Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.
I think in this context it’s meant on a technical level: as far as the fediverse is concerned, there’s not a whole lot instances can do. Anyone can just spin up an instance and bypass blocks unless it works on an allowlist basis, which is kind of incompatible with the fediverse if we really want to achieve a reasonable amount of decentralization.
I agree that we shouldn’t pretend it’s safe for minorities: it’s not. If you’re a minority joining Mastodon or Lemmy or Mbin, you need to be aware that blocking people and instances has limitations. You can’t make your profile entirely private like one would do on Twitter or any of Meta’s products. It’s all public.
You can hide the bad people from the users but you can’t really hide the users from the bad people. You can’t even stop people from replying to you on another instance. You can refuse to accept the message on the user’s instance, but the other instance can still add comments that don’t federate out. Which is kind of worse because it can lead to side discussions you have no way of seeing or participate in to defend yourself and they can be saying a lot of awful things.
The guy that manages Kbin has been having personal issues and stepped away from the fediverse so yeah Kbin is kind of in limbo at the moment and indeed not well moderated. There’s mods but there’s just so much they can do. The software doesn’t federate the deletions so even if they’re gone on Kbin, they remain everywhere else.
It depends what you want to do and the amount of polyfills/backwards compatibility you need.
Nowadays most projects use one of the big frameworks like React/Vue/Svelte and others which take a vastly different approach to maintaining the DOM and for the most part you never manipulate nodes yourself, therefore you don’t need jQuery and it’s not used much anymore. JSX is weird at first but it’s actually quite nice. Some of those libraries like SolidJS have impressively low overhead.
And for those that like to stick to just minimal JS, the browser APIs have matured a lot so a lot of jQuery isn’t really necessary anymore either. We have querySelectorAll and things like Array.prototype.forEach and Array.prototype.map and arrow functions that cut down a lot on what shortcuts jQuery would offer. Visual effects are usually done with CSS animations and just switching up classes. Everything AJAX is easier and cleaner with the new fetch() function and accessories. Vanilla JavaScript is for the most part quite usable and easy these days. You can even create custom HTML elements from JavaScript to make your life easier!
But if you’re looking at the jQuery API specifically, you can still use jQuery today. It’s still maintained and functional. I think modern versions are pretty small too since it no longer needs half of it to be Internet Explorer hacks and other obsolete browsers that were holding web development back.
i think we need Cracked-style articles back. desperately. or like, a guy doing a weird thing and writing a piece on it. sites like those are declining faster than the glaciers.
I miss the simplicity and the focus on the information due to the technical limitations.
Websites just had the information, well presented. None of that blog spam with a massive story on how error code -21 could suck and seriously impact your business and that you should hire professionals. But anyway here’s a command copied from a 10 year old StackOverflow answer that hasn’t worked for 5 years and isn’t actually related to what you were Googling at all, but now you’ve viewed 3 advert videos, scrolled through 10 sponsored ads and closed 2 popups. Here’s the next article on error -22.
Also, downloads were “here’s the link to it on our FTP server”, none of that guess which download button is the real one, waiting 30 seconds for the download to prepare and having to sign up for faster download speeds.
The Verge and 404 Media are building out new functions that would allow them to distribute posts on their sites and on federated platforms – like Threads, Mastodon and Bluesky – at the same time. Replies to those posts on those platforms become comments on their sites.
For the work part in particular, you may find that a virtual machine will get the job done pretty well. With modern CPUs there’s basically no overhead, so it’s often easier to just run the OS you need in a VM.
You can just run it in the background, run your .NET and SQL server and stuff, possibly VSCode remote into it. PowerShell over SSH. If you need to run a GUI application, you can just RDP into it. FreeRDP has a cool feature where it can RDP a single application so it pops up as any other app on the host. Works great when you just need the database’s GUI or whatever.
With virtio drivers and everything, it will be essentially as fast as if native. GUI will be slow because of software rendering, but the point is to use it as a server and only use the GUI as necessary, and for server stuff RDP isn’t too bad given it’s basically localhost network.
There’s also the fun but painful world of VFIO and passing through a real GPU into the VM and feeding back the video to the host with Looking Glass. It’s so good you can game on that (anticheat still won’t work though, they don’t like VMs), so if RDP bothers you that’s an option. Although in my experience, Visual Studio is just as slow and buggy natively, so I wouldn’t bother and just RDP.
If you add virtiofs to the mix, in theory you can share the code folder and use VSCode on the host and compile on the guest, or even compile on the host and run on the guest. Or send compile commands to Windows over SSH from VSCode. I have my entire Steam library (and Proton containers) on virtiofs and it works perfectly, so I have to imagine a code project should work nicely as well.
Virtual machines are an awesome tool. There’s also the benefit of keeping all the work stuff in a big isolated container. If you have multiple projects you can make multiple VMs and not worry about one project needing version X and the other version Y of whatever.
After a crash during an update (which I managed to recover from), the default file manager Nautilus no longer works, and crashes so hard it crashes VirtualBox too....
Prometheus/VictoriaMetrics/Grafana are pretty good, had no issues with it and there’s an exporter for damn near anything. They’re pretty easy to custom write too.
I get that you can’t stop people from commenting on your posts but you can still filter it out from the results.
Mastodon is arguably easier to deal with since you’re replying directly to someone, so the user’s server can reject it and be done with it. On Lemmy it really should behave as if you blocked the user: just hide it from view. Simply because if you’re on instance A, blocked instance is B and the community is on C, B has no problem posting to C as it doesn’t know you’ve blocked it on A. But even defederation doesn’t address that either: you can reply to defederated users and they’ll never know for the same reason.
I think on this type of social media, not seeing it is the best you can do regardless.
Yeah, it’s not really advertised as an init system anymore. It’s an entire system management suite, and when seen from that angle, it’s pretty good at it too. All of it is consistent, it’s fairly powerful, and it’s usually 10-20 lines of unit files to describe what you want. I wanted that for a long time.
I feel like the hate always comes from the people that treat the UNIX philosophy like religion. And even then, systemd is very modular, just also well integrated together: networkd manages my network, resolved manages my DNS, journald manages my logs, timesyncd manages my NTP, logind manages my logins and sessions, homed mounts my users profiles on demand.
Added complexity, yes, but I’ve been using the hell out of it. Start services when a specific peripheral is plugged in? Got it. Automatically assign devices to seats? Logind’s got you covered, don’t even need to mess with xorg configs. VM network? networkd handles it. DNS caching? Out of the box. Split DNS? One command. Don’t want 2000 VMs rotating their logs at exactly midnight and trashing your ceph cluster? Yep just slap a RandomizedDelaySec=24h to the units. Isolate and pin a VM to dedicated cores dynamically? Yep it’ll do that. Services that needs to run on a specific NUMA node to stay close to PCIe peripherals? Yep easy. All very easily configurable with things like Ansible or bash provisioning scripts.
Sure it may not be for everybody, but it solves real problems real Linux admins have to deal with at scale. If you don’t like it, sysvinit still works just fine and I heard good things about runit too. It’s an old and tired argument, it’s been over 10 years, we can stop whining about it and move on. There’s plenty of non-systemd distros to use.
Hi, I'm new with self-hosting but managed to set up my own Lemmy and Mastodon instances on a VPS recently. However, I ran into an issue with disk space quite rapidly (which I had way too few, because I started with the cheapest, smallest package for my VPS)....
I setup a micro PC with Ubuntu and plugged it into my TV for media streaming, and was just wondering if there was a way to optimize the experience for non KBM
When you live in a city generally the pattern changes. You don’t take the car and go do your biweekly costco trip and come back with 20 bags of groceries. You get like 1-4 at a time, and go more often.
A lot of the time just going out anywhere, you can fit a quick grocery stop on your way home so you come back with maybe 5 items. It’s perfectly reasonable to leave work, grab a quick steak at the butcher, some veggies at the store, and you get home with fresh food to cook. Or even go back out because you forgot an item.
City life is just a whole lifestyle. It gets you in shape, and you just don’t think that much about having an elevator to go to the second floor.
What emulator did you try to download that was 2GB? They’re definitely not that big, but your choice of emulator might be pulling in a lot of dependencies especially if it’s a Flatpak.
If you install it from apt you should get the smallest size as it can share the most libraries with the rest of the OS.
But that won’t change that if you run KDE but end up with a GTK-based emulator you’ll pull in a good chunk of Gnome to run it. Or if it’s a 32bit application and your first one, it needs to pull in a good chunk of the OS in 32bit variant.
Total installed size really isn’t an indicator of a bloated emulator or any indication it’ll struggle on your old Celeron. I’m kinda curious how you end up with a 2GB though that seems rather extreme.
What a dystopian world we live on where my 32 thread CPU with 8 channels of 64GB RAM is “obsolete” for Windows 11, because it lacks a fucking TPM of all things.
I think it can also get weird when you call other makefiles, like if you go make -j64 at the top level and that thing goes on to call make on subprojects, that can be a looooot of threads of that -j gets passed down. So even on that 64 core machine, now you have possibly 4096 jobs going, and it surfaces bugs that might not have been a problem when we had 2-4 cores (oh no, make is running 16 jobs at once, the horror).
Note: do that from a live CD/USB or with the source drive mounted readonly. If you dd a mounted and used filesystem, you’ll most likely end up with a corrupted and useless filesystem on the target.
They even used to be the best drivers, a long time ago when nobody cared about the graphics stack. Had ATI/AMD? You got the FGLRX proprietary driver and it was really bad.
12 years ago it was probably one of the least broken GPU drivers available. You actually got most of your GPUs capabilities.
Now with Intel and AMD going open-source, those are now the best drivers and NVIDIA is lagging behind and not keeping up with advancements in the Linux graphics stack. Hopefully the open driver and NVK catches up and brings everyone a good open-source NVIDIA experience so we can stop relying on the proprietary driver.
Hi guys, I was looking for matrix.org’s and Element Client’s privacy policies and I saw something that says Matrix and Element shares data with AWS (Amazon Web Service), Cloudflare, Mythic Beasts, UpCloud. Is it safe to use? The matrix.org has good features as FOSS, decentralized etc. But this seem a lil bad. Any experts...
It’s end to end encrypted, it could be hosted on the NSA’s servers for all you care, it should be safe.
The reason this is there is likely because they use those cloud services to provide the hosted services, so they disclose that they do. I don’t think it applies to the client you download or the ones you self-host from open-source builds on your own homeserver on your own infrastructure.
Where there’s no “agenda” or biased mods/admins. I’d love a good community where if there’s issues, it’s handled fairly and with respect to both sides of the argument....
The overwhelming majority of time I see those requests, it’s right wingers being offended by basic respect of human beings that they deem to be inferior and want to freely discriminate against.
I tried free speech absolutism in the past and it always ends up with incredibly toxic communities. Moderation is good.
In 10 years even on Reddit, I never had any encounters with mods or admins. I’ve never been able to find the tyrannical mods that everyone whines about.
Yeah, if I see “Steam Deck verified”, I expect the game to work 100% out of the box. Although I guess a “playable” rating might have been more appropriate, but with online mode being so popular I’m sure there would be tons of complaints if Valve said it worked perfectly.
Authorized Fetch Circumvented by Alt-Right Developers (wedistribute.org)
Authorized Fetch (also referred to as Secure Mode in Mastodon) was recently circumvented by a stupidly easy solution: just sign your fetch requests with some other domain name.
Kbin /m/fediverse is over 90% spam
Looking at the front page of this forum and many others, leads me to conclude that kbin has a ridiculous spam problem....
Google’s AI Overviews are out of control (stackdiary.com)
Would you like a spicy spaghetti dish? Just use some gasoline.
Is jQuery still the go-to JS helper library?
It’s been awhile since I did any frontend work. Is there something that has taken jQuery’s place?
What do you miss from the old internet?
i think we need Cracked-style articles back. desperately. or like, a guy doing a weird thing and writing a piece on it. sites like those are declining faster than the glaciers.
Why publishers are preparing to federate their sites - Digiday (digiday.com)
The Verge and 404 Media are building out new functions that would allow them to distribute posts on their sites and on federated platforms – like Threads, Mastodon and Bluesky – at the same time. Replies to those posts on those platforms become comments on their sites.
Trying to ditch windows
I really want to switch to Linux, up to this point there were two things keeping me on Windows, gaming and work....
Ubuntu crashes VM when Nautilus is opened
After a crash during an update (which I managed to recover from), the default file manager Nautilus no longer works, and crashes so hard it crashes VirtualBox too....
Monitoring software for a wide array of hw and sw
I’m looking into setting up some monitoring combined with simple automation for my selfhosting. Currently I was thinking about using Zabbix....
(SOLVED) I'm Going Insane. Why Does Mullvad DNS Not Work Underneath My Linux Machine When Every Other DNS Does?
I have wasted the last 2.5 hours trying to see where I went wrong with my configuration and I just can’t....
A certain overly sensitive instance deleted my meme so I've blocked it completely. Will it also block their community from interacting with me on other instances?
Fedora 40 Will Enable Systemd Service Security Hardening (fedoraproject.org)
Summary...
[Question] Disk Space for Lemmy and Mastodon instances
Hi, I'm new with self-hosting but managed to set up my own Lemmy and Mastodon instances on a VPS recently. However, I ran into an issue with disk space quite rapidly (which I had way too few, because I started with the cheapest, smallest package for my VPS)....
Controller Oriented Interface for linux?
I setup a micro PC with Ubuntu and plugged it into my TV for media streaming, and was just wondering if there was a way to optimize the experience for non KBM
People that lived in walk up apartments *with no elevator*, did you like it?
Again, with no elevator....
Emulation on pc
I have an old Linux PC and wanna get a SNES emulator....
'We have not confirmed any instance of Vanguard bricking anyone's hardware' following its League of Legends rollout, Riot says, but there are definitely problems for some players (www.pcgamer.com)
Gentoo users be like (sh.itjust.works)
CentOS 6.3 - Best backup / restore solution?
Hello everyone!...
Released: NVIDIA 555.42.02 Linux Beta Brings Wayland Explicit Sync, GSP Firmware (www.phoronix.com)
Is it really safe?
Hi guys, I was looking for matrix.org’s and Element Client’s privacy policies and I saw something that says Matrix and Element shares data with AWS (Amazon Web Service), Cloudflare, Mythic Beasts, UpCloud. Is it safe to use? The matrix.org has good features as FOSS, decentralized etc. But this seem a lil bad. Any experts...
Not sure if this is allowed, and if it's not, can someone direct me to where it is- but.... what is considered to be the most unbiased lemmy instance?
Where there’s no “agenda” or biased mods/admins. I’d love a good community where if there’s issues, it’s handled fairly and with respect to both sides of the argument....
Valve is making a huge mistake with Ghost of Tsushima on Steam Deck (www.pcgamesn.com)