Mikina @ Mikina @programming.dev

Posts

5

Comments

482

Joined

2 yr. ago

I had the same issue with gamedev industry, but thankfully Ive very quickly realized that's how work works, and you usually have a choice - either earn a good living being a code monkey, or find a job in a small company that has passion, but they won't be able to afford paying you well, or do it in your free time as a hobby. Capitalism and passion doesn't work together.

So I went to work part-time in cybersecurity, where the money is enough to reasonably sustain me, and use the free time to work on games in my free time. Recently, Ive picked up an amazing second part time job in a small local indie studio that is exactly the kind of environment I was looking for, with passion behind their projects - but they simply can't afford to pay a competitive wage. But I'm not there for the money, so Ibdon't mind and am happy to help them. Since there are no investors whose pocket you fill, but the company is owned by a bunch of my friends, I have no issue with being underpaid.

But it's important to realize this as soon as possible, before trying to make a living with something you're passionate about will burn you out. A job has one purpose - earn you a living. Companies will exploit every single penny they can out of you, so fuck them, don't give them anything more than a bare minimum, and keep your energy for your own projects.

And be carefull with trying to earn a living on your own - because whatever you do, no matter how passionate are you, if it's your only income and your life depends on it, you will eventually have to make compromises to get by. It's better to keep money separate from whatever you like doing, and just keep your passion pure.

What's really unhinged is the amount of resources invested into gaslighting Meta does. https://about.fb.com/news/2024/01/investing-in-privacy/

They even have a "Chief Privacy Officer". They have brainwashed entire departments into believing that Meta actually cares about privacy, it's so terrifying. I wonder if people working there realize that, or they have simply fell for the gaslighting.

I've switched a few months ago mostly for gaming, and here are few tips and issues I ran into, in case you run into them too.

Not sure what distro you are using, but I've run mostly into issues when trying to get NVIDIA and Proton working on Fedora. Just getting the drivers to work took a few tries, and I never managed to get stuff like cutscenes to work properly.

However, I then switched to Nobara (I suppose PopOS may also work), and the experience was wastly better, with everything working out of the box (I did switch to KDE Plasma on X11, since Wayland kept freezing on me).

I'm not sure what of the many changes Nobara does helped solve my issues, but I guess it may be related to it including Proton GE by default, which I recommend getting, and a slightly streamlined installation of NVIDIA drivers.

I also recommend checking out Lutris, instead of using Wine directly. However, I never really managed to get it working, aside from WoW, so your mileage may wary. But I have most of my games on Steam, where everything is working out of the box, so it wasn't that much of na issue. I only sometimes have to switch Proton version (by right clicking the game - properties - Force a specific version of compatibility tool).

It helps a lot. Because then, a Linux support won't be such an afterthought, and you wouldn't have to deal with stuff like popular games adding anti-cheat that bans Linux users.

Right now, some game developers aren't even willing to enable EAC Linux support, which is like a one checkbox they need to enable for it to work.

This is definitely possible, since you can actually controll cars (at least some models) via a (non-public, but the capability is there) API. Two security researchers at defcon were able to find a way how to control a vehicle remotely, even including things like stopping or turning, and eventually made an exploit that could be used remotely to any car of the same model. So, if they wanted to, they were able to stop or turn the wheel of IIRC hundreds of thousands of cars around the world instantly, since the cars are connected to the network through GSM, so you don't even need to be anywhere near them.

It's been a few years since I saw the video, but IIRC the vehicle controls are on a separate board that should not be reachable from the other smart vehicle system. However, they were able to reverse engineer a way how to abuse framework update mechanism as a bridge, and use it to patch the framework to get it under their control. And then they discovered that they could actually trigger the update remotely.

Oh, I see. Oh well.

Can I send money to my friends with Taler? Taler supports push and pull payments between wallets (also known as peer-to-peer payments). While the payment appears to be directly between wallets, technically the operation is intermediated by the payment service provider which will typically be legally required to identify the recipient of the funds before allowing the transaction to complete.

I tried reading the website, but Im not really sure I get it. What it's supoosed to be? A way how to make FIAT payments thats open-sourced and private (so you dont have to pay stupid fees to banks), and it integrates into the current banking system, or is it some kind of digital currency that's not blockchain based?

If it's the former - isnt any kind of payment without KYC almost impossible, since its heavily regulated? So, you can't really have private payments in environment where there's stupid amount of laws about how much you can actually pay without it being identifiable, for example the super small monthly limit on anonymous prepaid debit cards?

Wait, do i get it right that if we've had been Feferated, Threads users can view our (Lemmy) posts, but our users cant view or interact with any Threafs posts?

you need to do it not only for every Discord server you want to use on matrix, but every channel as well. It’s a huge chore. And ofc it doesn’t work with Discord DMs.

This wasn't my experience at all - all I had to do was message the Matrix bot with servers I want to join (I'm not a mod on any of them), and it bridged all channels in that server. Also, Discord DMs are working fine.

I'm using the mautrix bridge, which doesn't use a bot or anything like that, but uses your Discord session instead.

that got me thinking, is there any kind of statistic for average maintainer age for major FOSS projects and libraries? Is the influx of new maintainers still going strong, or should we expect a really huge problem in the next few decades?

Also, what are some good resources if you want to start with maintaining or collaborating on something, if you have zero experience with the dev side of FOSS ecosystem?

If you don't use Discord for voice much, Matrix has a pretty solid bridges you can use.

Hosting your own Matrix server is suprisingly way easier than I though - got a VM on hertzner for like 5$ a month, and there is an Ansible script that takes care of the setup for you. It's also one of those rare cases where someone made an Ansible script that actually works, instead of you getting stuck in dependency-hell (seriously, fuck npm. Not a single docker or ansible tool that has used it ever worked for me out of the box. Python can get simillarly annoying).

They have a pretty easy to follow guide, and the whole setup took me like 20 minutes. I only edited a few options in config.yml (mostly to add Messenger and Discord bridge), and ran the ansible, and it worked at first try.

So I could at least ditch both messenger and discord apps from my PC and phone, without having to convince anyone to quit their poison - with only issue being that you can't use Discord voice. And that the messenger bridge is still unreliable sometimes, but those are still minor inconviniences in comparison to my deep-seated hate for Meta.

Of course - Meta still gets my chat data and content, same as Discord. But at least they don't get anything else from my phone or PC.

We can call them CCVE's! Critical CVE's.

EDIT: Oh, nevermind. I've forgotten that it's using CVSS, which has a tendency to really overestimate the risk, so almost everyting is CCVE according to them :D

Why, though? I have helpful answers in many threads, giving support about arcane issues people have been dealing with. I don't want this content to be monetized further.

Same issue. I guess I'm never going back there. I've already stopped doing it, but from time to time a question I was researching let me to Reddit.

What's the best tool to delete your account, while also overriding all of your posts and comments?

If I have more items with club price that would make a larger difference, I just quickly register a new one-use account with disposable email and random address in the app, and delete it afterwards

That's seriously impressive. I wonder, what is your threat profile for all of these? It seems to me like some of the things you do have a drastic impact on user experience, while also not providing that much of a benefit unless you have some really sensitive data.

I think that EEE would not be as impactfull here - I mean, at this stage, without Meta and already at small numbers, if they went through the EEE cycle we'd probably just be in the same position. Meta people came, and then left, nothing really changes. The people who are here are already decided to avoid Meta and other platforms, and they already have features Fediverse doesn't.

My issue is that by Federating, Meta is stealing and monetizing our content we post here, to fill their bullshit Threads with content, which its severely lacking. I hate that and don't want that in the slightest.

I'm glad to see my instance is part of the FediPact! Thanks for the link.

My own setup from the top of my head would be:

• Browser: Mullvad with Mullvad VPN, LibreWolf for stuff that breaks. Brave if I really have no other choice.
• Phone: Pixel with Graphene, main profile is Google-less, second profile with Sandboxed GServices for apps that don't work without it but I need them, downloaded through fresh gmail profile. Third profile linked to my old gmail with credit card for the two apps I bought and sometimes need to use.
• Mail: I use Protonmail, with my own domain that sounds vaguely corporate. I have a catch-all address, and generate random name.surename@mycorpdomain.com addresses for each service.
• File storage: I have a NAS, that I use for most file sharing I need.
• Music: Jellyfin server with Headphones and redacted.ch account, and I also make sure to support artists every month by spending what would be my Spotify subscription price on Bandcamp albums
• Desktop: I run Nobara, too lazy to run QubesOS - plus I game a lot, so it would be infeasible. I mostly try to get stuff on GoG and back it up on my own NAS. I have a ZeroTier network set up for streaming through Sunshine/Moonlight when I need to game from a laptop.
• VPN: I use Mullvad paid for with Monero, because it plays nicely with the Mullvad Browser fingerprint.
• Home automation: I have a few basic stuff made for Home Assistant that is running on RockPI I have at home, everything local and without any cloud, mostly through ESP32s.
• Messaging: This is the one I hate the most - most of the groups I'm working with or volunteering for use Messenger, so I have a Matrix server hosted that bridges it and Discord. It's not ideal, but better than having anything Meta on my phone.
• Payments: This one is the one I'm struggling with the most. I pay by card almost everywhere, because cash is so much effort. I've tried looking into crypto or prepaid cards, but it's really hard to find anything without KYC in Europe, so I've given up. I'm looking for advice regarding this, but I'm afraid that aside from switching to cash I'm out of luck.
• Passwords: I just use Bitwarden with YubiKey setup, same as using YubiKey for every important MFA I can. I have two backup keys stored at home, so I don't need to use other recovery methods that would render it useless.

Few recommendations from the top of my head, from skimming the post.

I'd recommend checking out QubesOS (https://www.qubes-os.org/), especially since it seems you switch between ToR and already use Silverblue, which is AFAIK similar, but why not go all the way in?

Also for VPN - I've switched Proton for Mullvad VPN, because I really like the idea they are going for - if you pair Mullvad browser, that is designed to have the same fingerprint for all users, with a VPN that's from the same company, you can kind of expect that most of the Mullvad VPN users will also be users of Mullvad Browser. Which means you will not be one of the few Proton VPN users with Mullvad fingerprint, but will have the same fingerprint as most of other users of Mullvad VPN. This will make it harder to fingerprint you based on your browser. One word of warning, though - don't install extensions to Mullvad. If you do, you break the "same fingerprint" premise, and the more extensions you install, the more identifiable you are. Mullvad should be used without any extensions.

Another thing I see is music streaming - I think that in general I'd recommend just getting a cheap laptop/NAS and run your own Jellyfin, and slowly start building your own music collection. You can also run Matrix server as a bonus, and bridge all your communication (including Signal, even though that may not help that much) - but it does help if you need to use some kind of service, i.e Messenger, for group or work related purposes.

My approach to music was to cancel my subscription, and then use the money I save to spend on albums on Bandcamp, so I still support the artists I want. I make sure to do that every month. Since there's just wast amount of music to get, I use Headphones with an account on redacted.ch to fill my library, but I still make sure to buy albums I like even if I already have them downloaded. The added bonus is that you actually don't loose any of your music, if the artist decides to pull it off the streaming service, which has aready happened to me several time.

If you want hosting your own LLM, take a look at https://refact.ai. But note that it's not really cheap, I've recently upgraded my computer and decided to use my NVIDIA 1060 to run refact, and it still didn't work well - 8Gb of GPU memory is borderline usable, and I couldn't do the finetuning.