a software update is also “dangerous”. Do you check every time you update the software its code, to verify no malicious backdoor is there? No, exactly, you trust the maintainers and the package infrastructure.

The only recommended way to store private keys are offline and encrypted.

So you don’t store them on your device(s) (encrypted)? I store my GPG keys that I use to sign software on my yubikeys. That said, email is something I check from my phone and multiple computers (as most people). Do you really use a hardware key to do on-the-fly decryption, every time someone sends you a message, from each device?

As a security engineer, I also generally discourage such absolute “recommendations”. My threat model is different from a regular Joe threat model, and both are different from Snowden’s. There is no such thing as “only recommended way”, because this is not a religion, it’s a risk decision. Most people use Gmail, where the content of their email is literally available server side. Those same people can gain privacy and security using GPG via Proton, and in their threat model “provider gets compromised and software backdoored” is completely irrelevant. Is it relevant in your threat model? Good, then yes, you should only store keys offline and encrypted. Actually, you shouldn’t use email at all, and you should use dedicated tools and protocols that are meant for security, where metadata is not transmitted in clear text, for example. You should also have virtually no session duration and perform a full login with 2FA every time, you should probably access the software that you use to communicate only from a secure machine dedicated for the purpose etc…

I think you trust Proton a bit too much.

I simply have clear in my mind what my threat model is and what risks are acceptable. I perfectly fit in the “Anyone with privacy concerns” category in the threat model they built. What about you?

Oh that makes sense. Yeah, definitely simple encryption and exported (unencrypted) emails are not going to work together.

I am all in support for European tech companies, so I think that mailbox.org, tuta, proton etc. Are all good options.