irotsoma

@irotsoma@lemmy.blahaj.zone

• ⁨Comment⁩ on ⁨FBI issues warning over scammers impersonating agents to steal your money⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:

  I mean didn’t Trump deprioritize cyber crime enforcement against certain countries he’s indebted to that are notorious for scamming Americans. So no surprise that they’d go over the top since they are free to do basically anything.

• ⁨Comment⁩ on ⁨Take Action: Defend the Internet Archive⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:

  Yes it’s a violation of the law, but much like any other laws, there are defenses to these built into the laws. For example, for murder, if you kill someone, you commit murder (or homicide or whatever word is used), but there is a built in defense that you are allowed to do this in cases of self-defense. So still guilty of the crime itself, but the exceptions make it not a criminally punishable act.

  Similarly, in copyright there is the concept of fair use. Again, any copy you make of a copyrighted work violates the copyright act, however there are scenarios where the copying becomes not a punishable offense. In copyright, these are usually things that there is a benefit to society that outweighs the detriment to the copyright owner such as transformative art which creates new art, or backup for purposes of archiving. So likely the copy itself is protected here. The potential issue comes in the fact that they then share that copy. This is where the legality becomes murky as copyright law in the US has never been updated fully to deal with digital copies which take miniscule cost to produce and are nondestructive of the original.

  But let’s assume that the law supports the music industry. Then we move to harm. How much harm has been done to the owner. Since this is a corporation we’re only talking profit, not emotional or other types of harm that might be involved. In this case they are claiming that for each work shared over the internet, they have been denied $150,000 in potential profit from selling those works.

  This is where the real issue comes in in that courts rarely dispute these ridiculous numbers. IMHO the fact that they are pitting these kinds of numbers in a court document sounds like fraud to me. For much of this work they have no actual copies of the works because they were destroyed or deteriorated. So how could they sell them and make profit? For what they do have, is there even much of a market for any of that content and would that market generate $150,000 for a single random song written many decades before most of us were born. Sure the award will likely be less than that, but I bet the average song on this list might generate less than $1 in the time from when they posted them to when their copyright finally expires. So charge them a few hundred dollars and be done with it.

  The issue is that the works are otherwise not available for sale and any licensing is done across all works owned by these companies and this is how they get the $150,000 per work number. They don’t sell licenses just for old works because the system was never designed to support copyright lasting as long as it does now.

• ⁨Comment⁩ on ⁨Take Action: Defend the Internet Archive⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  I mean, the stuff in the Great 78 Project is stuff that is so old that copyright was not designed to support the lengths of time they currently do so archiving wasn’t as big of a concern because the media it was created on would be less likely to deteriorate in that time. When the owner is a corporation who for the most part not only doesn’t sell but refuses to archive works that are breaking down due to the physical age of the media and would rather the works disappear than allow for archiving, how are they harmed to the tune of $150,000 per recording? And who is this benefiting to let recordings, stories, and other art forms literally turn to dust with no monetary profit going to anyone in most cases if it’s not archived.

• ⁨Comment⁩ on ⁨Is it normal to not have any malicious login attempts?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

  How do you connect? Is there a domain? Is that domain used for email or any other way that it might circulate?

  Also, depends on if the IP address was used for something in the past that was useful to target or not. And finally do you use that IP address outbound a lot, like do you connect to a lot of other services, websites, etc. And finally, does your ISP have geolocation blocks or other filters in place?

  It’s rare for a process to just scan through all possible IP addresses to find a vulnerable service, there are billions and that would take a very long time. Usually, they use lists of known targets or scan through the addresses owned by certain ISPs. So if you don’t have a domain, or that domain is not used for anything else, and you IP address has never gotten on a list in the past, then it’s less likely you’ll get targeted. But that’s no reason to lower your guard. Security through obscurity is only a contributory strategy. Once that obscurity is broken, you’re a prime target if anything is vulnerable. New targets get the most attention as they often fix their vulnerabilities once discovered so it has to be used fast, but tend to be the easiest to get lots of goodies out of. Like the person who lives on a side street during trick-or-treat that gives out handfuls of candy to get rid of it fast enough. Once the kids find out, they swarm. Lol

• ⁨Comment⁩ on ⁨Testing vs Prod⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

  At work we have 6 environments other than production. At home just one. I created a way to ease deployment of the environment from scratch using a k0sctl config and argocd and the data gets backed up regularly if I need to restore that, too.

• ⁨Comment⁩ on ⁨Why is my server using all my Swap but I have RAM to spare?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

  Note that often it’s more efficient to move infrequently accessed memory for background tasks to swap rather than having to move that out to swap when something requires the memory causing a delay in loading the application trying to get the RAM, especially on a system with lower total RAM. This is the typical behavior.

  However, if you need background tasks to have more priority than foreground tasks, or it truly is a specific application that shouldn’t be using swap and should be quickly accessible at all times, or if you need the disk space, then you might benefit from reducing the swap usage. Otherwise, let it swap out and keep memory available.

• ⁨Comment⁩ on ⁨[deleted]⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

  I would required compensation in the amount of Elon’s entire fortune so it can be properly redistributed to those who deserve it, including you if this is a human reading this email. If those terms are acceptable, please contact me at xxx-xxx-xxxx at your earliest convenience.

• ⁨Comment⁩ on ⁨Would there be any potential problem of hosting public and/or private (vpn) services in a school office?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  This. Get in writing the specific legally binding policies for personal use of their network resources. Not just the personal opinion of the IT people. They don’t write the legally binding policy that you are responsible for following.

• ⁨Comment⁩ on ⁨Police told not to close investigations until they have used facial recognition⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Someone in charge is getting a kickback or is heavily invested in the company that supplies the facial recognition service.

• ⁨Comment⁩ on ⁨Risks of self-hosting a public-facing forum?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  I mean, in most cases this isn’t criminal law (in the US at least), so it means you have to attract enough attention of a corporation since they’re usually the only ones who can afford the legal costs to file the DMCA requests and responses for copyright violation. And with many other civil issues, often corporations with the money for it, don’t have standing to sue, and if they did, would be required to sue each individual in the appropriate jurisdiction.

  With the removal of Section 230, these costs will go down significantly as a single user’s violation could be enough to bankrupt or shut down an entire site of violating content or, if serious criminal violations like child porn, put the person who hosts the site in prison who, will be much easier to identify and sue in a single jurisdiction or arrest than a random internet user.

• ⁨Comment⁩ on ⁨Risks of self-hosting a public-facing forum?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Yeah, other countries have similar or even more strict requirements, so yeah it all depends on the jurisdiction. You have to also understand that just hosting something externally, doesn’t mean you don’t fall under laws of another country. It’s the internet. And if you live in a country, you may be held responsible for obeying their laws. I’m not a lawyer, so it’s something to be careful of even if externally hosted.

• ⁨Comment⁩ on ⁨Risks of self-hosting a public-facing forum?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  This is especially necessary to consider if you live in the US right now. One of the things the current administration is pushing for even harder than past administrations is removal of Section 230 of the communications act that was enacted in the 90s. This provides a defense against liability for the content you host as long as you make a reasonable effort to remove content that is illegal. Problem is that this makes it really difficult to censor (maliciously or otherwise) content because it’s hard to go after the poster of the content and easier to go after the host or for the host to be under threat to stop it from being posted in the first place. But it’s a totally unreasonable thing, so it basically would mean every website would have to screen every piece of content manually with a legal team and thus would mean user generates content would go away because it would be extremely expensive to implement (to the chagrin of the broadcast content industries).

  The DMCA created way for censors to file a complaint and have content taken down immediately before review, but that means the censors have to do a lot of work to implement it, so they’ve continued to push for total elimination of Section 230. Since it’s a problematic thing for fascism, the current administration has also been working hard to build a case so the current biased supreme court can remove it since legislation is unlikely to get through since those people have to get reelected whereas supreme court justices don’t care about their reputation.

  So, check your local laws and if in the US, keep an eye on Section 230 news as well as making sure you have a proper way to handle DMCA takedown notices.

• ⁨Comment⁩ on ⁨Cheapskate's Guide: Nuking web-scraping bots⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Are there any guides to using it with reverse proxies like traefik? I’ve been wanting to try it out but haven’t had time to do the research yet.

• ⁨Comment⁩ on ⁨Organic Maps migrates to Forgejo due to GitHub account blocked by Microsoft.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Problem is that unless the person was paid for contributing, what goods or services are being exchanged with the project. I mean if Microsoft received money from that person for a subscription or something I might see them having to ban the user and refund the money. But what did the project receive that would violate sanctions? Volunteer work is usually not covered or else relief organizations and religious missionaries would be banned and the US historically loves sending those. What am I missing?

• ⁨Comment⁩ on ⁨ChatGPT is shifting rightwards politically⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  That’s going to always happen when training data with the entire internet. The outliers will always skew thing more than the mainstream if the models are not designed to exclude them.

  And there are a lot of contributing factors, for example with right leaning stuff being more available for LLMs to process as the platforms are generally less concerned about privacy and more concerned about policing and control (that’s just what right wing is), of course the models are going to see more of it than the left leaning stuff where people are more on the repressed side, more likely to use more private communication methods, and less likely to be able to safely, publicly share outlier kinds of views to skew things the other way. Even the people who pretend to be extreme left-wing, like the USSR or the Chinese Communist Party, are usually, in reality, right-wing.

• ⁨Comment⁩ on ⁨CVE-2025-1974: vulnerabilities that could make it easy for attackers to take over your Kubernetes cluster⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

  Yes it’s defects in the ingress-nginx controller package.

• ⁨Comment⁩ on ⁨Making sure restic backups are right⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

  Depends on what you’re backing up. Is it configs for applications, images, video, etc? If it’s application configs, you can set up those applications in a virtual machine and have a process run that starts the machine, restores the configs, and makes sure the applications start or whatever other tests you want. There are applications for doing that.

  If it’s images or videos, you can create a script to randomly pick a few, restore them, and check the integrity of the files. Usually just a check of the file header (first few bytes of the file) will tell you if it’s an image or video type of file and maybe a check on the file size to make sure it’s not an unreasonably small size, like a video that’s only 100 bytes or something.

  All this seems like overkill though in most scenarios.

• ⁨Comment⁩ on ⁨Mastodon.online invitation if anyone wants it⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

  I’ll take one. Feel free to DM me.

• ⁨Comment⁩ on ⁨Self-hosted SSO⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

  Keycloak. Took me a bit to learn the basics, but it has been way easier to troubleshoot than Authentik and has more features. If you need something that mimics LDAP rather than syncing with an existing LDAP, then Authentik is pretty good. I don’t use LDAP, though.

• ⁨Comment⁩ on ⁨What one Finnish church learned from creating a service almost entirely with AI.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  It brought in 120 people, many of whom wouldn’t have otherwise come. Probably made some good donation money out of it and got some publicity for the church.

• ⁨Comment⁩ on ⁨First Porn, Now Skin Cream? ‘Age Verification’ Bills Are Out of Control.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  I mean dihydrogen monoxide can cause permanent injury or death if irresponsibly used. Let’s get that on the list next!

  /s

• ⁨Comment⁩ on ⁨What host names do you use?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  I use Arthurian legend related stuff. Servers and desktops are locations. My portable devices are the names of swords. IoT devices are more explicitly descriptive since I won’t need to type in, but it’s more important to recognize them when I see them, like lightswitch-livingroom.

• ⁨Comment⁩ on ⁨I Used to Teach Students. Now I Catch ChatGPT Cheats.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  Yeah the push to objectify performance in education so that legislation can cut funding to what they consider underperforming, has made it something that needs to be gamed to prevent schools from losing funding since often the reason they’re underperforming is that the students and their families that they cater to have attended underfunded schools their whole lives. Giving fewer resources to those who never had any, on purpose, is classism. So if students are judged based on how well they do menial tasks and standardized tests, then it’s much easier to cheat. It’s not like they’re learning anything from those anyway so they don’t see any value in trying. And teachers have too many students to pay enough attention to actually teaching especially when now their primary job is making sure the school doesn’t lose funding.

• ⁨Comment⁩ on ⁨Pi-Hole question regarding unbound and cloudflared⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  DNS over TLS handles that. No need for DoH really. Unless DNS ports are blocked or captured by NAT or something and you need to use port 443 with DoH. At least not with a DNS server. DoH is useful for individual applications to do their own DNS lookups bypassing the OS or network level DNS. Otherwise DoH and DoT provide the same basic protection. DoT is just at a lower network layer and thus applies more broadly across the network or OS rather than being application or resolver specific. There’s never been a real need for a DNS server to use DoH instead of DoT unless DoT is blocked upstream.

• ⁨Comment⁩ on ⁨which softwares can I self host without public IP?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  Use VPN or DDNS connected to your domain registrar. Of course DDNS might not update immediately, especially if your domain host is not the same as your DNS provider, so you might have outages for short periods when your IP changes. So, depends on if you’re OK with that or what kind of connection you have and whether it changes your IP a lot.

  Also, might be able to get an IPv6 address for free depending on your ISP or at least you can set up your router to request that your address block is retained for you. I know Comcast does this. Unfortunately, my host does not.

• ⁨Comment⁩ on ⁨Pi-Hole question regarding unbound and cloudflared⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  Unbound supports DoH if compiled with the support and given TLS certificates. I don’t use it internally on my home network because I have a pihole that I want to capture the traffic. I do use DNS over TLS for upstream communication, though.

• ⁨Comment⁩ on ⁨AI Killed The Tech Interview. Now What?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:

  Have people who actually understand what they are asking do the interviews. Problem with mist interviews is they are non-technical people asking complex technical questions and expecting a very specific answer that only people whose brains work a certain way will come up with. This often eliminates the mist creative developers because they come up with different solutions than the one the nontechnical person was taught is the right answer. Not to mention often the questions they ask are obsolete things that most people aren’t going to know off the top of their heads because it’s something they would normally look up in real work not something they need to memorize. Tech interviews are horrible at finding good talent. Good riddance.

• ⁨Comment⁩ on ⁨What is wrong with the architecture of the Internet?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  The problem with all software is adoption. Usually it’s trying to get people to adopt a protocol or buy a piece of software that causes less than optimal decisions to be made. There have been lots of good replacements for all of the things you mentioned, they just never caught on. And the problem in the beginning when they didn’t have those pressures was the hardware and bandwidth limitations.

• ⁨Comment⁩ on ⁨Does AI detect breast cancer better than doctors can?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  Yes. X-ray, MRI, and other complex images are difficult to analyze at a glance and it takes a lot of experience to make a guess on whether something is normal or not. This is exactly what AI is good for. Learning the relationship between some complex set of data points and assigning a probability that it is something based on historical data. AI is just not being used for the correct things most of the time. This is one of those correct things.

• ⁨Comment⁩ on ⁨AI is Stifling Tech Adoption.⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:

  And AI will stifle creativity in all areas that it’s used in. That’s the problem with predictive models being called “AI”. They are only as “intelligent” as the information they were trained on and will always be biased towards what that data set was biased on and won’t be able to create anything truly new, only improve existing things.