However, I realized I can simply add custom fonts into Bambu Studio.

This Bambu Lab forum thread set me off in the correct direction.

Conclusion: Reddit is not always helpful

Again, there are Reddit threads that are not helpful:

• This thread from February 2023, and
• This thread from December 2022.

So I was wondering about 3D resin printing, as I saw a video from 3D Printing Nerd.

(Random: I think Joel of 3D Printing Nerd is basically like Markiplier in 3D printing, with some of Mark's hyperactivity toned down.)

Some thoughts

So, I've seen the acronym SLA, which is associated with resin 3D printing, which comes from stereolithography.

I was interested in the TinyMaker, which was the very small resin 3D printer showcased in the video. There was initially a Kickstarter crowdfunding campaign, and then a continued open-end timeline campaign on IndieGoGo.

The video mentioned that the TinyMaker files are available, and TinyMaker states that it is open source hardware. However, I had no luck finding the files, at least easily. The only result I found was this GitHub repository, which was last active in 2018.

Currently I'm a bit wary, as some backers are only recently receiving the TinyMaker 2 years after the campaign ended. Yes, I know there's an inherent risk with crowdfunding. So, I'll wait until TinyMaker reaches steady public availability.

Alternatives: maybe just get a “normal” sized resin printer?

I might as well consider the currently only option from Prusa for consumers: the Original Prusa SL1S SPEED 3D Printer and CW1S (cure and wash station) bundle.

There is a MSLA (masked SLA) printer from Prusa: Prusa Pro SLX. However, that looks like a professional industrial machine, and it is still “coming soon” (as of November 2025).

Conclusion

Currently, a comparable product is the Lite3DP Gen 2, which is available on Crowd Supply.

How it started

I donated to a local nonprofit in 2024, and I really shouldn't say this, but I honestly wish I never did. However, this is not due to a reason you probably expect.

I started to receive significantly more junk mail from charitable nonprofits and groups, more so than usual (at least since the 2020 COVID-19 pandemic). I won't name specific names, but this was a local nonprofit which has a total annual budget size between the order of $1 million and $10 million.

(To the reader: if we know each other IRL, then I'll tell you who the offending org is; and if your savvy with implementing an actionable fix with the issue below, then maybe we can work out a way for me to get out of this rut of a “situation” — as if this is or should be by highest priority project to take on right now. Let's just say that some of you will be surprised by the org I have in mind, which either intentionally uses the services of data brokers, or at least has some heuristic workflow that is leaking donor info to data brokers. The overall situation has a bit of a tragic irony.)

I'm (usually) not a vengeful person, at least when it comes to nonprofit orgs genuinely acting in good faith; but I am keeping a running list of these others orgs that engage in buying/selling/sharing snail mail lists as orgs I won't donate money to in the future, due to their respective disregard for mail privacy. However, there are 3 national-level orgs that have (so far) never sold out to physical mail lists: the ACLU, including state chapters; the EFF; and the Freedom of the Press Foundation. I am purposefully excluding comparatively technical groups that would respect the privacy and security of others in general, such as the Signal Foundation and The Tor Project.

On the other hand, the only other way to avoid excessive physical mail list tracking is to donate to small local nonprofits. (Any method is fine — if you're super concerned about protecting your membership info, using a PO box for your mailing address and renewing your member dues via paper check is more than sufficient for most local community members.) This is because these groups literally don't have the money to spend for mass mail solicitations or blanket marketing.

After this happened, I expressed to a local activist about how I'm going to go straight for a paid plan on Privacy.com (at least the lower tier) and skip the free plan. Additionally, I commented that I reaction was essentially the “I can't believe you've done this” meme. (Somehow, I was initially confused this with the “Charlie bit my finger” meme.)

How it's going (and the future)

I no longer think it's safe for me to order computers and ship the delivery to my residential address, using my own debit card. (That does remind me – I really should get a credit card for better payment protection and everything else that encompasses.)

I remembered that I ordered the HP Dev One in 2022 and the box's outer shipping box wasn't even taped closed when it arrived on my doorstep. Due to my living situation since 2020, I no longer trust anything that goes through the mail, and after Andrew “bunnie” Huang's assessment of overall supply chain security after the 2024 exploding pager incident in Lebanon, I think it's about high time I figure out the logistics of shipping to a private mail box (PMB) – or maybe I use a friend's address and/or credit card to purchase an online only computer (while I pay my friend for the cost, of course).

However, quite a few large computer manufacturers, who primarily have B2B (business-to-business) though also some minor B2C (business-to-consumer) sales, will tell customers that sending deliveries to a PO Box is not allowed during checkout. This includes Lenovo, HP, and even Framework. (I have to double check for System76.) This is partly why I was sad when Costco no longer sold any in-store ThinkPad laptops anymore (one probable cause might be the pandemic, but that's another matter).

If you have any somewhat serious considerations to become a Linux distro maintainer or even a package manager (such as the AUR/MPR), you should at least consider this while threat modeling. I recall Ariadne Conill tweeting about how a Lenovo ThinkPad laptop that they tried ordering online was suspiciously redirected to Langely, Virginia while en route to their home in early 2022, which was symptomatic of mail interdiction. However, those tweets were deleted around late 2022 or early 2023.

(The guide has been saved on the Wayback Machine and archive.today.)

You must log in via browser to edit these settings. (Neither the desktop apps nor the mobile apps can change the following settings.)

1. From the main screen in Bitwarden, navigate through the following menus: Security (vertical menu) > Keys (horizontal)
2. Select Argon2id for “KDF algorithm” and enter 10 for “KDF iterations”.
3. Enter 64 for “KDF memory (MB)” and 8 for “KDF parallelism” (number of threads).
4. If you changed any settings, then click on the “Change KDF” button to save any changes (and Bitwarden will log you out of your account on all devices).
   • Otherwise, if no changes were made, then you can leave the “Keys” menu.

Personal context

I need to make sure I have something I can reference when I set up organization accounts on Bitwarden for colleagues and friends.

I vaguely remember that this was discussed roughly around the same about how the default KDF for LUKS (full disk encryption on Linux) was set up. Back in April-May 2023, the sources for episode 132 of the the Surveillance Report podcast was released during the time when the podcast released roughly biweekly – so the podcast lagged at least 1-2 weeks behind current events.

This forum thread helped to date this news story, as well as this assessment.

The GH project's wiki references following steps outlined in the ArchWiki.

Additionally, I came across the following sources:

• Super User thread from Stack Exchange
• GitHub gist from July 2022
• A blog post from January 2022

I haven't been able to sit down and try this — but expect that this worked if I don't come back to follow up.

There is resource page from the FTC and another FTC page to report online scams, as well as the the Internet Crime Complaint Center (IC3) page from the FBI.

Conclusion

Most traditional jobs don't advertise on Craigslist. I almost got burned, but luckily I smoked this scam out before I could even apply for it.

The particular one I was looking at struck me as strange, as it has been the only Craigslist posting (of any type) that didn't use Craigslist's prviate e-mail relay/address option. Due to this, I kept looking at the e-mail address (as it was a Yahoo e-mail address, instead of from an official e-mail address from a real American healthcare corporation) until I realized I was looking at a scam — it was very much like looking at a very well camoflauged animal for a long time before spotting it.

An offer that's “too good to be true” doesn't have to be hyperbolically exaggerated to the point of being comical and super obvious — it can also be a toned-down, realistic decoy.

Also, it is a good rule of thumb to cross-reference and check if the same online job listing you've stumbled upon on an aggregate site (such as Craigslist or Indeed) can be found on a better first-party source, such as the company website.

For example, if you use a password manager, then you should wait a few seconds (at least 5 seconds, if I had to pick name a number) before submitting your password. (Then, you will be prompted with an hCaptcha, if you are using a VPN; followed by an SMS message for 2FA.)

I received an error message, identical to that described in an EcommerceBytes article from January 2021. I think this was because I tried to log in very quickly, assisted by KeePassXC.

This YouTube video from August 2023 also shows the rate limiting.

This is sort of annoying, as checking my order status on eBay is currently my only way to check the shipping status of orders, since even the U.S. Postal Service completely blocks VPNs (at least Mullvad VPN) when I tried doing this about two days ago.

Louis Rossmann made a video on Virgo in mid-July 2023. However, not all the details he discussed was correct, according to paper. Whatever applicable software and firmware will be using GPLv3, but the hardware will be using the strongly reciprocal version of the CERN Open Hardware Licence (CERN-OHL-S).

Bryan Lunduke also made a video about Virgo in late July 2023. Lunduke's reporting had more accurate details. (Yes, I know Lunduke has gone off the deep end, but he is one of the few people online who can accurately report on Virgo.)

Virgo's project files can be found on System76's GitHub repo.

There hasn't been much activity since 2023. I suppose it's because System76 has preparing to release its Rust-based COSMIC desktop environment (DE) in 2024. The alpha should be released in August 2024... is it August 8th? (I believe this is true? However, I can't seem to find the date anymore. Maybe I should listen to episode 10 of the System76 podcast...)

• Library libcosmic repo
  • Reddit announcement
  • Documentation
• This cosmic-epoch repo is for the COSMIC DE itself
• iced GUI library in Rust
  • GH repo
  • iced documentation
• Just framework for running custom commands
  • GH [repo](https://github.com/casey/just}
• COSMIC application (and applet) template repo
• COSMIC Project Collection list
• Catppuccin's pastel theme for COSMIC

I'm saving links I'll use for editing videos with Ffmpeg.

Here are some of those links:

• Convert video from 4K to 1080p on Video StackExchange or (SE)
• Cut video based on timestamps on Stack Overflow (or SO)
• Several strategies to merge videos
  • Article from Stockstack
  • Q&A from SO
  • Q&A from Super User
  • Article from Creatomate