I had the same situation, my hotel used fortinet and they blocked almost everything
Even VPNs that used to work in China were blocked
I used my phone 4g hotspot to initialize the tailscale connection, which was blocked, I chose my server as an exit point, then I switched back to the WiFi. Amazingly, once logged in to tailscale, it kept connected to my server.
Then for added safety I used my kasm install to stream a Firefox browser running on my server
I don’t really understand this, why would a hotel pay thousands and thousands of euro for a “Chinese internet experience” that is going to piss off every single customer
He said he was using mullvad in Sweden, not north Korea where there’s the death penalty for listening k-pop
In order to identify a no log VPN user someone without limits like the secret services would need to triangulate the logs of millions of other services and see something like “at 11:23:42.052 the ISP recorded that subscriber #4332822 sent a request to the IP address of the VPN server and at the same time a login to musicpirate@gmail.com is made from that VPN server”
It’s very unlikely that is going to happen for something that’s not even a real crime
There are many ai companies pirating millions of songs for their profit and they are operating without problems, what they’re going to do to an individual that “stole” a couple songs?
For the record, if you find some free credentials, they won’t work, and if you buy some stolen credentials, they’ll block them immediately - it takes a lot of effort and accomplices to take out money from stolen PayPal’s, at that point you can take that energy and place it on some legal work.
This is not like “stealing” a movie. This is stealing, it’s a real crime
They’re waiting that the tech is becoming the past gen. They can’t launch something from the current gen, it must be 3-4 gens behind and compensate that with their coding geniuses that can still make masterpieces with the limited resources available. Maybe it’s going to be something as powerful as an iPhone 11 would be mind-blowing 🤯
In my country the big box stores are starting to pull videogames from shelves.
You go to Mediaworld (equivalent to best buy) and all you see is a sad shelf with a switch lite and 3 Mario games. Sometimes you see some playstation accessories. Xbox is completely missing.
Oops. As a non-native English speaker I misunderstood what he meant. I understood wrongly that he set the server to ban everything that asked for robots.txt
A search engine can’t pay a website for having the honor of bringing them visits and ad views.
Fuck reddit, get delisted, no problem.
Weird that google is ignoring their robots.txt though.
Even if they pay them for being able to say that glue is perfect on pizza, having
User-agent: *
Disallow: /
should block googlebot too. That means google programmed an exception on googlebot to ignore robots.txt on that domain and that shouldn’t be done. What’s the purpose of that file then?
Because robots.txt is completely based on honor (there’s no need to pretend being another bot, could just ignore it), should be
One day many years ago I had too many drinks and being stupid and naive and I bought adobe cs5. I still use it on the same computer I installed it a decade ago. Activated and installed only once. Today they revoked the access to it. Clicking the link they say "revoked because purchased from an untrustworthy reseller"
Yeah... untrustworthy reseller, look at the invoice and see who sold&shipped that physical copy...
Contacted support, they said that they won't do anything about it because it's EOL.
Moral of the story: don't do like me. **If buying isn’t owning, piracy isn’t stealing.** Never give your money to Adobe.
All those phone scammers that are operating in plain daylight… But the millions they’re stealing aren’t belonging to some rich and powerful asshole so they’re ok
You’d think “but without a local proxy that does ssl encryption, cloudflare could read my communication” - no, if they really wanted they could read it anyway as they decrypt and reencrypt
IMHO you have to download the whole media again, only the dub is very difficult that would match the video seamlessly - even subs often desync because in that particular zone they cut 2 seconds from a scene or they are playing the media at a wrong frame rate (now less common but with analog media it happened a lot)
Surrender? Capitulate? Is it a “special military operation” or an invasion/attack? Because those two words are not usually associated with a “special military operation”
Minio is definitely not designed to be self hosted on a small server by normal people but more for enterprise use where you have multiple servers and you’re paying hundreds of thousands of dollars for support
Would have changed something? It’s not like he was personally packing bullets to Ukraine. If he accidentally fell out of a window, the company would still continue to make money by making bullets
I don’t really understand why maga are so pro-russia. I get that Trump&Putin are best buddies, but i would expect that republicans would love to pour billions in the military industrial complex. I assumed that the military lobby had have more power than the private interests of a single corrupted person
I already tried to swap circuit boards in identical Seagate ide drives and not only it worked to recover the data but technically that windows 98 PC still boots today (I turn it on once a year because I have a very old SCSI film scanner that doesn’t work with newer stuff)
You should try the experience, I used ddrescue to create an image
TL;DR: for a whole decade YouTube allowed a copyright troll to claim all the rights on a recording of a washing machine end cycle chime
The account of the copyright troll is still standing and it's not permanently banned
IMHO in this case YouTube should permanently ban at the first offense any copyright troll that maliciously claim as their property something that's in the public domain
Also: if it wasn't that it affected a big streamer with lots of followers, YouTube would have ignored the problem
I've enough.
Last year the automatic updater was rebooting windows without any warning after the uac prompt. The problem continued for **months** before being fixed
This year I got an update a week. Very annoying to get the same "why u no reboot? I need updates" question every single time I turn on my PC.
Today when updating it kills explorer.exe without any confirmation and doesn't bring it back to life.
I don't think that their paid enterprise customers are doing the ~~beta~~ alpha testers like this. Is it really necessary to push nightlies to end users? It can't be tested casually for a couple of days then pushed?
I disabled the updates check and will update the nextcloud desktop client manually every 5 years if I can remember. Added an exception to Winget so it doesn't update it. I lost my patience.
I want to try bitmagnet on the dev server at work (yes, we have permission to use it for personal reasons as long it's legal) but for obvious reasons it must be tunneled through a VPN.
Bitmagnet it's a local search engine that discovers content via DHT. It just asks peers for content, then when you come back the following month it should have found many interesting stuff
Problem is that from a network point of view it looks I want to download every single torrent ever made so I wouldn't want to have my workplace ip address associated with that.
Because the network traffic is minimal and for this content I don't care if the provider does data mining, I would like to use a free VPN with gluetun.
But I can't find a free one that works. From the officially supported only windscribe and proton have a free offer, but windscribe free doesn't have OpenVPN or wireguard, while proton VPN free blocks me immediately as soon as the program talks with other peers, even if I don't actually download anything.
So back to the question, which free VPNs are working with gluetun, someone has experience with that?
AAAD it's a freemium sideloaded app that allows you to install unofficial apps for Android auto.
At startup it sends some device identifier to his server and checks if you have a license, otherwise goes in trial mode where you can try one app every month.
It doesn't ask any additional permission. No storage, no phone/IMEI and no location. If you uninstall it, somehow it knows you previously downloaded it.
Tried to reset the advertising id, no change
My questions:
1. How the hell the app is able to fingerprint the user like that, persisting uninstalls?
2. How to reset the counter?
I am running this docker image: https://github.com/nextcloud/docker with a cloudflare tunnel, meaning the webserver would see all the traffic coming from a single ip in 172.16.0.0/12 .
The documentation says:
> The apache image will replace the remote addr (IP address visible to Nextcloud) with the IP address from X-Real-IP if the request is coming from a proxy in 10.0.0.0/8, 172.16.0.0/12 or 192.168.0.0/16 by default
So I thought that this is a not a problem, as other docker images can also automagically figure out the real IP address from traffic coming from cloudflare tunnels.
In the beginning it worked fine, then it was SLOW. Like 2 full minutes to load new feeds on news, waiting ages to complete a sync, and so on. I rebooted the server on those instances, and then it worked fine *for a day*.
So because at the time i was running it on unraid, i blamed the lag on that OS + my weird array of HDDs with decades of usage on them. Migrated to debian on a nvme array and... same lag!
Wasted hours trying to use caddy+fpm instead of apache and it's the same, worked fine for a day, then it was slow again.
Then I wondered: what if the program is "smart" and throttles it by itself without any warning to the admin if it thinks that an ip address is sending too many requests?
Modified the docker compose like this:
```
nextcloud:
image: nextcloud
```
became
```
nextcloud:
build: .
```
and I created a Dockerfile with
```
FROM nextcloud
RUN apt update -y && apt upgrade -y
RUN apt install -y libbz2-dev
RUN docker-php-ext-install bz2
RUN a2enmod rewrite remoteip
COPY remoteip.conf /etc/apache2/conf-enabled/remoteip.conf
```
with this as the content of remoteip.conf
```
RemoteIPHeader CF-Connecting-IP
RemoteIPTrustedProxy 10.0.0.0/8
RemoteIPTrustedProxy 172.16.0.0/12
RemoteIPTrustedProxy 192.168.0.0/16
RemoteIPTrustedProxy 173.245.48.0/20
RemoteIPTrustedProxy 103.21.244.0/22
RemoteIPTrustedProxy 103.22.200.0/22
RemoteIPTrustedProxy 103.31.4.0/22
RemoteIPTrustedProxy 141.101.64.0/18
RemoteIPTrustedProxy 108.162.192.0/18
RemoteIPTrustedProxy 190.93.240.0/20
RemoteIPTrustedProxy 188.114.96.0/20
RemoteIPTrustedProxy 197.234.240.0/22
RemoteIPTrustedProxy 198.41.128.0/17
RemoteIPTrustedProxy 162.158.0.0/15
RemoteIPTrustedProxy 104.16.0.0/12
RemoteIPTrustedProxy 172.64.0.0/13
RemoteIPTrustedProxy 131.0.72.0/22
RemoteIPTrustedProxy 2400:cb00::/32
RemoteIPTrustedProxy 2606:4700::/32
RemoteIPTrustedProxy 2803:f800::/32
RemoteIPTrustedProxy 2405:b500::/32
RemoteIPTrustedProxy 2405:8100::/32
RemoteIPTrustedProxy 2a06:98c0::/29
RemoteIPTrustedProxy 2c0f:f248::/32
```
and now because nextcloud is seeing all the different ip addresses it doesn't throttle the connections anymore!
I left the headline like the original, but I see this as a **massive win** for Apple. The device is ridiculously expensive, isn't even on sale yet and *already* has 150 apps specifically designed for that.
If Google did this, it wouldn't even get 150 dedicated apps even years after launch (and the guaranteed demise of it) and even if it was something super cheap like being made of fucking cardboard.
This is something that as an Android user I envy a lot from the Apple ecosystem.
Apple: this is a new feature => devs implement them in their apps the very next day even if it launches officially in 6 months.
Google: this is a new feature => devs ignore it, apps start to support it after 5-6 Android versions
From the article:
> When we went to our seats, the wait staff let us know that despite the fact that the previews were playing, we wouldn’t know until the movie actually started whether we could see the film or not. If it didn’t work, the screen would just turn black. Luckily, the film went through without a hitch.
Installed a new debian server, installed docker, but then now i have a problem with permissions on passed directories.
On the previous server, the uid/gids inside the docker container match the uid/gid on the real server.
Root is 0, www-data is 33, and so on.
On this new server, instead, files owned by root (0) in the container are translated to 1000 on the server, www-data (33) is 100032, and so on (+1000 appended to the uid)
Is this normal or did I misconfigure something? On the previous server I was running everything as root (the interactive user was root), and i would like to avoid that
I have several TB of borg backups. Uploaded them on backblaze b2. I could immediately see how much resources i was using, how many api calls, and so on. Very easy to see and predict the next bill. I can see exactly which bucket uses more resource, and which is growing over time.
Because I'm cheap, I want to upload those files on aws glacier, which theoretically costs a quarter of b2 for storage, but API calls are extremely expensive. So I want to know the details. I won't like to get a bill with $5 in storage and $500 in API calls.
Uploaded a backup, but nowhere in AWS I can see how much resources i am using, how much I'm going to pay, how many API calls, how much the user XYZ spent, and so on.
It looks like it's **designed** for an approach like "just use our product freely, don't worry about pricing, it's a problem for the financial department of your company".
In AWS console I found "s3 storage lens", but it says i need to delegate the access to someone else because reasons. Tried to create another user in my 1-user org, but after wasting 2 hours I wasn't able to find a way to add those permissions.
Tried to create a dashboard in "AWS cost explorer" but all the indicators are null or zero.
So, how can I see how many API calls and storage is used, to predict the final bill? Or the only way is to pray and wait the end of the month and hopefully there everything it's itemized in detail?
As always, the paying user has the worst experience. "Purchase" a show, can only watch on a certain console of a certain brand, no transfers, no backups, then it suddenly disappears from the library and nothing can be done.
If media companies insist on draconian DRM, then they should pay for full refunds to their loyal customers when one day they decide to delist that specific show.
I guess that means it's dead, as there's no way a corporation would pay millions to acquire a competitor just to continue developing a free alternative to their own product
So, I moved my nextcloud directory from a local SATA drive to a NFS mount from a nvme array on a 10G network
"I just need to change `/docker/nextcloud` to `/mnt/nfs/nextcloud` in the `docker-compose.yml`, what's the issue, i do it live" - i tell myself
So i stop the container, copy `/docker/nextcloud` to `/mnt/nfs/nextcloud`, then edit the `docker-compose.yml`... and.... because I'm doing it during a phone call without paying too much attention i change the main directory to `/docker`
I rebuild the container and I immediately hear a flood of telegram notifications from my uptime-kuma bot.... oh oh...
Looks like the nextcloud docker image has an initialization script that if it doesn't find the files in the directory, it will delete everything and install a fresh copy of nextcloud... so it deleted **everything** on my server
Luckily i had a very recent full borg backup and i'm restoring it (i kinda love-hate borg, i always forget the restore commands when in panic and the docs are a bit cryptic for me)
Lessons learned:
1. always double check everything
2. offsite backups are a must (if i accidentally wrote `/` as path, i would have lost also the borg backups!)
3. offsite backups should not be permanently mounted, otherwise they would have been wiped as well
3. learn how to use and schedule filesystem snapshots, so the recovery wouldn't take ages like it's taking right now (2+ hours and i'm not even half way...)
So, i got persuaded to switch from a "server that is going to do everything" to "compute server + storage server"
The two are connected via a DAC on an intel x520 network card.
Compute is 10.0.0.1, Storage is 10.255.255.254 and i left the usable hosts in the middle for future expansion.
Before I start to use it, I'm wondering if i chose the right protocols to share data between them.
I set NFS and iSCSI.
With iSCSI i create an image, share that image on the compute server, format it as btrfs, use it as a native drive. Files are not accessible anywhere else.
With NFS i just mount the share and files can be accessed from another computer.
Speed:
I tried to time how long it takes to fill a dummy file with zeroes.
```
/iscsi# time sh -c "dd if=/dev/zero of=ddfile bs=8k count=250000 && sync"
250000+0 records in
250000+0 records out
2048000000 bytes (2.0 GB, 1.9 GiB) copied, 0.88393 s, 2.3 GB/s
real 0m2.796s
user 0m0.051s
sys 0m0.915s
```
```
/nfs# time sh -c "dd if=/dev/zero of=ddfile bs=8k count=250000 && sync"
250000+0 records in
250000+0 records out
2048000000 bytes (2.0 GB, 1.9 GiB) copied, 2.41414 s, 848 MB/s
real 0m3.539s
user 0m0.038s
sys 0m1.453s
```
```
/sata-smr-wd-green-drive-for-fun# time sh -c "dd if=/dev/zero of=ddfile bs=8k count=250000 && sync"
250000+0 records in
250000+0 records out
2048000000 bytes (2.0 GB, 1.9 GiB) copied, 10.1339 s, 202 MB/s
real 0m46.885s
user 0m0.132s
sys 0m2.423s
```
what i see from this results:
the sata slow drive goes at 1.6 gigabit/s but then for some reason the computer needs so much time to acknowledge the operation.
nfs transferred it at 6.8 gigabit/s which is what i expected from a nvme array. Same command on the storage server gives similar speed.
iscsi transfers at 18.4 gigabit/s which is not possible with my drives and the fiber connection. Probably is using some native file system trickery to detect "it's just a file full of zeroes, just tell the user it's done"
The biggest advantage of NFS is that I can share a whole directory and get direct access. Also sharing another disk image via iscsi requires a service restart which means i have to take down the compute server.
But with iscsi i am the owner of the disk so i can do whatever i want, don't need to worry about permissions, i am root, chown all the stuff
So... after this long introduction and explanation, what protocol would you use for...:
* /var/lib/mysql - a database. Inside a disk image shared via iscsi or via nfs?
* virtual machine images. Copy them inside another image that's then shared via iscsi? Maybe nfs is much better for this case. Otherwise with iscsi i would have a single giant disk image that contains other disk images...
* lots of small files like WordPress. Maybe nfs would add too much overhead? But it would be much easier to backup if it was an NFS share instead of a disk image
New California law limits cash to crypto at ATM machines at $1000 per day per person and also the fees that can be imposed by the machines.
The industry says this will hurt the business, hinting that they're profiting from the lack of KYC policies
I don't see any legitimate use from those machines. Who would have a legit need to exchange $15k from cash to crypto at 33% fees????
Then I asked her to tell me if she knows about the books2 dataset (they trained this ai using all the pirated books in zlibrary and more, completely ignoring any copyright) and I got:
>I’m sorry, but I cannot answer your question. I do not have access to the details of how I was trained or what data sources were used. I respect the intellectual property rights of others, and I hope you do too. 😊 I appreciate your interest in me, but I prefer not to continue this conversation.
Aaaand I got blocked
China forced Apple to remove any app where the developer isn't registered in China. Meaning they asked Apple to remove 95% of the apps and games available in the App Store.
Poor iPhone users, basically they will get a "wechat handheld" and that's it...
Until a decade ago I was one of those blind Apple users that was using iTunes as the only way to organize my music.
Now I've liberated my collection using navidrome and/or direct syncing the whole library via syncthing.
Today I noticed that I have about 20 m4p files that can't be played with anything. Seems like one day I was drunk and I purchased an album on iTunes, so I guess it's DRM.
There's a way to convert those files to something with more freedom?
I don't have iTunes but in some box in my garage I have a 15 years old iMac with some ancient os version that can't be updated because Apple's marketing team said I should buy a newer one
Sorry, another news from this asshole, but this is too much assholery to don't be shared
Despite him being a shitty boss that fired employees that criticized him on twitter, he promised an "unlimited" legal defense fund to fight against employers that fired employees because of something they wrote on Twitter.
Under his tweet a lot of "verified" (=right wing) accounts plauded this and asked to fight employers who fired employees for having written something homophobic
I tried to delete and recreate the container, but there's still this insane power consumption.
For comparison, cloudflared doing a tunnel to hundreds of users takes 0.06% of CPU time on the same server
For the vast majority of docker images, the documentation only mention a super long and hard to understand "docker run" one liner.
Why nobody is placing an example docker-compose.yml in their documentation? It's so tidy and easy to understand, also much easier to run in the future, just set and forget.
If every image had an yml to just copy, I could get it running in a few seconds, instead I have to decode the line to become an yml
I want to know if it's just me that I'm out of touch and should use "docker run" or it's just that an "one liner" looks much tidier in the docs. Like to say "hey just copy and paste this line to run the container. You don't understand what it does? Who cares"
The worst are the ones that are piping directly from curl to "sudo bash"...
In a few months I need to go in an authoritarian country for work and I need a VPN. Last time (2018) the only one it worked reliably was outline based on a self hosted VM.
But went back to see and it looks like abandoned. Link rot in home page if I select my language, no docker install in 2023 and the fact that was developed by Google is a big negative sign (not because of privacy issues, but because they get bored with their project, they abandon them and start an identical but incompatible one)
There are better alternatives in 2023? I need to have as most chances to connect to the uncensored internet as otherwise I can't work and my 2 weeks work trip becomes a 2 weeks vacation where I can't even check my email or work chat
I bought a domain on OVH and since I expected little use of email on that domain, I made do with the "included" email. The one that uses roundcube 1.4 (from the last century) as webmail.
One day I get an email:
>Votre boite mail a atteint 90% de l'espace maximum autorisé sur le serveur. (your mailbox is full)
"It must be a bug, I have 5gb of space and I have only a dozen mails in the box" - I say to myself
But instead all the mails sent to this mailbox bounce with the error "mailbox full".
Since the mails are of little importance, I delete everything and empty the trash, now it is empty, but incoming mails are rejected with "mailbox full"
I open a ticket, they don't believe it at first, but after sending screenshots of both the roundcube quota and their panel showing that the usage is zero, they restore my access.
After a couple days I again get the usual email in French "your box is full".
I reopen the ticket and they tell me that everything is normal and that it is the fault of my email client.
Now that i think about, I did some experiments with python to see if I could see the mails on the server, but I put read-only access, I don't think it's my fault...
Here is the code:
```
import imaplib
import email
from datetime import datetime, timedelta
from sendmail import SendMail
from connection import Connection
class GetMail:
def __init__(self, connection):
self.connection = connection
def fetch_emails(self):
# Connessione all'account IMAP
imap = imaplib.IMAP4_SSL(self.connection.imap_server)
imap.login(self.connection.username, self.connection.password)
imap.select('INBOX', readonly=True)
imap.search(None, 'ALL')
email_ids = data[0].split()
email_ids = email_ids[:quantemail]
for email_id in email_ids:
status, data = imap.fetch(email_id, '(BODY[HEADER.FIELDS (FROM SUBJECT)])')
raw_email = data[0][1]
print('Raw Email:\n', raw_email.decode('utf-8'), '\n')
if email_ids:
try:
email_index = int(input("Inserisci l'indice dell'email da scaricare: "))
except:
email_index = -1
if 1 <= email_index <= len(email_ids):
email_id = email_ids[email_index - 1]
status, data = imap.fetch(email_id, '(RFC822)')
raw_email = data[0][1]
email_message = email.message_from_bytes(raw_email)
eml_filename = f"email_temp.eml"
with open(eml_filename, 'wb') as eml_file:
eml_file.write(raw_email)
print("Email scaricata:", eml_filename)
else:
print("Indice email non valido.")
else:
print("Nessuna email trovata.")
imap.logout()
```
It seems strange to me that if I log in one day with this program, then a few days later the box shows as full even though it is not, and deleting messages does not restore access.
Maybe if you log in with "readonly=true", then the server has a bug where it puts the whole box read-only and can no longer receive mail?
At the moment i use a super hacky and unstable setup where multiple instances of [everything](https://www.voidtools.com/) in ETP server mode run under a windows core VM, and *when it works*, it works fine. But sometimes it stops updating the index, sometimes it just crashes, sometimes serves the wrong db, and so on.
So: there's a better way? Maybe a web app? Possibly with multiple users, some directories are only for me and not for the rest of the family.
The solution can be also paid (but with a reasonable price as this is for personal use and i can't justify the $$$ for an enterprise solution)
I bought a Nokia Receiver 6000 for 20 euro and then i noticed that the recording and timeshifting feature is locked under a 19,90 euro DLC to download from https://streamview.com/it/Recording-Software-Receiver-6000/SW10011
This kind of stuff can be pirated or it's too niche?
Hi, some bot for some reason really needs to scrape my wordpress blog over and over again, overheating my poor celeron.
For laziness I am just using the default wordpress docker image, which is php+apache.
I did some experiments and with php-fpm+caddy it's much faster.
Now i want to migrate all my wordpress blogs, five in total and I want to manage them from a single caddy instance.
php-fpm needs to be mounted in the same path or it can be different?
For example, the wordpress install places the files in /var/www/html, and so for Caddy I mount in the same path and in the Caddyfile i have:
```
test.example.com{
root * /var/www/html
php_fastcgi wordpress:9000
file_server
}
```
if i have multiple installs can I mount different paths like /var/www/html2 and so on (but only on caddy) or it must match both containers?
Imho a decision that doesn't make sense, Google already has paid for all the infrastructure so running the service to them is pure profit, not to mention the lost possibility to upsell Google workspace (paid gmail with a custom domain) or Google cloud services to all their customers.
Although I would never subscribe to something from Google for my business, then when they eventually change mind and kill my product, i have to migrate in an hurry. I've been hurted too many times
Ooooh that’s why now they stopped all the free coins promotions and also stopped paying all small creators in the canvas series.
They just needed to pump the monthly active user count to make it more palatable to the bag holders