@chris@strafpla.net
@chris@strafpla.net avatar

chris

@chris@strafpla.net

#37c3 📞6282
„Guten Abend, wir sinken, darf ich mich setzen?“

GermanTravellingITGuyGay50yoNonVegetarianWithOnsettingEnvironmentalismExSmokerAtheistNerdMotorbikerOwnedByTwoCatsAndAMan
EuropeanAsFuck🇪🇺
If I argue hard and extensively with you, please feel appreciated.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

vicgrinberg, to random
@vicgrinberg@mastodon.social avatar

🥺 Definitely too much light pollution in Leiden city to see the Aurora - and I'm too chicken to cycle out into the polders/fields on my own at night.

chris,
@chris@strafpla.net avatar

@vicgrinberg Same in , even after a few minutes of accomodation.

mcc, to random
@mcc@mastodon.social avatar

Hard to imagine a signal that a website is a rugpull more intense than banning users for trying to delete their own posts

https://www.tomshardware.com/tech-industry/artificial-intelligence/stack-overflow-bans-users-en-masse-for-rebelling-against-openai-partnership-users-banned-for-deleting-answers-to-prevent-them-being-used-to-train-chatgpt

Like just incredible "burning the future to power the present" energy here

chris,
@chris@strafpla.net avatar

@mcc IIRC Mastodon is older than Lemmy and the current move to Mastodon/Fedi happened in multiple waves, so it may be too early for higher expectations.
For stackoverflow I expect some degradation of quality since they accept “AI” generated content. This may additionally frustrate high quality authors and motivate them to leave. We’ll see.
What would a federated stack overflow look like if we were to invent it?

chris,
@chris@strafpla.net avatar

@mcc I personally see less problem in scraping a federated pool of knowledge but I absolutely hate that stackoverflow now owns this knowledge and can keep people from using it but sell “AI” as a service to them.

chris,
@chris@strafpla.net avatar

@mcc So we’d be looking for Schrödingers license, allowing and forbidding closed derivative works at the same time :-)

(I have a feeling that a lot of licenses only work because nobody has a close look at how their objects are used.)

vicgrinberg, to random
@vicgrinberg@mastodon.social avatar

I am trying to re-create an old talk from ~4 years ago I found in my archives and I simultaneously love past-me (she did such a great job developing a talk structure, much better than the one I had in mind when asked to give a talk on this topic a month ago!) and hate her (she somehow managed to deleted the keynote of the talk so that I am now stuck with a PDF and trying to find all figures & re-type the text ...).

chris,
@chris@strafpla.net avatar

@vicgrinberg Has been my secret tool to extract figures from documents, it has saved me a lot of time in the past 10+ years or so.
Depending on the way you generated the PDF it may save you some time.

https://echoone.com/de/filejuicer/

vicgrinberg, to random
@vicgrinberg@mastodon.social avatar

Natürlich musste ich in Köln bei Bittner vorbei - ich habe wirklich versucht, diesmal weniger Bücher zu kaufen. 9 ist weniger als 10, oder? Also: Erfolg!

chris,
@chris@strafpla.net avatar

@vicgrinberg “Judenhass underground” fand ich extrem interessant und hilfreich! Gar nicht deprimierend, sondern “orientierend”, wenn das Sinn macht. Und zum emotionalen Aufbauen kommt nächste Woche “Die neue Schule der Demokratie”.

liztai, to TikTok
@liztai@hachyderm.io avatar

I don't use . Don't even have an account. Can't stand the app. But this thing with TikTok in the US is grossing me out. It's one thing to ban the thing but quite another to force the co to sell the platform to a US company. That's like a land grab, even if money is exchanged. This is going to put a chill on business relations not just with China but with companies globally, because they'll be wondering, "will I be the next Bytedance? Will they try to grab my company too?"

chris,
@chris@strafpla.net avatar

@liztai I’m not an economist, but from what I read withing the last decade it’s not completely without parallels to the challenges international companies are facing when doing business in China.
And I never heard that those companies tried to campaign Chinese citizens to pressure their government into doing something.
So, from a distance, it does not seem too drastic.
https://www.vanityfair.com/news/tiktok-unleashed-pressure-campaign-congress

chris,
@chris@strafpla.net avatar

@liztai Sorry, but I didn‘t write “the same”.

hope_n_beauty, to random German
@hope_n_beauty@mastodon.world avatar

Lindner 2019 zu : "Klimaschutz sei eine Sache der Profis"

Über , was man den besser NICHT überlassen sollte, und den Mythos der angeblich so segensreichen Kräfte des .🙄
Spoiler: Dieser Mann hätte niemals werden dürfen!

https://www.spiegel.de/wirtschaft/unternehmen/christian-lindner-und-die-wundersame-welt-der-profis-a-1257764.html

chris,
@chris@strafpla.net avatar

@hope_n_beauty Wenn ich mich richtig erinnere, haben uns echte Ökonomen, darunter der Nobelpreisträger und frühere Chef der Weltbank Joseph Stiglitz, davor gewarnt, Leichtgewicht zum Finanzminister zu machen…

reginasbread, to random
@reginasbread@homo.promo avatar

sometimes, I hit "bookmark" instead of "star" when I want to like a toot, and then I try to figure out why certain posts are in my bookmarks. I mean, they're all bangers, but why did I bookmark a post about wanting to be stuck in a cabin with a bunch of hunks?

chris,
@chris@strafpla.net avatar

@reginasbread I‘m looking forward to watching them build a cabin!
(That was the plan, wasn‘t it?)

chris,
@chris@strafpla.net avatar

@reginasbread Your subconsciousness may be using the bookmarks as a bucket list?
Edit: As a side note - my subconsciousness is asking politely if we could swap our bookmarks, I have no idea why.

chris, to random
@chris@strafpla.net avatar

So vaccines are dangerous because is dangerous.
stops mRNA synthesis in the human body very effectively, it is absolutely natural, organic and available for free in wild mushrooms.
is hiding this fact from us and even managed to give the most common of these mushrooms a bad name.
not ” may be a good campaign slogan!

chris,
@chris@strafpla.net avatar

@vampirdaddy But it’s not organic!

matt, to random
@matt@isfeeling.social avatar

When in doubt, you can always tell which iPad cost more money by how little color it has.

These are both "pink" iPads, but one costs $150 more than the other…more color is not one of the things you're paying for 😂😭

chris,
@chris@strafpla.net avatar

@matt Not so sure. I bought a purple iPad mini a while a go because it was cheaper than regular colors like silver or space gray.

piefedadmin, to random

Fediverse traffic is pretty bursty and sometimes there will be a large backlog of Activities to send to your server, each of which involves a POST. This can hammer your instance and overwhelm the backend’s ability to keep up. Nginx provides a rate-limiting function which can accept POSTs at full speed and proxy them slowly through to your backend at whatever rate you specify.

For example, PieFed has a backend which listens on port 5000. Nginx listens on port 443 for POSTs from outside and sends them through to port 5000:

upstream app_server {   server 127.0.0.1:5000 fail_timeout=0;}

server {   listen 443 ssl;   listen [::]:443 ssl;   server_name piefed.social www.piefed.social;   root /var/www/whatever;   location / {       # Proxy all requests to Gunicorn       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;       proxy_set_header X-Forwarded-Proto $scheme;       proxy_set_header Host $http_host;       proxy_redirect off;       proxy_http_version 1.1;       proxy_set_header Connection "";       proxy_pass http://app_server;       ssi off;   }

To this basic config we need to add rate limiting, using the ‘limit_req_zone’ directive. Google that for further details.

limit_req_zone $binary_remote_addr zone=one:100m rate=10r/s;

This will use up to 100 MB of RAM as a buffer and limit POSTs to 10 per second, per IP address. Adjust as needed. If the sender is using multiple IP addresses the rate limit will not be as effective. Put this directive outside your server {} block.

Then after our first location / {} block, add a second one that is a copy of the first except with one additional line (and change it to apply to location /inbox or whatever the inbox URL is for your instance):

location /inbox {       <strong>limit_req zone=one burst=300;</strong>#       limit_req_dry_run on;       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;       proxy_set_header X-Forwarded-Proto $scheme;       proxy_set_header Host $http_host;       proxy_redirect off;       proxy_http_version 1.1;       proxy_set_header Connection "";       proxy_pass http://app_server;       ssi off;  }

300 is the maximum number of POSTs it will have in the queue. You can use limit_req_dry_run to test the rate limiting without actually doing any limiting – watch the nginx logs for messages while doing a dry run.

It’s been a while since I set this up so please let me know if I mixed anything crucial out or said something misleading.

https://join.piefed.social/2024/04/17/handling-large-bursts-of-post-requests-to-your-activitypub-inbox-using-a-buffer-in-nginx/

chris,
@chris@strafpla.net avatar

@piefedadmin @jcrabapple Wouldn‘t that mean that sender considers the POST request successful irrespectively from what the receiving fediverse server responds later?

Fischblog, to random German
@Fischblog@chaos.social avatar

Die Sonne scheint, die Kirschen blühen, die Vögel sitzen in den Bäumen und singen "Fickenfickenficken". Es ist sehr idyllisch.

chris,
@chris@strafpla.net avatar

@Fischblog “A chalky, white plug erupts out, taking over their bodies and making their genitals fall off… [the fungus] produces an amphetamine, which could give them stamina.”

Die Natur ist schon ein bisschen extrem…

https://www.cbsnews.com/news/cicadas-zombies-hyper-sexual-sexually-transmitted-fungus-expected-to-emerge-this-year-massospora-cicadina/

uastronomer, to random

So here's a question: Scammers are always trying to get people to buy gift cards and then read them the code, so that they can get their money launderer to redeem them online or something?

And there's be some sort of hash function or whatever used to generate the voucher codes to stop people just trying to guess them sequentially?

Sort of like activation codes on software? So why has nobody written apple_gift_card_keygen.exe?

chris,
@chris@strafpla.net avatar

@uastronomer Interesting question. I guess it’s more than a (bad) hash of a sequence number and a secret. If you don’t want to check against a full database of all cards at least a part of the code needs to point into the direction of the expected content that was hashed.
And the cards are activated at POS, so they are worthless if stolen from the store - at least in my area.

scy, to random
@scy@chaos.social avatar

Eek. Apparently liblzma (part of the xz package) has a backdoor in versions 5.6.0 and 5.6.1, causing SSH to be compromised.

https://www.openwall.com/lists/oss-security/2024/03/29/4

This might even have been done on purpose by the upstream devs.

Developing story, please take with a grain of salt.

The 5.6 versions are somewhat recent, depending on how bleeding edge your distro is you might not be affected.

chris,
@chris@strafpla.net avatar

@scy I was wondering about that, too, but I don‘t think that‘s a very likely scenario here.
Malware infected binaries presenting a wrong version number would be very easy to stumble upon by accident - and the code changes would be, too.
One does not put that much effort into injecting malware just to give it away like this.

chris,
@chris@strafpla.net avatar

@scy Ah, ok, in theory you are right.
But has been executed many times since / if it was installed on our systems.
Not executing it now may feel good, but it does not make a difference, it’s still the same software that was executed a day ago, before we knew.
If I don’t execute it now for fear of some nefarious activity I must expect that this activity already happened.
So avoiding to execute it today only makes sense if I am about to reimage the system from scratch, immediately.

atomicpoet, to fediversenews
@atomicpoet@atomicpoet.org avatar

The Fedipact table showing which servers are blocking Threads is not accurate!

For example, it says that atomicpoet.org is blocking Threads when, in fact, this is not correct. So view this entire site with skepticism.

https://fedipact.veganism.social/

@fediversenews

chris,
@chris@strafpla.net avatar

@atomicpoet @fediversenews Fedi-Scrapers!

(I’m sorry chris, I’ll let myself out…)

Gargron, to random
@Gargron@mastodon.social avatar

Fucking Boeing

chris,
@chris@strafpla.net avatar

@Gargron Did they really use the words „Don‘t panic“?

cstross, to random
@cstross@wandering.shop avatar

There is now a USB memory stick drying in my airing cupboard.

Because @Menhit pushed it off a shelf and straight into my teacup!

Obviously she doesn't want me installing Mint Linux on a spare ultrabook any time soon …

chris,
@chris@strafpla.net avatar

@cstross @Menhit For strange reasons of symmetry I just dropped a 256GB USB stick and a USB-C adaptor into a bucket full of dirty water.
We don’t have a cat and I had no tea, so I had to improvise with what I had at hand / in the bathroom
I rinsed them in IPA and now they are drying in Silica Gel.
I don’t really like this new fad but I guess the ice bucket challenge was worse.

cstross, to random
@cstross@wandering.shop avatar

Hypothesis about busybox: busybox development will only be complete once it includes gcc and a linux kernel that can boot off the bare metal.

chris,
@chris@strafpla.net avatar

@dougs @cstross I vaguely remember that and were not in the best standing and there was some ”recent” drama.
(time compression is to most annoying thing about aging to me.)
https://m.slashdot.org/story/301957

vicgrinberg, to random
@vicgrinberg@mastodon.social avatar

I made it to Restaurant Ernst in Berlin today - folks, everything I heard about it got topped by the real experience.

I will not call it best because there is no way to compare Vermeer to Van Gogh or El Greco to Mucha, they are too different - but it's definitely among my absolute recommendations.

I had the full menu (their only option) + the non-alcoholic pairing. Wanna come along?

(P.S. Folks, remember, I block ruthlessly if you poop on my party.)

chris,
@chris@strafpla.net avatar

@vicgrinberg When thinking of hazelnuts in the kitchen I’m usually thinking of roasted hazelnuts, but I can imagine the mild taste of cooked hazelnuts to go together very well with quite some things. Maybe with Teltower Rübchen?
Very nice idea to do some experimenting on, thanks for bringing it up!
Also: I can have Soba as a tea? Why did’t anybody tell me about this all the years?

chris,
@chris@strafpla.net avatar

@vicgrinberg The hazelnut radish dish is especially interesting!
Was the radish with the hazelnuts more on the pickled side or more mild and cooked?

chris,
@chris@strafpla.net avatar

@vicgrinberg
Edit: I should have learned to be a little patient with the fediverse by now…

Was: Can you tell us about the menu you had? If I understand correctly it was prepared in the open kitchen directly adjacent to the bar you were sitting at?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • provamag3
  • InstantRegret
  • mdbf
  • ethstaker
  • magazineikmin
  • GTA5RPClips
  • rosin
  • thenastyranch
  • Youngstown
  • osvaldo12
  • slotface
  • khanakhh
  • kavyap
  • DreamBathrooms
  • JUstTest
  • Durango
  • everett
  • cisconetworking
  • Leos
  • normalnudes
  • cubers
  • modclub
  • ngwrru68w68
  • tacticalgear
  • megavids
  • anitta
  • tester
  • lostlight
  • All magazines
    •