Polishing up your resume and LinkedIn?

Are you okay?

They do. By default the system partition is straight up mounted read-only.

https://github.com/gerardog/gsudo

More like SudoExW

Is that… ICQ? Why?

systemctl disable systemd-critic.service

Systemd-init, the core part of systemd, offersa wide range of features surpassing other init systems. More features lead to more bugs and security vulnerabilities.

This is a bad take. Many of systemd’s features improve security significantly. And having all that code in one cohesive place can’t possibly be inherently less secure than the cornucopia of init scripts we used to use.

And if the backup was merged into existing contacts, just take a new one. Then you can purge all contacts instead of trying to sort through the broken ones.

Adversarial interoperability is not exploitative.

They do. Even back in their pre-UEFI days, it was possible to flash BIOS from a properly-formatted USB drive by holding down a magic key combination at power on. But it was not exactly publicized as a supported method.

I asked DALLE-2 for a “wide shot of a delivery driver in a Louisiana bayou with bagged food” and it gave me this:

That’s certainly a fascinating way to interpret “bagged food.”

When your layer 1 problem turns into a layer 3 problem 😅

Holy moly!

“If we don’t have Spotify working properly across Play services and core services, people will not buy Android phones,” Harrison testified.

Google: Sorry, other devs! You just aren’t as important as Spotify!

[I mean, they aren’t wrong. But this does not bode well for them!]

Sometimes, less is more.

I would recommend trimming all your custom configuration from your router/firewall, one change at a time, until you can no longer reproduce the issue.

Or go the other way around: set up a barebones configuration, confirm the issue is resolved, and begin adding one customization at a time until it breaks.

How do your bufferbloat tests look?

https://www.waveform.com/tools/bufferbloat

It sounds like you have a lot of stateful inspection configured. YouTube’s heavy usage of QUIC (i.e. UDP transport) may not play well with your config.

And, incidentally, what does your hardware look like?

Frankly, even the most barebones router should be able to handle YouTube. I am running pfSense in an ESXi VM, with passthru Intel gigabit NICs, 2 GB reserved RAM, and 2 vCPU (shared, but with higher priority than other VMs) on a Dell desktop with a second-gen i7 that was shipped from the factory in 2012.

Yes, I am routing on decade-old hardware. And I have never seen anything like what you are describing.

YouTube should “just work.”

I am going to assume that if you’re running OpenWRT, then you are probably using a typical consumer router? Please correct me if I am wrong.

Have you by any chance tried backing up your OpenWRT config and going back to stock firmware?

I know, I know, OpenWRT is great. I have a consumer router that I flashed with it to use strictly as a wireless AP.

But consumer devices flashed with vanilla OpenWRT tend to have very, very little resources left over to handle fun configurations.

And I have a feeling some of the fun configuration might be contributing to your issues.

It’s not just storage capacity either. Google uses custom silicon just to keep up with all the transcoding.

https://blog.youtube/inside-youtube/new-era-video-infrastructure/

At the time that article was released (April 2021), users were uploading over 500 hours of video per minute.

They already did

If you’re going to run fiber cables, run two or three. At least two.

You don’t want to do that twice if you don’t have to. And if you need to troubleshoot your layer 1 at some point in the future, it’s a lot less frustrating to have a good spare versus having to run more later just for testing.

I would go with 2 in aggregate (if you have the ports) + 1 spare.

But yes, fiber would definitely be a better option if you have enough clearance to run it without kinking it. Might even be cheaper depending on the cost of copper these days. The real cost is usually in the SFP+ modules.

Definitely do some research on the switches that you have before you buy the modules and cabling. Certain modules can be finicky with certain switches.

Do you have room to keep one quiet switch in the existing closet? Maybe mounted to the ceiling?

Can you run 4 uplink cables from the closet to the basement?

Fanless managed switches with 4x 10G uplink ports and at least 16x 1G access ports are reasonably cheap (minutes transceivers, of course). For example:

https://www.fs.com/products/134655.html?attribute=8032&id=289447

If you can fit the cost into your budget, use CAT8 for your uplinks. That way if you ever do decide to upgrade your access network to 10G, you can bump your 4x uplink up to 25G without having to rewire.

Not that you’ll probably ever need that much bandwidth in a house in the next decade or two.