chiisana @ chiisana @lemmy.chiisana.net

Posts

4

Comments

500

Joined

2 yr. ago

I use it semi regularly because I’ve limited myself to just two pages of Home Screen, and spatially, it is faster to launch a couple of apps that I use semi regularly, but didn’t make it to the Home Screen. It is faster than Spotlight search for me because it is super fast to short swipe twice and tap the icon, instead of longer pulling down spotlight, orient the keyboard and wait for search results to populate. I understand this is not for everyone as most people I know have more than two screens of icons, and would take more time to get to the drawer, but at least it works for me.

I think another thing that might make it faster is if Focus based Home Screen is used, the amount of pages could be drastically reduced in various customized focus modes… but I’ve never gotten into that and frankly I’m inclined to think that’s a super power user mode very few outside of Apple dives into.

Edit: also spotlight search is slower when you’d need to change keyboard languages to search for a non-default language app, especially if the other language is slower/less familiar to input (Chinese and Japanese comes to mind for me).

The very first jailbreak was from a similar exploit, so all someone has to do was visit a website via safari, drag the ever so familiar slide to unlock slider across, triggering the said image to be loaded, and jailbreak the device.

Render time arbitrary execution bugs have also existed in fonts and other benign sounding media types, on all OS and platforms. This is really not that special and is just another high impact security bug that got patched.

If they’ve got the orange cloud enabled, then Cloudflare will cache, minify, and distribute the static contents to servers closer to your ISP. The result would be that the initial page load appears faster. Dynamic content (such as actually performing a search) would require the server to actually perform actions, and would depend on wider range of factors.

A lot of words to say, yes, if you have static content to serve, Cloudflare is one of the cheapest way to make them go vroom vroom.

If you’re new, something like Uniquiti UniFi stack is very beginner friendly and well polished.

If you’re planning to run your own hardware, the usual recommendation seems to be pfsense or opnsense on a modern lower end system (Intel N100 box for example).

Bearing in mind that a router is only responsible for routing (think directing the packets where to go). You’d also want to have access points to provide WiFi for your wireless devices. This is where UniFi stack makes it easier because you can just choose their access point hardware and control through single controller. Whereas rolling your own you’d be looking at getting something else to fill that role.

At the end of the day, you’re running containers and both will get the job done. Go with whatever you want to start, and be open to try the other when you inevitably end up with jobby job that uses the other one instead.

Cloudflare has forwarded me and my hosting provider DMCA notices from the big N in the past (I helped hosted the N64 via Unity a few years back). I don’t know if they would’ve eventually taken the site down from DNS level, but I didn’t want to run the chance of affecting my other content at the time.

The reason I bring this up is because at least, as of right now, they’re using Cloudflare for DNS.

On a lot of the image boards described by OP, tagging is managed by the users collectively. That is, almost everyone could not only add but also remove tags from content, as well as collectively maintain wiki on what the individual tags mean. When multiple similar tags meaning same thing come up, they’d alias to one central one; when different usages of same tag come up, they’d take a Wikipedia-esque approach to differentiate them; some even go as far as creating categories for tags so similar concepts can be grouped together. Trouble makers (people who repeatedly use tags incorrectly) lose their tagging privileges and so problem is kind of managed at bay.

Intel pioneered the way with Spectre and Meltdown.

They’ll just figure out a way to mitigate it at cost of performance hit.

Days since last issue for me on Apple products: 15 years -- I started Apple product pairing about 15 years ago with the iPhone 3G and the unibody aluminum MacBook a little earlier, and I don't have memory of them doing me wrong.

Compare that to my servers: Days since last issue: 1 0 day -- I started using Linux close to 25 years ago, starting with RedHat Linux 6 where GNOME was the big hot new thing. While I wouldn't consider myself an expert, a relatively benign system update shouldn't have botched the system for me the way it had yesterday. This was not the first time, and it will not be the last time... and how do I know it won't be the last? My other server, hosted in the cloud by Oracle in the San Jose region lost power, went offline for several hours; the block storage attached to the VM did not get unmounted properly, which in turn did not get remounted properly, so when the system came back, it couldn't get everything back up and running automatically, and required some manual intervention before I can get back on my Lemmy instance.

For whatever reason, this just seems to be par for the course on anything that's not locked down. Yet, the scary boogieman of "if it something borks you're hosed" seems to be the norm. Track record kind of speaks for itself here, at least for me, this model works. I'm more than happy with the security and stability on things that I use to keep the lights on.

PS: Also getting fond memories of deploying Deep Freeze on Windows 3.11 Workstations so users cannot mess it up. Before doing that, going through to re-image problematic machines was a daily job, after locking everything down so the systems cannot be messed with? Monthly, just so we can deploy updates. Recurring theme much?

Everyone has different preferences and priorities.

I just spent an obscene amount of time yesterday and overnight, losing sleep in the process, in order to get our media server back online and running after what was supposed to be an automated system update that botched the entire storage array… all that just so the little one can listen to the music we’ve vetted and she likes.

That is an experience I do not want on my phone and computer. My personal computer and phone are mission critical — as in, they’re what’s enabling me to make money and put food on the table. I cannot tolerate downtimes. The fact that everything I need just works together, bundled with a much higher degree focus on privacy than everything else on the market makes it a no brainer for me to just keep buying Apple devices one after another.

Some people may prefer the tinkering and tweaks and customizations. Others might want to play emulated games or triple A titles. Not me. Give me the walled garden and lock it down. I don’t want anything that could make it remotely unstable.

Speaking of historical Flash support, I actually forgot the old Puffin Browser which I’ve bought back in 2011, and apparently is still around. They run a browser on their server and you get a VNC-like client to access that instance. So by no means native support, but it was super functional at least back in the days — haven’t used it for years since I stopped buying iPads as my use case are better suited for the Mac and the iPhone instead.

Ruffle gives it support, no EU good-intention-poor-implementation regulation required. The demo link I shared above works with any browser, built in Safari included.

the iPhone never ran Flash.

Ruffle has (recently, for me) entered the chat.

Not that this negates the performance concerns, but just that Flash on iPhone is becoming a possibility.

A lot of devs I know are purely ticket in ticket out… so unless someone convinced management there’s a performance problem and that they’d need to prioritize it over new features (good luck), then it will not be done.

Most of the apps I use support external authentication using popular standards (OAuth for most part). This means the clients will also support the said standards out of the box. Having a standardized authentication flow makes logging in much easier as well.

I also don’t want to deal with passwords… because I don’t trust myself to handle passwords. So before settling down on Authentik, I used FusionAuth to do OIDC via Google. Then I discovered I could do WebAuthn / Passkey with Authentik, so the portal really only ever need to know my public key, and approves access based on private keys, which are gated by my devices’ biometric features. This is way more secure than other solutions and I don’t even need to remember a password.

The one edge case I’ve encountered is a couple of apps recently transitioning to mandating authentication, but doesn’t have OIDC integration of their own. Fortunately, there’s a hidden config flag in XML that I can use to tell them that I have externally managed authentication, and I gate access to them via a middleware in my reverse proxy. As for client, my client of choice allows me to add custom HTTP headers, so I have a special “API key” kind of header that my reverse proxy looks at, which allow me to bypass authentication, so everything works nicely together.

In my mind, using the vanilla out of the box authentication feels less secure than me gating things via OIDC or middleware. This is because everyone knows they could Google for “Powered by WordPress” or similar phrase to target specific apps with known authentication exploit. However, by switching it up and using a different mechanism, the common exploit vectors might not be as effective against my deployment.

Admin UI feels okay to me, at most 1/2 a second between page loads/repaints, definitely not several seconds kind of slow. I am running it on my oracle free tier VM and I’ve got only 3 users, so maybe I’m way over provisioned? Have you tried to measure where the latency is coming from? As in, it is the raw page load that’s slow, or if it is subsequent JavaScript triggered requests bottlenecking the performance?

Do you mind elaborating a little on in what sense it is slow for you? It doesn’t “feel” slow for me, but as you’ve identified, it’s a multipage login process with some JavaScript driven content, so it’s not exactly the fastest compared to something more static. The pages generally loads in around/under 1 second for me; and once authenticated, the flow happens fairly quickly and infrequently that I don’t really notice or care for it.

OIDC was a huge thing for me, I used FusionAuth for a bit and it worked great. Then I learned I could deploy my own WebAuthn / passkey password-less authentication, moved over to Authentik, and never looked back.

Humph… I wonder what’s the actual underlying issue here. Such a strange one!! Hope you’re able to figure it out at some point!

If you don’t mind, can you please try disabling all but one or two stacks and see if your homepage responds faster?

I think although your setup may work, and is definitely better than me dumping everything into the Traefik gateway network, I can’t help but to wonder if Traefik picked up some overhead with each additional network it gets added to…?