kevincox

kevincox , 5 days ago

Because some people want to filter it out. So it gets a label.

kevincox , 6 days ago

Because once you have a taste of power you want more. She wants to use her position of influence to propagate her beliefs.

I'd be happy to retire to a small cottage on a private lake, but maybe I just haven't been sufficiently corrupted by power yet.

kevincox , 6 days ago

I also had a bad experience where I had a test website under a megabyte in a storage bucket. It was under the free tier and sat there for a few years. Then one month they sent me a bill (it was small, a handful of cents). Contact support saying that this use is under the free tier. They said that data was added then removed from the bucket. I hadn't logged into the account, no living API keys. They wouldn't forgive the charge.

Luckily my credit card had expired so they just locked my account.

kevincox , 6 days ago

Two regions of one provider isn't really a reliable backup. What if the provider goes out of business, hacked, closes your account or has a software bug that affects all of their storage.

kevincox , 6 days ago

That doesn't seem compatible with the MPL. Or is it just their modifications that aren't in the original source files that are licensed this way?

kevincox , 6 days ago

Oh, flac fixes for HLS. I wonder if https://github.com/jellyfin/jellyfin/issues/8722 was fixed. I'll have to try it out today.

kevincox , 8 days ago

There is no concrete difference between the two options. But in general they will be similar. I think you are talking about these options:

struct Person;
struct Skill;

struct PersonSkills {
    person: PersonId,
    skill: SkillId,
}

vs

struct Person {
    skills: SkillId[],
}

struct Skill;

The main difference that I see is that there is a natural place to put data about this relationship with the "join table".

struct PersonSkills {
    person: PersonId,
    skill: SkillId,
    acquired: Timestamp,
    experience: Duration,
}

You can still do this at in the second one, but you notice that you are basically heading towards an interleaved join table.

struct PersonSkills {
    skill: SkillId,
    acquired: Timestamp,
    experience: Duration,
}

struct Person {
    skills: PersonSkills[],
}

There are other less abstract concerns. Such as performance (are you always loading the list of skills, what if it is long) or correctness (if you delete a Person do you want to delete these relationships, it comes "for free" if they are stored on the Person) But which is better will depend on your use case.

kevincox , 8 days ago

Although the Android kernel is slightly customized isn't it? I thought it exposed a few extra syscalls. How do these work on Waydroid?

kevincox , 8 days ago

Often what happens is that when you sign up they also make an API call to their email list service. Then when you delete your account they remove you from their DB but often forget to remove you from the other services. This obviously isn't acceptable but often not intentional.

kevincox , 8 days ago

This is also true in lots of places like Canada and (IIUC) California. But very frequently it doesn't happen. In Canada you can report it but then nothing happens.

kevincox , 8 days ago (edited 7 days ago)

My short opinion:

Video

h264 is the best option for compatibility. There have been free software encoders and decoders forever and IIRC all patents have expired. Basically every device you will encounter and every software system can play h264 videos and the encoders are fairly good.

AV1 is the best option for quality. It is completely free and is becoming widely supported. It will likely be supported for a long time as it is the first widely available high quality free codec. It is significantly better quality than h264 so will result in smaller files for the same quality or better quality for the same file size. Hardware decoding support has only really become common in devices that hit the market in the last few years. But most new devices will have hardware decoding.

Both of these are web-compatible as well which is nice.

Audio

Opus for lossy and FLAC for lossless are both some of the best codecs in their class, completely free and widely available. There are also both web-compatible.

kevincox , 8 days ago

I would avoid h265 if you prefer free (libre). The only real advantage it has over AV1 is that devices started shipping hardware decoding support a few years earlier. If you need that and care about file size/quality then yes, you may need to go h265. But otherwise I would lean towards AV1 (better quality) or h264 (basically 100% compatibility).

kevincox , 8 days ago

I would try to avoid VP9. Hardware support is spotty and I suspect that new hardware is going to relatively quickly phase it out. AV1 is better in most circumstances except for a few devices that have hardware VP9 support but not AV1 (a few years of Android phones mostly). So unless you need a specific device you currently own to have hardware decoding support (only really matters if you are on battery for <=1080p content) just skip VP8.

kevincox , 17 days ago

This announcement is just downloads which will continue to be available anonymously.

kevincox , 18 days ago

Although getting something that supports AV1 hardware decoding could be forward thinking. For now you are probably fine without it and if you are ripping DVDs you may consider just keeping the original encoding. But most likely you will start to see more AV1 files coming in the future, and having a server that can transcode AV1 to older formats easily will keep everything on your network working properly.

kevincox , 18 days ago

If you want to serve multiple resolutions and bitrates you will probably want hardware that can do transcoding. However basically any graphics card (even integrated) will be able to transcode a video stream in real-time at a decent quality.

(If you wanted you can try to pre-transcode offline, but Jellyfin doesn't support this well)

kevincox , 18 days ago

Video serving is a very sequential workload so hard drives will be more than sufficient and you can typically get storage at a lower price.

SSD may give you slightly faster start and seeking but it is unlikely to be noticeable.

kevincox , 18 days ago

Out of the box no. But it would be easy to implement if you don't need very complex rules. (I don't actually know how permissions work for sudoedit.)

kevincox , 18 days ago

Yes, but how do you configure who is allowed to edit which files in /etc/sudoers?

kevincox , 18 days ago

To be fair this may be one of the most significant feature for a major phone OS in a few years. At least they are trying something.

kevincox , 18 days ago

If they can shove ads into the GMail UI I'm sure they could have found a place to put them in Google Reader.

kevincox , 18 days ago

Reading feeds.

Mostly blogs and videos. Some comics. Some odds and ends like notifications for various things.

kevincox , 18 days ago

the whole security model of sudo makes no sense

I think that is a bit strong. Sure, you aren't gaining much protection if you just allow sudo -su root but there are a lot of valid use cases.

1. Logging.
2. A bit of an "explicit" check to keep you from doing something stupid without thinking.
3. You can configure sudo to only allow specific commands from different users. (Maybe a trusted friend should have permission to reboot your Minecraft server but nothing else)

kevincox , 18 days ago

If you haven't used any configuration management before it would definitely be valuable to learn.

However I would also recommend trying Nix and NixOS. The provide much better reproducibility. For example using Ansible-like tools I would always have issues where I create a file, then remove the code to create the file but the file still exists or the server is still running. I wrote a post going into more detail about the difference a while ago https://kevincox.ca/2015/12/13/nixos-managed-system/. However this is more involved. If you already have a running server it will be a big shift, instead of just slowly starting to manage things via Ansible.

But I would definitely consider using something. Having configuration managed and versioned with history is super valuable.

kevincox , 18 days ago

I just got a Lenovo Yoga 9i and am pretty happy with it. It has a really nice display and wanted to experiment with a convertible as I occasionally wished I had a tablet but wouldn't use it enough to justify it. Having a laptop that can double as a tablet was attractive.

Random notes:

• Fingerprint reader doesn't work.
• There is a sysfs file to set an 80% charging limit which is nice.
• WiFi often seems slow and the signal strength is reported as low. I suspect this is poor AP selection as it seems to connect to a further AP in my house rather than the closer one.

kevincox , 18 days ago

Or use a browser extension to implement your preferences rather than push them onto others in a way that makes it harder for them to implement theirs.

If an article links to medium.com my redirects kick in, my link flagging kicks in and everything else. If everyone uses some different service to "fix" medium I am stuck with what they like. There is valuable to keeping the canonical URL.

I would also love to see domain blocks as a user preference in Lemmy. Just hide these sites that I don't like.

kevincox , 20 days ago

Can you configure KWallet with no password? Often you can do something like set an empty password and it will auto-decrypt with no prompt.

This may be undesirable as apps running in your user can access what is in KWallet but honestly this is probably the case anyways. If you are running unsandboxed untrusted applications you have already lost.

kevincox , 20 days ago

On NixOS I did this:

services.displayManager.autoLogin = {
	enable = true;
	user = "kevincox";
};

# Avoid setting up a keyring every time I do a non-auto login.
# https://gitlab.gnome.org/GNOME/seahorse/-/issues/159
security.pam.services.login.enableGnomeKeyring = lib.mkForce false; 

kevincox , 20 days ago

Currently s1 and t6. I'm not a fun person.

kevincox , 20 days ago

This is "Testing on the Toilet" which are short flyers that are posted in bathrooms at Google. They aren't typically meant to be particularly profound, just to remind people of common code patterns that can be written more clearly or other reminders that are good to keep in mind.

kevincox , 21 days ago

It depends on the cryptosystem. The private and public halves of the pair are often not symmetrical and often have overlap.

The parent is likely confused because in most situations the "private key file" will also contain all of the public key. Whether by necessity or for convenience.

kevincox , 21 days ago (edited 20 days ago)

Great question. Modern encryption schemes are usually composed of a handful of primitives. If we consider something like HTTPS it uses both asymmetric and symmetric parts.

Asymmetric encryption is the "magic" that you are missing. Asymmetric encryption algorithms create a keypair, one half of this is the "public key" which can be used to encrypt messages that can only be decrypted by the "private key". This means that even if the public key is public (as the name suggests) the messages can't be decrypted without the private key.

You can think of this as giving someone an open padlock. They can put something inside a box and lock it using the padlock, but they can't open it without your key.

Using this you could come up with a very simple protocol for establishing a secure channel:

1. The server sends you their public key, along with a certificate that proves that it belongs to them.
2. The client then uses this public key to encrypt a key for symmetric encryption.
3. The client sends this encrypted key to the server.
4. The server decrypts the key.
5. Now the client and server can both use the shared key to communicate.

(Note: There are many missing features from this system, but I think it illustrates the point. Don't design your own crypto.)

kevincox , 21 days ago

Most archiver programs will set the modified time of a file to the modified time recorded in the archive (if present). Many archive formats support recording modification times because they were intended for backups and aim to perfectly record the original files including all data and metadata.

I also agree that this is not what I want when using GUI modification programs (in my case file-roller) but the exact options available will depend on which program you use.

kevincox , 23 days ago

I also find passkeys to be underwhelming and hope they don't catch on. It seems like a huge mire of complexity for very little gain. It seems like there are two main goals here:

1. Don't sent secrets to the sever.
2. Stop phishing.

Both great goals. However I wonder if we threw out the baby with the bathwater with passkeys.

A password manager is already a huge step to blocking phishing, because if the password doesn't auto-fill you get super suspicious. If you push your user to randomly generate their passwords then they also don't remember them so would have to look them up, then copy them over. If you are worried about users who are a risk to themselves you can make the route to extract a password from the password manager as complicated as you like.

As for not sending secrets to the server I think using a PAKE would have been a great option. If this was paired in a browser-integrated password manager it could be very secure. Think about some type of form field that can be filled with a password that isn't accessible to the page itself. The browser would then tag the password as PAKE and never expose it to the page again.

Another cool think able PAKE is that they can also authenticate the server. TLS-integrated SRP was very cool like this as you could have a self-signed certificate but verify it by entering your username and password. The UX may not have been good enough for public sites but it was an amazingly easy and secure option for private sites. This would actually be more secure than a PKI signed certificate as you aren't risking CA compromise. That being said integrating this with browsers with good UX may be quite difficult. I would love to see it.

But the biggest thing we lost was understandability. Even my grandmother understood what a password is. She knew how to back it up, how to transfer it to a new device. She could use it in two different browsers without setting up some multi-browser sync tool. She could write it in a notebook and log in at the library computer.

I really think that we should have just iterated on passwords. Switch to a PAKE and keep improving password-manager UX and pushing most users to auto-generated passwords. So much was lost by switching to a system that most users don't understand.

I wrote a blog about this a while ago. https://kevincox.ca/2022/04/07/passwords/

kevincox , 23 days ago

https://en.wikipedia.org/wiki/Password-authenticated_key_agreement

Cloudflare also had a fairly good post a while ago about a newer PAKE algorithm: https://blog.cloudflare.com/opaque-oblivious-passwords

a scary amount of users are using the same rather weak password for lots of different accounts

This is true, but you can force them to use a random password just as easily as you can force them to use a randomly generated key. The end UX can look basically identical if you want it to. My point is that this is basically a UX problem. Instead of just making the change we are inventing this new protocol to shuffle along a UX change at the same time. Maybe part of this is because the change has major unaddressed downsides that would be too obvious to slip by if made as an incremental upgrade to passwords.

One team person does the login, adds a key, then let’s the second team member put in their key and so on.

There is no reason you can't have multiple passwords associated with an account.

kevincox , 23 days ago

But… PAKE is used as a method for ongoing exchange of messages

I don't know what you mean.

In really don’t see it that complex, in my last job IT installed a passkey in my laptop

They can also install a randomly generated password just as easily.

Sending passwords is insecure because if an attacker gets the password, you lost

That is why you use a PAKE, you don't send the password.

Old people won’t adopt it unless forced

They also won't adopt passkeys unless forced. What is the difference?

kevincox , 20 days ago

My biggest problem with hardware keys are replacement. If I lost one of my keys and get a replacement I would now need to go to a hundred sites and enroll the new key (and remove the old one). Until this workflow is automated I can only reasonably use hardware keys with a small number of "critical" accounts.

So for 99% of sites I'm going to use a synced software key.

kevincox , 23 days ago

Or just use it in a web browser. I don't really want to run their proprietary spyware outside of a sandbox anyways.

kevincox , 23 days ago

What do you think you're doing by putting that link in every comment? Lemmy doesn't have a terms of service that assigns a license to your text anyways. So if you just say nothing you own your comment and they can't use it. If they cared about the licence they would already not be able to use it.

kevincox , 24 days ago

I don't think OpenTofu is accusing them of taking any code from an incompatible license. Just saying that both parties did the same thing.

IIUC all past Terraform code was copyright assigned via a CLA. This is what allowed them to re-license in the first place. So even if the previous code was offered under an incompatible license they own the copyright so it doesn't matter.

kevincox , 24 days ago

See https://en.wikipedia.org/wiki/Contributor_License_Agreement#Relicensing_controversy for a basic overview.

Lots of projects will have a CLA that basically says "You assign copyright of your work to us" or some sort of unlimited rights grant to the project. So depending on the exact CLA the author may completely transfer ownership of the patch to the project, maintain ownership but grant the project a licence to do basically anything with it (including re-licencing) or for less strong CLAs just confirm that you license the code under the project license.

kevincox , 24 days ago

They are a powerful tool. They are controversial because they can be used for good and evil. For example even some FSF projects require copyright requirement: https://www.gnu.org/licenses/why-assign.en.html. (It used to be all projects, but many have them have switched to DCO, example glibc)

But of course it also means that an organization can take code in a GPL project and start disturbing closed-source versions.

kevincox , 25 days ago

I ended up creating my own because I couldn't find something that did what I want a few years ago when I started looking. My main requirement was easy scaling of ingredients. It has a handful of features around that such as scaling by specifying servings, scaling by setting the amount of a particular ingredient (example making pancakes with leftover buttermilk, pour the buttermilk into the bowl then scale the recipe based on how much was left) and ingredient conversion. In most other ways it is pretty basic and free-form but it does the job. It stores data in a user-provided provider so other people never send me their recipes.

https://recipes.kevincox.ca/

kevincox , 25 days ago

Element is running a beta for Video Rooms which is basically exactly this. However it isn't standardized yet and I haven't tried it.

kevincox , 27 days ago

It depends on how much you trust nginx. A HTTP server is probably a bit more complex that your average VPN solution so probably more likely to have vulnerabilities, but it is also the most popular web server on the planet, so if there is a zero day I'm probably not the first target. If you stay up to date you are probably fine.

kevincox , 27 days ago

Honestly my biggest complaint is header wrapping. Technically you need to wrap lines at 998 bytes (not that any reasonable server actually cares). But in order to wrap a header you need to add spaces (because you can only break a line after whitespace). But where spaces are unimportant depends on each specific header. So you need to have custom wrapping rules for each header.

In practice no one does this. They just hope that headers naturally have spaces or break them in random locations (corrupting them) because the protocol was too stupid.

Binary protocols are just so much simpler. Give the length, then the data. Problem solved. Maybe we could even use a standard format for structured headers. But that would be harder to do while maintaining backwards compatibility.

kevincox , 8 days ago

Do you have an ARM emulator installed? I don't think the game ships an x86 build. Other than that it just worked.

kevincox , 7 days ago

I think so. IIRC there are a few different implementations. But if you configure any of them Android will automatically use it to run non-native apps.