Max_P

Max_P , 16 hours ago

It'll depend a lot on your experience. I can just install Arch without reading the wiki at all in about 5 minutes for something fairly vanilla. If you're comfortable with Linux then following the wiki won't be too hard, took me maybe 2-3 hours on my first install before I had my DE and everything all set up (12 years ago). If you've never used Linux before and take the deep dive then it could take hours and days depending on how fast you can absorb all that information.

"Easy" is very subjective, there's stuff that's so dumbed down for the sake of "easy" that it makes my life harder when I need to do more complex stuff. I know people for whom linear algebra in 11 dimensions is easy for them to do and solve. Easy is relative to your own personal experience level and what you're trying to accomplish.

Install it in a VM as a test run, you'll see by yourself.

Max_P , 1 day ago

No, simply because even with pure CSS and even pure HTML you can find ways to leak some information about the browser. For example, a background image that only loads on 1920x1080, another for 2560x1440, and so on. Make hundreds of those for every possible resolution (they can be the same file on the server but at a different path), and there you go, you now figured that the client downloaded img/background/2448x1280.png from the server logs. You can use the same trick for fonts as well, you just apply the same trick on a box on the page that is sized based on text content. Repeat for every font you want to test for.

There's just a ton of those little features that are for performance optimizations because loading a 4K background on a 480p phone is a bad experience for everyone involved. Sometimes you need to know the size of some elements to position other elements relative to it. You need the mouse cursor position to open popups at the right place. You need the window size to realign popups and modals. You'd have to go back to text based only sites like it's the 80s and 90s to avoid that kind of fingerprinting.

And thus Tor's solution: everyone's got the same window size, same fonts and everything.

Max_P , 1 day ago

And since when have you known any computer to be problem-free?

Software that's not made from overworked engineers working 80 hours a week pressured to work even faster to complete this week's sprint.

I'm so tired of "computers are buggy and everyone accepts that". No! Computers don't have to be buggy, you just have to not shove trash software on it made by morons doing the bare minimum.

I have software that's been running on servers for literal years, not a single bug. The hardware's been sized appropriately and I wrote good, sustainable and maintainable code. My computers all can easily do weeks and months of uptime. I pick up my laptop and open the lid and 100% of the time it wakes up from sleep and it's ready to go.

The overwhelming majority of "production" and "enterprise quality" code I work with is total garbage that should never have been written and its author never hired in the tech space. We repeatedly get reports on how X car manufacturer was pwned for not following best practices that are a decade or two old.

Corporate greed makes EVs suck because it's developed for as cheap as possible and the target is "good enough customers tolerate it". Shit barely works properly when going through the happy path and the error path just... usually crashes your car.

I've had to reboot my car at red lights way too fucking often and it's not even an EV. 2020 model and the infotainment reliably crashes if I have a Slack or Zoom call going because it tries to read the phone number off my phone over Bluetooth and doesn't know how to handle a null phone number = the radio crashes.

It's not fucking rocket science.

Max_P , 4 days ago

Can't you just... Install the Epic Store separately from Google Play, like we already do with F-Droid?

Installing a store through Google Play sounds pretty stupid when you can easily just install any store's APK independently via the web browser.

They just need a way to let users grant that store the necessary permissions to install and manage apps, which currently requires root but is already doable. They just need to make a UI for it with plenty of warnings about the power this grants. F-Droid happily does its duties and updates my apps in the background and everything like it should, after flashing the privileged extension.

This seems intentionally done by Google to make it look more ridiculous than it needs to be. It doesn't need Google's involvement past adding a permission screen to Android, which is completely independent of Google Play. The ROM communities would get that done under a week most likely.

Max_P , 4 days ago

It doesn't need it, but it does allow it to be more like the Play Store. No need to download then tap install which pops an Android prompt to allow install/update nor any need to allow from unknown sources in settings.

With the privileged extension it's exactly like the Play Store: you tap install and it downloads, installs and updates the apps in the background for you without any prompts. It's technically possible unrooted with some adb hacks, but the privileged extension is the technically proper way to be a store. Without it, it needs that user interaction with the app install popup window to let it through. That's not F-Droid being nice and confirming, that's enforced by Android.

In the context of the article, allowing the user to allow this for any store app, puts every other store on exactly the same ground as Google. The Play Store is not special in any way other than that it has that special store app permission that can only be granted via an XML file on the system partition.

Max_P , 5 days ago

Because humans don't also take inspiration from other's work they've heard and unconsciously repeat part of other songs they've heard before, possibly decades ago. Never happens. Never. Humans don't profit from books they've read and apply to their career. Humans don't profit from watching other humans do the thing and then learn to do it themselves.

All AI does is do the same thing but at ridiculous scale and ridiculous speeds. We shouldn't hold progress because capitalism dictates that we shouldn't put people out of jobs. We need to prepare for the future where there is no jobs and AI replaced all of them.

Max_P , 6 days ago

They most likely sent you a new board which happens to have an older BIOS on it. I don't think they try to upgrade them at all, they pick a boxed new board from the warehouse and ship it to you. You can probably just upgrade it again, there's no way this one's newer. Also I guess double-check you got the same model of board back, that could also explain the old BIOS.

RMA'd an MSI board for which they released a BIOS update specifically for the bug I encountered which can get the system completely unbootable even with a CMOS reset, and it didn't even come with the updated BIOS either. I imagine they expect it'll eventually get updated through Windows.

Max_P , 6 days ago

Ah it's a laptop, I thought it was a desktop motherboard. That is strange, on a laptop I wouldn't expect people to have to mess with the BIOS at all to make VR work, that's usually a desktop thing to make sure rebar is enabled and stuff.

Max_P , 11 days ago

If it's client side then pedos will just strip it out and keep on going. It's a giant waste of time.

Max_P , 11 days ago

Obligatory RIP waveform.social

Max_P , 13 days ago

What distro I'm using isn't that helpful of a question because it's largely a matter of taste and technical needs. I use Arch in large part because I do some rather exotic things that would be harder to set up on most mainstream distros whereas Arch just gives me a completely blank slate to work with and configure my system the exact way I want it to work. My desktop also has some server duties, it runs VMs, it has multiple GPUs and also drives my TV room independently of my main workstation area.

I usually recommend whichever distro gets you the closest to having everything the way you like out of the box as a starting point just because it's less frustrating when most things works out of the box. The Arch experience is nothing works out of the box because it doesn't even come with a box. Arch isn't necessarily a bad choice even for beginners, but the learning curve is much steeper as a result and some people do like to just learn everything whereas some others prefer to start with the shallow part of the pool rather than diving it headfirst. It's not like you have to commit to any distribution forever, you can start with something simple to use, learn your way around Linux and then you can upgrade to another distribution as your needs and wants evolves.

Max_P , 14 days ago

Plug drive in main computer, install Debian on it along with network config and SSH access, put drive back into server and power on.

I guess technically you can also make an ISO that will just auto wipe the drive and install upon booting it but you still need a keyboard to get into the boot menu.

Max_P , 16 days ago

That could also make them okay with those existing, since they'll now play ads. Third party clients wouldn't be such a threat anymore to their bottomline, and people can get the privacy benefits of going through those proxies.

Max_P , 17 days ago

Not really. They can precompute those and inject it in an MP4 file so long as the settings match and it's inserted right before an i-frame so that it doesn't corrupt b-frames. They already reencode everything with their preferred settings, so they only need to encode the ads for those same settings they already do. Just needs to be spliced seamlessly.

But YouTube uses DASH anyway, it's like HLS, the stream is served in individual small chunks so it's even easier because they just need to add chunks of ads where they can add mismatched video formats, for the same reason it's able to seamlessly adjust the quality without any audio glitches.

Ad blockers will find a way.

Max_P , 17 days ago

I would trust them more than Microsoft because at least they would actually store it encrypted safely and not just basic ACLs that are easy to bypass.

Even with a root shell on macOS you can't bypass certain things like access to the camera for example. You'd have to work way harder to access recall data, not in a way that malware can trivially access.

I still wouldn't use it though, because I think the whole thing is dumb and I don't need my computer to spy on me so I can remember what I did yesterday. I have browser/shell history for that.

Max_P , 17 days ago (edited 17 days ago)

They're australians, so loser pays the other's legal fees.

Maybe there'd be less frivolous lawsuits in the US if it worked the same, it makes it so you can't just sue someone to make them go bankrupt.

Max_P , 17 days ago

No, if you win you should be compensated for your legal fees because the idea is you weren't in the wrong and therefore shouldn't have had to sue, or shouldn't have been sued. So the loser pays the fees, because they shouldn't have sued, or they should have settled before it became a lawsuit that they lost.

If you're big you can't drown smaller companies, and if you're small and you're likely to win, you can go after the big companies for your dues because they'll have to compensate you for the legal fees so it doesn't bankrupt you.

In the US legal fees aren't considered, you have to countersue if you want the legal fees back AFAIK. Not a lawyer.

Max_P , 19 days ago

Because Google doesn't have its own AI, and other Android manufacturers aren't also embedding OpenAI wherever they can in modern phones like Samsung.

Max_P , 21 days ago

That's super nice for rooted and custom ROM users where RCS doesn't work.

Max_P , 22 days ago

So basically, he wants his salary to be Twitter's purchase price and some change. That seems totally reasonable as compensation.

Max_P , 23 days ago

owned outright copy

It's not piracy if you bought the software and own a permanent license to it.

Max_P , 27 days ago

Mine's running on a single docker-compose.yml and it's like 4 services: the backend, the frontend, the database and pictrs. That's hardly insane nor complicated nor ruining existing setups.

It's probably one of the easiest services I've run in quite a while.

Max_P , 29 days ago

Envoy proxy gang

Max_P , 27 days ago

Yeah steep is putting it mildly, it's not worth it below a certain scale. What it excels at is highly dynamic environments where things get spun up and down on the regular and all with auto scaling.

Max_P , 30 days ago

OpenWRT uses Lua for its web UI. The interpreter can be really small which works well for tiny embedded devices with mere megabytes of storage, and it's much safer than writing a web GUI entirely in C.

Max_P , 30 days ago

It also doesn't ship with ISP backdoors or ISP remote management crap that can be a big attack vector. Just about every ISP router I've looked at has some hardcoded super admin password or secret unauthenticated paths to access hidden settings.

Custom firmware ships with plain web UI and/or SSH only from the LAN side (or even specific VLAN), so right off the start there isn't a whole lot of potentially exploitable surface. And the community actually cares.

Max_P , 1 month ago

They do at least for Ubuntu. One local to each AWS region even, not just one. Bandwidth is expensive, it's all in their interest to have as much locally as possible than go out for mirrors. That definitely looks like something broke.

Those could very well be a bad batch of AMIs and now that they've all been spun up as instances there's no taking it back short of emailing customers and politely asking them to fix the mirrors.

Or people are just following online guides and adding that particular repo copy pasting the mirror line which goes to the public mirrors.

Max_P , 1 month ago

MySQL is unfortunately still rather popular. Loads of PHP based sites like Wikipedia and WordPress are all MySQL still.

It's catching up a bit, especially the forks like Percona Server and MariaDB.

Max_P , 1 month ago

A good ELI5 is to imagine a couple of Excel sheets. Each sheet is a "table" and each row is a record. So you're gonna have a column for the first name, a column for the last name, a column for the email address and so on. That'd be your users table/sheet.

Then you would have another Excel sheets that contains posts. Each post record references the row number of the users sheet so you can cross-reference the user record of the author of the post record.

And so on. It's a way to store, lookup and retrieve records, usually cross-referencing other records until you have all the information you need to serve a particular request. There's an index like the table of content of a book that lets you quickly find on which page the record you're looking for is.

We use databases because they're engines designed to ensure data consistency, and fast access to the data in a structured manner. Usually that runs on some server that other servers connect to to access the database, so all servers can have the same view of the data. That can be a VM in the cloud, that can be a cluster of VMs in a cloud, it can be Docker containers. It's just software that manages data so we don't have to reinvent the wheel everytime we need to store stuff. Then you just ask questions to the database, like, "what's all the last 50 posts made by this user number" (SELECT user.username, post.title FROM posts LEFT JOIN users USING (user_id) WHERE posts.user_id = 42 ORDER BY posts.date_inserted ASC LIMIT 50).

Max_P , 1 month ago

Their site explicitly says it supports running VMs, Kubernetes and Docker containers so you have plenty of options. Docker's pretty easy and mostly just works.

Max_P , 1 month ago

AI is basically like early access games but the entirety of big tech is rushing to roll it out first to as many people as possible.

Max_P , 1 month ago

Prometheus/VictoriaMetrics/Grafana are pretty good, had no issues with it and there's an exporter for damn near anything. They're pretty easy to custom write too.

Max_P , 1 month ago

It's end to end encrypted, it could be hosted on the NSA's servers for all you care, it should be safe.

The reason this is there is likely because they use those cloud services to provide the hosted services, so they disclose that they do. I don't think it applies to the client you download or the ones you self-host from open-source builds on your own homeserver on your own infrastructure.

Max_P , 1 month ago

I think it can also get weird when you call other makefiles, like if you go make -j64 at the top level and that thing goes on to call make on subprojects, that can be a looooot of threads of that -j gets passed down. So even on that 64 core machine, now you have possibly 4096 jobs going, and it surfaces bugs that might not have been a problem when we had 2-4 cores (oh no, make is running 16 jobs at once, the horror).

Max_P , 1 month ago

You guys still use fstab? It's systemd/Linux, you use mount units.

Max_P , 1 month ago

Yeah that's what it does, that was a shitpost if it wasn't obvious :p

Though I do use ZFS which you configure the mountpoints in the filesystem itself. But it also ultimately generates systemd mount units under the hood. So I really only need one unit, for /boot.

Max_P , 1 month ago

I forgot about that, I should try it on my new laptop.

Max_P , 1 month ago

My experience with AI is it sucks and never gives the right answer, so no, good ol' regular web search for me.

When half your searches only gives you like 2-3 pages of result on Google, AI doesn't have nearly enough training material to be any good.

Max_P , 1 month ago

If you want FRP, why not just install FRP? It even has a LuCI app to control it from what it looks like.

OpenWRT page showing the availability of FRP as an app

NGINX is also available at a mere 1kb in size for the slim version, full version also available as well as HAproxy. Those will have you more than covered, and support SSL.

Looks like there's also acme.sh support, with a matching LuCI app that can handle your SSL certificate situation as well.

Max_P , 1 month ago

The concern for the specific disk technology is usually around the use case. For example, surveillance drives you expect to be able to continuously write to 24/7 but not at crazy high speeds, maybe you can expect slow seek times or whatever. Gaming drives I would assume are disposable and just good value for storage size as you can just redownload your steam games. A NAS drive will be a little bit more expensive because it's assumed to be for backups and data storage.

That said in all cases if you use them with proper redundancy like RAIDZ or RAID1 (bleh) it's kind of whatever, you just replace them as they die. They'll all do the same, just not with quite the same performance profile.

Things you can check are seek times / latency, throughput both on sequential and random access, and estimated lifespan.

I keep hearing good things about decomissioned HGST enterprise drives on eBay, they're really cheap.

Max_P , 1 month ago

It would be nice if they'd make "web" search the good old keyword search we used to have that made Google good, now that normies will just use the AI search and it doesn't have to care about natural language anymore.

Max_P , 1 month ago

ActivityPub makes this impossible. Everything on the fediverse is completely public, including votes, subscriptions and usernames. Even if Lemmy did offer the option, other servers wouldn't necessarily.

And honestly this is a system that would be mainly used for spam and hate speech anyway. Just make a throwaway like everywhere else.

Max_P , 1 month ago

The quality of what the community is doing vs what they shipped with NSO especially on launch is laughable.

Native OoT and MM on the switch would have been really sick. Instead they went with 90s level of emulator quality.

Max_P , 1 month ago

Wordpress or some of its alternatives would probably work well for this. Another alternative would be static site generators, where you pretty much just write the content in Markdown.

It's also a pretty simple project, it would be a great project to learn basic web development as well.

Max_P , 1 month ago

Nothing hotter than a giant electric fleshlight whirring away as you get off.

I saw one in a sex shop, it looks like such a chore to get going and clean up afterwards. It's fucking huge too. Hands are so much easier to clean, and readily available anywhere anytime.

Max_P , 1 month ago

I route through my server or my home router when using public WiFi and stuff. I don't care too much about the privacy aspect, my real identity is attached to my server and domain anyway. I even have rDNS configured, there's no hiding who the IP belongs to.

That said, server providers are much less likely to analyze your traffic because that'd be a big no-no for a lot of companies using those servers. And of course any given request may actually be from any of Lemmy, Mastodon, IRC bots or Matrix, so pings to weird sites can result entirely from someone posting that link somewhere.

And it does have the advantage that if you try to DDoS that IP you'll be very unsuccessful.

Max_P , 1 month ago

Matrix is for chatting, not posts.

When it goes well you get live, interactive support and get your question answered fairly quickly. Nice and convenient. But as you've said already, it has drawbacks and it's where forums and things like Lemmy come in, where sometimes you can get replies days later.

They're different systems that reach different audiences. You use whichever based on the needs and complexity. What sucks is when the chat rooms develop some knowledge that doesn't get known outside and it's also not indexed anywhere on the web. Some things are better discussed in forum format (or mailing lists if you're very oldschool), while others are just better interactively and the back and forth on a public forum would just be painful.

Usually there's a bit of an overlap at least, where users are usually in Discord/Matrix/IRC and some forum or reddit or fediverse community at the same time.

Max_P , 1 month ago

25G     pictrs
13G     postgres
38G     total

Seems fairly reasonable to me