Debugging spells is just as much a dark art as spell crafting itself. When I was a young apprentice we didn't have as sophisticated tools as you do now; you had to make sure you noted down your intermediate runes correctly and use those symbols to divine some meaning from the ashes of your failed spell. One time I mixed up my notes with the symbols of a different spell and when I sprinkled the ashes on the stack I was stuck speaking in tounges for a week.
These days of course you can summon a lesser demon to freeze your spell and ask it about the state, but the demons can be tricky and it's easy for novices to make a mistake and allow the demon to run amok - makes a real mess of the lab.
There is one standard way to cast fireball - it works, it's cheap, it very rarely backfires, it's in all the textbooks, everyone knows how it behaves - but sometimes you sit down in a tavern next to another wizard and you just know before they even open their mouth that they are going to spend the next twenty five minutes telling you about how they learnt this alternative way to cast it and it's taken a bit of practice but they can just about cast it as fast as they could before and how it's so much more ergonomic or whatever
Yeah, they are mostly designed for classification and inference tasks; given a piece of input data, decide which of these categories it belongs to - the sort of things you are going to want to do in near real time, where it isn't really practical to ship off to a data centre somewhere for processing.
That's not how Neon works. Your install will upgrade itself once the team have finished rebuilding everything on top of 24.04 - it's happening, but it takes a bit of time
A week of downtime and all the servers were recovered only because the customer had a proper disaster recovery protocol and held backups somewhere else, otherwise Google deleted the backups too...
For large businesses, you essentially have two ways to spend money:
OPEX: "operational expenditure" - this is money that you send on an ongoing basis, things like rent, wages, the 3rd party cleaning company, cloud services etc. The expectation is that when you use OPEX, the money disappears off the books and you don't get a tangible thing back in return. Most departments will have an OPEX budget to spend for the year.
CAPEX: "capital expenditure" - buying physical stuff, things like buildings, stock, machinery and servers. When you buy a physical thing, it gets listed as an asset on the company accounts, usually being "worth" whatever you paid for it. The problem is that things tend to lose value over time (with the exception of property), so when you buy a thing the accountants will want to know a depreciation rate - how much value it will lose per year. For computer equipment, this is typically ~20%, being "worthless" in 5 years. Departments typically don't have a big CAPEX budget, and big purchases typically need to be approved by the company board.
This leaves companies in a slightly odd spot where from an accounting standpoint, it might look better on the books to spend $3 million/year on cloud stuff than $10 million every 5 years on servers
I'm in New Zealand and it prompted me to set up my Sony WH-1000XM5s with Find My Device on my Pixel 7a last week, but kept erroring out when I tried to do it
Short version of this interview is that nothing is changing, other than they're going to be asking a flat fee "$5-20" for the app, rather than relying on donations. All donation platforms have been closed. However, if you choose not to, as Louis says "that's between you and your God"....
Seems pretty reasonable. At the end of the day people have to eat, so projects like this either trundle on as hobby-and-spare-time projects for a few years until people get bored and burnt out, or you find a way to make working on the project a paid gig for the core people
There’s a server, a client, and a hacker in a network. For encryption, the client and the server need to share their private keys. Wouldn’t the hacker be able to grab those during their transmission and decrypt further messages as they please?
You've missed a key detail in how asymmetric encryption works:
For asymmetric encryption algorithms, you essentially have two keys - a "private" key, and a "public" key
If you know the private key it is trivial to calculate the public key, but the reverse isn't true - just given the public key, it is essentially impossible to calculate the private key in a reasonable amount of time
If you encrypt something with the public key you must use the private key to decrypt it, and if you encrypt with the private key you can only use the public key for decryption
This means that my server can advertise a public key, and you can use that to encrypt the traffic so that only the server that knows the private key can decrypt it
A big "It Depends" on that - plenty of applications of asymmetric crypto where you just hard-code the servers public key into the client and call it a day, and GPG has its own PKI scheme that is just kinda weird.
You also don't have to use Diffie-Hellman - early versions of SSL just sent the ephemeral key (the symmetric key used for the actual AES session) directly. This works, but using DH also gives you "forward secrecy" - even if a malicious third party has captured the entire encrypted session, then later steals (or factors) your private key they still won't be able to read the encrypted traffic because they can't recover the ephemeral key because it wasn't sent over the wire in the first place
In RSA, the private key is a pair of big semi-primes, and the public key is derived from those numbers. I think you are confusing DHKE and RSA with your other points, the private key is never transmitted over the network. For TLS you typically use an asymmetric crypto system to validate identities and encrypt the key exchange to prevent person-in-the-middle, but the key that is agreed using that process is a symmetric key for AES or similar, but that is specific to TLS.
Also, there are other asymmetric systems that don't use primes at all - eliptic curve crypto is based on completely different math
Ok, semantics - for RSA you generate a private key, then derive the public key from that private key, and you could publicly post your private key if you wanted to. "Public" and "private" are just names.
The actual math is way beyond me, but the algorithm is "one way" - it exploits the fact that given two prime numbers (ie, the private key) it is trivial to multiply them together, but if you only know the result (ie, the public key) it is computationally very expensive to determine the original prime factors. If you pick big enough numbers, it becomes effectively impossible to undo the multiplication
Does cloud providers share the IP addresses and the alloted users to these big corps and defect the whole purpose of a privacy frontend? Are there any service (FOSS) that could randomise my servers IP?...
Definitely interested - is the mainline situation any better than with ARM?
I've been bitten before with a device that "supports" a major distribution, but only if you install our custom pre-built image (good luck auditing what we've tweaked) and only with our special pre-built kernel that isn't even an LTS version, and has a bunch of patches applied to support whatever weird peripherals we decided to throw on the board, and will get exactly 0 updates after the initial release.
Raspberry Pi gets around this by being big enough to get buy in from vendors (Ubuntu distributes a special kernel + firmware bundle), but support for all the other smaller knock offs seem shaky at best
Trying to squeeze some more storage in my MiniPC. I have questions about these. These use hardward RAID with selectable modes (Individual/JBOD/RAID1/RAID2)....
As in, hardware RAID is a terrible idea and should never be used. Ever.
With hardware RAID, you are moving your single point of failure from your drive to your RAID controller - when the controller fails, and they fail more often then you would expect - you are fucked, your data is gone, nice try, play again some time. In theory you could swap the controller out, but in practice it's a coin flip if that will actually work unless you can find exactly the same model controller with exactly the same firmware manufactured in the same production line while the moon was in the same phase and even then your odds are still only 2 in 3.
Do yourself a favour, look at an external disk shelf/DAS/drive enclosure that connects over SAS and do RAID in software. Hardware RAID made sense when CPUs were hewn from granite and had clock rates measures in tens of megahertz so offloading things to dedicated silicon made things faster, but that's not been the case this century.
Thought this was a good read exploring some how the "how and why" including several apparent sock puppet accounts that convinced the original dev (Lasse Collin) to hand over the baton.
I'd be super surprised if this was western intelligence. Stuxnet escaping Natanz was an accident, and there is no way that an operation like this would get approved by the NSAs Vulnerabilities Equities Process.
My money would be MSS or GRU. Outside chance this is North Korean, but doesn't really feel like their MO
TL;DR there was a backdoor found in the XZ program. All major distros have been updated but it is recommended that you do a fresh install on systems that are exposed to the internet and that had the bad version of the program. Only upstream distros were affected.
The reason openssh links liblzma in the first place is to enable a systemd feature, so naturally "systemd bad, it's proximity to a security issue is yet more proof that a pile of shell scripts in a trenchcoat is a superior init system" etc
It's not just let's encrypt - the common names of any SSL cert issued by a public CA have to be recorded in a public certificate transparency log. You can use tools like https://crt.sh to search the logs
I'd considered doing something similar at some point but couldn't quite figure out what the likely behaviour was if the workers lost connection back to the control plane. I guess containers keep running, but does kubelet restart failed containers without a controller to tell it to do so? Obviously connections to pods on other machines will fail if there is no connectivity between machines, but I'm also guessing connections between pods on the same machine will be an issue if the machine can't reach coredns?
This is neat. I've played about with the idea of doing something similar, but embedding the result in a minimal Linux image built for some esoteric CPU and emulating it in the browser using something like JSLinux
I prefer Debian derived distros (RH derivatives are fine as a technology, but I've been using Debian derivatives for so long that RedHat feels like coming home and finding someone has rearranged your cutlery drawer and all your plates - I don't care if your system makes more sense, in sure I'd get used to it but right now I can't find anything!)
I do most of my work in Docker or using tools I install from upstream
I don't really play games so don't care about marginal performance gains from newer drivers
Pretty much I just want a laptop that just works when I need it to, while still having a nice, friendly, modern interface and Neon does that.
I don't really care if I'm running a kernel from 5 years ago as long as I'm still getting timely security updates. What I care about is having up to date versions of the apps I actually use day-to-day - through Flatpack, Docker or whatever, and I prefer to have an up to date WM cos it's something I interact with a lot.
Debian makes more sense to me because I've been using Debian and Ubuntu since people were getting excited about Debian Wheezy coming out soon.
What little I have used of RHEL and CentOS they seem to be pretty logically designed, just different. I hadn't come across any real WTFs trying to use them. RHEL makes Debian look bleeding edge and reckless with their updates by comparison
Empty password doesn't prompt for a fingerprint, and I thought that was the old hacky workaround for Plasma 5 that Plasma 6 was supposed to have fixed?
Will do if I can establish what the expected behaviour is supposed to be - from the one line on the website I'd expect a "login with fingerprint" button or something, but I might be wrong - so I know what I'm seeing is actually a bug and not me misinterpreting
Will see if I can track down the original PRs or something, see if there is screenshots or a proposed UI design
I'm posting this in selfhosted because Gandi increasing prices actually helped me a lot with being more serious about selfhosting, made me look into things like DNS and reverse proxies and VPN and docker and also ended up saving me money by re-evaluating my service needs....
I've started a similar process to yours and am moving domains as they come up for renewal, with a slightly different technical approach:
I'm using AWS Route 53 as my registrar. They aren't the cheapest, but still work out at about half the price of Gandi and one of my key requirements was to be able to use Terraform to configure DS records for DNSSEC and NS records in the parent zone
I run an authoritative nameserver on an OCI free tier VM using PowerDNS, and replicate the zones to https://ns-global.zone/ for redundancy. I'm investigating setting up another authoritative server on a different cloud provider in case OCI yank the free tier or something
I have one .nz domain which I'll need to find a different registrar for, cos for some reason route53 doesn't support .nz domains, but otherwise the move is going pretty smoothly. Kinda sad where Gandi has gone - I opened a support ticket to ask how they can justify being twice the price of their competitors and got a non-answer
Cloudflare would probably meet my technical needs, but I refuse to give them any money due to how enthusiastic they are to have white supremacists on their platform
Cool - was trying to get set up with v1.94, but had real trouble getting pgvecto-rs to work properly, pgvector seems much more stable and better supported and was a breeze to get running
You probably aren't going to find something that works for your specific needs right out of the box, so your best bet would be finding a platform that gets you 80% of the way there and provides enough of a plugin mechanism that you can develop the remaining 20% of the functionality yourself
There has been some technical decisions over the last few years that I don't think fit my needs terribly well; chief of these is the push for Snaps - they are a proprietary distribution format, that adds significant overhead without any real benefit, and Canonical has been pushing more and more functionality into Snap
I previously chose Ubuntu over Debian because I needed more up to date versions of things like Python and PHP, with Docker this isn't really a concern any more, so slower, more conservative approach Debian takes isn't as big of an issue
David, Nate, Josh, Marco, Carl, and Niccolò are here ready to answer all your questions on Plasma (all versions), Gear, Frameworks, Wayland (and how it affects KDE's software), and everything in between....
not being able to ctrl-F a textbook or have click-to-chapter links sure makes studying harder these days... and any scanning software worth it's salt will at least do the bare minimum OCR automatically...
Look, it's all about authorial intent - if the author had wanted their book to be easy to reference or accessible to people who use screen readers, they would have published a DRM free PDF in the first place. Gotta respect the artist's vision.
From the previous issue it sounds like the developer has proper legal representation, but in his place I wouldn't even begin talking with Haier until they formally revoke the C&D, and provide enforceable assurances that they won't sue in the future.
Also I don't know what their margins are like, but even if this cost them an extra $1000 in AWS fees on top of what their official app would have cost them (I seriously doubt it would be that much unless their infrastructure is absolute bananas), then it would probably only be a single-digit number of sales that they would have needed to loose to come out worse off from this.
How to speed up accessing lots of files on another computer? Some kind of local cache?
Title is TLDR. More info about what I'm trying to do below....
"Do you know how many spells are just recycled incantations?" ( media.kbin.social )
What's a good use for an edge TPU?
I started tinkering with frigate and saw the option to use a coral ai device to process the video feeds for object recognition....
"KDE neon is a Linux distribution built on top of the latest Ubuntu LTS release (22.04 at the moment)"
Hi,...
Google Cloud accidentally deletes a financial institution account due to ‘unprecedented misconfiguration’ ( www.theguardian.com )
A week of downtime and all the servers were recovered only because the customer had a proper disaster recovery protocol and held backups somewhere else, otherwise Google deleted the backups too...
Google's Find My Device network quietly rolls out to some outside North America ( www.androidauthority.com )
Immich x FUTO Q&A ( www.youtube.com )
Short version of this interview is that nothing is changing, other than they're going to be asking a flat fee "$5-20" for the app, rather than relying on donations. All donation platforms have been closed. However, if you choose not to, as Louis says "that's between you and your God"....
How well can an employer be certain of a remote employee's geographical location?
cross-posted from: https://lemmy.ml/post/15178977...
A doubt in encryption ( lemmy.ml )
There’s a server, a client, and a hacker in a network. For encryption, the client and the server need to share their private keys. Wouldn’t the hacker be able to grab those during their transmission and decrypt further messages as they please?
[Question] If I selfhost a privacy frontend on cloud, wouldn't the original service get my server IP and track back to me?
Does cloud providers share the IP addresses and the alloted users to these big corps and defect the whole purpose of a privacy frontend? Are there any service (FOSS) that could randomise my servers IP?...
[x-post @selfhost@lemmy.ml] Do you run anything on a RISC-V processor? ( lemmy.ml )
(also posted on @selfhost)...
Thoughts on these SATA/M.2-->SATA/2.5" adapters? ( feddit.nl )
Trying to squeeze some more storage in my MiniPC. I have questions about these. These use hardward RAID with selectable modes (Individual/JBOD/RAID1/RAID2)....
XZ Hack - "If this timeline is correct, it’s not the modus operandi of a hobbyist. [...] It wouldn’t be surprising if it was paid for by a state actor." ( lcamtuf.substack.com )
Thought this was a good read exploring some how the "how and why" including several apparent sock puppet accounts that convinced the original dev (Lasse Collin) to hand over the baton.
Backdoor found in widely used Linux utility breaks encrypted SSH connections | Ars Technica ( arstechnica.com )
TL;DR there was a backdoor found in the XZ program. All major distros have been updated but it is recommended that you do a fresh install on systems that are exposed to the internet and that had the bad version of the program. Only upstream distros were affected.
Setting to Hide NSFW on "Everything", but not everywhere?
I enjoy NSFW when seeking it out, but I don't like being bombarded with every NSFW post in the lemmyverse at all times....
[Thread, post or comment was deleted by the author]
Owners of a domain, which domain registrar did you choose and why?
I'm currently on the lookout for privacy-respecting domain registrars. What are you guys using and why?...
need help restoring permissions on my downloads folder ( lemmy.world )
I removed my permissions on my downloads folder using chmod....
[Thread, post or comment was deleted by the author]
Serving my blog posts as Linux manual pages | James' Coffee Blog ( jamesg.blog )
Reading this blog post made my day :)
KDE neon 6 Distro Now Available with the KDE Plasma 6 Desktop Environment - 9to5Linux ( 9to5linux.com )
I'm curious how the community feels about KDE neon.
KDE 6 fingerprint unlock
The KDE 6 announcement says that...
Migrating away from Gandi, 9 months later
I'm posting this in selfhosted because Gandi increasing prices actually helped me a lot with being more serious about selfhosting, made me look into things like DNS and reverse proxies and VPN and docker and also ended up saving me money by re-evaluating my service needs....
Call for feeds: Make your region available in our open transit router ( jbb.ghsq.de )
Nephele now supports S3 and file encryption ( lemmy.world )
cross-posted from: https://lemmy.world/post/12284817...
immich update has breaking changes ( github.com )
What does your current setup look like?
Small Commercial Gym Software
Hi everyone....
Self-hosted Content-Security-Policy report, etc, collector/displayer?
tl;dr: self-hosted report-uri.com ?...
Which OS do you use for your homeserver?
Edit: wow, this is a never ending comment section!
AUA: We are the Plasma dev team. Ask Us Anything about Plasma 6, gear 24.02, Frameworks 6 and everything else in the upcoming Megarelease.
David, Nate, Josh, Marco, Carl, and Niccolò are here ready to answer all your questions on Plasma (all versions), Gear, Frameworks, Wayland (and how it affects KDE's software), and everything in between....
it sure beats having to buy it, but seriously come on... ( i.imgur.com )
not being able to ctrl-F a textbook or have click-to-chapter links sure makes studying harder these days... and any scanning software worth it's salt will at least do the bare minimum OCR automatically...
Sounds like Haier is opening the door! ( github.com )
Dear Andre,...