dgdft
@dgdft@lemmy.world
- Comment on Do farts at least nominally increase the overall temperature of the room in which they are extruded? 2 weeks ago:
Yeah, that’s fair.
I was focused on the marginal effect no matter how small, but you’re right that heat of solvation for gases is minuscule. I’m won over on the idea that it would be outweighed by cooling effect of gas expansion from fart decompression.
- Comment on Do farts at least nominally increase the overall temperature of the room in which they are extruded? 2 weeks ago:
We need a room calorimeter and a lot of beans.
- Comment on Do farts at least nominally increase the overall temperature of the room in which they are extruded? 2 weeks ago:
Care to elaborate your stance?
- Comment on Do farts at least nominally increase the overall temperature of the room in which they are extruded? 2 weeks ago:
I didn’t take shartery into account, but that’s a great point.
- Comment on Do farts at least nominally increase the overall temperature of the room in which they are extruded? 2 weeks ago:
Yeah, you’re right — there would be some cooling from pressure release.
- Comment on Do farts at least nominally increase the overall temperature of the room in which they are extruded? 2 weeks ago:
In a nutshell, the bonds in question are intermolecular forces, not bonds between atoms within a molecule.
- Comment on Do farts at least nominally increase the overall temperature of the room in which they are extruded? 2 weeks ago:
The act of mixing is an exothermic chemical process that does in fact explicitly generate heat. You can read up here if curious: en.wikipedia.org/…/Enthalpy_change_of_solution
I have a degree in physics and work in biomed R&D. I am a qualified fart scientist — this is what I live for.
- Comment on Do farts at least nominally increase the overall temperature of the room in which they are extruded? 2 weeks ago:
The short answer to the post title is a hard “yes” due to enthalpy of solvation.
The answer to your followup question would require some modeling — with the main factors being fart composition, body mass, thermal gradient, and room size.
- Comment on Is this mail something I should be concerned about? 4 weeks ago:
What kind of vulnerabilities are you worried about from such a sudo call?
- Comment on Is this mail something I should be concerned about? 4 weeks ago:
That’s how it already works — Caddy doesn’t require elevated privileges in general. You can toss a binary + config + certs anywhere in the homedir and it’ll go fine if you bind to a non-privileged port.
But users want software to do stuff like help set up certs and serve on ports 80 & 443, so what better option is there than to limit scope of execution by doing pinhole actions with sudo?
- Comment on Is this mail something I should be concerned about? 4 weeks ago:
What would be the correct way for caddy to run actions like this that require elevated permissions, in your view?
- Comment on Round Two: Can I manage to set up Jellyfin correctly this time? 4 weeks ago:
Rt, my bad for the personal attack; I was trying to be saucy with that opener and missed the mark.
That being said, your opinion is still utter hot garbage. It’s not hard at all to host dynamic services publicly with minimal risk if you know what you’re doing, and Jellyfin is pretty damn low risk.
The argument you’re making is comparable to going on a car forum and saying no one should ever drive on a public road because you might crash, and there are drivers doing things you can’t control. It’s factually true that you mitigate all risk by doing so, but misses the fact the people can and do drive on public roads all the time without much hurrah.
- Comment on Round Two: Can I manage to set up Jellyfin correctly this time? 4 weeks ago:
Sorry, I assumed you were intelligent and sanewashed your comment.
I assumed you were talking about the fact that internal web servers that services like Jellyfin run are often DoSable without a proxy.
Jellyfin is quite literally a web app and perfectly safe to host on the web. Wanna prove me wrong? I’ll happily spin up an instance and throw a $500 bounty on there for you.
- Comment on Round Two: Can I manage to set up Jellyfin correctly this time? 4 weeks ago:
Did you read the thread body? Op is using Caddy to reverse proxy.
The smoothbrain top comment is claiming that Jellyfin “wasn’t designed to be exposed to the internet” AT ALL, reverse proxy or not. You’re poking at a strawman here, and putting words in my mouth that I didn’t say.
- Comment on Round Two: Can I manage to set up Jellyfin correctly this time? 4 weeks ago:
Yeah, you’ll probably want to give your Pi a static internal IP too, but the details for that will depend on the specifics of your router and network.
- Comment on Round Two: Can I manage to set up Jellyfin correctly this time? 4 weeks ago:
Yeah, fair point — I was only talking RCE.
That’s a real risk if you get hit by a lazy stuffing script, and I personally SSH tunnel my self-hosted to a public VPS to avoid that sorta thing.
@Op, if you do notice slowdowns for your whole network & suspicious noise in your Jellyfin logs, the easy move is to configure fail2ban and ask your ISP to rotate your router’s IP for you.
- Comment on Round Two: Can I manage to set up Jellyfin correctly this time? 4 weeks ago:
Assuming you’ve forwarded ports 80 & 443 on your router, that’ll do just fine.
Speaking as a hacker and SWE, the cringelords telling you that exposing Jellyfin is some major liability are LARPers who don’t know what they’re talking about.
- Comment on Tool to move watched files from on Plex lib to another 5 weeks ago:
Just a thought, but you might be able to do this easier by looking at atime and mtime rather than fiddling with the API.
- Comment on Leaving GitHub. Music server alternatives? 5 weeks ago:
Lemmy is optional, and the project is hosted on Github.
- Comment on Automating Restic backups 1 month ago:
Seconding this answer. The error message and description scream envvar issue.
This is my first time using systemd, so I’m not sure if I am overlooking an obvious step or what.
@gedaliyah@lemmy.world Did you run a
systemctl daemon-reloadafter making the PassEnvironment change to your service file? - Comment on My first post ever – life in a tent 1 month ago:
Welcome to Lemmy! Sincerely hope you can find some reprieve from your physical circumstances here.
As a friendly heads up, you posted this thread to a tech-related board. Your post may be removed for that reason, but you should consider reposting on a more general comm such as !casualconversation@piefed.social.
- Comment on How to enhance Caddy's basic_auth? 1 month ago:
Yeah, you don’t need to extend Caddy at all for that.
Add a properly-formatted Authorization header to any requests you make to the server and it’ll work. See Wikipedia page for header string format:
- Comment on How to enhance Caddy's basic_auth? 1 month ago:
How does programmatic access tie into the desire for a login form?
Either way, you can do a login form -> basic auth forwarding page by rigging up some simple JS, or access programmatically in a direct way by simply setting a manual Authorization header.
- Comment on Hackers Are Finding New Ways to Hide Malware in DNS Records 1 month ago:
Not to detract from the article, but this has actually been a long time coming and known as a vector for decades.
DNS backed website PoC from a few years ago: news.ycombinator.com/item?id=27598164
- Comment on Immich Flatpak 1 month ago:
It’s extra work to maintain and test another release format — and the core developers want to focus on making software.
No one is stopping you from rolling your own flatpak.
- Comment on Medieval medicine was smarter than you think—and weirdly similar to TikTok trends 1 month ago:
No personal disrespect to you OP, but gotta call a spade a spade: this article is dogwater clickbait and an awful fit for this comm.
- Comment on Tape drive backups 1 month ago:
tape drives seem to be the best
Tape drives are the keytars of the tech world. They seem cool and a pro can really jam with them… but they’re not the most practical and you should really get a guitar or a keyboard until you know what you’re doing.
Yeet your shit onto rsync.net or anything else simple and call it a day, unless you’re in it for the meme.
- Comment on [deleted] 2 months ago:
I respect the spirit you’re going for, but FYI, Libby and Overdrive are private-equity owned and just as exploitative (if not more so) than the major publishers were.
They do not give libraries an unlimited license for digital books, but rather make them pay what they would for a physical book, and allow them to loan out the digital copy a relatively small number of times (usually around ~4-5 IIRC) under the guise that a physical book would have been irreparably degraded after having been lent out that many times. There’s a stream of billions of dollars being moved from non-consenting taxpayers going right to a monopolistic gatekeeper.
If we’re talking physical books, libraries are definitely still great for that, but I find that the vast majority of the time I look to check if they have a specific book I’m after, there are zero physical copies anywhere in the system, and all the digital “copies” are already “checked out”. E.g., I went looking for a copy of PKD’s Valis last week, and my options were: library audiobook (vomit), wait two weeks for a “checked out” digital copy from the library (vomit), buy from Amazon (vomit), or sail the seas.
So no, that’s a shitty substitute – and your moral high-ground has a sinkhole beneath it.
- Comment on Got my first script kiddy 2 months ago:
Absolutely not — the issue here is OP knowingly submitting false abuse reports.
Port scans of public hosts are not considered abuse per the CFAA or Amazon’s AUP without other accompanying signs of malicious intent.
Amazon may take action against egregious mass-scanning offenders per the “…to violate the security, integrity, or availability of any user, network…” verbiage, especially if they’re fingerprinting services or engaging in more sophisticated recon, but OP’s complaints are nowhere near meeting that threshold.
- Comment on WhisperX — Automated Transcripts w/ Timestamps and Speaker Tagging 2 months ago:
You should be able to get decent results from that if you pipe your tracks through demucs first to isolate the vocals.