Yeah, I do the same thing.

Curiously, the installer of my ISP - which is one of the smaller ISPs around here - says it’s very common for their clients to just want the ISP’s box to do bridging (or even just act as a Fiber-modem) and use their own router behind it.

Guess the techies tend to flock to the more obscure ISPs that pretty much just provide “data pipe to the Internet” rather than use the big ISPs which tend to do stuff like push their own TV Boxes and even bundles of Home Internet + TV + Mobile.

I am very happy with this ISP - cheap, fast, reliable, no bullshit.

My ISP does give my router a public IP.

However my VPN provider does not give my client machines public IPs and instead gives them internal IPs.

So from any machine in my home, my normal (via ISP) connection is via my own router (which does NAT for all machines in my home network and which I fully control) which has a public IP address on its external interface (so, no double NAT), whilst a VPN connection is via the VPN provider’s router (as that’s what’s on the other end of the VPN pipe) which also does NAT, but that router I don’t control and the VPN provider I use doesn’t allow Port Forwarding hence all the trickery I described above to make sure I actually seed more than I download.

Around here ISPs giving internal addresses is not very common unless it’s on a mobile connection.

You should have pretty much everything on your router disabled for access from machines on the external network side of the router.

The typical example is the web admin interface, which should never be enabled for access from outside, only for access from machines on your internal network. The same applies to all other sorts of control interface, be they human interfaces or machine interfaces.

For any machines reaching it from the outside network interface the router should look the same as the most basic, dumbest router there is with no way to configure or control it.

So, yeah, enabling uPnP for external use is asking to be hacked, probably worse even that enabling the web admin interface for external access since the latter usually has username:password authentication, which although pretty crap (most people don’t even know its there and leave it at default and when not it often has character limitations that make it guessable or possible to brute force) it’s still way better than NO AUTHENTICATION WHATSOEVER which is what uPnP has.

In a VPN your own machine sits behind a Router from the VPN provider in a NAT configuration (meaning that during VPN tunnel initialization that router gives your machine an IP address from one of the so-called “internal” IP address range - most commonly one in the 192.168.x.x range - which are NOT valid to have visible in the Internet) and which multiple machines all over the world sitting behind other routers can use at the same time (for example: even though it only has 254 valid addresses, there are probably millions of machines running right now with an IP address in the 192.168.1.x range, which is by far the most popular range of internal IP addresses).

The IP address which is visible on the actual Internet has to be one which is not from an internal range or other kinds of special ones, and that’s the one that the VPN provider Router shows to the outside. (There are a few “tell me my IP address” websites out there which will let you know what that address is).

This is also how home routers work in providing multiple machines in your home access to the internet even though its on a single ISP connection which has only one IP address valid for the Internet.

To make all this work, such routers do something called NAT-Translation: connection requests from the INSIDE to the OUTSIDE go to the router, which changes ip:port information of those requests from the internal ip and a port in that machine to be the router external ip and a port the router has available, and then forwards the request the outside. The router also records this association between the external machine, the port the router used for it and the internal machine and the port on it the connection came from, on an internal table so that when the OUTSIDE machine connects to the router on that specific port, the router treats that inbound connection request as associated to the earlier outbound request and does the reverse translation - it forwards that inbound request to the internal machine and port of the original outbound connection.

However - all this only works when your machine first connects from the inside to an machine on the outside, because that’s when the router translates the IP address and Port and memorizes that association. If however you gave the IP address in some other way to that remote machine other than connecting to it via the router (for example, you have registered a Domain Name pointing to it, or you just gave the IP address and port number to a friend and told them “this is my Jellyfin machine”), any connection coming from the outside will not be routed by the router to your machine, because the router never had an original outbound connection to make the association for any return inbound connections: from its point of view some random machine is trying to connect to one if its ports and it simply doesn’t know which internal machine and on which port on it is supposed to get this connection from that unknown external machine.

Also all this is dynamic - after a while of one such association not being used, the router will remove it from memory.

Port Forwarding is a static way to explicitly configure in a router that all connections arriving at a specific port of the router are ALWAYS to be forwarded to a specific internal machine and a specific port on that machine.

Given that the association is static, you can give the outside world in any way you like without involving the router (for example, listing in some kind of shared list, which is what the Torrent protocol does), the IP of the router + the forwarded router port, as the address for a “service” that’s running on your internal machine, and any request coming from the outside on that port even if your machine never connected to that remote machine, ever gets forwarded to the internal machine and the port you configured there.

With port forwarding you can for example host your own website behind a VPN or in a home machine that’s not directly connected to the internet because any requests coming into a specific port on the router that does have a direct connection to the internet always get forward to that machine and the port on it you configured.

In the old days Port Forwarding had to be manually configured on the Router (for example, via a web-interface), but nowadays there is a protocol called uPNP that lets programs running on your machine automatically request that the router sets up a Port Forwarding for them so this is often done transparently, which how most networked applications sitting on a machine at home behind a home routers, work just fine since those routers always support port forwarding.

PS: All this shit is actually one enormous hack, that only exists because IPv4 doesn’t have sufficient IP addresses for all Internet connected machines in the World. The newer IPv6 does have more than enough, so it’s theoretically possible that all your machines get a valid Internet IPv6 address and are thus directly reachable without any NAT on the router and associated problems. However I’m not sure if VPN provides which do support IPv6 actually have things set-up to just give client machines a direct, valid on the Internet IP address, plus a lot of protocols and applications out there still only work with IPv4 (byte . byte . byte . byte) addresses.

Coitus interruptus

One of the few latin expression I memorized, because that’s how the Catholic Church calls it since that’s their recommended “contraception” method, all of which I find hilarious.

Unfortunately my VPN provider doesn’t support Port Forwarding (they’re great in everything else, but suck on this) so if I just start seeding from scratch no peers will ever manage to connect to my machine. The only way I can contribute back to the community is when a Download session ends and starts seeding (basically all those peers that my machine checked during the download stage get recorded in the VPN’s Router NAT as associated with my machine so if they try to connect to my machine later, for example to download a block, they get through), so my torrents are just left to seed after downloading (if I stop it and start seeding later, it might not work anymore depending on how long has passed).

Fortunatelly I have a fast internet connection and torrenting is done in a server machine, so I just leave it setup to a 2:1 seeding ratio for as long as it takes to get there and pretty much all torrents I download reach that seeding ratio (it pretty much only fails to reach that on really obscure torrents with very small swarms).

I’ve been sailing the high seas for over 3 decades and long ago saw the importance of doing my bit to keep the whole ecosystem alive.

So I might not be seeding everything I have (and as it’s been 3 decades, I do have some stuff which is now very obscure), but everything I get from the community I seed 2x as much so that others can get it too.

More broadly, it’s all Tribalism.

You’ll see it at many levels, not only towards the “outsiders” in nation terms (and examples are not only the anti-immigrant discourse but also in the discourse mainly blaming a country’s problems on some “foreign power” or other, in both cases as if insiders didn’t have vastly more power than such outsiders) but also at various other tribal levels (race, political party, region, city and even town in so-called “small town” environments).

The human tendency from Tribalism will turn even otherwise “good people” (but not very competent when it comes to introspection or having a strong keen sense of what is Just) into mindless “us vs them” drones who are easy to manipulate into blaming outsiders for the outcomes of the actions of insiders especially because they tend to believe any old bollocks from the “chiefs” of their tribe.

Too many guns leads to weekly school shootings.

US: We need more guns!

deleted by creator

Steal the cake from the public.

Slice it up and sell the slices to the fatcats at discounted prices.

Throw a few crumbs towards members of the public and claim that “now everybody can own it”.

It’s been the neoliberal strategy for privatizing public assets since the very start.

Their job is not to solve crimes, their job is to get people convicted, the subtle difference being that they’ll turn non-crimes into crimes (for example, they’ll chose to legally interpret things which can go both ways as crimes which require prosecution, which is why one often sees kids criminalized for childish bullshit) and it doesn’t matter if the person convicted is innocent, all that matters is that somebody got convicted (so, for example, they won’t try and find exonerating evidence).

This partly explains their tendency to take an adversarial posture towards people who aren’t from their group, also partly explained because that posture itself indirectly feeds back on them (people are weary of them because of how act towards the general public, which in turn makes them feel apart and suspicious hence they behave even more so) and partly because they do tend to get exposed far more than most people to the seedy side of humanity all with a judgemental mindset and an aim to see crimes, so even a lot of the stuff they see which most people think is just silly fun (say, most drunkenness), they’ll see as crimes.

The poor copper lost all that time arresting a guy with Plasticine Action on his t-shirt only to have to de-arrest him when he could’ve been arresting an old lady with the words “Palestine Action” written down on a piece of paper for her to be prosecuted and maybe even get a jail sentence.

That mistake was making it hard for him to make his quota of arrests for that week, the poor bloke.

By an amazing coincidence over-broad legislation made on top of a legally undefined word ended up used against things and groups which weren’t at all the claimed targets of that legislation.

This was also totally unexpected and nobody could ever had foreseen how they could be leveraged for such uses when those laws were first drafted and approved.

Some people of Palestine Action threw ink on a military plane parked on some airbase which is normally used for the surveillance flights of Gaza that the UK is doing to give the data to Israel, hence they were officially classified by the Home Secretary - Yvette Cooper - as “terrorist group” via a process which has no strict well defined criteria or Judicial oversight at all.

Because of that anybody who supports them in any way (including merelly voicing their support for them or holding a written paper with the name of the group) risks a prison sentence of (if I remember it correctly) up to 10 years.

Hence in the UK wearing a t-shirt with the words “Palestine Action” in it is a terrorist offense with a prision sentense of up to 10 years: it’s all pretty similar to the legislation Putin has to stop people in Russia demonstrating against the invasion of Ukraine, only I believe the prison sentences in Russia are actually lower.

(Britain isn’t quite at the “hold up blank piece of paper” stage like Russia yet, but judging by the copper arresting somebody wearing a “Plasticine Action” t-shirt, the police are already thinking along similar lines - the coppers in Britain are well aware that their job is to “serve the powerful” not “serve the public”)

Britain is a complete total authoritarian clown shown nowadays, though this shit is a pretty natural stage in the evolution of authoritarianism and represssion masquerading as Rule Of Law over there since around Tony Blair’s time.

At least when it comes to the Movie industry, piracy is pretty much a moral obligation.

Ditto for the Music Industry.

Ditto for the Science Publishing Industry.

It’s only not the same for the Games Industry because so much of it are Indies.

Cold turkey on caffeine - takes about a week and a half to get over the addiction and you’ll be sleepy and have headaches for most of it.

After that you’ll be perkier than before and will probably even sleep better (depends on how late your last caffeine intake of the day was before as it mainly works by you feeling sleepy earlier and naturally going to sleep earlier).

You can still take something caffeinated once in a while and you will really notice the effect of it once your body isn’t hooked on the stuff (just don’t to it too often or your body will go back).

You see it turns out that when you’re addicted to caffeine you actually require regular caffeine intakes merely to be at your normal baseline level, and will be below it without the caffeine, whilst for those who are NOT addicted to caffeine taking it actually umps them up above baseline (I once read of a study about it but don’t have the link anymore).

If you actually like the taste of coffee and the coffee habit as I do, switch to decaf. If you have hot water at work, buy instant decaf and make from that yourself.

If can’t be added getting over the caffeine addiction, do you can use instant coffee instead of instant decaf.

Way back in the early days of the Net, when we were all young, naive, had a full head of hair and pretty much every dynamic website out there was susceptible to SQL injections, I used to browse without an ad blocker, but with all the abuse in the form of pop-ups, pop-unders, page covering overlays, animated shit and even malicious payloads, I had to start blocking ads.

Never went back since.

Also in this day and age getting a VPN and having it always on for general privacy enhancement, especially against snoopy governments (something which just keeps on getting worse), is also a good idea, plus it also lets you work around geographically restricted sites, so it ends up useful in multiple ways.

A Power Duopoly is better than a Power Monopoly, but not all that much better.

Think Cartel vs Monopoly.

Also it’s possible to have a “national circle” which when votes allocate parliamentary representatives, is used for, after all regional representatives have be allocated, pick up all votes that didn’t yielded any representatives in the regional circles and use them to allocate representatives nationally.

Smaller parties which are not regionally concentrated loose regional representation but they don’t lose representation in overall as those votes end up electing national representatives, whilst very regional parties get regional representatives and the bigger national parties get mainly regional representative and maybe a handful of national ones.