• 6 Posts
  • 105 Comments
Joined 6M ago
cake
Cake day: Jan 21, 2021

help-circle
rss

Note that this isn’t integrated into the fediverse in any way. It is basically just slapping any old comment system on top of the post.

I would expect that a proper comment system would allow things such as relying from any old fediverse account.



I like Kubernetes.

  • It encourages immutable infrastructure for apps by default. You update the pod to a new image rather than slowly mutating a VM with new versions.
  • It has a basic rollout system which will be sufficient for quite a while.
  • Its HTTP load balancing and routing is sufficient for most services, especially if you stick a CDN in front of it.
  • Its TCP+UDP load balancing is enough to get started with, and the APIs are there for bypassing it when you need to.
  • It makes it very easy to support failover between multiple VMs and cloud availability zones so that you don’t have (significant) downtime for machine failures or node updates.
  • Lots of tooling built around it.

I think my main tip is don’t get too caught up in the various tooling. If you are trying to be productive just pay GCP or another cloud and run with it. You can always migrate to another solution later when the costs are significant relative to the opportunity costs of your development time. The migration to things like self-hosted NGINX ingresses or self-hosted kubernetes are relatively small so focusing on your product at the beginning is the most important.


Honestly this is temping for me. I frequently write functions that look like

fn foo() -> Result<(), Error> {
  do_bar()?;
  do_baz()?;
  Ok(())
}

But that Ok at the bottom is a little annoying. IIUC this lets you do:

#[fehler::throws]
fn foo() {
  do_bar()?;
  do_baz()?;
}

Which is a bit tidier.

If the error types match you can do

fn foo() -> Result<(), Error> {
  do_bar()?;
  do_baz()
}

But I find that a bit weird as it is asymmetrical for not much reason. And you lose the error conversion.

You also have complex examples where it gets a bit more awkward:

#[fehler::throws]
fn foo() -> u32 {
  match is_cool()? {
    true => do_foo()? + 1
    false => do_bar()? + 2
  }
}

This gets a bit more awkward if you need to decide where to put the Ok(...).

Overall I don’t think it is a huge improvement, and I probably wouldn’t add the dep and tag my functions to use it, but I see why it exists and it does make me wonder if a more implicit error handling syntax would make sense. (Maybe just implicitly converting the return value, but that could be surprising)


IIUC the Tor Browser is based on Firefox ESR so it is likely that the previous version didn’t support Wayland by defualt.


I agree with your sentiment, but I think it is important to acknowledge that this isn’t so much a “super-downvote” but a vote in another dimension. Downvotes don’t differentiate between “non-interesting” and “malicious”.

That being said I think downvote ratio + poster history is probably enough to infer the difference between boring and spam so I don’t think the added complexity of a “Junk” button is worth it.


The problem with KPM, Ledger’s researcher explains, is also what differentiated it from other password managers out there: in an attempt to create passwords that are as far away as possible from those generated by humans, the application became predictable.

What? That isn’t the problem at all. The problem is that the password was basically an obfuscated version of the generation time with second resolution.

This was also fixed a year ago, seems like a pretty shit article.


Not in-browser push notifications but YouTube does generate RSS feeds for channels so you can follow those feeds to be notified about new videos.

The main downside is that they are quite unloved:

  • Just a title, no thumbnail or description in the feed.
  • “Premier” videos appear in the feed when they are announced, with no indication that they aren’t available or when they will be available.

Their terms are https://www.fibrestream.ca/terms. They seem reasonable.

You may not use the Services for anything other than your own personal use.

Not super clear. Am I allowed to use this for work? Is hosting a server for me personal use?

FibreStream reserves the right to terminate your services immediately should you exceed reasonable usage limits, as determined by us.

They also mention “P2P” before that. Is a server P2P? 🤷

But overall it just seems like a cover-your-ass ToS. It doesn’t explicitly call out anything.


Still offered (depending on your building). I couldn’t convince myself it was justified though.

They also have ~1ms ping to a bunch of big sites such as Google and Cloudflare which is incredible. It is really a great connection. I am very satisfied.


I pay 50 CAD for 500Mbps both ways with no bandwidth limit. I am lucky though because I live in downtown Toronto in a fairly large building so the small ISPs have been able to set up shop.

https://www.fibrestream.ca/internet


The problem with these proposals is that the presume that we need advertising or tracking. It would be interesting to consider an internet without personalized ads. How much would no longer be free and what would we lose. Likely not much, but it is hard to tell.


Can you elaborate for trusted instances? I can’t find anything about those and I thought anyone could stand up their own Lemmy and connect to the fediverse. I didn’t realize that you had to be approved to follow a community.


I think you misunderstood the comment but it is answered here: https://lemmy.ml/post/69362/comment/61311

Apparently all votes are public. Maybe it would make sense to surface this in the UI then to make it obvious that this is the case.


I never said that iPhones are flawless. However I consider them in a very similar security class to the Pixel. Remember that those numbers are very small and heavily biased towards what is being researched as well as other factors such as the cost of those vulnerabilities on the black market. Try looking at other metrics as well such as CVEs which are also imperfect but show that iPhones and Pixel phones offer similar levels of security. And most importantly the article that this was shared in context two doesn’t imply any level of insecurity of the device itself.


Of course. The provider is a critical part of the decision. However if most providers were marked poorly that likely means that it is difficult or impossible to run Jitsi Meet in a way that satisfies their requirements. If there are many providers that rank well it means that Jitsi can be, and often is, run well. Which is a nice thing to see.


Is this information actually private in Lemmy? Since it is federated there will need to be some information exposed. If it is aggregated by server there may be some obfuscation but I don’t think it is impossible to keep this information completely private.


I’m not an Apple fan either. But focusing on the correct points is important.

  • Apple security is not complete as shown by their terribly insecure repair procedure.
  • Apple regularly blames users instead of admitting mistakes.

I agree with both of these points. However just shouting “iPhone security? LOL!” isn’t going to convince anyone because your argument is trivially dismissed. iPhones are competing with the best in class for security and this doesn’t show any flaw there.


I’m not sure what your point is about iPhone security. The problem in this case wasn’t any iPhone security but the fact that the password was removed before sending the device for repair.

I can’t believe that Apple suggests this approach. I would never send an unlocked phone to repair. But most people aren’t thinking in a security-minded way.


No worries, these things happen! Thanks for fixing it so quickly.