2xsaiko

@2xsaiko@discuss.tchncs.de

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Best way to get IPv4 connectivity to my self-hosted services⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Hm, okay, that does sound like the real client IP will get lost and every connection will appear to come from the proxy then. It would be good if that were passed somehow. My current setup adds the X-Forwarded-For header for example.
⁨Comment⁩ on ⁨Best way to get IPv4 connectivity to my self-hosted services⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Oh interesting, I’ll have to look into that. Is this with that “proxy protocol” I’ve seen mentioned? If not, does this preserve it pass through the client socket address?
⁨Comment⁩ on ⁨Best way to get IPv4 connectivity to my self-hosted services⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Tbf, technically data is still decrypted at the reverse proxy and then re-encrypted. So if someone manages to reconfigure the proxy or read its memory somehow they could read traffic in plain text.

However then since they have to control the VPS, they could also get a new cert for that domain (at least the way I’ve configured it) even if it was passed as is to the real host via a tunnel and read the plaintext data that way, so I don’t think a tunnel protects against anything.
⁨Comment⁩ on ⁨Best way to get IPv4 connectivity to my self-hosted services⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
If someone manages to get root (!) access on this VPS it’s over either way.
⁨Comment⁩ on ⁨Best way to get IPv4 connectivity to my self-hosted services⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Yes, you can just use a reverse proxy for IPv4 only and point it to the IPv6 upstream. That is what I do, with a separate DNS record which then combines the two. See the DNS records for id.knifepoint.net (CNAME), http.vineta.knifepoint.net (AAAA, A) and vineta.knifepoint.net (AAAA).
⁨Comment⁩ on ⁨Of course you had to have a binder to store them⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I’ve started doing this recently. It’s fun, I’m also scanning the album covers and manually typing in the lyrics from the booklet in the CD in addition to all the other track metadata haha
⁨Comment⁩ on ⁨What are the benefits of a server having multiple public IP addresses?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Two different rDNS names, for stuff that uses it. For example if you want to run mail and an IRC bouncer under different domain names.
⁨Comment⁩ on ⁨Let my Duolingo streak expire cos I don't want to give them any more AI training for free and this popped up 🙄⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
One notification like this and your app immediately gets notification permission revoked on my phone (if not uninstalled).
⁨Comment⁩ on ⁨FBI Wants Access To Encrypted iPhone And Android Data—So Does Europe⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I guess it was wishful thinking that the FBI just learnt their lesson regarding encryption with the Chinese phone line hack. Bastards
⁨Comment⁩ on ⁨Microsoft wants Windows Update to handle all apps⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Is that Outlook or Outlook (New)?
⁨Comment⁩ on ⁨Self hosting email, FLOSS, Python ...⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Tbh I haven’t had too many problems with Postfix – however it is certainly a footgun and it would be nice to have fewer parts to connect together, and better defaults. I might try it out, it looks interesting.
⁨Comment⁩ on ⁨Self hosting email, FLOSS, Python ...⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
From its web page it sounds like it is both a MTA and MDA, has a built-in spam filter, plus has calendar, contacts and file storage. Do you know how it compares to my current setup of Postfix, Dovecot, and rspamd (and Nextcloud for the others)?
⁨Comment⁩ on ⁨After a lengthy legal battle and billion-dollar loss, 'Fortnite' is back on iOS⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:

But look at the typical apple user. Do you think they’re going to be happy without the apple experience?

The Apple experience = locked down devices? If people (and Apple) stopped fearmongering about “security” or whatever, yeah they would, or at worst they wouldn’t care. I’d certainly welcome being able to publish apps on my terms, and being able to install what I want.

Some things are for you, other things are NOT for you. Letting both exist is an option.

That’s exactly the point. You don’t have to use the parts of a theoretical more open ecosystem if you don’t want to, you can keep using exclusively the official Apple stuff. But it creates more choice for the user if it exists.
⁨Comment⁩ on ⁨Can you read and understand this passage?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Sure. It paints a very vivid picture, I love it.

Never read anything by Dickens before except for A Christmas Carol (and that was for school) but this is now on my reading list :^)
⁨Comment⁩ on ⁨Chat is this real⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
I asked Gemini and it said “A reddit user wrote, ‘Kill yourself.’” Sounds like a yes for me too!
⁨Comment⁩ on ⁨The Source⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
“can you feel your heart burning? can you feel the struggle within? the fear within me is beyond anything your soul can make. you cannot kill me in a way that matters”
⁨Comment⁩ on ⁨Rest in peace⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Holy shit. I need to start saying this
⁨Comment⁩ on ⁨Europe Plans to Ban Monero by 2027⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
No. I don’t use it myself but this fucking sucks.
⁨Comment⁩ on ⁨Mark Zuckerberg Thinks You Don't Have Enough Friends and His Chatbots Are the Answer⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
I don’t know Mark, I might not, but at least I have good friends. Can you say the same for yourself?
⁨Comment⁩ on ⁨Free open source video editor Kdenlive announces a major release⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Kdenlive is excellent. Probably top of the line in terms of features when it comes to FOSS and just works unlike the probably-better-in-theory freeware alternative on Linux, DaVinci Resolve.

I recently tried iMovie on the Mac to see how it is, just wanted to cut a clip out of a YouTube video I downloaded, and while its interface is much more well integrated, it completely froze during import of the video (I think it tried to transcode it in the background and ended up swapping hard because believe it or not Apple, there actually are workloads you need a lot of RAM for). Kdenlive didn’t struggle at all on the same machine.
⁨Comment⁩ on ⁨Is it possible to set what DNS server cloudflare tunnels uses when resolving local ips?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
It sounds like you need a split DNS setup. systemd-resolved can do this for example. As soon as you need any sort of slightly more complex DNS setup using just resolv.conf isn’t going to cut it.
⁨Comment⁩ on ⁨Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. - Ars Technica⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Oh, so that’s what that’s for. I’ve seen it before but never got the reason for it, but combined with this it makes sense. The name is very unfortunate though.

Now, the question is, will the cached RDP password update when you log in with the PIN :)
⁨Comment⁩ on ⁨All four major web browsers are about to lose 80% of their funding | by Dan Fabulich | Apr, 2025⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
If only this could lead to scaling down the scope of web technologies so it’s sustainable to develop a browser without that 80% funding.

Wouldn’t be the first time we dropped an ultra complex technology for something much more simple, e.g. DCOM/CORBA for JSON-based RPC.
⁨Comment⁩ on ⁨Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. - Ars Technica⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Their stated reasoning here sounds bullshit and I’m sure the actual reason is a technical one, where they’re trying to retrofit the MS accounts login system to a protocol that wasn’t designed for it and for some reason are refusing to extend the RDP protocol to support the new auth mechanism. SMB network shares probably have the same issue I’d assume.

I’m sure AD domains don’t have this problem since it uses Kerberos, otherwise this would have been a problem already decades ago.

Using the password for a public account for local login is a disaster anyway, they should have done it like Apple and kept the local login password separate from the MS account login. I have never used a MS account for local login but it sounds to me like it just leads to people using insecure passwords for publicly reachable accounts because they don’t want to type a long password every time logging into their computer.
⁨Comment⁩ on ⁨Oblivion Remastered troubleshooting⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Pretty much only games that were made pre-permission restrictions on Program Files because they try to write to the install folder. I think that was added around XP/Vista. Anything remotely recent shouldn’t have this problem (especially if it’s the default install directory).
⁨Comment⁩ on ⁨Ok, thanks...⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Absolutely, I hate this shit. It feels incredibly fake and overbearing if it’s an automatic/“broadcast” message.

Sometimes it’s designed so that it’s actively dangerous too. I said “Siri, kill me” to my phone and it started calling emergency services. Are they trying to get people fined for abuse?
⁨Comment⁩ on ⁨Why do Americanized names of places etc exist?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
It really doesn’t hurt to know a bit of the IPA, at least the characters for your own language… I see so many horrible phonetic “transcription” “systems” people use when describing how to pronounce a word, it’s crazy
⁨Comment⁩ on ⁨Why do Americanized names of places etc exist?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Since you mentioned Chinese, there’s also an interesting thing in languages that have Chinese characters as their writing system origin and use names based on it (Chinese languages of course, Japanese, Korean and I think also Vietnamese) where names of historical or important people are translated via their written form and not their pronunciation. For example, the Japanese prime minister Ishiba Shigeru 石破茂 is called 石破茂 (shí pò mào) in Mandarin, written with the same characters. (Been a while since I read about this so I forgot the examples where the name is pronounced significantly different and in all of these languages but this is a good enough example)
⁨Comment⁩ on ⁨conduwuit, “featureful fork of conduit” (Rust Matrix homeserver), is discontinued⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Ah okay, so you know some behind the scenes info or at least more than just this. My bad, but tbh you should have lead with that because initially I thought you completely misread what the text was saying because I pretty clearly read the queer mentions as “this is not just transphobic attacks by bigots” (see my other comment). Sorry!
⁨Comment⁩ on ⁨Spit Balling A Work Around For Blocked Email Port⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
There isn’t really, you can probably use sendmail as well. Postfix is just the MTA I’m used to and know can do all of this.

From what I’ve heard about sendmail’s config file, I personally wouldn’t want to use it specifically though…