Deebster

joined 1 year ago
[–] [email protected] 1 points 2 weeks ago* (last edited 2 weeks ago)

In the advertising bit they say what data they use and it's all broad stuff like device type and location, as well as aggregate data on how many people click on the ads. Of course, you can just disable this, which surely most people do - tbh I forgot there was even this "sponsored content" there at all (it was added a while ago I think).

They don't say that your browsing habits, interactions or communications are used for anything besides doing what's required to actually do what you asked.

[–] [email protected] 11 points 2 weeks ago (4 children)

Yes, Mozilla does some AI, like the in-browser, privacy-respecting language translation. If you use the same feature in Chrome, the text is submitted to a Google server, but in Firefox it never leaves your browser. I don't see how this could be spun to count against Firefox/Mozilla.

[–] [email protected] 2 points 2 weeks ago

My pleasure! Answering your question is a good motivation to actually document my setup.

Also, if you're moving configs over, you might find podlet useful.

[–] [email protected] 22 points 2 weeks ago (10 children)

The Privacy Notice doesn't say anything problematic at all, why is everyone acting like Mozilla is going to be feeding every keystroke into a database/AI? It's just saying that they're allowed use your inputs to browse to the sites you've asked for, and to give the form data/uploads/mic/whatever to the sites you're using.

A few words cherry picked from the middle of a sentence isn't how legal stuff works.

[–] [email protected] 2 points 2 weeks ago* (last edited 2 weeks ago) (2 children)

I use Caddy (with the Cloudflare module to handle the ACME stuff) as just another container. My setup is more classic internet server stuff - it's a VPS and all the services are internet-facing, so the DNS is via standard DNS records. Every service is on its own subdomain.

My Caddy config is pretty minimal:

$ cat caddy/Caddyfile
{
        # Global configuration
        acme_dns cloudflare myapikey
        email mycloudflareaccount
        debug
        servers {
                metrics
        }
}

manga.example.com {
        reverse_proxy kavita:5000
}

...more containers

# healthcheck target
:8080 {
        respond 200
}
$ cat .config/containers/systemd/caddy.container
[Unit]
Description=Caddy reverse proxy
After=local-fs.target

[Container]
ContainerName=caddy
Image=caddycustom
Network=kavita.network
...more networks
PublishPort=1080:80
PublishPort=1443:443
PublishPort=1443:443/udp
PublishPort=2019:2019
Volume=${HOME}/caddy/Caddyfile:/etc/caddy/Caddyfile:Z
Volume=${HOME}/caddy/data:/data:Z
Volume=${HOME}/caddy/config:/config:Z
Volume=${HOME}/caddy/httpdocs:/var/www/httpdocs:Z
HealthCmd=wget -q -t1 --spider --proxy off localhost:8080 || exit 1

[Service]
Restart=always
ExecReload=podman exec caddy /usr/bin/caddy reload -c /etc/caddy/Caddyfile

[Install]
WantedBy=multi-user.target default.target

I have a dedicated podman user (fairly restricted, no sudo, etc) that just hosts podman (i.e. the service containers and Caddy). As it's all rootless, I use firewalld to make caddy show up on ports <1024: firewall-cmd --add-forward-port=port=80:proto=tcp:toport=8080. I prefer the tiny performance hit to mucking around with the privileged ports but for completeness you can do that with sysctl -w net.ipv4.ip_unprivileged_port_start=80.

I don't specify subnets at all; I specify podman networks (one per service) and let podman handle the details.

[–] [email protected] 1 points 2 weeks ago

I HATE those sites where popups come up when you are halfway reading something.

Agreed, if I did want to sign up it would be when I've finished, not when I'm trying to read your own bloody content. I often sign up using their own domain with something like sales@ or something ruder. Petty, but it's a small vent. and if one person stops because of it I can die happy.

[–] [email protected] 7 points 2 weeks ago* (last edited 2 weeks ago) (8 children)

I love quadlets, here's an example:

$ cat .config/containers/systemd/kavita.container
[Unit]
Description=Kavita manga server
After=mnt-files.mount

[Container]
ContainerName=kavita
Image=docker.io/jvmilazz0/kavita:latest
AutoUpdate=registry
Network=kavita.network
PublishPort=5000:5000
Environment=TZ=Etc/UTC
Volume=/mnt/files/books/comics:/comics:ro
Volume=/mnt/files/books/gnovels:/gnovels:ro
Volume=/mnt/files/books/manga:/manga:ro
Volume=${HOME}/kavita:/kavita/config:Z
HealthCmd=curl -fsS http://localhost:5000/api/health || exit 1

[Service]
Restart=always

[Install]
WantedBy=default.target
$ cat .config/containers/systemd/kavita.network
[Network]
NetworkName=kavita
Options=isolate=true # library add uses Kavita site

If you've dealt with systemd service files this will look familiar, with the addition of the container section.

AutoUpdate=registry gives you automatic updates to 'latest' (or whatever tag you've set) and there's rollbacks too, so you just have to worry about the less-critical bugs in newer versions. Personally, I feel more secure with this setup, as this box is a VPS.

Network=kavita.network - I put all my containers in different networks (with minimal privs, so many don't have outgoing internet access), and my reverse proxy is also in all of those networks so it can do its thing.

[–] [email protected] 9 points 2 weeks ago

This is gloriously insane and I love it.

And then to casually drop in that

spoiler (just RTFA, it's short)it uncovered a Pleroma bug by accidentally DOSing any instance that tried to generate a link preview... chef's kiss

[–] [email protected] 2 points 3 weeks ago

It's how everyone who's anyone does code reviews!

[–] [email protected] 2 points 3 weeks ago

I think it's probably a mix of criticising a joke for its accuracy, and the fact that it's in a single paragraph so it's a huge wall of text.

[–] [email protected] 3 points 3 weeks ago* (last edited 3 weeks ago)

This seems quite serious, I'll definitely be reading the CVE once it's published. Luckily, I noticed the github notification of the release after only a couple of hours.

edit: I read the advisory and it wasn't too bad in terms of attacker access:

Impact
An attacker can use any non-existent username to bypass the authentication system and gain access to various read-only data in Navidrome, such as user playlists. However, any attempt to modify data fails due to insufficient permissions, limiting the impact to unauthorized viewing of information.

[–] [email protected] 1 points 3 weeks ago

I assume these numbers change you for the pleasure of being on hold - wouldn't it be illegal to artificially add 15 minutes of wasted time onto the bill?

This while thing feels like a Onion article.

 

Let’s discuss tasks, contestants and the show in general.

Spoilers ahead.

588
submitted 5 months ago* (last edited 5 months ago) by [email protected] to c/[email protected]
 

Hover text:

Our nucleic acid recovery techinques found a great deal of homo sapiens DNA incorporated into the fossils, particularly the ones containing high levels of resin, leading to the theory that these dinosaurs preyed on the once-dominant primates.

Transcript:

[Three squid-like aliens in a classroom; one alien stands in front of a board covered with minute text and a drawing of a T-Rex skeleton. Two aliens sit on stools watching the teacher alien. The teacher alien on the left is on a raised platform and points at the board with one tentacle.]
Left alien: Species such as triceratops and tyrannosaurus became more rare after the Cretaceous, but they survived to flourish in the late Cenozoic, 66 million years later.
Left alien: Many complete skeletons have been discovered from this era.

[Caption below the panel:]
It's going to be really funny when our museums get buried in sediment.

https://www.xkcd.com/2990/
explainxkcd.com for #2990

8
Letter Boxed (www.nytimes.com)
 

I always try to get it under par, and did today's target 4 in 2 words:democratic - culvert

 

Let’s discuss tasks, contestants and the show in general.

Spoilers ahead.

 

We have a new series! Let's discuss tasks, contestants and the show in general.

Spoilers ahead.

 

cross-posted from: https://sh.itjust.works/post/24946971

TL;DW:

Does It Make Sense To Put Data Centers In Space?

At some point in the future, yes.

Can They Really Cost Less To Operate?

In theory, yes.

Scott expresses concerns that current startups have not adequately addressed some of the practical challenges, such as cooling.

 

Yewtube mirror: https://yewtu.be/watch?v=d-YcVLq98Ew

Scott Manley discusses Lumen Orbit's plan to data centres in space and whether it or not makes sense.

 

This video takes a deep dive into the realities of commercial-scale haggis farming in Scotland. Exploring the industry's impact on animal welfare, it uncovers the ethical concerns surrounding the production of farmed haggis.

 

cross-posted from: https://programming.dev/post/18316051

Minute Cryptic is a daily single-question cryptic crossword, with a hint system and an explanation (Youtube video - it appears the channel came before the website).

Definitely worth checking out if you have any interest in cryptic crosswords, which are funnier and more interesting (imho) than standard crosswords.

2
Cryptic Crossword Daily puzzle (www.minutecryptic.com)
 

cross-posted from: https://programming.dev/post/18316051

Minute Cryptic is a daily single-question cryptic crossword, with a hint system and an explanation (Youtube video - it appears the channel came before the website).

Definitely worth checking out if you have any interest in cryptic crosswords, which are funnier and more interesting (imho) than standard crosswords.

 

cross-posted from: https://programming.dev/post/18316051

Minute Cryptic is a daily single-question cryptic crossword, with a hint system and an explanation (Youtube video - it appears the channel came before the website).

Definitely worth checking out if you have any interest in cryptic crosswords, which are funnier and more interesting (imho) than standard crosswords.

 

Minute Cryptic is a daily single-question cryptic crossword, with a hint system and an explanation (Youtube video - it appears the channel came before the website).

Definitely worth checking out if you have any interest in cryptic crosswords, which are funnier and more interesting (imho) than standard crosswords.

view more: ‹ prev next ›