@skullgiver@popplesburger.hilciferous.nl
@skullgiver@popplesburger.hilciferous.nl avatar

skullgiver

@skullgiver@popplesburger.hilciferous.nl

Giver of skulls

Verified icon

This profile is from a federated server and may be incomplete. Browse more on the original instance.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

S24? The flat back and rounded corners give off a definite iPhone feel to me.

On the other hand, all phones look the same these days anyway, especially from the back.

Stopping a badly behaved bot the wrong way.

I host a few small low-traffic websites for local interests. I do this for free - and some of them are for a friend who died last year but didn’t want all his work to vanish. They don’t get so many views, so I was surprised when I happened to glance at munin and saw my bandwidth usage had gone up a lot....

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

This seems like the right way to me. You’re using the WAF the way it was designed.

The wrong way would probably be to tarpit/slowloris the bot, or to send a gzip bomb (or zstd or brotli depending on what compression the bot advertises in its requests). Or maybe redirect it into some weird IP space, like the reserved IP space of your favourite department of defence.

You could also mess with the AI training data and send altered data back. Pretend you have a billion forum posts, with every post containing a different version of a few topics, with random words replaced by “cow” or maybe some special key word of your choice. Or maybe send back a list of “forum posts” containing popular prompts to confuse the AI into dealing with prompts badly.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

ProtonDB if you buy your games on Steam when possible. A game being gold on ProtonDB implies nothing it you buy your games from GOG or Epic. I’ve spent hours on trying to make Cyberpunk run on Linux (Lutris, Bottles, Heroic, staging versions of WINE and proton that I configured manually), but it seems I need to buy the game on Steam if I ever want to play it again.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

For me it just crashes the moment the CD Projekt logo fades out. No amount of command line arguments seem to bypass the crash. Other people online mention the same problem since a certain update, but GOG doesn’t seem to respond to those threads.

A Spy Site Is Scraping Discord and Selling Users’ Messages (www.404media.co)

An online service is scraping Discord servers en masse, archiving and tracking users’ messages and activity across servers including what voice channels they join, and then selling access to that data for as little as $5. Called Spy Pet, the service’s creator says it scrapes more than ten thousand Discord servers, and...

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

I kind of assumed this is the case for any public messaging system. The Fediverse, Matrix, Discord, IRC, it’s all full of bots like these.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

If a phone vendor were to support it out of the box with all the additional security software (the stuff most custom ROMs lack), then I don’t see why not.

If you’re flashing Linux onto your phone and want to use apps that check Google APIs, then no.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

I don’t see the benefit. Now you’re dealing with two power management chips and all of their supporting hardware, as well as the additional complexity that synchronising the two implies.

Android 14 devices should support virtualisation, and with the right kernel code, can run Linux just like any laptop or desktop. Inversely, you can run Android in a VM on a capable Linux install though there’s no way that’ll ever pass Google’s integrity checks necessary for some banking apps.

What’s lacking isn’t some kind of Frankenstein Librephone that runs two stacks of unfinished drivers, what’s lacking is a good Linux distro that can run on modern phones, and a stable Waydroid experience.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

I’ve never been able to get video acceleration without passthrough working on virt-manager. The best I’ve been able to do is use that weird virtual GPU thingy that splits GPUs into smaller sub-GPUs, but doing so turns my laptop into a space heater and hangs the host within half an hour. Partial acceleration of Linux clients is the best I’ve been able to get, but even that was a worse experience than RDP’ing into them instead of using Spice. Installing the necessary guest tools is also kind of a pain, getting resolution updates on window resize working seems to involve three reboots and a dice roll from what I can tell. Hell, I’m still not sure how exactly I’m supposed to run spice-vdagent for graphical Linux guests (I can’t find a systemd service file, but surely my workaround of launching it in XDG autostart on login can’t be the intended solution?).

I use virt-manager for most VMs, and Virtualbox and its weird hypervisor generally sucks across the board, but for the people who just want a quick VM, Oracle does a much better job.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

Virtualbox uses several kernel drivers on the host side that aren’t built into the kernel on many distros. You often end up installing them through DKMS. This also means Oracle needs to update the source code to make the drivers compatible with kernel changes.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

Isn’t that what the new IRS tool does? I’m not American but u heard they finally fixed it.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

I suppose that’s a pain, but even the countries where most people just sign off their taxes in an online wizard have the same complications. If you use financial products with complicated tax exemptions, you’ll have to fill in forms. With unregistered income like tips, there is simply no way the government can do this stuff for you, unless all tips are digital and tracked by the government (which most people don’t want, because who really pays full tax over their tips lol).

I personally don’t have these difficulties, but only because none of my savings accounts are exempted with special rules, other than the pension plan (which I’ll be paying tax over the moment I start using it, assuming the pension system doesn’t collapse before then). There’s a flat threshold, and if you have more saving than that (I think it’s 40k?) you start paying a wealth tax.

If you do any stock trading, your broker will probably send you the stuff you need for filing taxes, but you’ll have to fill out the forms or check the assumptions the government made (they like to assume a higher profit margin than you actually got}.

I don’t think many Americans would be very happy if your tax system would be changed to allow for the kind of easy filing we have. Most people would start paying more taxes and the estimates would be higher (meaning you get a higher tax return but less money month to month).

skullgiver, (edited )
@skullgiver@popplesburger.hilciferous.nl avatar

There used to be an addon you could use, but I stopped using it ages ago so I’m not sure if it’s still maintained. I think it was called nautilus-admin but there was also another script.

As a workaround, you can edit the address bar (ctrl+L, there’s no button because Gnome is weird) and add “admin://” to the start of the path. This is exactly what the addon used to do for you through a menu item.

As an added bonus, this doesn’t require you to run nautilus (and therefore all kinds of sketchy file parsers) as root.

As for why you seem to be the only person who wants this: running software as root has an annoying tendency to fuck up cache permissions (if environment files aren’t loaded correctly), has graphical glitches, and violates a lot of security assumptions developers make. Wireshark, for instance, will refuse to run certain code if you launch it as root because it wasn’t designed to protect the user from malicious scripts in that scenario. I’ve run programs as root for year sand I’ve seen the many ways in which it’ll subtly mess up your system.

There’s nothing preventing you from adding a context menu item to launch programs as root, but it’s not an included feature for good reason.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

I’ve always run gparted as root because it never seems to integrate with polkit right. A bunch of other tools that require low level disk access have the same problem. I’ve even needed root access for a program under WINE at some point to work around some silly permission bug

You’re partially right, whatever can be accomplished by running nautilus as root can be done by using admin:// paths instead, but there are legitimate reasons to run GUI programs as root.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

Any X window can control any other X window for sure, but I’m not sure why a malicious program would go through nautilus when they can just alias sudo in .bashrc. It’s not like Linux users tend to do regular virus scans anyway.

Wayland does prevent this flaw, but it also makes running GUI programs as root kind of messy.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

Many GUIs were written before polkit was set up and having to enter your root password constantly is a pain. In theory these programs could spawn a long running shell and elevate privileges in there, but that’s just running the program as root with extra steps.

Also, most programs are more than wrappers around command line tools, so splitting them into a low and hig privilege component would be a pain. It would be much more secure, for sure, but there’s only so much effort you can expect from software given to you for free.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

Partially, for sure. But there are some operations that are done natively. Those could be spawned off into a dd command, of course, but without rewriting that code, you need gparted to be elevated for copying (and I believe moving) partitions.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

Kbin and Lemmy don't seem to federate admin activity. I get a lot of spam from the various Kbin instances whereas Lemmy spam seems to be dealt with already.

I think fixing this requires dev work on both the Lemmy side and the Kbin side.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

Thank god whatever evil spirits are doing this to babies are leaving my general area alone!

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

I liked it. Some slight comic relief worked a lot better than just naming some random battle or supposed historical event that will later be shown disappointingly by some future spin-off.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

I don’t think DMCA stuff will be very relevant for most Fediverse servers (though being careful about federating with piracy focused communities may be wise), but this one stands out:

Service providers are required to report any CSAM on their servers to the CyberTipline operated by the National Center for Missing and Exploited Children (NCMEC), a private, nonprofit organization established by the U.S. Congress, and can be criminally prosecuted for knowingly facilitating its distribution. NCMEC shares those reports with law enforcement. However, you are not required to affirmatively monitor your instance for CSAM.

While I don’t think the NCMEC would appreciate being flooded with thousands of reports from federating servers all reporting the same content uploaded from one specific server once the next CSAM troll appears, this does pose more significant risks. The people who left their Fediverse servers running after kind of dropping out of the Fediverse (the many servers that were used to generate the spam waves we recently saw, for example) can easily accumulate a significant portion of illegal material to the point law enforcement actually starts caring.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

As a talk by Deviant Ollam indicated: watch out with those settings. If someone you know is incarcerated and needs help, they may just get filtered out without you ever knowing.

Be mindful of the spam filtering settings you have in case something bad happens!

(I don’t see why prison calls need to be filtered out by spam filters, but unfortunately this has happened in the past and will probably happen again)

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

So does iMessage, to be fair. The problem is that Apple decided not build clients for alternative platforms, but the app itself is quite competent.

Hopefully Apple can convince the telco people to implement E2EE in RCS (though good luck getting that through with wiretap laws all around the world, lol) so there’s some kind of cross-platform standard here. Apple is going to implement RCS to save Americans from blurry videos at the very least, but it won’t add Google’s proprietary encryption standard.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

RCS is controlled by GSMA, not Google. I’m sure they’ll welcome Google’s extensions, but Google doesn’t get to decide.

Google can try to do the same thing they did to XMPP, but then they get the same “Androids don’t receive our pictures” problem that’s driving teenagers to buy iOS in the USA in the first place.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

It definitely is, but “better” does not mean “good” unfortunately.

Hopefully Nvidia will push harder for decent drivers now that corporate Linux servers are in route to disabling X11, but as you can still get X11 back with just a simple package, I expect this process to take years.

skullgiver,
@skullgiver@popplesburger.hilciferous.nl avatar

The plastic liner is impossible to recycle, isn’t it?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • DreamBathrooms
  • GTA5RPClips
  • hgfsjryuu7
  • Youngstown
  • slotface
  • InstantRegret
  • mdbf
  • khanakhh
  • rosin
  • kavyap
  • everett
  • ethstaker
  • Backrooms
  • provamag3
  • magazineikmin
  • normalnudes
  • osvaldo12
  • cubers
  • Durango
  • thenastyranch
  • tacticalgear
  • tester
  • anitta
  • cisconetworking
  • modclub
  • Leos
  • lostlight
  • All magazines