Just some IT guy

  • 0 Posts
  • 93 Comments
Joined 1Y ago
cake
Cake day: Jun 12, 2023

help-circle
rss

You apparently have little interaction with regular users because one of the top problems a non-power user has is “oops I accidentally hit delete on this important file I don’t have a backup of”.

Not saying qbittorrent-nox of all things switching makes a ton of sense but at least for desktop applications there is a very good reason why deleting things becomes a two step process.


I somewhat disagree that you have to be a data hoarder for 10G to be worth it. For example I’ve got a headless steam client on my server that has my larger games installed (all in all ~2TB so not in data hoarder territories) which allows me to install and update those games at ~8 Gbit/s. Which in turn allows me to run a leaner Desktop PC since I can just uninstall the larger games as soon as I don’t play them daily anymore and saves me time when Steam inevitably fails to auto update a game on my Desktop before I want to play it.

Arguably a niche use case but it exists along side other such niche use cases. So if someone comes into this community and asks about how best to implement 10G networking I will assume they (at least think) have such a use case on their hands and want to improve that situation a bit.


Personally going 10G on my networking stuff has significantly improved my experience with self-hosting, especially when it comes to file transfers. 1G can just be extremely slow when you’re dealing with large amounts of data so I also don’t really understand why people recommend against 10G here of all places.


Yeah they definitely could have been quicker with the patches but as long as the patches come out before the articles they are above average with how they handle CVE’s, way too many companies out there just not giving a shit whatsoever.


If I buy a switch and that thing decides to give me downtime in order to auto update I can tell you what lands on my blacklist. Auto-Updates absoultely increase security but there are certain use cases where they are more of a hindrance than a feature, want proof? Not even Cisco does Auto-Update by default (from what I’ve managed to find in this short time neither does TrendNet which you’ve been speaking well of). The device on its own deciding to just fuck off and pull down your network is not in any way a feature their customers would want. If you don’t want the (slight) maintenance load that comes with an active switch do not get one, get a passive one instead.


So first of all I see no point in sharing multiple articles that contain the same copy-pasted info, one of those would have been enough. That aside, again, patches were made available before the vulnerability was published and things like MikroTik not pushing Updates being arguably more of a feature since automatic updates cause network downtime via a reboot and that would be somewhat problematic for networking equipment. Could they have handled that better? Yes, you can almost always handle vulnerabilities better but their handling of it was not so eggregious as to warrant completely avoiding them in the future.


Can you elaborate on how their response was lacking? From what I found the stable branch had a patch for that vulnerability available for several months before the first report while the lts branch had one available a week before the first article (arguably a brief period to wait before releasing news about the vulnerability but not unheard of either).

MikroTik also offers a 2 year warranty since they legally have to, no idea what you’re on about there. Also also not sure what you think they sell other than networking because for the life of me I can’t find anything other than networking related stuff on their website.


As the other commenter already said it’s an abundance of caution. GItea is already moving in the direction of SaaS and an easily self-hostable solution runs counter to that plan (Gitea is already offering a managed Cloud so this is not a hypothetical). One thing that has already happened is Gitea introducing a Contributor License Agreement, effectively allowing them to change the license of the code at any time.


I’ll be that guy: Use forgejo instead, its main contributor is a Non-Profit compared to Gitea’s For-Profit owners


I think you have the wrong idea about what I was referencing. I’m not talking about Cloudflare Tunnels but their Encrypted Client Hello. While Cloudflare could intercept the inital ClientHello the rest of the HTTP traffic still is encrypted between Client and Server not between Client and Cloudflare. In that sense they have not turned into more of a MitM than they (or any other DNS Nameserver) were already anyway. So unless governments decide to completely dismantle the trust chain the internet works on they won’t be forced to fuck with ECH for anti-piracy either.

But ultimately anything going over a public DNS Server is susceptible to being compromised. We simply trust that the providers don’t.


I’m sure this is definitely going to go how the regulator thinks it will go. What with Cloudflare being one of the driving factors behind e2e encrypting more and more of the HTTP stack, making it ever harder for ISPs and other 3rd parties to see inside the HTTP traffic.


The worst part really is just getting off the damn spam lists. There is almost no documentation anywhere for do’s and dont’s. I ultimately had to setup a sending relay for the mail on my status monitoring VPS because my residential IP triggered most spam filters, but I only found out that that was the problem from forum posts investigating the same problem. I check with stuff like mail-tester, get back perfect scores and yet most of my outgoing emails have a good chance to land in the spam folder anyway (but at least they get delivered so that’s a plus I guess)

As others in other threads have said: Google and Microsoft have killed the ability to self-host email simply by black-boxing their spam filters. As a user you have no real way to fix your mail server such that your emails get delivered into the inbox reliably.


I self-host email, it certainly isn’t something I’d recommend


Imo you probably save more money keeping the server up 24/7 than constantly shutting it down and starting it up again. Especially once you get a good list of services going.


The lemmy docs are all a mess. Try writing something that uses the lemmy api and you start crying because looking up the endpoints in the code tells you what it does faster than their ‘documentation’


It’s usually the cache after the dns making you think it was the cache all along when it’s just still hanging onto messed up dns data


Just my two cents but if you decide to go for the self hosted GitLab approach I think Forgejo might be a better fit. It’s not as resource intensive as GitLab is but has all of the essential features you’d need from a forge.


Tempo is a really good Navidrome Client for Android imo


Navidrome is a subsonic server, feom the cursory research I did before setting it up it is also among the best supported/developed ones available.


The developer working on federation plans to merge the changes into forgejo first and then from there into gitea but I’m not sure in how far the recent changes to gitea’s CLA have affected those plans.

Forgejo is a drop in replacement (they are committed to keeping it that way for as long as possible) so, as far as I know, simply changing the gitea image to the forgejo image is all you would need to do.


They did start a cloud service for hosting Gitea which introduces a direct incentive for them to make Gitea less hosting friendly by, for example, making newly added configuration options less comfortable to set up. And more recently some changes to code contributions that are not exactly community friendly (as a result forgejo will be unable to upstream some of their changes)

What lead to Forgejo, as far as I am aware, was less a problem that is already there and more the set of problems that have a very high chance of eventually manifesting, at which point forking the project would be too late.


It’s what happens when the devs have to spend more time making sure the DRM works than actually improving the UX of the platform. Pirates/Non-DRM users don’t have that problem hence small FOSS projects can outclass big Streaming Services in UX quality.


If Gabe cares he likely already handed leadership over to allow for an interim period where he could step in and Veto any decisions he thinks are crap


For now it should work but it will have an increasing likelihood of breaking with every future Android Update.

Migrating to Mihon now is recommended, one of the devs worked on Tachiyomi and for now the code is almost identical which allows easy migration via a Tachiyomi Backup.

Migrating in the future might be more difficult because incompatibility between Tachiyomi and future versions of Mihon could mean Backups from Tachiyomi cannot be restored by Mihon.


Kakao nuked the official Tachiyomi Extension repo because they “infringe on their copyright”.

The Extension repo does not and never has offered copyrighted material, it merely facilitated access to sites that do within Tachiyomi. Essentially it was a collection of hyper specific Browsers. The repo is gone, the extensions are not (they are now in a different repo provided by a user). Tachiyomi itself allows for 3rd party repos now and everyone is mad at Kakao for making the App less usable.


Nope they are only using API’s from the various hosting sources. That’s what makes this request so blatantly fraudulent. For all intents and purposes Tachiyomi is just a Browser specialized for Manga


Essentially Kakao Entertainment abused DMCA to get all extensions removed despite the Extensions themselves not containing any DMCA material. What allowed this to spiral so out of control (it started out with only Bato.to, Mangadex and Kissmanga being removed) was that the Tachiyomi devs have absolutely 0 spine and 0 will to prevent DMCA abuse. They just folded at the requests immediately without any sort objection or demand to go through GitHub instead (this approach in particular has worked in warding off false DMCA claims because that way the corporations have to somewhat publicly press their illegitimate claim, worked wonders for youtube-dl afaik)


Not surprised in the slightest. Having a doormat DMCA policy and then not even using GitHub as a shield (like youtube-dl for example) is just asking for it. The dev response doesn’t really help so I guess the App is dead. Maybe a fork will pick up the pieces but I have no trust in the main repo devs to do the right thing or work in the users interest.


If the Tachiyomi devs don’t reverse this somehow (which seems unlikely given what I’ve read about past cases of this, custom repo it is I guess) they probably just killed the app. Ubless you are aware of how to get Mangadex and bato back Tachiyomi is now a worse option than even just using your browser again for most people.

Seems like the devs even folded like wet noodles wgen they had (to my knowledge) risk free options of at least attempting to prevent this, such as demanding the dmca to be filed with GitHub (saved youtube-dl for example since their repo got reinstated after Google withdrew their claim)

This sort of non-reaction is just asking for the wolves to tear the project apart, after this any copyright holder with no leg to stand on will file claims agaonst Tachiyomi for whatever sources remain. Because why shouldn’t they? It’s a 100% success rate and they don’t even risk anything (illegally) abusing DMCA with people like this at the helm of the project.


wow what a shitshow. I’m really not well versed in who the tachiyomi devs are but just blindly following copyright notices, then only explaining firther upon prodding (with the result being a seemingly flimsy takedown request) on top of restrict8ng 3rd party addons leaves a bad taste in my mouth. Any of those individually already would bit this leaves a “trying to suck up to corpos” bad tase for me.

Edit: not sure exactly how the extensions get disabled but the two from the mentioned repo still work for me after a force stop of tachiyomi so just being an unofficial extension might not be enough to deactivate it


This is absolutely awesome, I love it already. Substreamer had some real annoying quirks but it was the least worst option I found so far, this is better in almost every way for my use case


Gitea is managed by a for profit which is now offering a hosting service. That alone is already a conflict of interest because one of Giteas core features is the easy self hosting.

Then the contribution guidelines have been made stricter, anyone contributing now has to give up their copyright to the gitea management, meaning they could change the opensource license to a stricter one down the line without requiring community consent.

The concern is that as time passes features will be locked behind a premium tier for self-hosters or the self-hosting itself will be made more difficult in an effort to push their cloud service.


Due to some concerns about Gitea’s future I would recommend Forgejo instead. It’s a drop-in replacement with less concerning contribution policies and management structure.


NeshuratoProgrammer Humor@lemmy.ml***
link
fedilink
English
0
edit-2
1Y

Honest question: What is/are your problem(s) with Svelte? So far it seems a lot easier to use than react to me but I wouldn’t consider myself experienced so there might be unwelcome surprises waiting.


He’s not only a bot he’s also full of shit.

Just went to confirm what I remembered: At least on Amazon you get zilch info that what you are buying is revokable unless you read the fine print in the EULA. There is no warning, no hint, no nothing that what you just bought is only a permanent rental license. Neither in the UI nor in the bill after the purchase


Doesn’t make it any better of a practice. If anything it just highlights what kind of trashcan company Ferrari avtually is


Raubmord is what we call a murder resulting from a busted/discovered robbery, essentially just escalating the consequences of the robbery further.

What I think OP is getting at are the absolutely ridiculous penalties you get for “stealing” something that physically doesn’t exist in a way we can grasp and cannot be reported mssing once “stolen”. I’d probably guess you’d be easier off actually stealing a movie from a store selling blurays than downloading it and getting caught so the renaming OP did fits perfectly imo


The point is just using it gives you no experience to talk about how easy it is to lock down an OS, administering one does. EatYouWell is absolutely right in calling out that you don’t administer linux, as you say yourself: you don’t, you use it. And that difference shows in the falsehood of your comment: it is possible to lock down Linux to levels like a PS5 and anyone administering Linux would know that from their knowledge of the underlying components.


actually making linux usable with the deck controls was probably more work than locking the users out of the desktop mode even


you do realize it is absolutely possible to lock down a Linux install? Every Android device essentially is just that and their bootloaders are only unlockable because they were forced to by EU law. Steam absolutely had the option to make a Linux based DRM shitfest, in some ways it would have been easier even, they just chose not to