solrize

solrize , 5 months ago

The Vivaldi link actually goes to https://www.theonion.com/wi-fi-password-on-post-it-note-read-aloud-like-incantat-1848830888 .

solrize , 5 months ago

I think bunny.net has something like that. Not self hosted but still much less distasteful than the big companies imho.

solrize , 5 months ago

Instead of new car smell, it will have Elon Musk.

solrize , 5 months ago (edited 5 months ago)

I can recommend buyvm. 500gb storage from them (hdd) is $2.5/m I think. You can mount it encrypted. Small hosts like that usually have enough trouble keeping up with the day's tickets that they can't spend time messing with your files unless there is a definite issue. Note that if you are serving semi public content (seedbox?) then by definition it's not very private. And no vps can be as private as using your own hardware.

solrize , 5 months ago

I used dehydrated for a while. It's a quite simple python script iirc. It's on github someplace.

If your domain registrar is porkbun and you use their DNS hosting, they can generate wildcard certificates for you. It is pretty convenient though a little bit scary, since they generate your key pair and retrieve the cert from letsencrypt. But, since they run your DNS, they could do almost the same thing without you even knowing.

solrize , 5 months ago (edited 5 months ago)

If you want a local CA for just a few low assurance certificates (say for a test stack), the CA.pl script in the openssl distro is simple and sort of usable. If you want to be more serious you sort of have to know what you are doing. If you just want people's browsers to accept your subdomains, use a wildcard certificate (*.whatever.com). LetsEncrypt issues those and Cloudflare also might.

solrize , 5 months ago

You can also use certbot on the subdomain servers if they are on the Internet, to auto-renew individual subdomain certificates. To run a "real" CA you need a lot of opsec and infrastructure regardless of what software you use. For basic dev-level purposes, CA.pl works and has been around forever, though I'm sure there is better stuff out there.

Re perl, see also: https://xkcd.com/224/ :)

solrize , 5 months ago

Some indication of how this is different from a VPN or remote file system would be helpful.

solrize , 5 months ago

Ah thanks. I'm a fogey and am used to doing that stuff from the command line but that's just me m. Good luck with the project!

solrize , 5 months ago

Lemmy has many privacy problems that have nothing to do with public comments you make. For example, the "hide posts that you have already read" option requires that the server track what posts you have read. There is no public activity involved in reading a post. So the Lemmy server should not track that info. If that feature is to exist at all, it should be implemented purely on the client. The same can be said about subscriptions, and for that matter about voting (server should discard voting info after a brief interval for abuse detection). The Lemmy software in many ways naive about this stuff.

solrize , 5 months ago

1. I don't see anything in your post that indicates any reason to track what posts a person has read. That should not be tracked at all. Reading posts should be completely anonymous.

2. I don't see why voting necessarily has to track who casts the votes. But, because untracked voting can be abused so easily, I can understand deciding to retain the info for let's say 24 hours. Hopefully that is also enough to handle those propagation issues.

Really, imho, server instances shouldn't have a web interface at all, just an API. Web apps would make API calls to the server and reformat the response for use by the browser. The API call to read a post should not require any identifying info or require the user to be logged in. Read tracking and subscriptions should be handled by the client, and in the case of a public client (web app shared by many users), the private user info should be encrypted in case of a server breakin or seizure. The encryption key would be based on the user password and transformed to a browser cookie when the user logs in, so it is never stored by the web app. With most people using mobile clients these days, alternatively, the info can be kept completely on the client device and maintained by the mobile app.

solrize , 5 months ago

That thing looks terrible. t's wifi controlled and you're supposed to install an app to use it. And it doesn't say anything about the UV wavelength or power (HEV=high energy visible light so I guess 9000K can be translated to wavelength). There is a pdf test report about its efficacy against a few bacteria species but nothing about aerosol viruses. I'll pass.

solrize , 5 months ago

No one has mentioned the good version of that site, https://lite.cnn.com -- no ads, no bloat, works fine with UBO.

solrize , 5 months ago

Try text.npr.org. I think there a few more but that's the one I remember.

solrize , 5 months ago

Adafruit had pi 5's in stock a couple weeks ago and they didn't sell out instantly. I could have ordered but decided I didn't have an immediate use for it, so it could wait.

Pi Zero 2's as of the same time were fairly easy to find. I don't know about now. Those had been extremely scarce for a while.

Pi 4's are now plentiful. But, Pi 400's (4 with a keyboard more or less) have been fairly easy to get all along.

solrize , 5 months ago

Spoiler: Apple.

solrize , 5 months ago

What hurray? USB-C and PD are both monstrosities (though of course the mini and micro USB connectors were even worse). We already had a perfectly good low power standard, regular 5 volt USB. It's just that higher power was wanted. But we have that already too, automotive 12 volt DC, and various options after that. It's just the mobile phone industry's obsession with thin, tiny connectors that are causing this.

solrize , 5 months ago (edited 5 months ago)

I wouldn't say usb pd is one standard. There is a combinatorial explosion of devices and cables with different voltage support, current capacity, presence or absence of E-mark and of Thunderbird, the famous incident where a bad cable blew up Benson Huang's laptop, etc. If you intersect down to the universal standard in the middle, it's just plain 5 volts like before.

And are really going to push 240W through that teeny connector and not have any melt?

solrize , 5 months ago

I thought solar panels used Anderson connectors pretty standardly. I wouldn't call it low power but in electronics I wouldn't call 100W low power either. We basically need 5v 15w for phones, 12v for bigger stuff (laptops) up to say 150W. After that, AC might be better since you can use transformers. I guess we need super high power DC for charging cars. Tesla seems to be the de facto standard. There is no reason to use that connector in a phone.

solrize , 5 months ago

Yeah probably true about 60 hz transformers, even for higher powered devices like desktop PC's. They still have pretty big internal inductors though. Maybe we need to bring more 208V 3 phase into homes and offices.

For permanent installations like most solar setups, I don't think uniformity of connectors is that important, as long as it's non-proprietary and you can order it from a catalog.

For phones and laptops, wireless charging is probably the way forward. More than additional standardized chargers, I want standardized and swappable batteries, for phones, laptops, power tools, etc. The chargers will follow.

solrize , 5 months ago (edited 5 months ago)

Phones or laptops should probably accomodate wired charging (though count on Apple to eliminate it anyway), but most of the time, wireless could be the norm. Convenient, avoids wear on connectors, etc. I think there are some Samsung phones with two-way wireless charging, so you can stack one phone on top of the other and transfer charge. That seemed crazy to me given the non-removable batteries but whatever.

That reminds me of another USB PD idiocy that I forgot to mention earlier. There are many devices like power banks and even some phones, that can both send and receive charging current. E.g. you'd charge your power bank from a wall cube, and later use the power bank to charge your phone. In the pre-USB-C era, power banks had separate connectors for input and output. Now the two functions share a single connector and the cable is the same at both ends.

So if you plug one power bank into another, how does the setup know which one is to be the "charger" and which the "chargee"? The spec says they are suppsed to choose at random! I guess you are supposed to look at the activity lights and if the current is going the wrong way, unplug and replug the devices until it goes the way you want. This can lead to a situation where you plug your phone into a power bank, but the phone ends up charging the power bank instead of the other way around.

I imagine that if you are attentive enough, you can prevent this somehow, or at least intervene and reverse it when it happens. But it still seems like crackhead engineering to me.

solrize , 5 months ago

I had thought that since the 2001 hijackings it has been basically impossible to open the cockpit doors during flight, except from the inside. On El Al planes I'd heard it was impossible period, so hijackers couldn't threaten their way in, but US carriers didn't want to do that because it means the cockpit needs its own lavatory, displacing a few passenger seats.