A working nuclear thermal propulsion (NTP) engine was already built in the 60s under NASA’s NERVA project. It is one of the highest technological readiness level solutions we have to the dilemma of high specific impulse versus high thrust present in the current spsce engine technologies. Imo we need something like this to make manned interplanetary missions viable.

Looks like Meteor Lake iGPU will be supported though, which is still cool for VMs with GPU accelerated desktops.

Trump: Started 0 wars. Caused 0 economic crises. Bush: Started 2 wars (Iraq, Afghanistan). Caused the biggest financial crisis since the Great Depression.

Fair, although you’re probably fine for “hosting jellyfin for your family” levels even then. If cloudflare boots you, swap to a free tier Oracle Cloud VPS and set up an nginx proxy.

They removed that clause. Ctrl-f “video” on their ToS page gives 0 results

https://www.cloudflare.com/en-gb/website-terms/

Example: https://grapheneos.org/faq#baseband-isolation

Yes, the baseband is isolated on all of the officially supported devices. Memory access is partitioned by the IOMMU and limited to internal memory and memory shared by the driver implementations…Earlier generation devices we used to support prior to Pixels had Wi-Fi + Bluetooth implemented on a separate SoC. This was not properly contained by the stock OS and we put substantial work into addressing that problem.

Baseband modems were not isolated from kernel memory in stock Android, GrapheneOS had to do it themselves using the IOMMU. We do not know for sure due to the proprietary/closed-source nature of baseband modem drivers, but we have no reason to assume any OEM (Samsung, Xiaomi etc) implemented proper isolation of baseband modem and system memory.

Use argparse instead of input

Think it’s not supported for the root filesystem anymore but that’s not my usecase anyway. Still supported for non root filesystems.

ZFS without having to faff around with DKMS

deleted by creator

GrapheneOS has strict sandboxing for all apps. App A cannot talk to App B unless given explicit user permission. Google Play services is not installed by default, and if you do install it, it’s subject to the same sandbox. This basically addresses all userspace tracking concerns, unless you actively choose to weaken those defaults.

GrapheneOS has strict sandboxing for all apps. App A cannot talk to App B unless given explicit user permission. Google Play services is not installed by default, and if you do install it, it’s subject to the same sandbox. This basically addresses rid of all userspace tracking concerns, unless you actively choose to weaken those defaults.

(There are still concerns associated with the closed source firmware of the baseband modem)