Perhyte @ Perhyte @lemmy.world

Posts

0

Comments

85

Joined

2 yr. ago

That was mice, not rats.

Technically DNS will let you look up a host name from an IP address, but the catch is that it might not work: it's not automatically configured. And even if it is configured you might not get all of the host names pointing at that address.

Very many webserver operators don't bother adding the server's host name to reverse DNS. For example, lemmy.world's IP address does not map to any host name in reverse DNS, and google.com's IP address maps to some completely different name for me, with no mention of Google in the returned name.

Also, many websites can be served from the same IP address, especially if they are hosted in the cloud. You are correct that someone snooping on the connection would still see the IP address, but if that points them at something like a webhosting company or a CDN (or some other server hosting many different sites) it still doesn't really tell them which specific site is being accessed.

But yes, if the site you're accessing is the only one hosted on that server then the snoop could potentially guess the host name. But even then: how would they know that's the only site hosted there? If some site they've never even heard of uses the same IP address they would never know.

Without a VPN every host you connect to can approximate your location down to a few miles.

I just tried a few geo-IP lookups of my current IP address, and they all point to a location that (as the bird flies) is almost exactly 100 miles from my actual location. This is despite the ISP I'm using being headquartered in my current city, but maybe they have some infrastructure there?

On mobile data I instead get a location 90 miles away, and if I look up the IP address of another machine I know the exact location of, the result is 60 miles off.

60-100 miles is a pretty generous definition of "a few".

There's a bit more to it than captured in the summary, which is why it's just a summary of the spec and not the actual spec.

From a bit further down on that page:

4. Major version zero (0.y.z) is for initial development. Anything MAY change at any time. The public API SHOULD NOT be considered stable.

Lemmy is still in major version zero, so it can make breaking changes without incrementing the major version and still be in compliance with the spec. This way, projects won't have their first "real" version be something like v123.0.0.

Lemmy still being v0.x also serves as kind of a warning to app developers that changes like this may be made at any time.

My family shares a fairly uncommon surname with a professional athlete we are (as far as we can tell) completely unrelated to.

My father always joked that we should answer "we don't discuss that" when asked about it, as if there had been some huge falling-out.

Many piracy sites run ads though, don't they? Unless everyone visiting runs ad blockers (unlikely) the people running those are making at least some money. Presumably it at least covers the cost of running the sites.

It's probably just as the comment you replied to said: "stuff bought with stolen credit cards (and resold on those sites) actually costs us money, as opposed to piracy which merely 'costs' us money".

I assume you mean the table on the last page of the paper, which indeed shows WireGuard is safe against the second attack.

If you go back one page (to page 17) it has another table for the first attack. That one is less positive about WireGuard:

• The good: On Linux/Android, WireGuard is safe against that one.
• The bad: MacOs and iOs WireGuard are marked as vulnerable to that first attack.
• The ugly: Windows is marked as "local traffic blocked" which presumably means the attack failed but so does the connection they tried to attack.

You produce a hundred 24 core cpus, then you test them rigorously. You discover that 30 work perfectly and sell them as the 24 core mdoel. 30 have between one and eight defective cores, so you block access to those cores and sell them as the 16 core model. Rinse and repeat until you reach the minimum number of cores for a saleable cpu.

Except the ratios of consumer demand do not always match up neatly with the production ratios. IIRC there have been cases where they've overproduced the top model but expected not to be able to sell them all at the price they were asking for that model, and chose to artificially "cripple" some of those and sell them as a more limited model. An alternative sales strategy would have been to lower the price of the top model to increase demand for it, of course, but that may not always be the most profitable thing to do.

If you're using OpenSSH, the IdentityFile configuration directive selects the SSH key to use.

Add something like this to your SSH config file (~/.ssh/config):

    
Host github.com
  IdentityFile ~/.ssh/github_rsa

Host gitlab.com
  IdentityFile ~/.ssh/gitlab_rsa

  

This will use the github_rsa key for repositories hosted at github.com, and the gitlab_rsa key for repositories hosted at gitlab.com. Adjust as needed for your key names and hosts, obviously.

Not so much a standard as in "everyone should actually use the internet at this speed" but more as in "the bare minimum level, everyone should have at least this speed available (and we'll help pay to upgrade people stuck at slower speeds)", I believe.

It was still a low speed for that of course. It apparently hadn't been raised since the Obama administration (2015).

Rural internet speeds are often... not comparable to more densely populated areas, shall we say. My (European) perspective: I had about _{3 Mbit *down* (over ADSL) until I moved about a decade ago (on a good day, while paying for "up to 40 Mbit" (IIRC) that the line apparently just could not physically deliver to my house). Meanwhile, 1 km along the road people in town had cable internet (}100 Mbit down).

Luckily, both populations have since benefited from a fiber rollout by a smaller telco, but people in town still got that upgrade about 5 years sooner and without paying a ~€2k connection fee. AFAIK there are still areas in my country where ADSL is the best available...

We did build stuff on ActivityPub: Lemmy, Kbin, Mastodon etc. are all based on that underlying protocol.

Because you need a way to be reachable over HTTPS for other instances to be able to securely send you updates (new posts/comments/votes etc.), so you need a trusted certificate. While HTTPS does not strictly require a domain name¹ it vastly simplifies the process.

¹: It's possible to get a trusted certificate for an IP address, but not nearly as easy as getting one for a domain. And it's probably also more expensive than just getting a domain and using Let's Encrypt to get a certificate.

You can only federate via tor or i2p if both sides support those protocols, because for federation to work between two nodes both nodes need to be able to initiate connections to the other. That means one-way bridges like tor exit nodes are not sufficient.

I'd guess most Fediverse servers don't support either of those protocols, so any new server trying to federate solely through them would have an extremely limited view of the Fediverse.

Though I suppose theoretically nothing is really preventing a motivated group of server admins from setting up a parallel "dark Fediverse" containing only onion sites.

I'm from Europe (and studied CS there). My classes for some courses were about a third Indian, a third Chinese, with locals and other foreigners combined being the final third.

Of course, I'm pretty sure this photo wasn't taken anywhere near me either. For me, the clue to that was the Cyrillic on the slides.

To be fair, those first three points fall squarely under that "charging cable/accessory situations" exception. With Apple, it turns out that's a pretty broad exception.

It's possible your e-mail account was compromised, and that's how they were able to click that confirmation link you ignored. Change your e-mail password.

As of v0.18.2, Lemmy marks the "original URL" as the canonical URL so search engines know which page is the "real" one. Shouldn't that help?

It was the third time. Rutte I, III, and IV all fell, but Rutte II served its entire term (though there were still some interim changes in its composition due to a few resignations of individual ministers).

The linked page has a buggy redirect to a link that repeats itself, I suspect the author pasted the link twice.

Here's the correct link.

I want to turn it off so bad, but fomo, that one email from that one person I knew 25 years ago who only has that email address … fml.

If you want to turn it off, can't you just use some free service to forward messages to your new address?