@kevincox@lemmy.ml avatar

kevincox

@kevincox@lemmy.ml

This profile is from a federated server and may be incomplete. View on remote instance

kevincox ,
@kevincox@lemmy.ml avatar

Playing Slay the Spire.

It does have a native Linux version but it doesn't sync cross-platform. So since I like playing on the go it is nice to also be able to play at home on a bigger screen.

kevincox ,
@kevincox@lemmy.ml avatar

Yeah, Beeper is kind of in a strange place now. I get why they wanted to make their own app to make the bridging experience (especially setup) more seamless. But now with a fully custom closed-source app they are even further off the open path.

What I really want from Beeper is to be able to connect to their bridges from a non-beeper Matrix account with a non-Beeper client. I would happily pay them for the service of managing bridges. I don't have much interest in having a Beeper-owned account in a custom Beeper client.

kevincox ,
@kevincox@lemmy.ml avatar

Yeah, they've been talking about that a lot but it isn't clear if that will be an option or the only option. I wouldn't be surprised if they only want to keep one method around in the long term though.

Personally I don't want the bridges to run on my phone as I want the bridges to work even if my phone is off, out of batteries, not connected to the internet or fell into a volcano. Not to mention wasting battery replaying messages while I work on my computer. It isn't even clear if these on-phone bridges are synced to other devices in the account which would be an absolute deal breaker for me.

kevincox ,
@kevincox@lemmy.ml avatar

Does EMS offer bridges? Looking at https://element.io/pricing I don't see anything. I seem to recall them having a Slack bridge in the past but don't remember them having a full suite.

kevincox ,
@kevincox@lemmy.ml avatar

Also not really comparable to Beeper:

Beeper supports:

  • Whatsapp
  • Facebook Messenger
  • Twitter
  • Android SMS
  • Google Messages (SMS/RCS)
  • Telegram
  • Signal
  • Matrix
  • Slack
  • Google Chat
  • Instagram
  • IRC (Libera.chat)
  • Discord
  • LinkedIn
kevincox ,
@kevincox@lemmy.ml avatar

Unfortunately even in this sub some of us need to talk to people who use privacy-unfriendly options.

So having bridges is a great way to slowly migrate to a private option. I can meet my friends where they are, stop running non-free software and then can slowly move my friends over.

kevincox ,
@kevincox@lemmy.ml avatar

Really configuration is best not backed up but created from some source of truth like a Git repo. But a backup can serve as a poor-man's version control.

kevincox ,
@kevincox@lemmy.ml avatar

Yup. Step 1 is backup everything. Step 2 is maybe improve your reproducibility and then remove the things that can be reproduced from the backups.

kevincox ,
@kevincox@lemmy.ml avatar

Any chat protocol without full mutli-device support is not really an option for me https://github.com/simplex-chat/simplex-chat/issues/444.

kevincox ,
@kevincox@lemmy.ml avatar

Happy to see this. But personally I prefer to just subscribe it the RSS feeds. Gives me the videos I am interested from whatever platform they are on all in the same place.

I also like to have them be a bit more "durable" than my ActivityPub is right now. There I generally just scan it occasionally and frequently miss things. In my RSS reader I can mark things as read when I am done with them to not miss anything. (and don't keep seeing the same stuff repeatedly if I keep checking back)

Adding license after some time with no license?

I have previously written a lot of code that is hosted on a public repo on GitHub, but it never had a license. It was written as part of my work while working for a non-commercial academic entity, and I would like to add a license before the link to the repo will be included in something that will be made public, potentially...

kevincox ,
@kevincox@lemmy.ml avatar

In general, If you did work for your employer they own the code. You may wish to just ask them, maybe they are fine with adding a license.

If you didn't write it for them, during "work hours" or using their resources then you may own the code. Some employment contracts will claim that they own everything you wrote while employed for them but that may not be legal in some jurisdictions.

kevincox ,
@kevincox@lemmy.ml avatar
  1. Can I just add a license after the fact and it will be valid for all prior work?

This is fun question because it hinges on a silly technicality of software development. If you add a license to your repo today, the license applies to the code as of that point in the commit history.

I think you are getting a bit too caught up at the process of adding a LICENCE file to a repo. This is just one way to licence some work. You can just say "I as the copyright owner of this work licence it, including all previous revisions under licence X". That is also licensing the code and doesn't matter if the LICENCE file exists at any particular commit.

But yes, I would say that by default adding a LICENCE file would be interpreted just as releasing that version of the code under the particular licence.

kevincox ,
@kevincox@lemmy.ml avatar

I am not sure theres a legal way to retroactively change licenses and terms?

I don't think this is really true. If you own the code you can licence it as many times and in as many ways as you want. You just say that you are licensing existing versions and it becomes true. Probably a good idea to write that down somewhere (maybe in the LICENSE file) to make a "paper trail" in case you ever need to document this license.

You generally can't retroactively change a license, such as revoking it. But licences may have revocation terms. But it doesn't really matter what existing licences are on a code, you can always add new licences if you own it.

A silly example. If I own some code I can say "Anyone standing on their left foot can use this code". That doesn't stop me from later saying "Anyone standing on their right foot can use this code". But licenses are still valid, and I haven't change the first one. But now people can choose which license they would like to use.

kevincox ,
@kevincox@lemmy.ml avatar

unless you rewrite git history to make that happen

Or just write an external document saying that all files in all previous revisions are available under whatever licence. There is nothing magical about a licence notice at the top of a file. It is just helpful documentation of the license. But you can document a licence anywhere as long as you are the owner of that code.

kevincox ,
@kevincox@lemmy.ml avatar

I've never noticed an issue here. Looking into it the thread messages default to 1rem, your browser's default font size. So if this isn't suitable for you you may want to change your browser's font size.

The font size in the feed is 1.25x your default font size, which seems fairly reasonable for titles. But if you want to change that you can apply some user styles. For example to make it only 1.1x as large:

h5, .h5 {
  font-size: 1.1rem !important;
}

New to Linux—Epic Games compatibility? (Plus more)

I'm thinking of installing Linux (think I'm going to use Nobara) on my new budget gaming PC, and my biggest worry is video games compatibility. I have most of my games on Steam and Epic. Some on GOG, and some on Itch. I know a bit about steam compatibility, but not much about the rest. Is this something I need to worry about, or...

kevincox ,
@kevincox@lemmy.ml avatar

Firstly, Epic Games doesn't officially support Linux. So if anything goes wrong you may be out of luck.

However I have had success playing a handful of games on Lutris under Wine. I would check online sites for reviews of the games that you are most interested in and see how they worked for others. Wine is getting better every day so this will keep improving but I would at least look at the games you currently play and see what is up.

One major concern is games with DRM or anti-cheat. Most of these will not work on Wine, but providers are slowly adding support. But again, looking up the games you are interested in will tell you.

otl , to Fediverse
@otl@hachyderm.io avatar

Apas: ActivityPub via email

https://apubtest2.srcbeat.com/apas.html

The overarching goal is an experimental system to make ActivityPub federation stuff clearer for devs, sysadmins and advanced users.

The documentation is incomplete and the code is really not OK! But they always say it's better to get stuff out the door for others to look at sooner. Maybe it inspires others to think about the Fediverse/ActivityPub in weird new ways!

PS thanks @emersion for your SMTP work!

@fediverse

kevincox ,
@kevincox@lemmy.ml avatar

I would actually love this. I use email for everything, it is so nice to have everything come to the same place. Right now I follow a few Mastodon users via an RSS-to-Email service, but the problem with that is that you can't follow private accounts/see followers-only toots. It would be great to have a full email bridge.

I was considering making this myself at one point. But I think one of the big problem with ActivityPub is that it describes a single particular account. So if my ActivityPub-email bridge was running you wouldn't also be able to access a Mastodon UI and for example browse other posts. So my account would need to be email-only which would be missing UX for a lot of things (like commenting on a random post I was linked to).

kevincox ,
@kevincox@lemmy.ml avatar

I would say podman by default. It has a better security architecture as it can run rootless.

However there are small differences from Docker so you may need use Docker if you are trying to run third-party services that rely on these differences.

kevincox ,
@kevincox@lemmy.ml avatar

A "tarbomb" usually refers to an archive that has multiple (often a large number) of top-level items. Traditionally a tar archive contains a single folder, which may contain more things inside of this. This can be annoying because if you do tar -xf tarbomb.tar in your home directory (or downloads folder) you now have a bit of a mess that you need to clean up.

It is a bit of a historical artifact, most archive managers will create a folder for the contents if there are multiple top-level items, and you really shouldn't be extracting archives in directories with other files anyways as it could be a security issue (for example if there is a .profile or .ssh/authorized_keys file in that archive). Of course tar won't protect you by default unless you pass --one-top-level.

I think what you are concerned about is a path-traversal vulnerability where tar will write files outside of the current directory. Any modern tar should not allow this, no matter what the archive contains.

kevincox ,
@kevincox@lemmy.ml avatar

You don't need a domain. However it is probably a good idea.

  1. You can't get a globally trusted SSL certificate for an IP address. So you will need to use a self-signed certificate and manage trusting it on every device.
  2. If you don't have a stable IP you will need to update bookmarks whenever it changes and memorizing it may be a chore.

If you don't want to purchase your own domain you can likely use a free subdomain, this will often come from a dynamic DNS provider.

However if you can I would strongly recommend getting your own domain sooner rather than later. If only because it means that you can own your email address which is basically the keys to all third-party services you use these days. Domains are pretty cheap, probably <$20/year for a generic like .com or the TLD of your country. Personally I would happy skip out on eating out once a year to have my domain.

kevincox ,
@kevincox@lemmy.ml avatar

Material Files + SFTP is a winning combination. You probably already have SSH configured and it is quite secure.

Please recommend me some blogs about Linux or FOSS or similar that you follow through RSS.

Hi. I have a category Little Tech Blogs in my rss reader where I put those cool niche blogs mostly about Linux, FOSS, programming, etc... Many of them I found by articles linked in this community, so I was wondering if you guys know about more blogs like that. By little I mean it's run by one person or a small group of people,...

kevincox ,
@kevincox@lemmy.ml avatar

Timely question, I just wrote a blog-post on this My Favourite Feeds

kevincox ,
@kevincox@lemmy.ml avatar

While you are technically right there is very little logical difference between containers and VMs. Really the only fundamental difference is that containers use the same kernel while VMs run their own. (let's not even worry about para-virtualization right now).

In practice I would say the biggest difference is that there is better memory sharing so total memory usage will often be less. But honestly this mostly comes down to the fact that the average container bundles less software than the average VM image. Easier management of volumes is also nice because typically you will just bind-mount a host directory, but it also isn't hard to mount a block device on a Linux host.

kevincox , (edited )
@kevincox@lemmy.ml avatar

I feel that a lot of people here are missing the point. Docker is popular for selfhosted services for a few main reasons:

  1. It is one package that can be used on any distribution (or even OS with a Linux VM).
  2. The package contains all dependencies required to run the software so it is pretty reliable.
  3. It provides some basic sandboxing against non-malicious services. Basically the service can't scribble all over your filesystem. It can only write to specific directories that you have given it access to (via volumes) other than by exploiting security vulnerabilities.
  4. The volume system also makes it very obvious what data is important and needs to be backed up or similar, you have a short list.

Docker also has lots of downsides. I would generally say that if your distribution packages software I would prefer the distribution's package over the docker image. A good distribution package will also solve all of these problems. The main issue you will see with distribution packages is a longer delay before new versions are made available.

What Docker completely dominates was previous cross-distribution packaging options which typically took one of the previous strategies.

  1. Self-contained compiled tarball. Run the program inside as your user. It probably puts its data in the extracted directory, maybe. How do you upgrade? Extract and copy a data directory? Self-update? Code is mutable and mixed with data, gross.
  2. Install script. Probably runs as root. Makes who-knows what changes to your system. Where is the data, is the service running? Will it auto-start on boot. Hope that install script supports your distro.
  3. Source tarball. Figure out the dependencies. Hope they don't conflict with the versions your distro has. Set up users and setup scripts yourself. Hope the build doesn't take too long.
kevincox ,
@kevincox@lemmy.ml avatar

For desktop apps Flatpak is almost certainly a better option than Docker. Flatpak uses the same core concepts as Docker but Flatpak is more suited for distributing graphical apps.

  1. Built in support for sharing graphics drivers, display server connections, fonts and themes.
  2. Most Flatpaks use common base images. Not only will this save disk space if you have lots of, for example GNOME, applications as they will share the same base but it also means that you can ship security updates for common libraries separately from application updates. (Although locked insecure libraries is still a problem in general, it is just improved over the docker case.)
  3. Better desktop integration via the use of "portals" that allow requesting specific things (screenshot, open file, save file, ...) without full access to the user's system.
  4. Configuration UIs that are optimized for the desktop usecase. Graphically tools for install, uninstall, manage permissions, ...

Generally I would still default to my distro's packages where possible, but if they are unsuitable for whatever reason (not available, too old, ...) then a Flatpak is a great option.

kevincox ,
@kevincox@lemmy.ml avatar

The problem with separating Calendar + Mail + Contacts is that they work best together. Although to be far I am not aware of an open-source system that effectively combines them.

Calendar event invites an updates go over mail. So you want your calendar application to automatically be able to get those. Also options like "automatically add invites from contacts to my calendar" is an awesome feature. Contacts can also be used for spam filtering (although this integration is a bit easier to do externally).

So currently I am using Nextcloud (self-hosted) although I don't really like it because it is pretty slow on my low-powered VPS. But even still it doesn't actually have proper email integration. There are bugs open and slowly moving but I'm still using Thunderbird to process most of my calendar stuff.

Not to mention JMAP which is slowly progressing which would be a huge improvement, especially for mobile clients. It also combines these three services.

kevincox ,
@kevincox@lemmy.ml avatar

Yup. So many of these "alternative" browsers have very questionable security practices. At the very minimum they don't have a staffed team to respond to zero-day exploits. But often they also make large changes without too much consideration for security or disable security features when they get in the way of features. I hate saying "use on of the big boys" but for most users their browser is likely their largest attack surface by an order of magnitude, it's job is literally to download an execute untrusted code and the API surface is huge. It takes real resources and careful development to develop and maintain a browser, and there are very few organizations that I would trust to do this.

So unless you have a strong reason I would highly recommend sticking to one of the major browsers.

kevincox ,
@kevincox@lemmy.ml avatar

Try something like https://www.webpagetest.org/ or any other "proxy" service to confirm for youself if it is publicly accessible.

Apple will require notarization for apps from third party app stores, and will disable updates for apps installed via third party app stores if staying outside EU ( support.apple.com )

As far as I can tell this basically means that all apps must be approved by Apple to follow their "platform policies for security and privacy" even if publishing on a third party app store. They will also disable updating apps from third party app stores if you stay outside the EU for too long (even if you are a citizen of an EU...

kevincox ,
@kevincox@lemmy.ml avatar

if staying outside EU

I'm pretty sure this is explicitly not allowed because most of the EU laws apply to EU citizens and residents. So if an EU citizen stays outside the EU they aren't allowed to stop following the EU rules.

kevincox ,
@kevincox@lemmy.ml avatar

IDK what OS you are on but on Linux most file managers have support for remote filesystems. SFTP (SSH-FTP, not to be confused with FTPS which is FTP-secure) is ubiquitous and if you use scp then you already have SSH set up.

If you need Windows support it is more of a pain. You may need to set up Samba or WebDAV and permissions can suck. But you can also download a third-party file browser that supports remote protocols.

So basically SFTP, and I fairly regularly just use a graphical file manager when I am doing one-off operations.

kevincox ,
@kevincox@lemmy.ml avatar

ftp ans sftp are completely different things. ftp is a very old protocol and can be run encrypted as ftps. sftp runs over SSH and is pretty common to use.

Naming is truly one of the hardest problems in computer science.

kevincox ,
@kevincox@lemmy.ml avatar

Right now I am just using nautilus (default GNOME file manager) but in past I was using Thunar (default XFCE file manager). I'd be pretty surprised if whatever file manager you are currently using doesn't support SFTP out of the box. Typically you can just enter something like sftp://myhost.example into the location bar. They may also have a dedicated network connection section with a wizard to add it.

kevincox ,
@kevincox@lemmy.ml avatar

Yup super confusing. The way I remember it is that https is http + SSL so ftps is ftp + SSL. The weird one sftp is an entirely different protocol that uses SSH to transfer files.

kevincox ,
@kevincox@lemmy.ml avatar

Unless you went out of your way to set up FTP and get a TLS certificate I would put my money on you using SFTP which uses SSH for authentication and transport security. It doesn't require anything to set up other than TOFU server keys and a client key or password for authentication.

Which is probably the right thing to use. Really you shouldn't be using FTP anymore. Probably you just want HTTP for public data and SFTP for private authenticated data.

kevincox ,
@kevincox@lemmy.ml avatar

Generally you can even just type it into the location bar, no need to find a specific dialog. For example if I type CTRL+l then sftp://myserver.local into Nautilus it pops up a username+password dialog (or just logs in using my keys).

kevincox ,
@kevincox@lemmy.ml avatar

I wouldn't really recommend NFS unless you need to remote mount as a "true filesystem" with full support for things like sockets, locking and other UNIX filesystem features or you need top performance. It is so difficult to do authentication and UID mapping that it typically isn't worth it for simpler use cases like "add, remove or download files".

scp can be slow with large numbers of small files. rsync is much better at that and can do differential transfers if you need that. Since rsync can also run over SSH it can be very easy to just use it as a default.

kevincox ,
@kevincox@lemmy.ml avatar

I don't know if the s is actually "SSL" or "secure" but the point is that the are the same protocol, running over an encryption layer. So adding an s suffix is running the same protocol over some encrypted transport. You see this s suffix for lots of things like irc/ircs and dav/davs.

This is different to sftp which isn't related to ftp at all other than they are both protocols that transfer files.

kevincox ,
@kevincox@lemmy.ml avatar

You should look into DNS or maybe mDNS or even local DNS aliases.

kevincox ,
@kevincox@lemmy.ml avatar

I wish they had a feed for posts like these. Their mail feed is mostly release notes but sometimes they post great articles like these and I would love to subscribe.

[Thread, post or comment was deleted by the author]

  • Loading...
  • kevincox ,
    @kevincox@lemmy.ml avatar

    Also hold down the power button for a few seconds after unplugging just to help drain out any residual power from capacitors.

    Also if it is a laptop or other battery-operated device you will want to disconnect the batter temporarily.

    kevincox ,
    @kevincox@lemmy.ml avatar

    The printer is sold at a loss so that they can gouge you on ink, so you would need to factor that into the equation.

    ...however $400 seems like a lot of ink.

    kevincox ,
    @kevincox@lemmy.ml avatar

    https://news.google.com/rss will redirect to a feed for the top content in your region.

    You can also make a search and paste that URL into your feed reader and it will find the feed to subscribe to that search.

    kevincox ,
    @kevincox@lemmy.ml avatar

    Most readers will also do this auto-discovery for you. So typically you can just paste the page or article URL and it will find the feed.

    Of course the extension is nicer because you don't need to guess and check, you get a quick indicator if there is a feed or not.

    Personally I use Want My RSS because I like the preview which then lets me know if it is a full-text feed or just summaries. This is also Firefox only. But extensions for other browsers are available.

    kevincox ,
    @kevincox@lemmy.ml avatar

    People have different definitions of "the fediverse". To some people fediverse is ActivityPub, but to some people it is any federated protocol.

    SMTP is a federated protocol, so some people would consider it part of the fediverse.

    POP3 isn't federated, it is standardized but different POP3 servers don't connect to each other in regular process of the protocol.

    kevincox ,
    @kevincox@lemmy.ml avatar

    Do you mean using PDF's built-in signature mechanisms? I don't think so.

    If you want to do regular PGP file signing you can export the key from Thunderbird and do whatever you want with it.

    kevincox ,
    @kevincox@lemmy.ml avatar

    I mean of course they do. Reddit's job is literally to redistribute those photos and it is well known that they will be used to generate profit.

    Maybe there is a little grey around around "selling" but if they have the right to redistribute them I don't see why they wouldn't be able to redistribute them directly for money as opposed to just redistributing them with some ads on the page.

    kevincox ,
    @kevincox@lemmy.ml avatar

    Yes. "Knowingly" is the hard part here. Reddit will of course say that you agreed to their terms of service and that the terms are reasonable because otherwise they couldn't operate their service. However it is definitely true that many users didn't realize that they were giving Reddit permission to sell their content (even if it is the logical conclusion).

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • All magazines