Atemu

Atemu , 2 months ago

WARNING: CLOCK GAINED 3 DAYS

Haha, these little details are so great :)

Atemu , 2 months ago (edited 2 months ago)

The reason is software patents and asinine licensing for HEVC. Thank the greedy fucks in suits for that.

Atemu , 2 months ago

AFAIK, this is a Windows-specific option which requires the user to have purchased a license for the Windows HEVC decoder on the windows store.

Atemu , 2 months ago

Cryptomator is made for that exact purpose.

Atemu , 2 months ago

Flash loses memory over many years. I'd use like 3 different mediums and always keep a hash of the key with the key.

Atemu , 2 months ago

They do have an API, but I haven’t found anything written on top of that.

Not 3rd party of course but most of their official clients are FOSS.

How do they ensure zero knowledge if you send them the username and password?

Because you don't. I haven't looked into how it works exactly but all your browsers sends is your username and a proof of you having access to the password

Atemu , 2 months ago

At that point, might as well send E2E encrypted mail via GMail.

From a security stand-point: Yes. From a privacy standpoint: Absolutely not.

Atemu , 2 months ago

Doesn’t Proton specifically provide instructions for how to use proton mail via proton vpn (and/or tor, discussed in the article) to provide extra privacy against IP-demanding court orders?

That would be rather short-sighted or disingenuous as they would then simply be forced to log their proxy too.

Atemu , 2 months ago

Oh? When did that happen?

I checked a few other repos and it appears the android app is the only repo where this was done.

Hey @protonprivacy, why were issues disabled on https://github.com/ProtonMail/proton-mail-android?

Atemu , 2 months ago

I wouldn't really call the BE service "core" to what they provide. All the truly interesting code is in the clients. The server just an email service that stores the email in an encrypted format and talks their custom API.

An open source ProtonMail back-end won't help you in any way unless you're trying to host PM yourself I guess?

Atemu , 2 months ago

Are you spoofing your user-agent or have enabled other fingerprinting "mitigations"?

Atemu , 2 months ago

Have you spoofed your country? Check the Aurora Store settings.

Atemu , 2 months ago

Hm, I thought it had something like this but it does have languages but your display language appears to be your local language. Perhaps it different though; worth checking.

Atemu , 2 months ago

I'll take "didn't get the point of FOSS" for $3.14.

What the heck.

Atemu , 2 months ago

And that's just tail-pipe emissions. PHEVs have much greater production emissions due to their batteries too.

Atemu , 2 months ago

Without any cold hard data, this isn't worth discussing.

Atemu , 2 months ago

That is just a specific type of drive failure and only certain software RAID solutions are able to even detect corruption through the use of checksums. Typical "dumb" RAID will happily pass on corrupted data returned by the drives.

RAID only serves to prevent downtime due to drive failure. If your system has very high uptime requirements and a drive just dropping out must not affect the availability of your system, that's where you use RAID.

If you want to preserve data however, there are much greater hazards than drive failure: Ransomware, user error, machine failure (PSU blows up), facility failure (basement flooded) are all similarly likely. RAID protects against exactly none of those.

Proper backups do provide at least decent mitigation against most of these hazards in addition to failure of any one drive.

If love your data, you make backups of it.

With a handful of modern drives (<~10) and a restore time of 1 week, you can expect storage uptime of >99.68%. If you don't need more than that, you don't need RAID. I'd also argue that if you do indeed need more than that, you probably also need higher uptime in other components than the drives through redundant computers at which point the benefit of RAID in any one of those redundant computers diminishes.

Atemu , 2 months ago

Yes. Low power draws add up. 5W here 10W there and you're already looking at >3€ per month.

Atemu , 2 months ago

The problem is that it's not just 15W; I merely used that as an example of how even just two "low power" devices can cause an effect that you can measure in dollars rather than cents.

Atemu , 2 months ago

You probably could. Though I don't see the point in powering a home server over PoE.

A random SBC in the closet? WAP? Sure. Not a home server though.

Atemu , 2 months ago

10% worse efficiency > no refrigerator

Atemu , 2 months ago

.

Atemu , 2 months ago

This is not true. As soon as the key is wiped from the TPM-like thingy, any data left on the flash is unrecoverable.

Atemu , 2 months ago

You linked FUD.

Atemu , 2 months ago

Not sure it's positive; given the US' asinine privacy laws, I don't see this going anywhere.

Atemu , 2 months ago

Is this all the metadata it adds?

Because the information you've shown here is not at all sensitive. It's just the timestamp, Android version and time zone.

Atemu , 2 months ago

The software version doesn’t just say “Android 14” either. It looks very specific.

Yeah, it's likely a rather precise Android version.

So what? What does the Android version you use reveal about you? What part of your threat model does it violate?

Here, you can have the exact version of my phone: lineage_FP4-userdebug 13 TQ3A.230901.001 2023111915 test-keys. Can you identify me now?

(In my case, you theoretically actually could because my version is unique because I homebrew my Android but if you didn't know that, it'd look like any other FP4 with !lineageos on it which is why I'm not at all worried.)

No matter how you look at it, this is not an acceptable way for a device to behave, with no way to change it in settings.

Adding useful metadata that reveals no actual data about the user is a great feature and not worth adding a setting for; especially not in the UI.

I didn't know about this before but I'll look out for that whenever sends a bug report of a mobile app with screenshot as it might include the device and Android version used which is super useful info to have when troubleshooting.

Atemu , 2 months ago

If you have the Mossad targetting you, that's an extreme edge-case which has no place in an argument about online privacy.

Atemu , 2 months ago

That argument ignores that you need an account to upload pictures in most places (including here); you're already identified.

Ignoring that, while it is technically true that the Android version adds a data point and therefore identifying bits of information, you'd still be one of 10^5 - 10^6 people in the same time zone with the same device/version combo unless you're using some extremely uncommon device or are in an extremely unpopulated time zone. Compared to user agent and IP address, this is extremely little information and I'd argue quite useless without. If you need such strongly identifying data to even make any use of this, I don't think it's worth worrying about.

Besides, if you control a forum or other site that allows picture uploads and wanted to identify a user, there are so much better methods than any of this.

Atemu , 2 months ago

It's fine to as that sort of question; I wouldn't say it doesn't "belong in this community". That doesn't mean it makes sense to care about this which is what I wanted to point out.

Atemu , 2 months ago

If you're not looking to question your views, then ignore people like me who do. Though as a general rule of thumb, not questioning your own views may not be the best strategy in life but you do you.

Atemu , 2 months ago

Sooo Indian authorities tried to reach out to PM directly, PM didn't comply because India has no authority whatsoever over a Swiss company and PM had to ask the Swiss authorities to go tell the Indian ones to use the proper channels instead?

Atemu , 2 months ago

If you're using containers for everything anyways, the distro you use doesn't much matter.

If Ubuntu works for you and switching away would mean significant effort, I see no reason to switch outside of curiosity.

Atemu , 3 months ago

If you want to be anywhere near "reasonably anonymous" on the internet, you must use TOR browser.

A regular browser is so full of functionality and settings that make you stand out that using a VPN proxy or not hardly matters.

Atemu , 3 months ago

The operating system is explicitly not virtualised with containers.

What you've described is closer to paravirtualisation where it's still a separate operating system in the guest but the hardware doesn't pretend to be physical anymore and is explicitly a software interface.

Atemu , 3 months ago

I don't know shit about plural systems and have no idea about PluralKit but I can already forsee two issues that regular user accounts would have:

• There may be systems who switch operators frequently; having to switch between multiple accounts could be a major hurdle for fluent conversation
• Some systems may have too many operators to reasonably manage accounts for

As far as I understand it, PluralKit is more of a hack for acting as multiple pseudo-accounts with the convenience of a single (platform-) account. Given that Matrix, Element and the like are FOSS, it ought to be possible to build such a convenient single-"user" multi-account mechanisms into the clients or even protocol themselves rather than relying on hacky 3rd party add-ons.
Especially given that the user base of Matrix is far more likely to come into contact with plural systems than the general population is. (In the communities I frequent, I know of at least one and would not be surprised if there were quite a few more.)

Atemu , 3 months ago

What @silent_squirrel mentioned does not require a targetted attack.

Atemu , 3 months ago

A really, really cool solution for problem nobody has.

Atemu , 3 months ago

Do you have a media center and/or server already? It's a bit overkill for the former but would be well suited as the latter with its dedicated GPU that your NAS might not have/you may not want to have in your NAS.

Atemu , 3 months ago

Languages simply don’t agree on how to split the usage of words. Or grammatical case. Or if, when and how to do agreement.

Just for the sake of example: how are they going to keep track of case in a way that doesn’t break Hindi, or Basque, or English, or Guarani? Or grammatical gender for a word like “milk”? (not even the Romance languages agree in it.) At a certain point, it gets simply easier to write the article in all those languages than to code something to make it for you.

I don't know what the WMF is planning here but what you're pointing out is precisely what abstraction would solve.

If you had an abstract way to represent a sentence, you would be independent of any one order or case or whatever other grammatical feature. In the end you obviously do need actual sentences with these features. To get these, you'd build a mechanism that would convert the abstract sentence representation into a concrete sentences for specific languages that is correctly constructed according to those specific languages' rules.

Same with gender. What you'd store would not be that e.g. some german sentence is talking about the feminine milk but rather that it's talking about the abstract concept of milk. How exactly that abstract concept is represented in words would then be up to individual languages to decide.

I have absolutely no idea whether what I'm talking about here would be practical to implement but it in theory it could work.

Atemu , 3 months ago

Somewhere inside that abstraction you’ll need to have the pieces of info that Spanish “leche” [milk] is feminine, that Zulu “ubisi” [milk] is class 11, that English predicative uses the ACC form, so goes on.

Of course you do. The beauty of abstraction is that these language-specific parts can be factored into generic language-specific components. The information you're actually trying to convey can be denoted without any language-specific parts or exceptions and that's the important part for Wikipedia's purpose of knowledge preservation and presentation.

you'll need people to mark a multitude of distinctions in their sentences, when writing them down, that the abstraction layer would demand for other languages. Such as tagging the "I" in "I see a boy" as "+masculine, +older-person, +informal" so Japanese correctly conveys it as "ore" instead of "boku", "atashi, "watashi" etc.

For writing a story or prose, I agree.

For the purpose of writing Wikipedia articles, this specifically and explicitly does not matter very much. Wikipedia strives to have one unified way of writing within a language. Whether the "I" is masculine or not would be a parameter that would be applied to all text equally (assuming I-narrator was the standard on Wikipedia).

Even the idea of "abstract concept of milk" doesn't work as well as it sounds like, because languages will split even the abstract concepts in different ways. For example, does the abstract concept associated with a living pig includes its flesh?

If your article talks about the concept of a living pig in some way and in the context of that article, it doesn't matter whether the flesh is included, then you simply use the default word/phrase that the language uses to convey the concept of a pig.

If it did matter, you'd explicitly describe the concept of "a living pig with its flesh" instead of the more generic concept of a living pig. If that happened to be the default of the target language or the target language didn't differentiate between the two concepts, both concepts would turn into the same terms in that specific language.

The same applies to your example of the different forms of "I" in Japanese. To create an appropriate Japanese "rendering" of an abstract sentence, you'd use the abstract concept of "a nerdy shy kid refers to itself" as the i.e. the subject. The Japanese language "renderer" would turn that into a sentence like ”僕は。。。” while the English "renderer" would simply produce "I ...".

A language is not an agent; it doesn't "do" something. You'd need people to actively insert those pieces of info for each language, that's perhaps doable for the most spoken ones, but those are the ones that would benefit the least from this.

Yes, of course they would have to do that. The cool thing is that this it'd only have to be done once in a generic manner and from that point on you could use that definition to "render" any abstract article into any language you like.

You must also keep in mind that this effort has to be measured relative to the alternatives. In this case, the alternative is to translate each and every article and all changes done to them into every available language. At the scale of Wikipedia, that is not an easy task and it's been made clear that that's simply not happening.

(Okay, another alternative would be to remain on the status quo with its divergent versions of what are supposed to be the same articles containing the same information.)

Atemu , 3 months ago

I also find it weird that you can't create unlimited addresses on your custom domains.

For the shared domains, limits in this regard are absolutely understandable as the supply is limited but addresses should have next to no cost for PM when they're under my own domain.

Why is that? @protonmail

Atemu , 3 months ago

Note that ProtonMail and Fastmail have quite different feature sets.

ProtonMail does not store your Email in plain text for instance; they cannot read them or be ordered to read them. This comes with some drawbacks such as that standard protocols such as IMAP do not work without a bridge because they necessitates that the server can read all the emails.

Atemu , 3 months ago

I imagine a bad actor could buy a custom domain, connect it to proton, and then spam millions of people from thousands of addresses, using Proton’s infrastructure?

You could do that without creating thousands of addresses; one is plenty for that. Also, they'd still be under your domain, so all you'd do is hurt the custom domain's reputation and probably get it blocked by everyone quite quickly. If anything, I'd imagine thousands of addresses under one domain spamming would get that domain banned much more quickly than if it was just one address.

What is the # limit on a custom domain?

There is no specific limit for addresses on custom domains; it's one global limit of 15 addresses, no matter which domain they're under.

Atemu , 3 months ago

I would not buy a CPU without seeing a real-world measurement of idle total system power consumption if you're concerned about energy (and therefore cost) efficiency in any way. Especially on desktop platforms where manufacturers historically do not care one bit about efficiency. You could easily spend many hundred € every year if it's bad. I was not able to find any measurements for that specific CPU.

Be faster at transcoding video. This is primarily so I can use PhotoPrism for video clips. Real-time transcoding 4K 80mbps video down to something streamabke would be nice. Despite getting QuickSync to work on the Celeron, I can’t pull more than 20fps unless I drop the output to like 640x480.

That shouldn't be the case. I'd look into getting this fixed properly before spending a ton of money for new hardware that you may not actually need. It smells like to me that encode or decode part aren't actually being done in hardware here.

What codec and pixel format are the source files?
How quickly can you decode them? Try running ffmpeg manually with VAAPI decode, -c copy, and a null sink on the files in question.

What codec are you trying to transcode to? Apollo lake can't encode HEVC 10 bit. Try encoding a testsrc (testsrc=duration=10:size=3840x2160:rate=30) to AVC 10 bit or HEVC 8 bit.

Atemu , 3 months ago

Glad I could save you some money :)

Atemu , 3 months ago

This is a false dichotomy. Just because containers make it easy to ship software, doesn't mean other means can't be equally easy.

NixOS achieves a greater ease of deployment than docker-compose and the like without any containers involved for instance.

Atemu , 3 months ago

NixOS packages only work with NixOS system. They’re harder to setup than just copying a docker-compose file over and they do use container technology.

It's interesting how none of that is true.

Nixpkgs work on practically any Linux kernel.

Whether NixOS modules are easier to set up and maintain than unsustainably copying docker-compose files is subjective.

Neither Nixpkgs nor NixOS use container technology for their core functionality.
NixOS has the nixos-container framework to optionally run NixOS inside of containerised environments (systemd-nspawn) but that's rather niche actually. Nixpkgs does make use of bubblewrap for a small set of stubborn packages but it's also not at all core to how it works.

Totally beside the point though; even if you don't think NixOS is simpler, that still doesn't mean containers are the only possible mean by which you could possibly achieve "easy" deployments.

Also without containers you don’t solve the biggest problems such as incompatible database versions between multiple services.

Ah, so you have indeed not even done the bare minimum of research into what Nix/NixOS are before you dismissed it. Nice going there.

as robust in terms of configurations

Docker compose is about the opposite of a robust configuration system.