• 10 Posts
  • 131 Comments
Joined 1Y ago
cake
Cake day: Jan 21, 2021

help-circle
rss


open posts in new tab

Might be useful on mobile where anything but tapping is awkward. But personally I like that all links open in the same tab and I can middle click or ctrl-click to open in a new window. Makes everything consistent and gives the power to the user.



I鈥檓 talking about RSS auto-discovery via <link> tags. In the head of the page there should be a link take like <link rel=alternate type="application/atom+xml" href="https://lemmy.ml/feeds/c/lemmy.xml?sort=Hot">. This way browsers, extensions, search engines and feed readers can discovery the link automatically without the user needing to identify the feed link on each site.


I must be blind. I opened a random community and couldn鈥檛 find anything that looked like a block button. I also searched for 鈥渂lock鈥 and didn鈥檛 get any hits. I can only find the UX in my profile.

I used https://lemmy.ml/c/ckstechnologynews as an example.


And users. Don鈥檛 forget that users aren鈥檛 allowed to install something if Apple doesn鈥檛 like it.

At least with Android you can manually install if app stores say no.


Client-side hashing doesn鈥檛 really do much. It just makes your hashed password the effective password. The only advantage it provides is some defense against password reuse because the 鈥渟ource鈥 password is hard to discover. However you shouldn鈥檛 be reusing passwords anyways so that shouldn鈥檛 matter.

An actual improvement would be using something a PAKE like SRP or OPAQUE. This way the server never learns enough information to authenticate as you.

A major downside of these systems is that because they aren鈥檛 natively supported by browsers they require javascript. But that probably isn鈥檛 a major issue because IIUC all interactivity on the webui requires JS anyways.


It would be nice if the RSS feeds were advertised. For example if I browse https://lemmy.ml/c/lemmy I wouldn鈥檛 know there was an RSS feed until I find and click the little RSS icon.

If a <link> to the RSS feed was provided my browser extension would light up and I can subscript just by putting the community URL into my reader instead of having to spot the RSS button on the page.


@kevincoxtoasklemmyCan't use RSS?
link
2
edit-2
1d

That link works perfectly on my reader. I follow a number of communities via RSS and have never seen any issues.


It would be nice if there was a button on the community profile to make this easier to discover and use.


A common pattern here is making part of the URL human-readable but ignored. For example instead of https://lemmy.ml/post/112460/comment/110439 you have https://lemmy.ml/post/Lemmy-112460/comment/Lemmy-URLs-should-be-human-meaningful-110439. Everything except the numeric IDs is just stripped before hitting the API but makes it easier for a human to get an idea of what to expect.

There are a couple of minor downsides here:

  1. This can be used for phishing because the server ignores the text here. A malicious user can put something malicious.
  2. Can affect caching. I don鈥檛 think this is a major issue and can be resolve by redirecting all to the canonical URL. The redirect is cheep and the canonical URL can be cached.

This pattern is used on a number of sites such as Stack Overflow and Reddit and seems to work well.


Apparently HTTP3 was enabled but an update to Google鈥檚 implementation triggered a long-existing bug. So the browser didn鈥檛 update but a server-side update triggered an existing bug.

My understanding is that Google has rolled back the update.

Details from a Mozilla security employee: https://lobste.rs/s/zcjtv2/1749908_infinite_loop_http3_hangs_socket#c_kikbal


Obviously the author is right, but Moxie is also right. Let鈥檚 me put it a different way.

I don鈥檛 want to run my own server, but it is better than the alternatives.

It is also very different from a couple people running a mastodon instance for 1000s of people than each person running their own. I鈥檓 happy to run one thing. Either a server or a SaaS. But I don鈥檛 want to run every single thing I use.

Maybe some day software will be so reliable that running every single thing will be reasonable. But currently that isn鈥檛 the case. I would rather run my SaaS, maybe one or two servers, then pay others to run the rest.

Even better is making something serverless, or making the server zero-trust. This means that there is less risk to letting someone else run it. I just pay them to provision resources, do maintenance鈥


Yup, a much more reasonable system and largely prevents the scam. That is why I didn鈥檛 use a credit card when I lived in Europe. IBAN transfers also make it feasible for online without credit/debit. However debit (or credit) is still significantly more convenient for day-to-day transactions in my opinion.


I know I shouldn鈥檛 for privacy reasons, but I use credit for almost everything.

  • Easier, I don鈥檛 like dealing with change or carrying around loads of cash. I can also just pay with my phone.
  • Cheaper. The credit card scam is that you get 2% off your purchases (in North America). Or even more for certain verticals.
  • Needed for online anyways.

Of course the scam is that prices go up 3-6% to account for credit card fees, then the credit card companies give you some of it back. Of course if you don鈥檛 participate you are just paying higher prices for nothing.


I think it would make sense to keep cross-posts different threads. Different communities have different styles, norms and rules for the discussion.

However I think it would be amazing to have the option to:

  • View all comments about a URL on one page.
  • View all comments from my communities on one page.

Basically I think the underlying implementation should be kept as it currently is, but I think the UI could allow the user to visually merge these together when desired (maybe by default).

I think the main complication is that if you are viewing the merged view you need to decide which community to leave the comment on (or support cross-posting comments???) so it is a slight overhead for those who prefer to see things merged. But overall I think this would be a better solution.


I live in Toronto.

I recently rented for about 1/3 of my post-tax income.

I now own and condo fees, mortgage and property tax are about 1/2 of my post-tax income but currently my partner who lives with me is helping which puts my contribution at about 1/3 again.


This exists as part of the LLVM project. LLVM was originally a virtual machine, the title used to stand for Low-Level Virtual Machine. It was only later that it gained the focus on ahead-of-time compiling.

LLVM IR has a binary format, it is semantically equivalent to the text format.

I鈥檓 not aware of any general purpose 鈥渆xecute this IR file鈥 programs, but I am not aware of any reason you couldn鈥檛 do it. I suspect that the IR format isn鈥檛 optimal for this use case but it is probably decent enough.


The most interesting to me is how do they determine what is 鈥渟ensitive data鈥?


If you don鈥檛 like the rules don鈥檛 post. At some point you have to accept that these subreddits are not where you want to spend your time and move on.


This is a really powerful tool and I hope we see this used more. Traditional process based sandboxing is very efficient inside the process, but IPC is very expensive. This approach flips the tradeoffs exactly backwards as the sandboxed code is slower, but IPC is nearly free. This means that it can cover exactly the space that was too expensive to sandbox before. The two approaches are perfect compliments for each other. I now imagine that the vast majority of code can be put into one of these two groups leaving very little code that is unable to be sandboxed for performance reasons.


I started an RSS to Email Service

I know the Email isn鈥檛 everyone鈥檚 favourite RSS reader but it works really well for me. I wasn鈥檛 happy with any of the existing services so I started my own. 鈥


Easy RSS-to-Email Service - FeedMail

This is a service I created to consume RSS feeds via email. This has been my preferred way to consume RSS for a while but I never found a service that I was really happy with and no self-hosted tool easy enough to manage. 鈥