🅿🅸🆇🅴🅻 @ 314xel @lemmy.world

Posts

3

Comments

97

Joined

2 yr. ago

Holy shit.

Three of the top 10 viewed stories on the Post’s website Sunday were articles written by Post staffers outraged by Bezos’ decision. The top one was humor columnist Alexandra Petri’s piece, headlined, “It has fallen to me, the humor columnist, to endorse Harris for president.” 

Cards For America

They're paying people to apologize for not voting last time. What that means is up for the reader. Not the same.

And some copyrighted shit from Dolby. Granted, header files only.

At first I was... wow, no shit! Open source Winamp!

But then I went through the Github issues (because, 6 hours since first commit and already 5 issues open?). As someone else put it, "This has got to be the most embarrassing open-sourcing i've seen to date.". The licensing is a mess, the coverup is a dumpster fire. By tomorrow this is going to be as viral as Twitter's "open sourcing" of its recommendation algorithm they did last year. Not sure if I should make coffee or popcorn in the morning.

Those share buttons are trackers themselves. So it's not about "supporting" those websites by publishing content to them, it's about undermining the privacy of your readers and doing the opposite of what you preach, and "supporting" those websites by feeding them much more valuable user data. As another comment said, just put a button to copy the permalink and let them paste themselves if they want to share.

As for you sharing a link on the mainstream social media platforms yourself, I'd actually encourage that. Cory Doctorow auto-publishes links (not content) to his articles on as many social media platforms as he can (sorry, can't find the article in which he describes it). The point is that he still retains control over his content by hosting it himself, he controls the (lack of) trackers and ads, and gaining traffic from these platforms is still to his and his potential readers benefit. Bending your rules a little to reach more people and maybe even convert them to be more privacy-aware is fine.

I follow your blog from time to time and I appreciate it. Just with your recent posts I realized you have an active Lemmy account.

I was going to continue this comment with "But I don't get...", then I stopped and read your blog post again and remembered rule #2.

I think I get what you are trying to say, it's good that there are some mod tools to help with modding, but they're not enough, and even if racism isn't as visible on Lemmy, people targeted by racism still exist and get hurt. So I guess your point is be more proactive than reactive. People don't get that, and even if they are well intentioned, they think of all the defederating and banning examples as "good enough".

Early adopters are also overprotective with Lemmy and its small community, especially when a newcomer directly questions "how is racism in this community?". They found their peaceful corner of the internet (relative to major social media platforms), they know it has its flaws, but since the beginning they had to defend to questions like "who owns the data?", "what happens with deleted posts / comments", "is defederatation effective", "what about that Lemmygrad which is hosted by Lemmy developers", can mods and admins become too powerful", "how long till this gets the same fate as Reddit", etc.

I'm not defending the behaviour, just thinking of an explanation. Because frankly, I'm also surprised by the downvotes and backlash you received.

So I guess what I was trying to say is, "Hi Jon! Keep up the good work!"

‘no immediate timeline’ toward monetization

Soo, starting tomorrow

Pffffft.

I second the idea of a VPN instead of directly exposing devices or software to the internet. Requires more work and learning but it's more secure. I would argue that well-known VPNs are more scrutinized and pentested than any camera software ever.

A hash has a fixed length, including MD5. There's no reason to cap password (input) Iength. You can hash the whole bible and still get the same length hash. So either they don't even hash it, they're idiots, or they try to be unnecessarily cautious to avoid some other limit / overflow, like POST max size (which would still be counted in at least KB, not several characters). The limit on what special characters you can use is also highly suspicious - that's not how you deal with injections / escaping your inputs.

I'm rebooting my router every week via a crontab because some dynamic dns update process fails from time to time and I find it hanging. No time to debug the actual problem.

Yes I do, and a price increase of only $10 (so $30 vs $20) can make a big difference in sound quality for a pair of headphones for work (meetings and some music off Youtube). So it's not even about hifi (at that price range, of course not), it's about giving a shit and do a little research / testing before settling on a slightly better low end consumer product. Or, given a certain budget, maximise the quality for it, again, by doing some research beforehand, no matter what you plan to buy. But, most people are lazy.

When it comes to music, it also depends on a person's tastes. Ariana Grande sounds the same to me weather played on Sennheiser headphones or a microwave oven.

No, logins should be harder in order to be secure. Hence the addition of 2FA (which is also incompatible with your proposal).

As developers, we strive to make things more secure, not less, and unfortunately, good security always comes with the trade-off of less convenience for the user (larger entropy passwords, session expiration, captchas, etc).

Now, of course, it depends on how sensible the data in that account is. I wouldn't want this for my email account, for example, or online password manager, which are the entry gates to all my other accounts. The Kagi search engine offers the possibility to login on another device via a session URL which you can copy-paste. And this is fine, if the site / app clearly states the dangers, implemented it securely, tracks and lists the sessions and allows you to invalidate a session for all devices, and you are fine with potentially disclosing the data for that account (forgetting to log out, or disclose the session URL somewhere) - which is not much, as they don't log the searches, only the daily counts. And their use-case makes sense, people aren't used to authenticating in order to search something on the internet.

So, this should be an optional feature offering from the website / app, not built-in in the browser which would make it trivial to be abused by anyone.

Well, that's what you get for hosting on a Windows server. XAMPP / WAMPP should only be used for local development environments. And I'm sure they still have horrible non-production config defaults.

A lot of people don't realize that coal, gas and oil are finite resources. Uneducated people don't accept the fact that oil comes from fossilized dinosaurs and it took millions of years to become oil. It's all a hoax to them.

UntrackMe, doesn't open an app, but redirects to a chosen Invidious instance. I use farside.link/invidious which chooses a random instance closer to you.