I need some help if anyone could take the time and has the knowledge:

I'm basically new to podman and namespaces, relatively new to linux and a noob at networking. So figuring this out and getting it to work took many more hours than I would like to admit, but I still have a few problems.
I have all my current Quadlets below in the spoiler (seperated by "---", assume user123 = UID 1000). I am on Bazzite, rootless Podman, which probably makes this even harder.

::: spoiler Spoiler with the Quadlets

[Unit]
Description=Arr-stack pod

[Pod]
PodName=arr-stack
# Network
# Network=vpn-only

# User mapping / I don't fully understand this yet, but the pod does not work without this (maps user id to specified ID inside the containers? So the containers have UID:GID 1000:1000?)
UserNS=keep-id:uid=1000,gid=1000
#
# Homepage Port Mapping
PublishPort=3000:3000
# Jellyfin Port Mapping
PublishPort=8096:8096/tcp
# qBittorrent Port Mapping
PublishPort=8080:8080
\#PublishPort=6881:6881
\#PublishPort=6881:6881/udp
# Prowlarr Port Mapping
PublishPort=9696:9696
# Flaresolverr Port Mapping
PublishPort=8191:8191
# Radarr Port Mapping
PublishPort=7878:7878
# Sonarr Port Mapping
PublishPort=8989:8989

# Jellyseerr Port Mapping
\#PublishPort=8055:5055

\#[Install]
# WantedBy=default.target

---

[Unit]
Description=Gluetun Container
# Dependencies
# pod
Wants=arr-stack-pod.service
After=arr-stack-pod.service
Requires=arr-stack-pod.service
PartOf=arr-stack-pod.service
# .pod is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=arr-stack.pod
After=arr-stack.pod
Requires=arr-stack.pod
PartOf=arr-stack.pod


[Container]
ContainerName=gluetun
Pod=arr-stack.pod
Image=docker.io/qmcgaw/gluetun:v3
AutoUpdate=registry
# Network
# Network=vpn-only

# UID/GID permissions / root + privileged for networking?
PodmanArgs=--privileged
User=0
Group=0
# Equivalent to cap_add: - NET_ADMIN # one wrong?
AddCapability=NET_ADMIN
AddCapability=CAP_NET_ADMIN
# Required for Gluetun to delete the bridge's default route, but does not work
AddCapability=NET_RAW
AddCapability=CAP_NET_RAW
# Equivalent to "devices: - /dev/net/tun:/dev/net/tun"
AddDevice=/dev/net/tun:/dev/net/tun

# EnvironmentFile=global.env
Timezone=UTC
Environment=TZ=Etc/UTC

# EnvironmentFile=gluetun.env
# Environment=FIREWALL_OUTBOUND_SUBNETS=10.90.0.0/24 / test from a specific podman network
Environment=FIREWALL_INPUT_PORTS=8080
#
Environment=VPN_SERVICE_PROVIDER= <123>
Environment=VPN_TYPE=wireguard
Environment=WIREGUARD_PRIVATE_KEY= <key>
Environment=SERVER_COUNTRIES= <country>
# for now:
Environment=VPN_PORT_FORWARDING=off
\#Secret=openvpn_user,type=env,target=OPENVPN_USER
\#Secret=openvpn_password,type=env,target=OPENVPN_PASSWORD

\#Volume
Volume=/var/home/user123/.config/arr-configs/gluetun:/gluetun:Z
# SecurityLabel=disable

[Service]
Restart=always

\#[Install]
\#WantedBy=default.target

---

[Unit]
Description=qBittorrent Container
# Dependencies
# pod
Wants=arr-stack-pod.service
After=arr-stack-pod.service
Requires=arr-stack-pod.service
PartOf=arr-stack-pod.service
# .pod is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=arr-stack.pod
After=arr-stack.pod
Requires=arr-stack.pod
PartOf=arr-stack.pod
# gluetun
Wants=gluetun.service
After=gluetun.service
Requires=gluetun.service
BindsTo=gluetun.service
# .container is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=gluetun.container
After=gluetun.container
Requires=gluetun.container
BindsTo=gluetun.container


[Container]
ContainerName=qbittorrent
Pod=arr-stack.pod
Image=lscr.io/linuxserver/qbittorrent:latest
AutoUpdate=registry
# Network
Network=container:gluetun

# UID/GID permissions / linuxserver images require UID:GID 0:0 at the start; they won't start without it
User=0
Group=0
Environment=PUID=1000
Environment=PGID=1000

# EnvironmentFile=global.env
Timezone=UTC
Environment=TZ=Etc/UTC

# EnvironmentFile=qbittorrent.env
Environment=WEBUI_PORT=8080
# Environtment=TORRENTING_PORT=6881

# Volume :Z (> :z) probably works as well and is saver for configs?
Volume=/var/home/user123/.config/arr-configs/qbittorrent:/config:z
Volume=/var/home/user123/Videos/Downloads:/downloads:z
# Volume=/var/home/user123/Videos/Downloads/completed:/downloads:z,U
# Volume=/var/home/user123/Videos/Downloads/incomplete:/incomplete:z,U
# Volume=/var/home/user123/Videos/Downloads/torrents:/torrents:z,U

[Service]
Restart=always

\#[Install]
\#WantedBy=default.target

---

[Unit]
Description=Prowlarr Container
# Dependencies
# pod
Wants=arr-stack-pod.service
After=arr-stack-pod.service
Requires=arr-stack-pod.service
PartOf=arr-stack-pod.service
# .pod is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=arr-stack.pod
After=arr-stack.pod
Requires=arr-stack.pod
PartOf=arr-stack.pod
# gluetun
Wants=gluetun.service
After=gluetun.service
Requires=gluetun.service
BindsTo=gluetun.service
# .container is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=gluetun.container
After=gluetun.container
Requires=gluetun.container
BindsTo=gluetun.container


[Container]
ContainerName=prowlarr
Pod=arr-stack.pod
Image=lscr.io/linuxserver/prowlarr:latest
AutoUpdate=registry
# Network
Network=container:gluetun

# UID/GID permissions / linuxserver images require UID:GID 0:0 at the start; they won't start without it
User=0
Group=0
Environment=PUID=1000
Environment=PGID=1000

# EnvironmentFile=global.env
Timezone=UTC
Environment=TZ=Etc/UTC

# EnvironmentFile=prowlarr.env
Environment=WEBUI_PORT=9696

# Volume
Volume=/var/home/user123/.config/arr-configs/prowlarr:/config:z,U

[Service]
Restart=always

\#[Install]
\#WantedBy=default.target

---

[Unit]
Description=Sonarr Container
# Dependencies
# pod
Wants=arr-stack-pod.service
After=arr-stack-pod.service
Requires=arr-stack-pod.service
PartOf=arr-stack-pod.service
# .pod is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=arr-stack.pod
After=arr-stack.pod
Requires=arr-stack.pod
PartOf=arr-stack.pod
# gluetun
Wants=gluetun.service
After=gluetun.service
Requires=gluetun.service
BindsTo=gluetun.service
# .container is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=gluetun.container
After=gluetun.container
Requires=gluetun.container
BindsTo=gluetun.container


[Container]
ContainerName=sonarr
Pod=arr-stack.pod
Image=lscr.io/linuxserver/sonarr:latest
AutoUpdate=registry
# Network
Network=container:gluetun

# UID/GID permissions / linuxserver images require UID:GID 0:0 at the start; they won't start without it
User=0
Group=0
Environment=PUID=1000
Environment=PGID=1000

# EnvironmentFile=global.env
Timezone=UTC
Environment=TZ=Etc/UTC

# EnvironmentFile=sonarr.env
Environment=WEBUI_PORT=8989

# Volume / Disable SecurityLabels due to SMB share, need to look this up
SecurityLabelDisable=true
Volume=/var/home/user123/.config/arr-configs/sonarr:/config:z
Volume=/var/home/user123/Videos/Shows:/tv:z
Volume=/var/home/user123/Videos/Downloads:/downloads:z

[Service]
Restart=always

\#[Install]
\#WantedBy=default.target

---

[Unit]
Description=Radarr Container
# Dependencies
# pod
Wants=arr-stack-pod.service
After=arr-stack-pod.service
Requires=arr-stack-pod.service
PartOf=arr-stack-pod.service
# .pod is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=arr-stack.pod
After=arr-stack.pod
Requires=arr-stack.pod
PartOf=arr-stack.pod
# gluetun
Wants=gluetun.service
After=gluetun.service
Requires=gluetun.service
BindsTo=gluetun.service
# .container is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=gluetun.container
After=gluetun.container
Requires=gluetun.container
BindsTo=gluetun.container


[Container]
ContainerName=radarr
Pod=arr-stack.pod
Image=lscr.io/linuxserver/radarr:latest
AutoUpdate=registry
# Network
Network=container:gluetun

# UID/GID permissions / linuxserver images require UID:GID 0:0 at the start; they won't start without it
User=0
Group=0
Environment=PUID=1000
Environment=PGID=1000

# EnvironmentFile=global.env
Timezone=UTC
Environment=TZ=Etc/UTC

# EnvironmentFile=radarr.env
Environment=WEBUI_PORT=7878

# Volume / Disable SecurityLabels due to SMB share
SecurityLabelDisable=true
Volume=/var/home/user123/.config/arr-configs/radarr:/config:z
Volume=/var/home/user123/Videos/Movies:/movies:z
Volume=/var/home/user123/Videos/Downloads:/downloads:z

[Service]
Restart=always

\#[Install]
\#WantedBy=default.target

---

[Unit]
Description=Flaresolverr Container
# Dependencies
# pod
Wants=arr-stack-pod.service
After=arr-stack-pod.service
Requires=arr-stack-pod.service
PartOf=arr-stack-pod.service
# .pod is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=arr-stack.pod
After=arr-stack.pod
Requires=arr-stack.pod
PartOf=arr-stack.pod
# gluetun
Wants=gluetun.service
After=gluetun.service
Requires=gluetun.service
BindsTo=gluetun.service
# .container is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=gluetun.container
After=gluetun.container
Requires=gluetun.container
BindsTo=gluetun.container


[Container]
ContainerName=flaresolverr
Pod=arr-stack.pod
Image=ghcr.io/flaresolverr/flaresolverr:latest
AutoUpdate=registry
# Network
Network=container:gluetun

# UID/GID permissions
User=0
Group=0
Environment=PUID=1000
Environment=PGID=1000

# EnvironmentFile=global.env
Timezone=UTC
Environment=TZ=Etc/UTC

# EnvironmentFile=flaresolverr.env
Environment=WEBUI_PORT=8191
Environment=LOG_LEVEL=info
Environment=LOG_HTML=false
Environment=CAPTCHA_SOLVER=none

# Volume=flaresolverr:/app/

[Service]
Restart=always

\#[Install]
\#WantedBy=default.target

---

[Unit]
Description=Podman - Jellyfin
# Dependencies
# pod
Wants=arr-stack-pod.service
After=arr-stack-pod.service
Requires=arr-stack-pod.service
PartOf=arr-stack-pod.service
# .pod is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=arr-stack.pod
After=arr-stack.pod
Requires=arr-stack.pod
PartOf=arr-stack.pod
# gluetun
Wants=gluetun.service
After=gluetun.service
Requires=gluetun.service
BindsTo=gluetun.service
# .container is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=gluetun.container
After=gluetun.container
Requires=gluetun.container
BindsTo=gluetun.container


[Container]
ContainerName=jellyfin
Pod=arr-stack.pod
Image=ghcr.io/jellyfin/jellyfin
AutoUpdate=registry
# Network
Network=container:gluetun

# UID/GID permissions / 1000:1000 might work?
User=0
Group=0
Environment=PUID=1000
Environment=PGID=1000

# EnvironmentFile=global.env
Timezone=UTC
Environment=TZ=Etc/UTC

# EnvironmentFile=jellyfin.env
Environment=WEBUI_PORT=8096:8096/tcp
\#PublishPort=8096:8096/tcp
\#PublishPort=8920:8920
\#PublishPort=7359:7359/udp
\#PublishPort=1900:1900/udp

# Volume
Volume=/var/home/user123/.config/arr-configs/jellyfin:/config:z
Volume=/var/home/user123/Videos/jellyfin-cache:/cache:z
Volume=/var/home/user123/Videos/Movies:/data/movies:z
Volume=/var/home/user123/Videos/Shows:/data/shows:z

[Service]
# Inform systemd of additional exit status
# SuccessExitStatus=0 143a
Restart=always
TimeoutStartSec=900

\#[Install]
# Start by default on boot
\#WantedBy=default.target


---

[Unit]
Description=Homepage Dashboard
# Dependencies
# pod
Wants=arr-stack-pod.service
After=arr-stack-pod.service
Requires=arr-stack-pod.service
PartOf=arr-stack-pod.service
# .pod is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=arr-stack.pod
After=arr-stack.pod
Requires=arr-stack.pod
PartOf=arr-stack.pod
# gluetun
Wants=gluetun.service
After=gluetun.service
Requires=gluetun.service
BindsTo=gluetun.service
# .container is probably not quite what I want, but it works and I might as well keep it, in case they change the syntax
Wants=gluetun.container
After=gluetun.container
Requires=gluetun.container
BindsTo=gluetun.container
# idk about this?:
After=network-online.target
Wants=network-online.target
# Socket
Wants=podman.socket
After=podman.socket
Requires=podman.socket


[Container]
ContainerName=homepage
Pod=arr-stack.pod
Image=ghcr.io/gethomepage/homepage:latest
AutoUpdate=registry
# Network
Network=container:gluetun

# UID/GID permissions
User=1000
Group=1000
Environment=PUID=1000
Environment=PGID=1000

# EnvironmentFile=global.env
Timezone=UTC
Environment=TZ=Etc/UTC

# EnvirontmentFile=homepage.env
\#Environment=LOG_LEVEL=debug
Environment=HOMEPAGE_ALLOWED_HOSTS=gethomepage.dev
\#PublishPort=3000:3000

# Podman socket (recommended on Bazzite)
Volume=%t/podman/podman.sock:/var/run/docker.sock:ro
\#Volume=/var/run/docker.sock:/run/user/1000/podman/podman.sock:ro
\#Volume=/%t/podman/podman.sock:/run/user/1000/podman/podman.sock:ro

# Volume / Config directory
SecurityLabelDisable=true
Volume=%h/apps/homepage:/app/config:Z
Volume=%h/apps/homepage/icons:/app/public/icons:Z

[Service]
Restart=on-failure
TimeoutStartSec=300

\#[Install]
\#WantedBy=default.target

Questions:
- 1. If I use "podman exec ip route" (on e.g. qbittorrent) the default route goes through my actual network interface (actual ip adress) which I very much do not want (or through my killswitch dummy network from my VPN if on, which is better but still not ideal). Is there a way to completely remove my actual network from a container's eyes? "podman exec ip addr" shows 1 lo (local), 2 my actual network, 4 tun0 from gluetun. The traffic does go through gluetun correctly, but I don't trust it 100%. Having the containers separated and NOT inside a pod gives the same result, since the containers share the network namespaces from the gluetun container when I do "Network=container:gluetun" (same as just having them in a pod as far as I understand).
I tried to also create a podman network without a default gateway, but then gluetun cannot connect to the VPN in the first place.

EDIT: A few notes: I thought gluetun was supposed to set the default route (but it seems it either doesn’t or can’t). My goal was to only have gluetun see my computer’s network and have the containers only see local network and gluetun’s tun0 network (with default routing through tun0). AFAIK pods share network namespaces, though, so that might not be possible? (even without pods?)

• 
  
  1. My setup works but is quite convoluted and probably has many unnecessary lines, so please give me any improvements you see

  
  

• 
  
  1. Is User=1000, Group=1000, even sensible? For example in the homepage container those lines result in the container showing User "1000:1000" (from podman inspect). Would User=0, Group=0 (or no lines since I use UserNS=keep-id in the pod?), which shows as User=root (podman inspect) mean that it has actual root access or just that it is root INSIDE the container?

  
  

Thank you in advance for the answers, in case I don't reply to your comment specifically.

The lies this administration is telling about Ms. Good aren’t those you deploy as part of a cover-up. They’re those you use when you want to show you can get away with anything. They’re a projection of power.

https://www.nytimes.com/2026/01/21/opinion/ice-shooting-renee-good.html?unlocked_article_code=1.GFA.3-Y-.-rF6Io1KNMC3

The Environmental Protection Agency has stopped estimating the dollar value of lives saved in the cost-benefit analyses for new pollution rules.

https://www.nytimes.com/2026/01/21/climate/epa-human-life-value.html?unlocked_article_code=1.GFA.Wwiz.YjpsWmGUWiI9

From : techhub.social/@sawaba@infosec… (mastodon)

The enshittification of computer repair is happening.

AI has amazingly managed to make repairable computers practically worthless.

The increase in memory and storage pricing is destroying the second-hand market for computing hardware and this makes me sad. I watched a video from someone that runs a repair shop, and this is what's happening:

The memory/storage alone is worth more than the rest of the computer, so people are stripping them out to sell separately.

The second hand market is now flooded with computers that have no memory or storage. Buying new memory or storage to put in these used computers is now more expensive than buying a new computer.

So we now suddenly have a giant e-waste problem PLUS a giant problem for repair shops that want to stay in business.

In the video, he was basically saying that they have to pivot to the only computers that folks aren't stripping RAM and storage out of - computers that have those things soldered on. The irony here is that repair shops now have to ignore the most repairable computers and focus on the least repairable computers instead.

I've been looking for a way to discover new music. Spotify used to be quite good, but now I feel like 10% of the stuff it recommends me is AI slop.

How do you navigate the music-scape?

I forgot to check the size of the sourced png for the logo. I had to login via tui & delete the file. It was silly. Much better now with better icon.

Edit: I'll grab a pic soon of the fixed one. It's better 😄

Hello!

I am a fairly new GM, and have only ran a few sessions of CY_BORG. I’ve played in many home TTRPG games (mostly DnD 5e) and have familiarized myself (through reading rather than experience sadly) with some fundamental RPG design and GM advice. My issue is, at the time I went to the game store to pick up RPG books, I wasn’t knowledgeable on Shadowrun and the editions/universe other than the fact I wanted to run it some day.

I have now realized, after buying the book and past the possibility of return, that I have bought the reprint of Shadowrun 2050 (1e) which appears to be the most complicated and problematic of the games in terms of system. That being said, I’d still like to run this some day and I’m mostly fine with a bit of complexity and crunch in an RPG. I was wondering, though, if there was a way that I could sort of build up to running something like Shadowrun?

Running not only a very rules heavy system but also a world with something complicated like The Matrix in it is pretty daunting compared to most RPG systems I’ve been interested in, so I’m a bit lost on resources to help guide me. It also doesn’t help that even among old school Shadowrun fans 1e seems to be the least played edition.

Thanks in advance!

Greater cold - Dahan in Chinese, Daikan in Japanese. Every breath hangs in the air as snow clings to the branches.
I tried to capture that moment during my recent walk.

All the photos - quietpresence.art/daikan-great…

Thank you for checking it out.

Tim Sigsworth
19 January 2026 2:48pm GMT

The White House has told Britain to stop arresting people who express support for Palestine Action.

Sarah Rogers, Donald Trump’s free speech tsar, said the arrests were “censoring” free speech and did “more harm than good”.

More than 2,000 people have been arrested for expressing support for Palestine Action since it was proscribed as a terror group in July last year.

Ms Rogers, the US state department’s under-secretary for public diplomacy, said that the public should be allowed to say they back the group.

“I would have to look at each individual person and each proscribed organisation,” she told Semafor. “I think if you support an organisation like Hamas, then depending upon whether you’re coordinating, there are all these standards that get applied.

“This Palestine Action group, I’ve seen it written about. I don’t know what it did. I think if you just merely stand up and say, ‘I support Palestine Action’, then unless you are really co-ordinating with some violent foreign terrorist, I think that censoring that speech does more harm than good.”

Palestine Action was proscribed in July 2025 after its activists broke into RAF Brize Norton in Oxfordshire and vandalised military aeroplanes.

In a campaign of vandalism and trespass protesting the war in Gaza, it has targeted businesses that it claims are linked to Israel.

Anyone who expresses support for the group – which is often done on a piece of paper – faces arrest and a maximum prison sentence of six months.

Ms Rogers has been an outspoken critic of Sir Keir Starmer’s Government and freedom of speech in Britain since taking her position in October last year.

She has criticised the Prime Minister for cancelling local elections, curbing rights to jury trials and not banning cousin marriage.

Ms Rogers also compared Britain under Labour to Vladimir Putin’s Russia after the Government threatened to ban Elon Musk’s X over the creation of naked images of women and children by its AI service, Grok.

She also said British police forces were wrong to arrest people for using the phrase “globalise the intifada”.

The Metropolitan Police and Greater Manchester Police (GMP) said last month that anyone chanting the slogan would face arrest in a more robust approach to pro-Palestinian protesters following the Bondi Beach and Manchester synagogue terror attacks.

“I’m from New York City where thousands of people were murdered by jihadists,” Ms Rogers said, referring to the 9/11 terror attack. “I don’t want an intifada in New York City, and I think anyone who does is disgusting, but should it be legal to say in most contexts? Yes.”

In December, Greta Thunberg, the Swedish climate activist, was arrested in London for expressing support for Palestine Action. She was later bailed until March.

The group is in the midst of a legal challenge against its proscription and critics of the ban have argued the group is not comparable to violent terror groups such as Al-Qaeda or the Irish Republican Army (IRA).

Proscription ‘is draconian’

Amnesty International, the charity, has said the group’s proscription is an example of “problematic, overly broad and draconian restrictions on free speech”.

A number of the group’s activists embarked upon a hunger strike while being in prison on remand as they awaited trial.

Scottish prosecutors have offered to drop charges against some supporters of Palestine Action if they accept a £100 fine.

Adam McGibbon, who refused the offer, said: “The fact that the authorities are offering fines equivalent to a parking ticket for a ‘terrorism offence’ shows just how ridiculous these charges are. Do supporters of Islamic State get the same deal?

“I refuse to pay this fine, as has everyone else I know who has been offered one. Just try and put all 3,000 of us who have defied this ban so far in jail, Shabana Mahmood. Have you got the space?”

Mr McGibbon was among those arrested at a mass rally on Edinburgh’s Royal Mile in July 2025.

Lord Walney, co-chairman of the all-party parliamentary group for defending democracy, said: “It is unfortunate that Sarah Rogers says she is unaware of the history of violence and organised sabotage that led the UK Government to proscribe Palestine Action as a terrorist organisation.

“The president has spoken out in strong terms against far-Left violence and intimidation in the US and it is obvious he would in no way support these extremists damaging RAF jets, smashing up defence factories and attacking security staff with sledge hammers here in the UK.”

A spokesman for the Home Office said: “Palestine Action has conducted an escalating campaign involving not just sustained criminal damage, including to Britain’s national security infrastructure, but also intimidation and alleged violence and serious injuries to individuals. That kind of activity puts the safety and security of the public at risk.”

Greta Thunberg arrested at Palestine Action protest in London

Swedish activist, 22, expressed support for proscribed group at demonstration in London

^{Tom Cotterill (The Telegraph)}

The British government co-owns a UAE-controlled port in Somaliland that is part of a network of Emirati infrastructure used to arm the paramilitary Rapid Support Forces (RSF) accused of committing atrocities in Sudan.

The UK’s stake in Berbera port is held through the government’s foreign investment arm, British International Investment (BII), which jointly owns the strategic Horn of Africa port with the UAE’s logistics behemoth DP World and the Government of Somaliland.

Somaliland, a former British colony, is a breakaway region of Somalia that is currently at the centre of a diplomatic controversy after Israel last month became the only country in the world to recognise its independence from Mogadishu in a move that has drawn widespread international condemnation.

UK government co-owns Somaliland port at centre of Horn of Africa crisis

^{Oscar Rickett (Middle East Eye)}

The organization notes that it spent over 9,000 hours investigating the incident and found no evidence that the stolen data has been misused or published on the dark web.

However, to help mitigate the risks, CIRO will be providing all affected investors with a free-of-charge two-year credit monitoring and identity theft protection service.

https://www.bleepingcomputer.com/news/security/ciro-data-breach-last-year-exposed-info-on-750-000-canadian-investors/

Can Android apps use WebRTC, or is WebRTC only available in browsers?

If Android apps can use WebRTC, how can it be blocked per app or system-wide to prevent IP or network leaks?

I will note that these are scope 3 emissions, so it includes the emissions associated with fossil fuels extracted by these firms and burned by others, as well as those from electrical generation when end consumers use the electricity.

These are Scope 3 Category 11 emissions, corresponding to "use of sold products", however this has been modified to quantify emissions from each fossil fuel company’s net production of oil, gas, or coal as opposed to sold products.

Half of world’s CO2 emissions come from just 32 fossil fuel firms, study shows

Critics accuse leading firms of sabotaging climate action but say data increasingly being used to hold them to account

^{Damian Carrington (The Guardian)}

For months now, donations have been very limited.
I am a mother of four children, and for years we have been living in a fragile tent that cannot protect us from the cold of winter or the heat of summer.

Every day, my only wish is to keep my children safe and warm. We are in desperate need of your help to survive. We rely completely on your donations to stay alive and to meet our most basic needs.

Any donation, no matter how small, can help us buy food, blankets, or clothes for my children.
Please don’t forget us.
You are our lifeline
gofund.me/f6e9cc9d

European organizations are about to launch their own social media platform, W, amid rising tensions with the United States.

The new platform, W, will require identification and photo validation to ensure that its users are both humans and who they claim to be, Danish news media outlet Politiken.dk reports.

https://cybernews.com/tech/europe-social-media-w/

We are still in desperate need of your help. Everyone around us lives in safety, warmth, and happiness… but we have been deprived of that for two long years. We are trying to rebuild our lives from zero, but life in the tents makes everything harder.

Imagine living in winter inside nothing but a thin piece of nylon that cannot protect you from the freezing cold…
Imagine wishing to eat something simple, but you can’t find it… or it exists, but the price is so high you can only look at it from afar…
Imagine trying to stay strong for your children while everything around you falls apart.

Any donation — no matter how small — can help us take one step toward rebuilding our lives.
Please… do not forget us.
Your support means survival for us.
gofund.me/00439328

On an ice floe, a bunch of bunnies act like penguins, swimming and sliding into the water. The bunny's fur is black and white like emperor penguins. Two real penguins look on confusedly.

Source: Bluesky

https://www.livescience.com/space/black-holes/like-watching-a-cosmic-volcano-erupt-scientists-see-monster-black-hole-reborn-after-100-million-years

Archived copies of the article:
* ghostarchive.org
* archive.today

The details on this are not promising:

Nearly 23% of new vehicles sold in California in 2025 were considered zero-emission vehicles, though EV sales were down in the state and across the U.S. compared to the year prior.

...

In the fourth quarter of 2025, only 18% of new cars sold in the state were zero-emission.

It needs to be 100% in the not-very-distant future, and that's going to be really tough without a sharp reduction in prices, which isn't likely to happen due to tariffs pushing prices up.

California exceeds clean car goal despite declining federal support

California has surpassed a goal set in 2012 to put 1.5 million zero-emission vehicles on the road by 2025, Gov. Gavin Newsom announced at the World Economic Forum.

^{Caroline Petrow-Cohen (Los Angeles Times)}