Good catch, I didn’t realize that with AnyType. That makes my first recommendation to OP just SilverBullet, then. Source available is better than nothing, like with Obsidian, but OP specifically asked for FOSS repos. It looks like their peer to peer sync server is MIT licensed, but their client (and client library) code is licensed under the “Any Source Available License 1.0,” which restricts use other than for “personal, academic, scientific, or research and development use, or evaluating the Software, but does not include uses where the Software facilitates any transaction of economic value.”

I ruled out Logseq’s sync service due to it being both paid ($60/year minimum) and not FOSS, both things OP asked for. For my purposes, since it’s not FOSS and not able to be self hosted, it’s not a good option. But it makes sense to use the same file syncing solution that’s already in use, whether that’s FolderSync (or some equivalent tool) set up to sync to my server, Syncthing (though I just realized its Android client is no longer being developed as of December 2024), or even Cryptomator + some cloud storage service.

Since you’re already using Standard Notes - have you checked out Awesome Standard Notes? You can use the community extensions - editors, themes, etc. - even with the free plan.

It’s my main note-taking app, but I also got the 5 year paid plan for $150 (IIRC) a few years ago, and prices have increased substantially since then. If I weren’t locked into a lower rate, I’m not sure I’d subscribe at the current rates (though I would look into the self-hosted Pro discount before ruling it out). That said, if you don’t need note linking, queries, and those sorts of things, then I think the free plan of Standard Notes + community extensions is a great option. If I self-hosted the server, the main thing I’d be missing over the paid plan is nested tags.

Logseq (repo) might meet your needs if you’re okay setting up a sync service like Syncthing on every client you use. Of course, you could use Dropbox, Google Drive, etc., but I recommend against it without a layer like Cryptomator in between, since your data is store in the clear. IMO it doesn’t really make sense to self-host Logseq - just use the native app that’s available on basically every platform. I find Logseq kinda confusing, honestly, but it has a lot of compelling features.

SilverBullet may be what you’re looking for. It must be self-hosted and has a PWA instead of native apps, but the PWA on mobile at least is quite good. Since it uses Markdown files for its notes, you could use it with some other tool on the machine hosting those files, if you wanted. I have it self hosted myself and it’s the best alternative I’ve found to Notion and Obsidian when it comes to querying my own notes and so on.

Someone else posted about Outline and I think it’s a fantastic, polished option. I know that you said this is for solo use, so you probably don’t care about its collaboration features, but you also mentioned managing personal projects, and its integrations (e.g., Airtable) could be useful for that. I have it self-hosted and it is a bit more complicated than other options, but I don’t think I ran into any particular issues. I’m using it with Authelia as an OIDC provider and can share my docker-compose file and other config if that would be helpful. They also have a paid, hosted option, which you can try out for 30 days if you want to see if it’s right for you before you put the time and effort into self-hosting it. One of my most-used editors in Standard Notes is the Rich Markdown Editor, which is based off the editor used in Outline. However, unlike SilverBullet and Standard Notes,

Hedgedoc is another option that may be worth looking into. It’s my go-to collaborative editor / gist replacement. Personally, I prefer it over Outline. Its main shortcomings are that:

• it must be self-hosted (though you could use HackMD aka CodiMD, which it was forked from, as that does have a hosted version)
• it doesn’t have an app (on any platform - not even a PWA)
• it doesn’t have any sort of querying capabilities, and
• it doesn’t have any sort of Kanban-like tool.

But it does have several built-in integrations, like Mermaid and multiple other diagramming tools, inline images (just drag and drop), syntax highlighting for code, Gist embeds, Youtube embeds, optional Vim/Emacs keybindings, a slide deck presentation mode, inline CSV tables, etc., and that’s all without needing to mess with plugins or switch between editors.

I hadn’t used AnyType before today, but it’s been on my radar since late 2020, and it’s pretty powerful. It’s not perfect, but it seems to check off everything you’re looking for. It does have a bit of a learning curve, but it’s been easy to jump in and take notes.

It’s hard to know which to recommend you try, though, because your list of criteria don’t all map neatly to features. For example, what do you want from planning vs managing personal projects? What do you mean by “journaling?” Is having a “journal” section where notes get dates sufficient? Do you like the way Standard Notes or Logseq handle journaling, or are you looking for features like what jtxBoard has?

I’m assuming the following for my table below:

• Quick Notes - easy to create a new note and just write some stuff. Needing to fill out any required fields (even “title”) make this a ❌
• To-do lists - checkbox lists. You have to be able to add a new item by pressing enter and mark an item off just by checking the box.
• Managing and planning projects:
  • Kanban / Trello style board - without needing to integrate with a non-FOSS third party service (this is why Outline gets a ❌)
  • Linking to another note in the body of a note (Standard Notes lets you create a link in the tag bar - this doesn’t count)
  • Embedded querying of your other notes, treating notes like objects - really the thing that makes Notion so powerful
  • Easy table editor
  • Diagrams - Mermaid, Excalidraw, or a similar plugin that works natively
• Easy to use - auto-saving of notes, automatic synchronization that “just works,” rich text copy-paste, etc…
• Offline mode - You didn’t mention this, but I’m calling it out since it’s otherwise easy to take for granted.
• Publishing - you mentioned not caring about collaboration, but being able to publish a note is still useful in solo-only workflows, as it gives you a way to reference it directly from a bookmark, some other tool, etc., potentially from a device where you aren’t authenticated.

[1]: For Standard Notes, I’m not assuming that you’re self-hosting the server, but I am assuming that you’re installing community extensions, particularly Rich Markdown Editor or something similar.
[2]: For Silver Bullet, I’m assuming that you’re installing community plugins.

I recommend you try AnyType and/or SilverBullet first, depending on which one looks more appealing to you.

You can control that with a setting. In Settings - Privacy, turn on “Query in the page’s title.”

My instance has a magnifying glass as the favicon.

Giant squids are the bears of the ocean

Wouldn’t be a huge change at this point. Israel has been using AI to determine targets for drone-delivered airstrikes for over a year now.

https://en.m.wikipedia.org/wiki/AI-assisted_targeting_in_the_Gaza_Strip gives a high level overview of Gospel and Lavender, and there are news articles in the references if you want to learn more.

This is at least being positioned better than the ways Lavender and Gospel were used, but I have no doubt that it will be used to commit atrocities as well.

For now, OpenAI’s models may help operators make sense of large amounts of incoming data to support faster human decision-making in high-pressure situations.

Yep, that was how they justified Gospel and Lavender, too - “a human presses the button” (even though they’re not doing anywhere near enough due diligence).

But it’s worth pointing out that the type of AI OpenAI is best known for comes from large language models (LLMs)—sometimes called large multimodal models—that are trained on massive datasets of text, images, and audio pulled from many different sources.

Yes, OpenAI is well known for this, but they’ve also created other types of AI models (e.g., Whisper). I suspect an LLM might be part of a solution they would build but that it would not be the full solution.

Unless something has changed, it did. The page linked reads:

And, obviously, this POC is open source, the code is publish here on our forge.

The link takes you to their repos. The server repo has instructions on self-hosting directly on your server or with Docker. The app repo has code for both the iOS and Android apps. That’s good, because the iOS app at least doesn’t have a built-in way to select a different backend server.

Whisper is by OpenAI and as far as I know they have not shared the training code, much less the data sets, so the best you can do is fine-tune the models they’ve provided.

If use of Whisper is a problem, but the project is otherwise interesting to you, you could ask them to consider using a different STT solution (or allowing the user to choose between different options). I’m not aware of any fully open STT applications that are considered to be as capable as Whisper, but if you do, that would be great info to share with them.

• Assembled: 1200 USD
• Kit: 950 USD

Thanks for clarifying! I’ve heard nothing but praise for Kagi from its users so that’s what I was assuming, but Searxng has also been great so I wouldn’t have been too surprised if you’d compared them and found its results to be on par or better.

By the way, if you’re self hosting Searxng, you can use add your own index. Searxng supports YaCy, which is an actively developed, open source search index and crawler that can be operated standalone or as part of a decentralized (P2P) network. Here are the Searxng docs for that engine. I can’t speak to its quality as I still haven’t set it up, though.

there is a better open source meta search engines

I already use Searxng and have never used Kagi, but I’m curious why you say that Searxng is “better.” Are you saying that because the quality of the searches is better, because it’s open source and Kagi isn’t, or for some other reason?

Understandably frustrating, especially if you’re new to investing. But it’s expected that the market will have both ups and downs.

The best advice I can give is to choose a good investment allocation and then stick to it. Contribute as much as you can each pay period or month and avoid looking at your balance as much as possible. You should figure out a rebalancing strategy, and you’ll probably need to look at your account to do that. Also, see The Best Order of Operations For Saving For Retirement.

Right now you have unrealized losses, but you haven’t actually lost any money (i.e., you have no “realized losses”) until you withdraw it. As it’s a retirement account and you just started it, I assume you aren’t planning to retire in the next decade, much less the next three years.

Is this your only retirement account? If so, why have you not been continuing to add money to it? If you wait to do that until the market recovers, you’ll lose out on all the gains between now and then.

I know you haven’t said you’re considering selling, but I recommend you check out the “Maintain Discipline” section of the Bogleheads investment philosophy, just in case that’s on your mind. I also recommend that you read up on dollar cost averaging (if you’re investing in a retirement plan every pay period, you’re already doing this).

You pointed out that the entire market has been impacted. I haven’t personally been paying attention in enough detail to confirm that (and my accounts that I just checked have gone up about 10% over the past three years, not down), but if so, that means you could change your asset allocation without selling low and buying high. I’m not saying you should change it, but if you take the time to learn about different investment strategies and decide a different one works for you, it’s nice to not have to sell your current investments while they’re underperforming relative to your new investments. (On the other hand, you can always change the allocation for your future investments without worrying about that.)

“But tante, then we will never have Open Source AI”. Exactly. That’s how reality works. If you can’t fulfil the criteria of a category you are not in that category. The fix is not to change the criteria. That’s playing pigeon chess.

This is a bad take. If your criteria aren’t grounded in reality, they aren’t useful, so of course you should change the criteria.

It’s also a missed opportunity to point to an AI model that did things right and that would qualify as “open source AI” even if that definition were not watered down. For example, OLMo (which I just learned about) says that they provide full insight into the training data as well as “full model weights, training code, training logs, training metrics in the form of Weights & Biases logs, and inference code.” Their most complex models are 7B models, which is enough to be relevant.

Saying “Meta and Alphabet will never release Open Source AI that meets the proposed definition” is fine. Saying “we’ll never have Open Source AI, period, that meets the proposed definition” means your proposed definition needs rewritten.

Your Passkeys have to be stored in something, but you don’t have to store them all in the same thing.

If you store them with Microsoft’s Windows Hello, Apple Keychain, or Google Password Manager, all of which are closed source, then you have to trust MS/Apple/Google. However, Keychain is end to end encrypted (according to Apple) and Windows Hello is currently not synced to the cloud, so if you trust those claims, you don’t need to trust that they won’t misuse your data. I don’t know if Google’s offering is end to end encrypted, but I wouldn’t trust it either way.

You can also store Passkeys in a password manager. Bitwarden is open source (though they did recently introduce a proprietary, source available SDK), as is KeepassXC. 1Password isn’t open source but can store Passkeys as well.

And finally, you can store Passkeys in a compatible security key, like the YubiKey 5 series keys, which can each store 100 Passkeys. This makes them basically immune to being stolen. Note that if your primary interest in Passkeys is in the phishing resistance (basically nearly perfect immunity to MitM attacks) then you can get that same benefit by using WebAuthn as a second factor. However, my experience has been that Passkey support is broader.

Revoking keys involves logging into the particular service and revoking them, just like changing your password. There isn’t a centralized way to do it as far as I’m aware. Each Passkey is only used for a single service, after all. However, in the same way that some password managers will offer to automatically change your passwords, they might develop a similar for passkeys.

Do any of the iOS or Android apps support passkeys? I looked into this a couple days ago and didn’t find any that did. (KeePassXC does.)

You have your link formatted backwards. It should be Vaultwarden, with the link in the parentheses.

Up until a year ago, the README explicitly said they didn’t claim to be an open source project: https://github.com/jgraph/drawio/commit/8906f90ac0cc50a0c6da77c28cf9b2b2339277b1#diff-b335630551682c19a781afebcf4d07bf978fb1f8ac04c6bf87428ed5106870f5L10

For starters, it was never “open source”…

From your link:

Instead, as Winamp CEO Alexandre Saboundjian said, “Winamp will remain the owner of the software and will decide on the innovations made in the official version.” The sort-of open-source version is going by the name FreeLLama.

While Winamp hasn’t said yet what license it will use for this forthcoming version, it cannot be open source with that level of corporate control.

If I upload the source code for my project on Github/Forgejo/Gitlab/Gitea and license it under and open source license, allowing you to fork it and do whatever you want (so long as you follow the terms of my copyleft license), and I diligently ensure that code is uploaded to my repository before being deployed, but I ignore all issues, feature requests, PRs, etc., is my project open source?

Yes.

Likewise, if Winamp had been licensed under an open source license, it would have been open source, regardless of how much control they kept over the official distribution.

Winamp wasn’t open source because its license, the WCL, wasn’t open source.

a talking collar isn’t likely to help … if the cat is even willing to wear the thing at all.

“Realistically,” Quagliozzi says, “that collar would just be saying ‘get this fucking collar off me’ all the time.”

Do you memorize all of your passwords? If so, I take that to mean that you don’t use a password manager. Password managers - really, any app with 2FA - have this problem, too. But if you use a password manager and store your 2FA methods in it, then you only need to be able to regain access to your password manager.

If you use a cross-platform password manager with Passkey support, like Bitwarden, you can use it on any of your devices. In the event that you lose all of your devices, if you don’t have an Emergency Contact set up, you will need your password and one of the following to gain access to your account:

• Access to your 2FA method
• Access to your Recovery Code
• If you’re in an enterprise using Duo 2FA, access to a Duo bypass code (contact your Duo admin to request this)

If you use security keys for 2FA, then you should have at least two - one that you keep with you and a backup that you keep in a safe place, like at home in a lockbox.

If you use a TOTP app to log in, or if you use security keys and want another backup, then making sure you’ll have access to the Recovery Code should be your priority. You can write it down and keep it in a few different places - at home, in your car, in your locker at work, etc… You can share it with someone you trust in person or over an encrypted channel (like Signal). You can store it on a flash drive, encrypted by a second password (which can be much easier than your primary password) or even unencrypted, if you generally keep the drive somewhere safe, disconnected from your computer. As long as you remember your password and can access your recovery code, you’ll also be able to regain access to your account, including all of your passkeys.

Emergency Access requires someone else to have access to their Bitwarden account, but assuming you don’t both lose access, it’s a pretty solid solution. When they request access, Bitwarden will send you an email allowing you to accept or reject their request. If you accept or don’t respond within the allotted “Wait Time” (which you configure: 1 day minimum, 90 days maximum) then they’ll be granted access. You also get a choice (when setting this up) to let them takeover the account (resetting your master password) or to just get read-only access.

Maybe you don’t like Bitwarden and want to use some other app, like 1Password, Dashlane, Roboforms, etc… Whatever your choice, familiarize yourself with how to restore access to your account in an emergency. Then you only need to worry about that and not about how to get access to your passkeys that are on your Windows laptop or only synced to your Apple devices.

But that is exactly what he recommends, using a password manager - with one time email authentication for the first login as an extra step, right?

Nope.

Using a cross-platform password manager with synced passkeys is different and much more secure than using a password manager with email TOTPs or sign-in links with emails that aren’t end-to-end encrypted.

And password manager adoption is much higher than PGP keyserver adoption, and if you can’t discover someone’s public key you can’t use it to encrypt a message to them, so sending end-to-end encrypted emails with TOTPs/sign-on links isn’t a practical option.

According to Statista, 34% of Americans used password managers in 2023 (a huge increase from 21% in 2022), so it’s not even like the best case scenario is rare.

The author mentions it: the QR code approach for cross device sign in. I don’t think it’s cumbersome, i think it’s actually a great and foolproof way to sign in. I have yet to find a website which implements it though.

The site doesn’t need to implement this; the browser handles that part.

I confirmed this works and logged into Github using Google Chrome on my work computer using a passkey stored in Bitwarden earlier today. I had to enable Bluetooth for Chrome, since I’d had it disabled, but then everything else was seamless.