[-] stardreamer 10 points 11 months ago* (last edited 11 months ago)

I've recently moved from fail2ban to crowdsec. It's nice and modular and seems to fit your use case: set up a http 404/rate-limit filter and a cloudflare bouncer to ban the IP address at the cloudflare level (instead of IPtables). Though I'm not sure if the cloudflare tunnel would complicate things.

Another good thing about it is it has a crowd sourced IP reputation list. Too many blocks from other users = preemptive ban.

[-] stardreamer 8 points 1 year ago* (last edited 1 year ago)

According to this post, the person involved exposed a different name at one point.

https://boehs.org/node/everything-i-know-about-the-xz-backdoor

Cheong is not a Pingyin name. It uses Romanization instead. Assuming that this isn't a false trail (unlikely, why would you expose a fake name once instead of using it all the time?) that cuts out China (Mainland) and Singapore which use the Pingyin system. Or somebody has a time machine and grabbed this guy before 1956.

Likely sources of the name would be a country/Chinese administrative zone that uses Chinese and Romanization. Which gives us Taiwan, Macau, or Hong Kong, all of which are in GMT+8. Note that two of these are technically under PRC control.

Realistically I feel this is just a rogue attacker instead of a nation state. The probability of China 1. Hiring someone from these specific regions 2. Exposing a non-pinying full name once on purpose is extremely low. Why bother with this when you have plenty of graduates from Tsinghua in Beijing? Especially after so many people desperate for jobs after COVID.

[-] stardreamer 8 points 1 year ago

I think we may be looking at these wrong. Yes there's a visible throughput/latency improvement here but what about other factors? Power savings? Cache efficiency? CPU cycles saved for other co-running processes?

These are going to be pretty hard to measure without an x86_64 simulator. So I don't fault them for not including such benches. But there might be more to the story here.

[-] stardreamer 9 points 1 year ago

MH series always does one big (console) one small (mobile) in that order. Last gen World was the big and Rise was the small.

This is probably gonna be the big one :)

[-] stardreamer 10 points 1 year ago

It's a royal "we".

[-] stardreamer 10 points 1 year ago* (last edited 1 year ago)

Stick to a small instance with a small witchy vibe. You can get by by looking at local + subbing to only topics that you're interested in.

Personally I find my current instance + some of the literature instances (literature.cafe) very comfy. I blocked out 196, but that was only because it was big enough that it was drowning out all other discussions.Then I join in on some niche lemmy.world tech topics from time to time.

[-] stardreamer 10 points 1 year ago* (last edited 1 year ago)

8gb RAM and 256 gb storage is perfectly fine for a pro-ish machine in 2023. What's not fine is the price point they are offering it (but if idiots still buy that, that's on them and not apple). I've been using a 8gb ram 256 gb storage Thinkpad for lecturing, small code demos, and light video editing (e.g. zoom recordings) this past year, it works perfectly fine. But as soon as I have to run my own research code, back to the 2022 Xeon I go.

Is it Apple's fault people treat browser tabs as a bookmarking mechanism? No. Is it unethical for Apple to say that their 8GB model fits this weirdly common use case? Definitely.

[-] stardreamer 10 points 1 year ago* (last edited 1 year ago)

Am I the only idiot that read X as X11 then realized it was referring to Twitter?

[-] stardreamer 9 points 1 year ago* (last edited 1 year ago)

Having one program (process) talk to another is dangerous. Think of a stranger trying to come over to me and deliver a message. There's no way I can guarantee that he isn't planning to stab me as soon as he sees me.

That's why we have special mechanisms for programs talking to other programs. Instead of having the stranger deliver the message directly to me, our mutual friend Bob (IPC Library, binder in this case) acts as an intermediary. This way at least I can't be "directly" stabbed.

What's preventing the stranger from convincing Bob to stab me? Not much (except for Bob's own ethics/programming)

To work around this, we have designed programming languages (rust) that don't work if there's a possibility of it being corrupted (I would add "at least superficially", but that's not the main topic here). Bob was trained by the CIA in anti-brainwashing techniques. It's really hard to convince Bob to stab me. That's why it's such a big deal. We now have a way of delivering messages between two programs that is much safer than before.

The only problem is that the CIA anti-brainwashing techniques (rust) tend to make people slow. So we deliver messages less efficiently than before. Good news is in this case we managed to make Bob almost as fast as before, so we don't lose our own much while gaining additional security. The people who checked on Bob even made sure to have Bob do the exact same thing as before when delivering messages (using RB Trees), hence this evidence is most likely credible.

[-] stardreamer 9 points 2 years ago* (last edited 2 years ago)

Sometimes you're working on an IoT device in a tight space, which makes rotating/seeing everything much harder.

Especially if you drop the cable it falls into a crevice somewhere.

You probably won't have trouble plugging it in the first time, but gods forbid you unplug/replug it then the cable rotates 540 degrees and you have no idea how it was plugged in before

[-] stardreamer 9 points 2 years ago* (last edited 2 years ago)

It doesn't matter how many passwords you are storing inside. It's the number of cycles of decryption needed to be performed in order to unlock the vault. More cycles = more time.

You can have an empty vault and it will still be slow to decrypt with a high kdf iteration count/expensive algorithm.

You can think of it as an old fashioned safe with a hand crank. You put in the key and turn the crank. It doesn't matter if the safe is empty or not, as long as you need to turn the crank 1000 times to open it it WILL be slower than a safe that only needs 10 turns. Especially so if you have a 10 year old (less powerful device) turning the crank.

[-] stardreamer 9 points 2 years ago

Multimc devs refuse to let anyone else compile/provide packaging scripts for their application. Their own Linux packages installs into /home and can't be cleanly uninstalled. They also deliberately broke the compile process by removing key files from their git repo. When confronted about it, they decided to threaten to sue the AUR maintainer for trademark infringement on their discord instead.

view more: ‹ prev next ›

stardreamer

joined 2 years ago