haui_lemmy

haui_lemmy OP , 2 months ago

There was an option that I had enabled years before and forgotten so yes, I didnt know but it was, on some obscure port.

And yes, pihole in docker makes its files be 777 which is pretty disgusting, I know. Thats why I tried to make it 700 and broke my whole network.

haui_lemmy OP , 2 months ago

Exactly. It wasnt on purpose either. I thought there was an additional layer of security, gullible as I was 5 yrs ago. They made it seem like there was.

haui_lemmy OP , 2 months ago

Reverse proxy isnt that hard tbh. Btw I have a vpn and my lan isnt open to the web. The router vendor made it look like there was an additional layer of security.

haui_lemmy OP , 2 months ago

Thast awesome! Thanks! Bookmarked!

haui_lemmy OP , 2 months ago

Imo we are all constantly learning. Otherwise we stagnate. What I say makes perfect sense, you just dont get it. So let me explain it again, in more detail:

I was going through my docker compose files to sanitize them and upload them to my private forgejo instance.

While doing that I found a directory in my filesystem, a remnant of the early days of my server where my knowledge was severely more limited, that was a docker volume mapped to a regular directory, something I wouldnt do today for something like this.

It was owned by root:root and had 777 permissions which is a bad idea imo. So I changed it to 700 since I dont think I had any other users in group root and others, well.

Nothing bad happened, until today when my unattended backups triggered a restart at noon and the tragedy started. I put it back for now to 777 but I‘ll try and integrate it in a real docker volume which resides in the docker folders.

haui_lemmy OP , 2 months ago

Are you joking? Why would I start fresh?

haui_lemmy OP , 2 months ago

The owner was root and still is. I changed from 777 to 700 which broke everything. Sorry if that wasnt clear. I will switch to a docker volume to avoid having this crap in my hone folder in the future.

haui_lemmy , 2 months ago

If youre not on debian stable and kde.

haui_lemmy , 2 months ago

Its a dumpsterfire. Wayland bugs out every time I (and others) unlock the screen and displays no fonts or giant fonts or whatever. After asking on linux.org and other places, the answer was "do not use wayland on debian stable + kde yet, its not ready".

haui_lemmy , 2 months ago

Something like that, yes. Especially on nvidia I think.

haui_lemmy , 2 months ago

In that case it might be possible to reroute the connection somehow. If another big player has a better connection, someone might use that as proxy. No idea if that really works but it might.

haui_lemmy , 2 months ago

Very interesting! Thank you so much for chiming in. Always glad to have pros in here.

haui_lemmy , 2 months ago

Google and privacy only fit in the same sentence if they got fined, called out or if its satire.

haui_lemmy , 2 months ago

Thats equally funny and correct imo.

haui_lemmy , 2 months ago

I love when people try to text wall and rhetoric to „winning“ a convo to ultimately feel good.

Neither have I the time nor the patience to point at all the biases and fallacies included in this.

Surprise fact: People can do whatever they like. If they install an ad blocker and deny tracking as much as possible, that is great and every little bit against megacorps is great.

This comment is defeatist to no end.

Instead of telling people to give up and be how you imagine people should be, be the change that you want and show them how to protect themselves and how to do things „the right way“.

haui_lemmy , 2 months ago

Yeah, well. Why was I not surprised when I read its made by a lemmy dev. You guys rock.

haui_lemmy , 2 months ago

Written on tankie reddit.

haui_lemmy , 2 months ago

You‘re writing in lemmy.ml, the original lemmy instance.

haui_lemmy , 2 months ago

Companies and individuals should not be allowed to hold more than 999 mil $ in assets, including other companies.

haui_lemmy , 2 months ago

I can relate. But its like getting an addict off their favorite hard drug. The fewer companies we target with this, the easier we make it happen. This should already take care of the worst offenders than can put pressure on countries. Next, we bar them for participating in thinktanks and other „legal“ ways of market manipulation.

haui_lemmy , 2 months ago

so lets keep everything like it is.

No thanks.

Breaking them up under diverse ownership makes it a lot harder to align them, which is the goal here.

No corporate law has ever been simple so a lot of nuance needs to still be added to this.

Since you have a german tld, I assume you know a bit of german law. We have the „aktiengesetz“ which links companies through management, ownership and family. This would work perfectly for something like this.

Of course a company like starbucks could still try and break into 105 companies which need to be owned by 105 individuals with 105 CEOs and 105 different offices… but I guarantee you its a lot harder to manage than now.

haui_lemmy , 2 months ago

Something like that, yes. I agree its only a first step but it should become a mantra for it to become reality, if you catch my drift.

haui_lemmy , 2 months ago

Kilogram.makeup for an instagram bridge is the most hilarious name ever! I burst out with laughter startling my wife.

haui_lemmy , 2 months ago

I have recently donated my largest donation ever to the lemmy devs (a large sum for me atm). I‘m thankful for their work and have said so openly and individually to dessalines and others. Thank you too for making this post. I completely agree.

haui_lemmy , 2 months ago

Matrix, Lemmy, Mastodon, all on the same machine, divided by subdomains. Works flawlessly as far as I can tell.

haui_lemmy , 2 months ago

No, I dont. The machine is wayyyy overspecced for these services, 6 cores, 16 GB of ram. What isnt overspecced is is the drive, 100 GB of nvme are fast but not enough for all my projects. I have taken a lot of measures to confine the services but mastodon is pretty much the worst offender afaik. Lemmy is the most intensive ram and cpu hog it has strong spikes every hour. You dont need six cores, two would most likely suffice. I think its a ryzen 5600 but not sure atm.

Average users are one each. A couple of friends have accounts but they dont usually use them. Federations is no big issue, single user instances could definitely be done from home, large instances should def be faster than my upload at least. Moving later is a pain so I‘d plan accordingly.

Maintenance is very hard if you do it manually, which I dont. Automate backups off site so a hack cant get the backups. Dockerize to hell and back, have fail2ban. Updates will break sometimes so make yourself familiar with docker and linux if you arent, otherwise you’re screwed as are your users. I‘d probably start with a solo server, then invite friends (beta testers) and then open to the public. You will also be defederated if you just open up to the public. Legal issues notwithstanding.

I hope this makes sense. Feel free to ask follow up question.

haui_lemmy , 2 months ago

Thinly veiled elitism at its best.

No.

haui_lemmy , 2 months ago

Omg. That doesnt sound great. I‘m using discover on my machine and it works seamless.

haui_lemmy , 2 months ago

I run a matrix server that interoperates with signal, whatsapp and discord so people who need to use those platforms are able to use one app instead of three and also keep their info private.

haui_lemmy , 2 months ago

I‘m talking about apps like discord or whatsapp that have a lot of info on you when you open them. The open source clients are a lot less data hungry afaik.

But yes, the encryption between the apps is not seamless so you‘d need to activate encryption again for this if you want it.

haui_lemmy , 2 months ago

I dont know where you got that info from but afaik the most data collection is automated and does not include manually sifting through stuff. Having a discord bot does not give discord the info from a persons matrix account. Its the persons decision if they want to name the matrix account the same (which they shouldnt).

haui_lemmy , 2 months ago

Well, I‘m not a security professional but an admin. Keeping people out of your matrix chats isnt that hard if you follow some standard procedure.

Sending 1000 texts to discord through matrix is a lot different than having 1000 texts and all photos, geo coding, contacts and microphone accessible.

haui_lemmy , 2 months ago

Thats what I meant. The admin is the person that most always has your data but data breaches are other people getting in which is not that hard to prevent. You dont have to run faster than the bear… just faster than the guy next to you.

For signal we assume that native connections are e2ee, for whatsapp I‘m less sure thats really the case and for discord we know that nothing is encrypted.

So yes, if someone got into the server and started poking around undetected, one might have their signal texts laid bare. I‘m pretty sure the likelyhood isnt as high as a phone getting hacked, especially for small servers that are obscure.

In any case, you do you.

haui_lemmy , 2 months ago

And it turns right around into my point: aside from signal, there is no such thing as privacy and discord and whatsapp should at best not be executed on your phone. And no, the person using a bridge on a server that is not their own is not the person that correctly sandboxes the app or roots their phone.

haui_lemmy , 2 months ago

I actually deeply enjoyed watching that! :D

Proud mid thirties geezer!

haui_lemmy , 2 months ago

Very interesting article! Very much fits with my own experience. The following things I decided to take as lessons learned from the fedi so far:

• stating novel concepts will get you ignored at best ans bullied at worst
• lemmy lacks (at least afaik) a way to share blocklists for destructive people (not instances)
• if you keep your posts on the constructive side, you will get a lot of positive replies but some will come at you no matter what

Especially when in a bad mood I need to get off lemmy if I cant emotionally distance myself from the bad actors.

Mastodon is a different kind of animal. They have centralized blocklists (like oliphant.social) to keep whole instances of trolls out. I havent had really bad situations since I implemented those but I have to report people nearly on a daily basis.

The reasons I have to assume are very varied and as such probably the solutions should be varied as well. Reasons I concludes from many discussions:

• lack of social skills on both sides
• no explicit behavioral code on instances or communities
• lack of active moderation and guidance
• the fediverse kind of includes those unable to keep an account unbanned on corpo media
• lack of (social) education, like biases and phallacies

All these are solvable imo. Not all by the same thing and none of them immediately. Obviously people will disagree with me and I‘m fine with that. My personal thoughts on solutions are as follows:

• Moderators get fixed shares of donations (x% over all moderators)
• Sidebars and rules get more fleshed out with links to social resources and education, explanations for those not immediately understanding it
• Explicit rules against ad hominem attacks and getting personal to win an argument

Imo, these will be beneficial for lemmy. Mastodon might benefit from other ideas. Feel free to share those and discuss with me.

Disclaimer: Ridicule and Ad hominem attacks will not be replied to but immediately blocked.

haui_lemmy , 2 months ago

Who is aurynn? Never found the name in the article.

haui_lemmy , 2 months ago

Thanks for the link. They’re an insane troll imo. The type of person you block without responding. Absolutely disgusting.

haui_lemmy , 2 months ago

Sounds pretty great! Thanks for mentioning.

haui_lemmy , 2 months ago

I read that. I‘m not entirely sure what that means though. They host an instance with many users for a long time? Even if thats the case they might be very bad at social skills and got set off by misinterpreting his intenstions (not trying to defend, trying to understand so I can form an opinion and search for a solution)

haui_lemmy , 2 months ago

My setup

haui_lemmy , 2 months ago

Thats actually pretty cool. It needs to be insanely well engineered so you dont get trolls to „moderate“ for points and throw out every person on the platform. Also, the hivemind needs to be kept in check so group think is not as brutal.

haui_lemmy , 3 months ago

I have filed a complaint with the gdpr representative in bavaria this month. Have you done your duty yet? :)

(I‘m joking of course but how awesome would it be if we (Fedi users) challenged each other to strike back like this every month? Like the ice bucket challenge but for privacy?)

haui_lemmy , 3 months ago

Hmmm… I dunno. The media does keep a lot of things under wraps evidently. Could be incompetence though.

haui_lemmy , 3 months ago

Good argument. Thanks for sharing.

haui_lemmy , 3 months ago

The end of the second paragraph is usually not there. People are fast to dismiss this. Maybe you dont like the culturally accepted dunking on outsiders or are sensitive to discrimination. Depending on your environment, you‘ll get shit on quickly.

haui_lemmy , 3 months ago

I‘m not too much into this drama but something about crypto stuff getting pushed by the makers. Otherwise, firefox just works well. Everything else you need to wait for other comments or use a search engine.