SpaceCadet
@SpaceCadet@feddit.nl
- Comment on Self-hosting your own media considered harmful - I just received my second community guidelines violation for my video demonstrating the use of LibreELEC on a Raspberry Pi 5, for 4K video playback 18 hours ago:
Harmful is just code for “threatens the bottom line of multibillion dollar companies”. There is no relation to anything that matters to real people.
- Comment on Realtek's $10 tiny 10GbE network adapter is coming to motherboards later this year 2 weeks ago:
I think 10GbE is more intended for local applications than for internet. Say, you have a NAS with a RAID array of nvme drives for video editing purposes that you want to access from a few workstations.
Even the other day I was quite happy to have 2.5GbE when I installed my new gaming PC, and steam was able to pull all my games directly from my old computer rather than downloading them over the internet again.
Anyway, LAN speeds have always been an order of magnitude higher than common internet speeds, so I don’t see the issue.
- Comment on Mozilla is shutting down Pocket, their read-it-later and content discovery app, and Fakespot, their browser extension that analyzes the authenticity of online product reviews. 2 weeks ago:
My
user.js
file is entirely platform independent. I use it on Linux, Windows and even used it on my work provided Macbook. FYI:user.js
only contains the settings you want to change, it’s not the wholeprefs.js
file. It’s just 63 lines.I agree that chrome feels cleaner and needs a lot less fiddling to get right, but chrome is effectively dead for me. I switched to firefox for much more important reasons than a few UI annoyances.
- Comment on Mozilla is shutting down Pocket, their read-it-later and content discovery app, and Fakespot, their browser extension that analyzes the authenticity of online product reviews. 2 weeks ago:
Yes, to completely turn it off, it’s an
about:config
setting:extensions.pocket.enabled
Removing it from the toolbar just hides it, but keeps it running.
- Comment on Mozilla is shutting down Pocket, their read-it-later and content discovery app, and Fakespot, their browser extension that analyzes the authenticity of online product reviews. 2 weeks ago:
with every fucking install on every machine. for years.
Multiplied by all the other annoyances you have to turn off, via either gui or
about:config
, each and every time. I feel you.I hop machines fairly frequently, use multiple browsing profiles, and often create discardable profiles, so I eventually just went ahead and spent some time tracing all the
about:config
equivalents of the settings that I typically change every time and then put them in auser.js
file that I can just drop into my profile directory. - Comment on Still booting after all these years: The people stuck using ancient Windows computers 2 weeks ago:
You can protect yourself from that with airgapping and backups. The bigger issue is probably that it’s becoming increasingly hard to source parts for such old hardware.
- Comment on What techniques do bad faith users use online to overwhelm other users in online discussion and arguments? 3 weeks ago:
Oh look we got a live one!
Mods: if you’re going to remove comments, at least have the guts to say you want to maintain your echo chamber instead of hiding behind rule 5, which this comment does not violate.
- Comment on What techniques do bad faith users use online to overwhelm other users in online discussion and arguments? 3 weeks ago:
We got a live one!
- Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
That’s only for a single case comparison. You can’t draw statistically meaningful conclusions about what percentage of traffic the pihole has blocked over a longer period of time.
- Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
Yeah no ublock origin really won’t block all that many
Meh, it’s fairly easy to check this you know. If I turn off uBlock, my pihole logs do turn red. If it’s left on, pihole logs stay mostly green, with nothing suspicious or out of the ordinary getting through.
the chattiest DNS comes from apps and smart devices, windows and mac laptops etc.
I don’t have many of those. My work laptop is windows but it connects through a VPN only, and I have my smartphone that I barely use at home.
- Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
Why call it secondary then, that’s so counterintuitive lol
I don’t think that’s even the official naming. It probably comes from what Windows 95 called it back in the day:
On Linux, it’s just an additional “nameserver x.x.x.x” line in
/etc/resolv.conf
, with no indication of which is the “primary” or “secondary”. - Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
Your understanding is not correct. For page elements, uBlock prevents the domain from even trying to load, so no DNS request is ever made. Only if you go directly to an ad domain from the url bar (who does that?), does a DNS request get made.
For example, on my own webserver, I created a simple static html file with an <img> tag pointing to an ad domain that I know is blocked on uBlock as well as on the pihole. Like so:
<html> adblock test <img src="https://track.adtrue.com/some/bannerad.png"></img> </html>
Loading that page, uBlock showed 1 blocked ad on that page, pihole only logged a DNS request to my webserver, not to
track.adtrue.com
.Once I turned off uBlock in the browser and reloaded the page, pihole did log the request to
track.adtrue.com
and blocked it. My browser showed a broken image. - Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
I use firebog’s ticked lists, from what I can tell from the logs ad domains are blocked just fine.
But as I said, I have ublock origin on all my browsers which already catches most ads before they reach pihole, and I don’t use mobile a lot when I’m at home. Oh, and I also use Linux, so no Microsoft telemetry to block either.
1.7% makes perfect sense to me.
- Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
The box I’m running pihole on hosts several other services as well, so I dread having to reinstall everything. Most of it is dockerized, but still.
Anyway, I also waffled back and forth on dockerizing pihole when I initially installed it … but ended up going bare metal, and now I wish I would have gone docker from the start. The initial install is perhaps slightly more complicated, but it’s so much more maintainable and transportable to other devices: transfer volumes, and run your docker-compose.yml on the other box … and voila, you’ve cloned your pihole. I use that system to keep my backup pihole in sync by the way.
Before pihole was essentially a frontend for dnsmasq but it seems like it’s a bit more than that now
Indeed, it doesn’t run dnsmasq separately anymore, but somehow incorporates all dnsmasq capabilities and it still uses dnsmasq syntax config files, and can be configured to include the
/etc/dnsmasq.d
configs. - Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
Randomly? No, only when your pi goes down
Not how secondary DNS works. It round robins the requests across primary and secondary DNS servers.
- Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
Secondary DNS is not for redundancy!
The way secondary DNS works is that a client distributes DNS requests across the primary and secondary DNS servers. So if you have pihole as your primary DNS and, say, 8.8.8.8 as your secondary DNS, you’re sending half of your DNS requests to google. And if your pihole DNS goes down, half of your DNS queries time out.
- Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
Literally just had my pihole hard crash this weekend due to a bad update to FTL. Apparently they had a major version upgrade and didn’t bother to read the notes so I had to do a full OS reinstall.
The v6 upgrade was such a disaster. I was bitten by it too, it started the upgrade then halfway through decided it didn’t like my OS (debian-testing) and crapped out … leaving me with a b0rked installation. Luckily I was able to return to v5 using my system backup. It was a right pain to figure out how to restore though, because they write files all over /opt, /etc, /usr/bin, /usr/local and /var.
For this reason I have since dockerized my pihole installation. Not only does this allow you to choose the exact pihole version you want (a bare metal install only supports the latest version), but it allows you to centralize your configuration files neatly under a docker volume, so you only have to backup the volume.
- Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
Raspberry Pies (is that how you pluralize it?), and especially their SD cards are not the most reliable pieces of hardware. I’ve already had a few die on me.
As for how annoying outages are, I guess that depends on how many people and services you have on your network relying on a functioning DNS. I am running two pihole instances on separate hardware in a keepalived virtual IP setup, with a replicated configuration. Sounds complicated, but it’s really easy.
It’s just nice to be able to reboot or perform maintenance on my pihole knowing it won’t impact DNS, and not having to worry about interrupting my girlfriend streaming her Netflix series or whatever. For example, just a couple of weeks ago I converted my bare-metal pihole installation to a dockerized one, which was a couple of hours of work, without any DNS downtime at all.
- Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
It isn’t so much about the payload of the DNS requests, but about the content that would have been loaded if the DNS request hadn’t been blocked.
If you load a page that has 100kB of useful information, but 1MB of banner ads and trackers … you’ve blocked a lot more than 66%. But if you block 1MB of banner ads on a page that hosts a 200MB video, you’ve blocked a lot less.
Also a 66% blocked percentage seems very high. I have installed pihole on 2 networks, and I’m seeing 1.7% on my own network, but I do run uBlock on almost everything which catches most stuff before it reaches the pihole, and 25% on the other network.
- Comment on The Beauty Of Having A Pi-hole · Den Delimarsky 4 weeks ago:
Misleading statement. It doesn’t block “traffic”, it blocks DNS requests… you don’t know how much traffic this corresponds to.
- Comment on Do it 1 month ago:
Satan is in my ass in my ass
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
That reminds me … another annoying thing Google did was list my private jellyfin instance as a “deceptive site”
A common issue it seems.
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
What I used to do was: I put jellyfin behind an nginx reverse proxy, on a separate vhost (so on a unique domain). Then I added basic authentication (a htpasswd file) with an unguessable password on the whole domain. Then I added geoip firewall rules so that port 443 was only reachable from the country I was in. I live in small country, so this significantly limits exposure.
Downside of this approach: basic auth is annoying. The jellyfin client doesn’t like it … so I had to use a browser to stream.
Nowadays, I put all my services behind a wireguard VPN and I expose nothing else. Only issue I’ve had is when I was on vacation in a bnb and they used the same IP range as my home network :-|
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
This is how I found out Google harvests the URLs I visit through Chrome.
Got google bots trying to crawl deep links into a domain that I hadn’t published anywhere.
- Comment on How to secure Jellyfin hosted over the internet? 2 months ago:
all you need is to get a static IP for your home network
Don’t even need a static IP. Dyndns is enough.
- Comment on Online ‘Pedophile Hunters’ Are Growing More Violent — and Going Viral: With the rise of loosely moderated social media platforms, a fringe vigilante movement is experiencing a dangerous evolution. 2 months ago:
Seeing the Brussels Times, I thought it was going to be about this guy: nl.wikipedia.org/wiki/Marcel_Vervloesem (sorry no english link).
- Comment on Ukraine isn’t invited to its own peace talks. History is full of such examples – and the results are devastating 3 months ago:
Ah fuck, I just see that you are lemmy.ml tankie scum. Of course you are siding with autocratic fascists. blocked
- Comment on Ukraine isn’t invited to its own peace talks. History is full of such examples – and the results are devastating 3 months ago:
Hey fuckwit, you didn’t reply to a single thing I said.
Europe supported the Ukrainian people vocally, but verbally during the Maidan.
Russia armed and funded extreme Russian nationalists, you know like actual nazi scum, and sent them to Ukraine led by FSB officers, controlled directly from the Kremlin. Nobody in the Donbas asked for this, except for retarded nazi scum.
- Comment on Ukraine isn’t invited to its own peace talks. History is full of such examples – and the results are devastating 3 months ago:
Fuck your disingenuous bothesidesism.
Western support of Euromaidan (what you erroneously call “meddling”) isn’t remotely comparable to the straight acts of war that Russia committed in the Donbas.
- Comment on Ukraine isn’t invited to its own peace talks. History is full of such examples – and the results are devastating 3 months ago:
I live in a country that was occupied by Nazi Germany, where the Nazis did the exact same things and put the local Nazi sympathizers in charge of local administration. It didn’t turn us into a country with deep Nazi roots.
We just imprisoned and shot those fuckers after the war.