As somebody who often ends up using Reddit like Stackoverflow and in some cases needing the Internet Archive (IA) to find the original post after it’s been deleted or garbled, I think this is a wakeup call for those go to Reddit both to get technical help and to post it. More than ever, Reddit is becoming an unreliable place to find answers for old obscure issues and if they are going to lockout places like the IA then I think it’s time people stopped contributing their solutions to Reddit.

If this works out it might be a nice place to migrate to away from my self-hosted e-mail provided they eventually let you bring your own domain. Just sucks that e-mail is essentially the most secure thing you need to have since compromising that can compromise every account attached to the e-mail. That’s a lot of trust you need to instill in your e-mail host.

Sounds like you just volunteered to post Linux news and related content!

Wait… so the author displayed in “by ” is the supposed author of the software, not the one that put it on the store? That’s insane! Also sounds like you’d be open to massive liability since the reputation of the software author will be damaged if somebody publishes malware under their name.

It should be:

• Developed by:
• Uploaded by:

steals funny glowing metal thing

Funny glowing metal thing:

Reasons not to buy premium:

• Google having a history of all the videos you watch via your account.
• Even if Google provided an option to opt out of tracking there would be no reason to trust then since they have lied about not tracking people in the past.
• YouTube seems to redirect any Premium profits intended to creators to the entity which made a copyright claim on a video. This would be sensible if YouTube’s copyright claim system wasn’t so vulnerable to abuse. Normal (yellow) demonetisation will pay out from Premium though. https://youtu.be/PRQVzPEyldc?si=5-wFn2SqPZLdOlqa
• Features are removed from YouTube to incentivise Premium such as playing videos while your phone screen is locked.
• Similar to above, Google have been increasing the amount of ads particularly on phones where ad blockers are harder to use. I.E. pushing users to Premium not by making the service better, but by making non-Premium worse.

This forced account shit is infuriating. I’d see students with computers that cannot get to government-provided education sites because they are forced to sign up with a Microsoft account to use their PC, which forced them to setup a child account because of their age and therefore be under a parent account, which means the child account can only use Edge and can only go to whitelisted websites, which blocks some government education sites unless the parent account allows it through which they can’t until the student goes home.

A good move!

I’m surprised they didn’t codify “.lan” though since that one is so prevalent.

Both ends of this are frustrating. Buying a domain either as a purely speculative asset (as the judge correctly labeled this purchase as) so you can 1) get under someones skin enough to make them want to buy the domain from you, or 2) just buying up every popular or potentially popular domain just to sell if off is scummy behaviour that ideally this guy should never have been able to do in the first place.

The other end of this I don’t like though is the possibility of somebody being able to convince a judge that they should own your domain and then just being able to take it. In this case I think the judge ruled correctly but the idea that somebody (especially in the US government) would be able to just take away my domain on a whim is terrifying when you can’t just go to people and say “hey, the person you are going to this domain for has now moved and is now here”. Things like e-mail address, monitoring, firewall exceptions and many self-hosted sites assume that the owner of the domain does not change hands without permission, and trust the domain blindly. Taking away a domain isn’t just like taking away somebodies nickname. It’s taking away their online identity and forced impersonation.

I really wish there was a way to address each other in a decentralised way that doesn’t just push the problem down to something like a public key, where the same problem exists except now you worry about the key being compromised.

The fact that we have ways to coordinate globally unique addresses that we collectively agree on who owns what is a feat. It just sucks that it’s also something which somebody can take away from you.

Now THIS is art!

Who took a photo of this community?

I’m guessing Steam decided against being able to leave your games to somebody else when you die because of how most EULAs I’ve read work: they are often non-transferrable licence and so in most cases the store has no choice in the matter. Now GOG are willing to say they will do what they can given this limitation, but I can see why Steam wouldn’t: it’s a whole lot of work for realistically not much benefit. It’s probably easier for Valve to gift the same games over to the new person.

Other comments have hit this, but one reason is simply to be an extra layer. You won’t always know what software is listening for connections. There are obvious ones like web servers, but less obvious ones like Skype. By rejecting all incoming traffic by default and only allowing things explicitly, you avoid the scenario where you leave something listening by accident.

The general idea that somebody who works a lot of hours is a good/hard worker in contrast to the amount of work actually completed.

Fingers crossed this can be a viable replacement for Collabora Online with Nextcloud, which has been a nightmare.

Out of curiosity, what do people mostly use Lemmy for? I’m 90% doom scrolling memes.

They cry about not being able to serve ads while serving ads that are straight malware and scams. It’s especially funny when a platform goes out of their way to censor (suppress ad revenue) on videos which have even a chance of being misinformation and then proceed to play back to back ads of somebody selling their get rich quick webinar.

“We should privatise service X so it’s more efficient” X collapses “We can’t afford to let X fail despite the fact that it ran at massive profits all the way to it’s collapse so we’ll bail it out” THEN WHAT WAS THE POINT OF PRIVATISING IT IN THE FIRST PLACE?!

You can take on the burden of running the thing and therefore the cost of making it public, or you can allow it to be private with the caveat that they must pay a substantial (enough for the government to not be at a net loss) tax as a kind of insurance in the event a bailout is needed, but don’t take on the worst of both worlds where the profits are private and the losses are public.

The idea of having them send an e-mail to an address containing their IP is clever, however you need to authenticate that the person who sent the e-mail is either somebody who queried your site, or somebody that got the address from somebody who queried your site or else you could just figure out how to generate that base64 yourself and impersonate somebody else’s IP address which could have catastrophic results if you then fed these IPs into something like a block list and suddenly you’ve blocked Microsoft/Office 365. To be fair, I doubt anybody is going to try and reverse engineer one person’s code to then figure out how to impersonate who sent spam, but if this became a widely distributed program you could just pull off Github then it would be more concerning.

A couple ways to solve this:

1. Sign the information before encoding it in Base64 so you can verify it came from your site and wasn’t just spoofed. This has the upside of being stateless since you don’t need to keep a record of every e-mail you’ve generated but comes with the disadvantage of spending CPU time signing the text which could be exploited as a DDoS.
2. Spit out a random e-mail address and record which e-mail address was given to each IP. Presumably you wouldn’t hold on to this list forever since IPs change owners frequently and so an IP that was malicious 1 month ago could be used by a completely different person now and so you can trim this list down once a month to avoid wasting disk space. You’d probably also want to keep some amount of these requests in memory (maybe 10Mb or so) to avoid ruining your IOPS.

All this said, I think your time is better spent with the using unique e-mail aliases as the author suggested but with 2 changes: 1) use aliases which are not guessable to prevent somebody from making it look like somebody else was hacked (e.g. me+googlecom@ gets compromised, but the spammer catches on and sends from me+microsoftcom@ instead to throw off the scent) and 2) don’t use me+chickenjockey@, use chickenjockey@ or else the spammer can just strip “+chickenjockey” from the address to get the real e-mail address.