kevincox
@kevincox@lemmy.ml
https://kevincox.ca
- Comment on Welcome to the new world of risk: Microsoft cuts off services to energy company without notice 5 days ago:
Yeah, it is very important to consider how dependant you are on third parties. At the very least the more dependence the more power they have over you. But also how screwed you are if they just go under.
- If you use SaaS they can interrupt your use at any time and you can only react (for example demanding a reversal or lawsuits).
- If you host closed source software they can’t interrupt service on an existing contract but can legally require you to stop using it if they don’t renew the contract. (And if the company goes under you can likely get away with using the software as long as it doesn’t need code fixes.)
- If the software is open source you can continue using the software indefinitely including making code fixes. (Maintenance may be expensive as it is now your problem but that can be costed and an exit plan made if required.)
- Comment on 2 weeks ago:
Yeah, I finally pulled the trigger and moved to my own domain from
matrix.org
. Man, it is just so much faster. Which is sad, because the performance is pretty bad. (Element Web seems to do some per-room request as part of the initial loading screen which is obviously not scalable) but getting off ofmatrix.org
is a huge performance improvement.That being said there is nothing really wrong with
matrix.org
. The problem is really public rooms. People will join and spam. It is true of any protocol (have you heard about email?) but Matrix definitely needs to (and they are slowly working on) make it more expensive for spammers. - Comment on ATT SMTP port 25 unblocking 2 weeks ago:
Its a problem but it isn’t a major problem. I am using rspamd without any sort of exotic configuration (basically just enabling things that are provided, not my own rules) and I only get a few spam messages leaking through a week. Maybe slightly worse than GMail but not considerably slow.
IMHO the only real missing thing out of the box is contacts checking. Which is a huge thing because it is great to have reliable delivery from contacts. But my false-positive ratio is so low anyways that it isn’t a big issue and things like the
known_senders
module mostly mitigates it. - Comment on ATT SMTP port 25 unblocking 2 weeks ago:
Yes, blocking port 25 outbound is incredibly common by default. Even on some server connections. It is probably better overall for exactly the reasons that you mentioned.
Or just don’t self-host email
IMHO this is a bit overblown. Hosting inbound is fairly easy. Mail senders (probably for the worst) are very forgiving even if your TLS cert is expired you will probably get mail. Plus senders are supposed to retry for days if you have downtime.
However it is unfortunately true that due to spam sending is a huge pain because IPv4 reputation is a huge component. Sure you can get GMail to trust your domain after a month or so of sending if you have decent volume. But other providers who you may mail once a year are just going to go off of IP reputation. However email was basically designed for forwarding and you can use a service like AWS SES to forward your email from a trusted IP pretty easily. If you are low volume (like personal mail) there are tons of services that will do this for free.
- Comment on China's Robotaxi Companies Are Racing Ahead of Tesla 2 weeks ago:
But holy shit a marvel of marketing. Better be a case study in business school. They had little to no actual implementation for years and years but are still the go-to name for autonomous driving and selling subscriptions to something that doesn’t exist. Absolutely wild.
- Comment on What makes a fart dry vs wet? 2 weeks ago:
This is one of those things that must have been an absolute shit thing to discover the first time. Sure now we are ready and can prepare. But having to diagnose and improvise a solution would not be pleasant.
- Comment on Twitter founder Jack Dorsey pumps $10 million into a nonprofit to build Nostr-based social media apps 2 weeks ago:
This is the advantage of decentralization over federation. IMHO the fact that Lemmy is only federated really hurts it. Not so much for user accounts (in theory these can be backed up restored and moved. Not ideal but not awful) but in that communities are tied to servers. When the server a community is on goes away it is hugely damaging to that community.
- Comment on We need to start calling it Simulater Intelligence (SI): here's why: 2 weeks ago:
I believe that OP’s point is that “artificial” and “natural” are about how the thing is made. However neither reject that it is actual intelligence. “Simulated” means that it is not that thing. It is like intelligence, and resembles it in some ways, but it isn’t intelligence.
- Comment on What are the ramifications of letting an old domain that was used for email go back into the market? 2 weeks ago:
The owner of the domain owns DKIM. It offers no protection against that.
The only actual protection would be PGP because it provides your key as an identity rather than the domain itself.
- Comment on What are the ramifications of letting an old domain that was used for email go back into the market? 2 weeks ago:
The purchaser of that domain will be able to send and receive email from your addresses.
The biggest concerns here are probably:
- The new owner taking over accounts that use the old email (either via password reset or email or by contacting support).
- Sensitive personal information intended for you being sent to the new owner.
- Someone spearphishing people you know from your old email address.
- Comment on Say Hello to the World's Largest Hard Drive, a Massive 36TB Seagate 2 weeks ago:
And I would go so far as to say that nobody who is buying 36 TB spinners is doing offsite backups of that data.
Was this a typo? I would expect that almost everyone who is buying these is doing offsite backups. Who has this amount of data density and is ok with losing it?
Yes, they are quite possibly using tape for these backups (either directly or through some cloud service) but you still want offsite backups. Otherwise a bad fire and you lose it all.
- Comment on Say Hello to the World's Largest Hard Drive, a Massive 36TB Seagate 3 weeks ago:
aren’t striping
I think you mean “are striping”.
But even with striping you have backups right? Local redundancy is for availability, not durability.
- Comment on Say Hello to the World's Largest Hard Drive, a Massive 36TB Seagate 3 weeks ago:
I don’t think the target audience of this drive is buying one. They are trying to optimize for density and are probably buying in bulk rather than paying the $800 price tag.
- Comment on What are the privacy risks of exposing IP adresses? 3 weeks ago:
Does someone connecting to this have an IP highly correlated with your non-open network? Because if so then yes, that is fairly concerning.
- Comment on What are the privacy risks of exposing IP adresses? 3 weeks ago:
I think this is a little confused. Unless your WiFi is open someone seeing your network can’t find out what the WAN IP is.
And getting your ip can connect the people directly to your box
“Connect” is a strong word here. Yeah, they can send traffic at it. But that shouldn’t do anything.
A trace route command to this IP could return intermediate equipment of your isp, helping to pinpoint your town or even your street.
This is the most reasonable concern. Depending on your ISP and location the IP itself or packet tracing you can get a pretty good idea of the user’s location.
- Comment on "Recommended System Requirements" for buying a used PC for selfhosting 4 weeks ago:
IMHO for 2 drives you don’t want redundancy. (I assume that is what you want RAID for, mirroring?). The per-drive failure rate is so low that you are unlikely to encounter it and nothing you are running seems particularly availability sensitive. Having a bit of downtime to rebuild in the very rare case of a drive failure is fine. The extra storage space is way more valuable.
- Comment on "Recommended System Requirements" for buying a used PC for selfhosting 4 weeks ago:
lol, I assume he means 1000 Mbps aka 1 Gbps which is reasonable. Maybe even a little low as transferring files around fast is nice.
- Comment on Most Common PIN Codes 4 weeks ago:
I really want to see which ones weren’t leaked. Those are obviously the most secure.
- Comment on Delivery Driver Scammed DoorDash Of More Than $2.5 Million 2 months ago:
I’m struggling to see how this actually made money. Because presumably the customer is paying for the delivery (as well as the food that was never ordered). So the fraudsters would just be paying themselves in a complicated way. My best guess is one of the following:
- DoorDash is subsidizing orders so much that this is profitable overall (the amount they pay the driver is more than the customer pays) seems unlikely.
- DoorDash is paying the driver multiple times but only charging the customer once. But if this was the case how was this obvious accounting issue never noticed? Shouldn’t the books come out even in the end?
- Comment on Windows 11 is closing a loophole that let you skip making a Microsoft account 4 months ago:
They want to make money off of services, every service they offer requires a Microsoft account to purchase and use. Everyone that they force to make an account during setup is one step closer to paying for a Microsoft service.
There are obviously tradeoffs (less sales of these versions of windows and some users pushed away from Windows altogether among others), but the motivation is clear.
- Comment on Apple TV+ is losing $1B+ annually even as its subscriptions grew to ~45M in 2024; Apple has spent $5B+ per year on content since its 2019 debut. 4 months ago:
Just looking at the numbers, they are spending $5G and losing $1G. Their subscriptions are growing. So if they grow another 25% they are making money. (Ignoring infrastructure costs which are most likely a tiny fraction of per-user revenue.) They also just launched an Android app. So I think their story is looking pretty good. Not even considering that it raises the value of Apple TV hardware, their other devices and gives them more lock-in for customers in general that seems like a great investment they made.
- Comment on What is everyone's favoured domain name provider these days? 4 months ago:
This is what I moved to after Gandi started becoming shit and I have nothing bad to say about them yet.
- Comment on It's weird that a room with just a toilet and sink is called a "half bath", when it in fact has zero bathtubs. 4 months ago:
Technically if it doesn’t have a bathtub or shower it is called a powder room. But that phrase is rarely used. (Mostly because 90% of the time when we say bathroom we mean toilet.)
- Comment on Can I still consider myself a “young woman” after I turn 24? I turn 24 in March (next month). 5 months ago:
You can consider yourself whatever you want for however long you want.
If you feel young and people thing you are weird for saying so that is their problem. Young is a feeling not a number.
- Comment on Which reverse proxy do you use/recommend? 5 months ago:
I’ve been using nginx forever. It works, I can do almost everything I want, even if more complex things sometimes require some contortions. I’m not sure I would pick it again if starting from scratch, but I have no problems that are worth switching for.
- Comment on What can I actually do with 64 GB or RAM? 5 months ago:
IIUC it isn’t censored per se. Not like the web service that will retract a “bad” response. But the training data is heavily biased. And there may be some explicit training towards refusing answers to those questions.
- Comment on My favourite colour is Chuck Norris red - HTMHell 5 months ago:
Why fail when you can just do the wrong thing “successfully”?
- Comment on "Building a Safer Matrix" - an update from The Matrix.org Foundation about "Trust & Safety", content moderation, and their evolving anti-abuse efforts 5 months ago:
It is mostly about giving users tools to do moderation. So managers of communities can effectively apply policies and make it easy for people to share moderation decisions so that the work can be shared among communities that trust each other’s moderation decisions.
- Comment on Bringing Quote Posts to Mastodon 5 months ago:
I’m very exited for this. Just boosting a post always seems so impersonal and out of context. I almost always want to add my own message to my followers. I regularly decide not to boost because of this. I would do it a lot more if I can add my own message/context.
- Comment on Prioritizing de-clouding efforts 5 months ago:
#1 items should be backups. (Well maybe #2 so that you have something to back up, but don’t delete the source data until the backups are running.)
You need offsite backups, and ideally multiple locations.