Back in 2007-ish I told my Mum all about how you could jailbreak iphones and unlock them to make the phone with other carriers. I helped alleviate any concerns by convincing her and myself that if there are any problems after the procedure, nothing physically has been changed on the phone and as long as I made a backup first, we...
Pixel phones are basically the gold standard of Android phones for flashing custom ROMs. Google doesn’t lock anything down and provide everything necessary to not only build your own, but it even fully supports relocking the bootloader with your own keys and all the secure boot security features.
In most cases I think Google has an online tool you can run right from the browser to fully reflash the stock OS on it.
The only thing that won’t work is apps using Play Integrity which some bank apps and streaming apps use for DRM, including Google Pay/Wallet. There’s not much you can do about it especially in the longer term, as this is hardware-backed so unless some major exploit gets dropped, you can’t really fake the phone being stock to apps. Reverting to stock should bring back full functionality.
You really have to go out of your way to brick a Pixel and mess with overclocking to do permanent hardware damage.
As for the iPhone 3G, I think it was just software and an aging device. My iPod definitely got pretty laggy with multiple apps open on a device with 128MB of RAM in an OS that doesn’t even support running apps in the background. The more mods and plugins loaded the laggier naturally.
But even with a jailbreak, they didn’t mod drivers or anything that would make it different from a hardware perspective. They just sideload a store that can then install any apps. You can install bad apps but nothing that would survive a restore in iTunes.
What could have happened is she got an iOS update after the restore that also was a bit laggier and energy intensive. Or maybe the faster discharge and higher energy consumption is what finished an already aging battery. It’s very unlikely the jailbreak caused it, more likely triggered it or expedited an existing problem. Like formatting your mom’s PC whose hard drive is on death’s bed and the IO of reinstalling an OS makes it kick the bucket. Is it the OS’s fault? No. But did installing the OS cause the fault? Yes. People will still blame the OS, especially if it’s a different OS in case of a jailbreak or putting Linux on your mom’s laptop that’s still on XP or 7. The new thing, it broke the thing!
I haven’t really used any kind of messenger service since probably MSN Messenger and IRC back in the day so I’m a bit behind on a lot of the basics. Part of what’s quite different now than the experience then is what modern messenger protocols seem to be used for, as in they have public channels dedicated to topics that...
When it goes well you get live, interactive support and get your question answered fairly quickly. Nice and convenient. But as you’ve said already, it has drawbacks and it’s where forums and things like Lemmy come in, where sometimes you can get replies days later.
They’re different systems that reach different audiences. You use whichever based on the needs and complexity. What sucks is when the chat rooms develop some knowledge that doesn’t get known outside and it’s also not indexed anywhere on the web. Some things are better discussed in forum format (or mailing lists if you’re very oldschool), while others are just better interactively and the back and forth on a public forum would just be painful.
Usually there’s a bit of an overlap at least, where users are usually in Discord/Matrix/IRC and some forum or reddit or fediverse community at the same time.
I setup a new server a couple of days ago using the Ansible playbook, and some communities are federating successfully even though they’re labeled as “subscribe pending”, and others that are not populating even though they’re labeled as “joined”. See attached image....
You can try unsubscribing and resubscribing. The switch to “subscribed” from “subscription pending” depends on the remote server sending you an activity acknowledging the subscription. New instances sometimes struggle initially, because the remote instance has to discover you first and I think there’s a race condition where it won’t send the activity because it doesn’t know if your instance is up yet. (There’s an instance sync job that runs periodically to ping all linked instances, and it pauses sending activity to instances that are not considered active. If your subscription is the first interaction, you’re not “active” yet as it just learned about your instance)
That’s why half decent VPN apps also add firewall rules to prevent leakage. Although nothing can beat Linux and shoving the real interface in a namespace so it’s plainly not available to anything except the VPN process.
Most VPN providers don’t use DHCP. OpenVPN emulates and hooks DHCP requests client-side to hand the OS the IP it got over the OpenVPN protocol in a more standard way (unless you use Layer 2 tunnels which VPN providers don’t because it’s useless for that use case). WireGuard doesn’t support DHCP at all and it always comes from configuration.
The attack vector here seems to be public WiFi like coffee shops, airports, hotels and whatnot. The places you kinda do want to use a VPN.
On those, if they’re not configured well such as coffee shops using consumer grade WiFi routers, an attacker on the same WiFi can respond to the DHCP request faster than the router or do an ARP spoof attack. The attacker can proxy the DHCP request to make sure you get a valid IP but add extra routes on top.
Adding routes for other thing on the network the clients can reach directly and remove some load from the router. For example, reaching another office location through a tunnel, you can add a route to 10.2.0.0/16 via 10.1.0.4 and the clients will direct the traffic directly at the appropriate gateway.
Arguably one should design the network such that this is not necessary but it’s useful.
The guy that manages Kbin has been having personal issues and stepped away from the fediverse so yeah Kbin is kind of in limbo at the moment and indeed not well moderated. There’s mods but there’s just so much they can do. The software doesn’t federate the deletions so even if they’re gone on Kbin, they remain everywhere else.
I'm dual booting Pop_OS and Windows 11 for now while l try things out. I went with Pop_OS for the NVIDIA drivers, since I have a NVIDIA card. Installation went smoothly, but setup is where things started to get a little weird....
Do we need live reload feature in bunders? Couldn’t we just use this extension for Visual Studio Code or simular features and extensions in other IDEs which will execute a custom command of your choice when you save a file with a certain file extension in your IDE?...
Incremental builds are much faster as it often only need to rebuild the specific part that changed. Just re-running the build in VSCode won’t help you if the build takes like 5 minutes, but still instant with watch mode.
Hot reload also has some advantages such as not having to reload the page and lose state: it can just update the CSS live so you can quickly iterate on your styles even if you’re deep into the navigation at page 10 of a modal window.
We don’t need live reload/watch, but it sure is convenient.
The scale of things. Large projects take longer to compile and bundle because they’re made out of thousands of files and hundreds of thousands of lines of code.
Yeah, your hello program will go just as fast without a bundler, or a simple bundler. It’s when you go big, and use tons of libraries and stuff that it slows down and the advantages become clearer.
That’s especially true when using big libraries like React and dozens of plugins for it, frameworks like Next.js, SASS for CSS or CSS in JS, all the JSX, all the TypeScript. It adds up especially if Babel is also involved to transpile for older browser support.
5 minutes is a bit of an extreme use case, but the point is after the first build, live reload would still refresh your code at the same speed. So working on one page you don’t need to constantly rebuild the other hundreds of them, just the one you changed. If you target mobile platforms with Cordova or React Native then you also add a whole Android/iOS build + install + restart of the app. The same live reload would work even in that context, making the speed advantage even more apparent.
These things are designed for large enterprise projects, not for your small helloworld sized hobbyist programs.
Depends entirely on the bundler. They all have a watch mode, not all of them do hot reload. Hot reload is cool but full of gotchas, it’s a hack but worst case you reload the page anyway. Some probably cache on disk, I think webpack can.
But if you think about it, you either want a clean build for production, or rebuild quickly during development. Watch mode does exactly what you’d do anyway, re-run a build. And IDEs can watch its output to give you error messages.
It’s much easier to implement: just emit the code again when the file changes, and let it go through the pipeline. It’s already there in memory all figured out, no need to figure a serialization format to put on disk to load back up.
But to circle back to the original question of why use watch mode when you can just rebuild it when saving a file: you’re reinventing the wheel, and watch mode scales better and will always be faster. Yes, some people need watch mode.
#Is it bad practice to run umount -a instead of specifying the directory to unmount? I’ve always run umount -a to unmount my drive but i notice it unmounts a lot of other things. Is this bad?
On my computer that’d unmount my home directory, my external storage, my scratch space and my backup storage, and my NAS.
It would also unmount /sys and /proc and /tmp and /run. Things can get weird fast without those, for example that’s where the Xorg/Wayland socket is located.
If all you have is home and root on the same partition I guess it’s not too bad because it’s guaranteed to be in use so it won’t let you, but still, I wouldn’t do that to save like 5 keystrokes in a terminal.
Fair enough, TIL. I’ve used mount -a a fair bit, but unmounting the world is not something that crossed my mind to even attempt. It would still unmount a good dozen ZFS datasets for me.
And using loads of sensitive permissions to pull it off, like accessibility to read the screen. It’s not stealing the auth cookies from the app nor throwing exploits at Android to escape the sandbox.
Headline definitely makes it sound like it’s a drive-by exploit, but no it’s just the usual social engineering everyone is familiar with.
It’s kernel level anticheat, it can do whatever it wants. It’s on the same level as the operating system.
Realistically? Nobody’s gonna bundle Linux filesystem drivers in malware just in case. If someone is to exploit Vanguard for malware I’d expect a credentials stealer to take your Steam and Discord accounts. Ransomware would likely spread to the NAS but that can be mitigated with readonly permissions where appropriate, and backups/shadow copies.
I tried different font settings in the font settings and it didn’t improve much (font hinting, anti aliasing, custom DPI settings, different font size)...
Definitely very subjective. People keep saying macOS has amazing font rendering but for me it just looks like a blurry mess, especially on non-retina displays. My fonts are set to be as sharp as possible on Linux because when coding and in the terminal I want very sharp fonts so they’re easier to read for me.
Seconding the dependence on the particular font as well. Cantarell, Ubuntu and OpenSans are all fairly blurry regardless, unless seen on HiDPI screens in which case they do look more like macOS. DejaVu Sans can be very sharp in contrast at very low resolutions because it’s been made in the 800x600 and 1024x768 days and optimized to look sharp when small.
There’s some problem with a federated previews: tricking one instance into generating the wrong preview would spread to every instance. It’s been exploited for malware and scam campaigns in message apps.
Even without Cloudflare, simple NGINX microcaching would help a ton there.
It’s a blog, it doesn’t need to regenerate a new page every single time for anonymous users. There’s no reason it shouldn’t be able to sustain 20k requests per second on a single server. Even a one second cache on the backend for anonymous users would help a ton there.
They have Cloudflare in front, the site should be up with the server being turned off entirely.
And also have my instance intercept it to provide Google’s embed preview image, and it federates that with other instances.
Now, for everyone it would look like a Google link, but you get Microsoft Google instead.
I could also actually post a genuine Google link but make the preview go somewhere else completely, so people may see the link goes where they expect even when putting the mouse over it, but then they end up clicking the preview for whatever reason. Bam, wrong site. Could also be a YouTube link and embed but the embed shows a completely different preview image, you click on it and get some gore or porn instead. Fake headlines, whatever way you can think of to abuse this, using the cyrillic alphabet, whatever.
People trust those previews in a way, so if you post a shortened link but it previews like a news article you want to go to, you might click the image or headline but end up on a phony clone of the site loaded with malware. Currently, if you trust your instance you can actually trust the embed because it’s generated by your instance.
On iMessage, it used that the sender would send the embed metadata, so it was used for a zero click exploit by sending an embed of a real site but with an attachment that exploited the codec it would be rendered with.
What a dystopian world we live on where my 32 thread CPU with 8 channels of 64GB RAM is “obsolete” for Windows 11, because it lacks a fucking TPM of all things.
One of my most hated things in the dying days of Reddit is people having to put the /s because of all the mass down voting from users that didn’t get a post was a joke....
And lately some of those “jokes” are basically indistinguishable from serious people that are truely piece of shit humans. The “it’s a joke” to save face after the backlash has been abused far too much.
Is there any permanent risk to the phone itself if you install graphene OS?
Back in 2007-ish I told my Mum all about how you could jailbreak iphones and unlock them to make the phone with other carriers. I helped alleviate any concerns by convincing her and myself that if there are any problems after the procedure, nothing physically has been changed on the phone and as long as I made a backup first, we...
Does Matrix have anything akin to 'posts' as in Lemmy and Reddit?
I haven’t really used any kind of messenger service since probably MSN Messenger and IRC back in the day so I’m a bit behind on a lot of the basics. Part of what’s quite different now than the experience then is what modern messenger protocols seem to be used for, as in they have public channels dedicated to topics that...
Federation questions on a new server (leftopia.org)
I setup a new server a couple of days ago using the Ansible playbook, and some communities are federating successfully even though they’re labeled as “subscribe pending”, and others that are not populating even though they’re labeled as “joined”. See attached image....
Novel attack against virtually all VPN apps neuters their entire purpose (arstechnica.com)
Kbin /m/fediverse is over 90% spam
Looking at the front page of this forum and many others, leads me to conclude that kbin has a ridiculous spam problem....
I can't upload photos!
I get this error message whenever I try to...
I'm giving Linux gaming a shot, but I've run into a couple display issues
I'm dual booting Pop_OS and Windows 11 for now while l try things out. I went with Pop_OS for the NVIDIA drivers, since I have a NVIDIA card. Installation went smoothly, but setup is where things started to get a little weird....
Do we need Live Reload (Watch) in bundlers? (marketplace.visualstudio.com)
Do we need live reload feature in bunders? Couldn’t we just use this extension for Visual Studio Code or simular features and extensions in other IDEs which will execute a custom command of your choice when you save a file with a certain file extension in your IDE?...
Is it bad practice to run umount -a instead of specifying the directory to unmount?
#Is it bad practice to run umount -a instead of specifying the directory to unmount? I’ve always run umount -a to unmount my drive but i notice it unmounts a lot of other things. Is this bad?
Finland warns of Android malware attacks breaching bank accounts (www.bleepingcomputer.com)
cross-posted from: lemmy.zip/post/14903482...
What are the risks of installing Vanguard on a PC with dual boot?
tl;dr: Security concerns for my Linux partition, when running Vanguard on Windows?...
Cannot connect to my NAS after installing KUbuntu 24.04 LTS
cross-posted from: lemmy.world/post/15050323...
text clarity on windows is so good, can I get the same on linux?
I tried different font settings in the font settings and it didn’t improve much (font hinting, anti aliasing, custom DPI settings, different font size)...
Please Don’t Share Our Links on Mastodon: Here’s Why! | itsfoss.com (mastodon.social)
'We have not confirmed any instance of Vanguard bricking anyone's hardware' following its League of Legends rollout, Riot says, but there are definitely problems for some players (www.pcgamer.com)
Why is the /s necessary here as well?
One of my most hated things in the dying days of Reddit is people having to put the /s because of all the mass down voting from users that didn’t get a post was a joke....