Max-P

The continuous increases in subscription fees for Spotify and YTM, and the ever increasing number of holes on my playlist is really having me reconsider going back to sailing the high seas or at least ripping my playlists as backup before it’s all gone.

The apps have been becoming increasingly more bloated and buggy too, pay more for less and worse.

If they want them unintrusive they could just bring back the good ol’ notification ticker in the status bar. Zero space wasted by annoying notifications 99% of the time.

Having the web server be able to overwrite its own app code is such a good feature for security. Very safe. Only need a path traversal exploit to backdoor config.php!

The official open-source definition expects more freedoms that just being able to see the source: the whole point of having the source isn’t transparency, it’s freedom. Freedom to fork and modify. Freedom to adapt the code to fix it and make it work for your use case, and share those modifications.

This doesn’t let you modify the code or share your modifications at all.

The Steam Deck doesn’t fully shut down, it’s just regular sleep mode.

nothing that anybody outside of people selling dodgy romsets online are going to need to worry about

And Linux distro maintainers, Flatpak, and libretro and a lot of other projects that rely on repackaging or integrating the code in a bigger project.

Even NVIDIA has a more flexible license that at least lets distros bundle it in the repositories.

Yep, and I’d guess there’s probably a huge component of “it must be as easy as possible” because the primary target is selfhosters that don’t really even want to learn how to set up Docker containers properly.

The AIO Docker image is an abomination. The other ones are slightly more sane but they still fundamentally mix code and data in the same folder so it’s not trivial to just replace the app.

In Docker, the auto updater should be completely neutered, it’s the wrong way to update the app.

The packages in the Arch repo are legit saner than the Docker version.

I’ve heard very good things about resold HGST Helium enterprise drives and can be found fairly cheap for what they are on eBay.

I’m looking for something from 4TB upwards. I think I remember that drives with very high capacity are more likely to fail sooner - is that correct?

4TB isn’t even close to “very high capacity” these days. There’s like 32TB HDDs out there, just avoid the shingled archival drives. I believe the belief about higher capacity drives is a question of maturity of the technology rather than the capacity. 4TB drives made today are much better than the very first 4TB drives we made a long time ago when they were pushing the limits of technology.

Backblaze has pretty good drive reviews as well, with real world failure rate data and all.

OpenAI: Here’s a new model that can think in steps and reason about things!

User: How did you conclude this is the correct answer?

OpenAI: No! Not like that! banhammer

That sounds great and all on paper but that also requires a ton of moderation overhead as now every small instance has to have enough mods to deal with everything being posted, since moderation would be local only. So all the spam and CSAM would have to be taken down by each individual instance. Would also somehow have to find a way for instances to pull the hashtags out of every federated instance too. The way it works on Mastodon is someone follows an account and that causes the data to get pulled in. On Lemmy you don’t follow users, you need a way to pull the data in.

The end result would be a mess of instances not even agreeing on vote counts with vastly different comments too, and even the posts.

Lemmy doesn’t aim to be an uncensorable platform. I join communities for the content, the users, and for better or for worse, the mods too.

The individual problems of having to deal with the duplicate communities will get worked on eventually.

That’s fine, the ad co struck a deal with speaker co to not bill for those sound-seconds.

Soon: when you pause a video, it starts playing a video ad with audio, to make sure no silence time gets wasted from your speakers.

Ethernet splitter

What kind of splitter? Not a hub or switch, just a passive splitter?

Those do exist to do 4x 100M links on a single pair each, but you can’t just plug those into a router or switch and get 4 ports, it still needs to eventually terminate as 4 ports on both ends.

If you’re behind Cloudflare, don’t. Just get an origin certificate from CF, it’s a cert that CF trust between itself and your server. By using Cloudflare you’re making Cloudflare responsible for your cert.

There’s also Cockpit if you just want a basic UI

Less and less about OpenAI is actually… open at all.

No but it does show how much capitalism relies on the absolute exploitation of the labor market and the double-standards from the US in that regard. Free market good but only when US companies are the ones fucking everyone over.

• US companies buying cheap stuff from China and marking it up 500%: good, American values
• China cuts the middleman and sells the same product for the same price they would sell it to the reseller: noooooo we can’t compete with that, China bad, it’s so unfair! Waaaaaaa

At least the EU doesn’t constantly brag about muh freedom and how the free market is the best thing ever and you’re a commie if you don’t agree that capitalism is the best.

I believe you, but I also very much believe that there are security vendors out there demonizing LE and free stuff in general. The more expensive equals better more serious thinking is unfortunately still quite present, especially in big corps. Big corps also seem to like the concept of having to prove yourself with a high price of entry, they just can’t believe a tiny company could possibly have a better product.

That doesn’t make it any less ridiculous, but I believe it. I’ve definitely heard my share of “we must use $sketchyVendor because $dubiousReason”. I’ve had to install ClamAV on readonly diskless VMs at work because otherwise customers refuse to sign because “we have no security systems”. Everything has to be TLS encrypted, even if it goes to localhost. Box checkers vs common sense.

LetsEncrypt certs are DV certs. That a put a TXT record for LetsEncrypt vs a TXT record for a paid DigiCert makes no difference whatsoever.

I just checked and Shopify uses a LetsEncrypt cert, so that’s a big one that uses the plebian certs.

Neither does Google Trust Services or DigiCert. They’re all HTTP validation on Cloudflare and we have Fortune 100 companies served with LetsEncrypt certs.

I haven’t seen an EV cert in years, browsers stopped caring ages ago. It’s all been domain validated.

LetsEncrypt publicly logs which IP requested a certificate, that’s a lot more than what regular CAs do.

I guess one more to the pile of why everyone hates Zscaler.