rumba
@rumba@lemmy.zip
- Comment on Genius 5 hours ago:
The secret is to make awful doughnuts with da bomb spiked filling and offer them a compliment doughnut when they arrive. Water is $3, soda is $4, and milk/soy milk is $5.
- Comment on Everybody talks about beliefs like they're this big important thing. 11 hours ago:
Belief isn’t inherently bad you can believe in observational facts. It’s faith that’s dangerous. Any system that requires you to maintain beliefs without observable facts or in the face of negative confirmational facts is a problem.
- Comment on goodbye plex 15 hours ago:
Oh, Plex has the risk. A vulnerability in Plex is how LastPass lost all their source code. A vulnerability in Tautulli which he had ported outside surfaced his auth token, then he was able to use the auth token to get into Plex and they were able to hit an rce vulnerability and pull the entire git repo the guy had locally.
The key difference is Plex at least has a security team and their name on the line with their investors.
- Comment on Th EU iniative for Stop Killing Games has reached the goal of 1 million signatures!! 19 hours ago:
It’s messy. Making a balanced law around it is sketchy. Consumers deserve to own the games they buy, straight up. Businesses deserve to be able to sell their assets when they fold and have them continue to be worth something so they can live on to make new games and their old games can go to new companies to keep development rolling.
There’s obviously low-hanging fruit. If your game is single-player and you’re just doing an online piracy check, and you go out of business, you leave the check servers running in a trust for like five years with the code to remove the check from escrow. Tick Tock, you either relight the game in time somewhere, or it becomes free to play.
But when you have something like Clash of Clans, where you need battle servers. Those assets are useless once you open that code and 100% support a community-run game. The game could otherwise be passed to another studio, and development could continue. Selling and moving games to other companies and publishers with breaks in the middle happens a lot. How long after a game collapses should they wait for it to become worthless to the market? The obvious answer to the consumer is immediately, because they bought it, they own it. Maybe you have to keep a certain amount of money from the proceeds and use it to refund the users. It still sucks for the you don’t own it anymore concept.
Developers and publishers aren’t fair to consumers without guardrails (and there are none), but those rails should also be reasonable to companies.
If the commission does nothing, it’ll probably be wrapped around this clusterfuck.
I do have a worry that the studios will just stop selling games and everything will go subscription if they are required to provide servers and source on game shutdown. It’ll just push more piracy, less sales, less games and everyone loses.
I really wish companies would just have pride in their stuff and be fair to their users and users could just bear a fair price for good games.
- Comment on I require nothing more 19 hours ago:
I don’t need a bed, but an air mattress is a HARD no.
I’d rather sleep on a clear carpet with a blanket.
- Comment on Rate my one year old homelab. 20 hours ago:
but, think of it… RACING STRIPES!!! or FLAMES!!!
You use bamboo skewers to mount the things off the bottom and dampen vibration. mabey use an internal flap and bent the disks out the front and the PSU out the back. If you have enough cardboard, you could even bend it a bit and do like a jet engine with the fan sticking out the front.
cardboard papercraft homelab… I almost want to get rid of my 42 U rand and make a voltron now.
- Comment on Rate my one year old homelab. 22 hours ago:
Just needs a 10" cardboard box with proper holes
- Comment on goodbye plex 1 day ago:
A lot of neophyte self hosters Will try running the binary in Windows instead. Experienced self hosters will indeed use docker.
Then out of the ones that are using docker some of them will set it up as privileged.
And then how many of those people actually make read-only versus how many just add the path and don’t think about it.
Don’t confuse your good practices with what the average person will do.
- Comment on goodbye plex 1 day ago:
I’ve heard jellyfin has a lot of security issues
The biggest known stuff I saw on their GitHub is that a number of the exposed service URLs under the hood don’t require auth. So, it’s open-source with known requirements, you can tell easily from the outside that it’s running, and you can cause it to activate a LOT of packages without logging in. That’s a zero-day in any package that can be passed a payload away from disaster.
AS far as TVOS, I’m kinda surprised swiftfin doesn’t service you.
- Comment on Introducing reitti: a selfhosted alternative to Google Timeline 2 days ago:
Location sensor would be a good minimum bar.
A custom card for your app that is just basically a iframe into your app with auth would also be pretty decent. Your version of a map looks really nice.
Maybe surfacing metrics of distance traveled or number of geolocations.
I’ll have to install the app and play around with it to make other recommendations but those are the first things that come to mind.
- Comment on North Korea opens massive beach resort, rolls out red carpet for Russians 2 days ago:
Does what’s in the picture look like way more than 20k to anyone else?
- Comment on "Recommended System Requirements" for buying a used PC for selfhosting 2 days ago:
Choosing the right hardware is complicated. If you are transcoding 4K video on jellyfin you probably want a Nvidia 1080 or higher video card.
If you’re running Intel, 10th gen and higher with internal graphics has some pretty good encoding efficiency so you consume less power for a lot more work done.
I’m still rocking a 7th gen i7 with a 2070 super. It still gets the job done for me.
- Comment on I've written a series of blog posts about a "hands-off" self-hosting setup intended for relative beginners. 2 days ago:
Been in it since the web was a thing. I agree wholeheartedly. If people don’t run auto updates and newbies will not run manual updates, You’re just teaching them how to make vulnerabilities.
Let them learn how to fix an automatic update failure rather than how to recover from ransomware. No contest here.
- Comment on 'Xbox Hardware Is Dead,' Says Founding Team Member, 'It Looks Like Xbox Has No Desire — Or Literally Can't — Ship Hardware Anymore' - IGN 3 days ago:
For wanting to own the living room, they never tried particularly hard. PS3 was a damned successful blueray player. They just needed to give you a nice, curated experience and ease of use. There were literally people buying PS3’s because they were cheaper than blueray players at the time
- Comment on A Polish jalapeño pastry 4 days ago:
To be perfectly honest, local isn’t any better as far as pests. There’s never been a rat free grain or corn silo. Presumably you could get pretty close to clean if you refined the sugar out of beets, But they grow in the ground in the dirt with all the insects and pests…
- Comment on A Polish jalapeño pastry 4 days ago:
My kids screamed his head off two days ago. There’s ants in the house. I’m like yeah whatever. I go to check it out. There were thousands of ants in the house. They came in through a little spot near the garage went all the way down one wall along another wall straight through the kitchen under the fridge to a single crunchy snack thing that fell onto the floor.
I’m not too worried about this fly or two or an and or two and I leave spiders alone If they’ve picked a nice quiet corner. But I can’t have thousands of ants in my kitchen.
- Comment on xkcd #3109: Dehumidifier 4 days ago:
This is the around the long way method, but it’ll start you on a crippling hobby to instrument your entire life.
Raspberry Pi home assistant zigbee USB zigbee water sensor.
you could stop here at notifications.
or
Descend into madness, put a small ac submersible pump into your dehumidifier tray with a smart outlet. When the sensor trips full, have it run the submersible pump for x minutes.
- Comment on xkcd #3109: Dehumidifier 4 days ago:
aeotec.com/products/aeotec-water-sensor-7-pro/
This little thing is a beast :)
- Comment on How do animals in the Peppa Pig universe work? 5 days ago:
Some of the jokes ARE targeted at adults. For the weiters are perfectly aware that people like you will be watching it with little kids, at least on occasion. Throwing an occasional bone to an adult may be the difference between the child getting to watch the show and the adult ushering them off to something else.
As far as the who gets to be sentient and who doesn’t question: there’s probably not that much thought put into it. The writers sit around and spitball ideas at each other. They make a list of things that would be engaging for kids yet not too expensive to animate and not too long or complicated too make them lose interest. Someone probably said what about a trip to the zoo. When it came time to do the one for the zoo they said what animal should be in the zoo. What things interest children? Penguins, what do kids see them do with the penguins well they feed them. So now you need non-sentient penguins and non-sentient fish. I’m fairly certain they’re just trying to make it up as they go along and make sure they don’t alienate kids or parents too badly.
- Comment on A sovereign Microsoft 365 alternative: Nextcloud and IONOS join forces - Nextcloud 5 days ago:
Not OP, and I don’t particularly hate PHP but I certainly understand why everyone else does. It had a ton of horrible issues that didn’t get fixed until 8. Just really awful stuff like a23+n7=30 , inconsistent syntax, It’s just had a lot of holes over the years. Post perl, It had the next greatest number of plugins and was reasonably rapid so it took off with the inexperienced crowd, But we ended up with a lot of code written by a lot of inexperienced people and a lot of best practices were eschewed. Most of the big software names that run PHP have had a constant stream of really bad vulnerabilities, more so than a lot of other languages. (WordPress, PHPBB, vbulletin, a million horribly written WordPress plugins)
Personally, in a pinch I’ll still do something in PHP. It’s so incredibly rapid and gives you marginally decent debug right out of the gate with nothing installed.
- Comment on There's no international protocol on what to do if an asteroid strikes Earth 6 days ago:
Didn’t Florida and one of the recent hurricanes refuse government support?
- Comment on Facebook is starting to feed its Meta AI with private, unpublished photos 6 days ago:
according to Patel, who says that a “surprising number” of readers were asking for this change.
Twist: The surprising number was two, still quite a surprised though
- Comment on Stung by customer losses, Comcast says all its new plans have unlimited data 6 days ago:
Well that escalated slowly and painfully.
My wife used to have a photography studio. The building was serviced by Comcast. She had a year-long lease and wasn’t sure that she was going to stay there. We called Comcast to get service minimum 3 year lease, No option but complete buyout on termination.
I asked her if there are any other options because it’s ludicrous to have a service with a 3-year minimum when leases in the building aren’t that long.
I shit you not the rep said there’s no other service available in this building, this building is only serviced by Comcast. This is the only option. I purchased an AT&T hotspot, and never gave it a second thought.
And this isn’t even my first run in with Comcast business. They’re just absolutely horrible to deal with.
- Comment on "Almost out of shampoo, better add it to my shopping list." 6 days ago:
All her food comes from chewy and I’ve tried this.
You know we should try auto order.
Orders food
Comes in just fine, But we’ve misguessed on the reorder date.
We’ll just single order a second bag so that we’ve got one in stock. It’s kind of ridiculous to have 68 lb of dog food around but it won’t go bad that soon.
Single bag comes in, 3 days later reorder bag comes in…
Dog: btw I hate this dog food and I’m not eating it anymore
O.O
Add some crumbles in: nope
Add some wet food in: nope
Gravy, chicken, start doing food theater.
Dog: The dry food is now poison
In the middle of trying to solve this we get another reorder.
Chewy lets us cancel and donate that bag to the local animal shelter.
We change over from a duck version to a salmon version, dogs been eating it fine now for 2 years.
I love chewy to death but between our own incompetence and our dogs fickle eating habits…
I’ve started baking chicken thighs from Costco. $1.79 a pound, They are easy to debone and a $20 package fills four tall deli containers. The dry food is now a condiment for teeth health. And if it runs out she can Make it just fine on meat for a couple of days.
- Comment on "Almost out of shampoo, better add it to my shopping list." 6 days ago:
Dog Food
looks at 40lb bag engages spatial reasoning how many cups are left in this bag… 7-10 days…
looks at 40lb bag engages spatial reasoning how many cups are left in this bag… 3-5 days…
looks at 40lb bag engages spatial reasoning how many cups are left in this bag… probably 2 days…
looks at 40lb bag engages spatial reasoning how many cups are left in this bag… fuck 1 day… takes 2 days to get ship…
Well gal, chicken it is…
- Comment on Jellyfin over the internet 6 days ago:
It would cover all phones, pcs and maybe Android TVs.
The barrier to entry would be having to replace the cert every year since we now made that a thing. Maybe spin up a self-sign shirt server and start issuing people 10 years certs
- Comment on Jellyfin over the internet 1 week ago:
unless there are ways to do injection with the known bugs/a new 0day
TBH, that should be enough right here. That is a JUICY target for hacking.
You can tell outside that someone is running JF.
You know what packages are used.
You have full access to the source.
You know what endpoints are exposed and available.
All you need is a whole in ffmpeg, a codec, a scaler, or something in libAV. There are a hundred different projects in there from everyone and their brother. And all somebody with experience needs is one of them to have an exploit in a spot where you can send it a payload through an endpoint that doesn’t require authentication.
We need something to gatekeep. Some form of firewall knocking, or VPN. We don’t need JF to be as publicly accessible as Netflix; we just need a way for our friends and family to get in, prove they’re who they are, and reject all anonymous traffic.
- Comment on If every minority group came together under the same banner they would be the majority, and rights would be much easier to attain for everyone. 1 week ago:
Your inexperience and own beliefs do not make the experiences of those talking to you invalid; furthermore, calling other people’s experiences rhetoric and belief is frankly rude.
- Comment on PewDiePie: I'm DONE with Google 1 week ago:
Entirely fair, I generally can’t stand him, hence just reading his caption data :)
He hit the mark on a few things but his hot takes were pretty hot.
- Comment on TOR asking to run snowflake to help Iranians with internet access 1 week ago:
Yeah, it’s still in use. It’s still slow. I think the real take away is that if you’re going to do things that are going to get you in true State trouble tor is not a reasonable solution.
If you’re not doing something to draw the ire of a government agency, It’s reasonably safe. Other than they fact that you are passing tor data, no one in your house or your ISP or Google has any idea what you’re actually doing.
I think one of the big problems is that there’s not so many tor nodes that a well-funded agency couldn’t stand up enough nodes to catch your entire conversation.