Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

ShortN0te

@ShortN0te@lemmy.ml

This profile is from a federated server and may be incomplete. Browse more on the original instance.

ShortN0te ,

No it is not. If you calculate in the future money tax payers have to pay to keep the nuclear waste safe (for thousands of years) or the cost of a larger incident like Chernobyl or Fukushima which also has to be paid by the tax payers then the 'cheap nuklear power' is not so cheap as it looks like...

ShortN0te ,

You posted a 18 min Youtube video, sponsored or at least supported and sanctioned by a nuclear power plant operator.

At least point to the section of the video where the source of your claim is.

ShortN0te ,

World Nuclear Association’s mission is to facilitate the growth of the nuclear sector by connecting players across the value chain,

I would not ca that trustworthy. There not even close to independent.

ShortN0te ,

Just want to throw in this link. https://energy-charts.info/?l=en&c=DE

Very detailed info on Energy and power usage in Germany

ShortN0te ,

Nuclear power does not solve the issue here. Nuclear reactors take hours or even days to ramp up or down. They are not quick enough to react to such occasions.

ShortN0te ,

Yes, but when the list is long enough and you have enough words, it is to difficult to guess.

Think about it. The list of all possible characters is also known, still with enough length and randomness it becomes too difficult to guess too.

ShortN0te ,
  • Hosting all videos doble, one with ads and the same vids without for premium user

Not quite sure why, they simply could in the fly stitch those files together.

Twitch is doing that for a while now i think.

ShortN0te ,

That is true. But then you could probably use the chunk length to determine where the ads starts and ends since there is with a very high probability an unusually long chunk at those times.

ShortN0te ,

You missed the point. It is not about if it is private or not, it is how they use it.
You are allowed (on some pages) to read news article. Are you allowed to copy and publish them on your own site? No.
You have a Copyright on your posts same as a author has on his books.

If it is legal or not is still to be discussed.

Similar to how data was mined (or even still is) about users without consent. Now there is for example the GDPR.

ShortN0te ,

I write a book that gets published. I still hold copyright over it even if it is in someone else's bookshelf. What rights the copyright holder and the person has is regulated by law. For example a physical book can be resold or lent to someone else, but it is not allowed to copy it and sell the copies.

I can cite text from the boom, that falls under fair use but I cannot use whole chapters in a derived work.

I still hold copyright over my messages online, even when it is public or published, that is basic copyright law in most relevant legislations.
If the training of an LLM and later selling access to the LLM with copyright infringed data is fair use is yet to be determined.

ShortN0te ,

Sure there is, most messages are probably too short but in general yes. There is no difference to an online article.

ShortN0te ,

Yes. But it allows to define a custom storage layout based on user date time filename typ and album.

ShortN0te ,

They would not be able to really. In theory every contributor (or at least the vast majority) would have to agree to that license change.

ShortN0te ,

api.jellyfin.org

ShortN0te ,

I self host because i do not trust companies.
I will not even consider giving tailscale the keys to my kingdom.

The company Tailscale is a giant target and has a much higher risk in getting compromised than my VPN or even accessible services.

Understand the technology that you use and assess your use case and threat model.

ShortN0te ,

No backup no mercy 🤷‍♂️

ShortN0te ,

Why not file a bug report when it does not find all your photos?

Also may file a feature request to delete photos after set period from your device via immich?

ShortN0te ,

DoT also encrypts the request, so the ISP cannot spy on the Domain Name you have requested.

And thanks to Https the ISP only sees the IP address which cannot in every case be resolved to a unique Domain, especially large sites that are hosted on service providers like Cloudflare, amazon etc etc

ShortN0te ,

That is correct.
HSTS helps to some degree but the very first request is still unprotected.

ShortN0te ,

Security by obscurity is no security.

ShortN0te ,

Imagine that the xz exploit actually made it into your server, so your sshd was vulnerable. Having it on another port does seem helpful then.

Nope. Your entire server can be scanned in less than a second for an open ssh port.

IPv6 does not change the fact since when your server is attacked the hist IP is already known.

ShortN0te ,

disable root login

That does not do much in practice. When a user is compromised a simple alias put in the .bashrc can compromise the sudo password.

Explicitly limit the user accounts that can login so that accidentally no test or service account with temporary credentials can login via ssh is the better recommendation.

ShortN0te ,

guess a username and a password.

Security by obscurity is no security. Use something like fail2ban to prevent brute force.
When you use a secure password and or key this also does not matter much.

ShortN0te ,

Who the hell is pulling the docker-compise.yml automatically every release?
I find myself already crazy by pulling the latest release but the compose file is just a disaster waiting to happen.

ShortN0te ,

Depends on the country you life in. And even in the USA it is to my knowledge not correct.
They can try to crack it themself but you have not to comply.

ShortN0te ,

But you can be easily tricked. Even easier than with the fingerprint.

"Hey, can you look at those pictures?", shows some printed out pictures with the phone hiding behind and then quickly just dropping the pictures.

ShortN0te ,

Probably a "have a look at this" and the 2 seconds before you realize that you are currently unlocking your phone, would be enough.

ShortN0te ,

Do people really expect to be able to use an entertainment platform for free?

No. If facebook wants, it can make the subscription mandatory, so only ppl who pay may access their service.

ShortN0te ,

No this is also not correct. Paying for an ad free experience still seems to be valid.

What was ruled here is, that it is not considered a free choice to choose between paying money or paying with your data to access the service.

According to the EU law the user consents to harvest the digital data must be freely given.

ShortN0te ,

I use full disk encryption for every server (and other computers).

Encrypting your data drives is a must for everyone imho.
Encrypting the OS is a must for me🤷‍♂️

ShortN0te ,

How do you even encrypt a server so that it doesn’t require human intervention every time it goes down/restarts?

The only time my Server goes down, is when i manually reboot it. So waiting a minute or two, to ssh into it and entering the passphrase is no inconvenience.

ShortN0te ,

This answer here covers it quite nice imo.

https://unix.stackexchange.com/questions/5017/ssh-to-decrypt-encrypted-lvm-during-headless-server-boot

Important is that you update your initramfs with the command after you edited the dropbear initramfs config and or you copied the key over.

For the client it is important to define 2 different known hosts files since the same host will have 2 different host keys, 1 when encrypted with dropbear, and 1 when operational with (usually) sshd.

Also you need to use root when you connect to your server to unlock it. No other user will work with the default setup.

ShortN0te ,

Password protect your phone?

When a private key gets compromised just delete the public one from the allow list?

ShortN0te ,

In the EU you can just uninstall it.

ShortN0te ,

Qubes is not mentioned at all.

ShortN0te ,

I agree with you here. It is similar to "my phone is listening to what i am talking about and it shows me topic related ads" which has been basically disproven many times over the years.

How should I do backups?

I have a server running Debian with 24 TB of storage. I would ideally like to back up all of it, though much of it is torrents, so only the ones with low seeders really need backed up. I know about the 321 rule but it sounds like it would be expensive. What do you do for backups? Also if anyone uses tape drives for backups I am...

ShortN0te ,

One of the main reasons why I avoid softwares such as Kopia or Borg or Restic or whatever is in fashion:

  • they go unmantained
  • they are not simple: so many of my frienda struggled restoring backups because you are not dealing with files anymore, but encrypted or compressed blobs
  • rsync has an easy mental model and has extremely good defaults

Going unmaintained is a non issue, since you can still restore from your backup. It is not like a subscription or proprietary software which is no longer usable when you stop to pay for it or the company owning goes down.

The design of restic is quite simple and easy to understand. The original dev gave multiple talks about it, quite interesting.

Imho the additional features of dedup, encryption and versioning outweigh the points you mentioned by far.

ShortN0te ,

Until they hit a hard bug or don't support newer transport formats or scenarios. Also the community dries up eventually

That is why you test your backuo. It is unrealiatic, that in a stable software release there is suddenly, after you tested your backup a hard bug which prevents recovery.

Yes unmaintained software will not support new featueres.

I think you misunderstood me. You should not use unmaintained software as your backup tool, but IMO it is no problem when it suddenly goes unmaintained, your backup will most likely still work.
Same with any other software, that goes unmaintained, look for an alternative.

ShortN0te ,

We talk about software that is considered stable. That has verification checks for the backup. Used by thousands of ppl. It is unrealistic.

ShortN0te ,

Guess there is more interest for those drives. Much more ppl need 4 TB drives. Only lunatics buy drives over 10 TB.

But just guessing

ShortN0te ,

I am actually surprised how many did not get it.

ShortN0te ,

With the right timing/deals you get them even cheaper.
Mindfactory had 20 TB Seagate exo drives on a deal for 219€ (~11€/TB)
The 18 TB Seagate exos were often on 239€. (13.2€/TB)

ShortN0te ,

Mindfactory is a good store for middle Europe. But not sure where they ship to.

ShortN0te ,

Not 100% correct. It was blocked because the court requested information from Telegram about copyright hosted content and got ignored by Telegram.

Seems absolutely valid to block a service when it tries to evade national jurisdiction.

ShortN0te ,

Serverlogs? Setup? Config?

ShortN0te ,

How do you connect to it? Directly via IP? Reversed Proxy? Installed via docker? OS?

ShortN0te ,

Because they released a new version every year or two.
Look at Microsoft Office, Windows, Adobe Suit (Or any other successful software that is still around) All had a new Version every few years where all the new shiny features were locked behind.

Yes there are exceptions...

ShortN0te ,

You can use NFS on Windows

  • All
  • Subscribed
  • Moderated
  • Favorites
  • incremental_games
  • random
  • meta
  • All magazines
    •