Max_P
@Max_P@lemmy.max-p.me
- Comment on Changes to Lemmy/PieFed to adjust to living under fascism 2 hours ago:
You probably want something like Aether instead of the fediverse: getaether.net
It’s peer to peer, encrypted, anonymous, ephemeral and all that.
- Comment on Changes to Lemmy/PieFed to adjust to living under fascism 2 hours ago:
The fediverse is plainly just not appropriate for this. The ActivityPub makes too many assumptions that the data is fully public.
End-to-end encryption: Encrypt all user communications, private messages, and sensitive data
That could work probably, it’s a lot of work and will break interoperability but could be done. You’d still have to vet your users very well though, which might contradict the next point. It takes one user to leak everything.
Anonymous accounts: Allow users to create accounts without requiring personally identifiable information (PII), such as email or phone numbers. How can we balance this with the need to combat spam?
There’s a fair amount of instances already that will let you sign up with a disposable email
Tor and VPN Integration: Ensure compatibility with privacy tools like Tor, and provide guidance on using VPNs.
A fair chunk of instances already allow VPN/Tor traffic. The bigger ones don’t because of spam and CSAM and all that crap, but even Reddit is fully functional over a VPN.
Remove or minimize data collection, including IP addresses, geolocation, and device information. No web server logs.
That’d be very hard to enforce, and the instance owners have to do some collection for the sake of being able to handle lawsuits and pass the blame. But you can protect yourself using a VPN or Tor.
Ephemeral content: auto-deleting posts, messages, etc after a set period.
As an admin, I can literally just restore last month’s backup and undelete everything that got deleted. If someone’s seen it, you must assume it can at minimum have been screenshot.
Instance chooser that flags which instances are in unsafe countries.
Anyone can get a VPS in just about any country, so you’d have to personally verify the owner which is PII and probably one of the most vulnerable part of the group. You take down the owner you take down the whole thing.
Once again however users have plenty of choices already for that, if you trust your instance’s admins.
Defederate from instances in unsafe countries?
Same as previous point. Plus, one can still use the API to fetch the content anyway.
Better opsec around instance owners, admins and moderators
Also pretty hard to enforce.
You probably want something like Aether: getaether.net
- Comment on Is lemmy slow for anyone else? 2 days ago:
Lemmy is decentralized, there is no singular Lemmy as a whole unless you’re talking specifically about the server software. As a user you interact with your home instance, in your case lemmy.world.
Most connectivity problems and slowdowns are instance-specific unless you’re talking about a federation problem specifically, for example you posted but it doesn’t show up on other instances, that’s a problem between your instance and the community’s instance.
In your case you most likely just hit something on lemmy.world’s side. Lemmy as a whole is way too small for them to even care about it.
- Comment on UPS and servers : simulated sine wave good? 4 weeks ago:
Reposting my answer from the original thread. Maybe a bit rough for AskElectronics but still gets the gist.
To kind of visually see it, I found this thread of some guy that took oscilloscope captures of the output of their UPS and they’re all pseudo-sines: …anandtech.com/…/so-i-bought-an-oscilloscope.2413…
As you can see, the power isn’t very smooth at all. It’s good enough for a lot of use cases and lower end power supplies, because they just shove that into a bridge rectifier and capacitors. Higher end power supplies have tighter margins, and are also more likely to have more safety features to protect the PC so they can get into protection mode and shut off. Because bad power can mean dips in power to the system which can cause calculation errors which is very undesirable especially in on a server. It probably also messes with power factor correction circuits, which is something cheap PSUs often cheap out on but a good high quality one would have and may shut down because of it.
As you can see in those images too, it spends a significant amount of time at 0V (no power, that’s at the middle of the screen) whereas the sine waves spends an infinitely short time at 0, it goes positive and then negative immediately. All the time spent at 0, you rely on big capacitors in the PSU to hold enough charge to make it to the next burst of power. With the sine wave they’d hold just long enough (we’re going down to 12V and 5V from 120/240V input, so the amount of time normally spent at or below ±12V is actually fairly short).
It’s technically the same average power, so most devices don’t really care. It really depends on the design of the particular unit, some can deal with some really bad power inputs and manage just fine and some will get damaged over long term use. Old linear ones with an AC transformer on the input in particular can be unhappy because of magnetic field saturation and other crazy inductor shenanigans.
Pure sine UPSes are better because they’re basically the same as what comes out of the wall outlet. Line interactive ones are even better because they’re ready to take over the moment power goes out and exactly at the same spot in the sine wave so the jitter isn’t quite as bad during the transition. Double conversion is the top tier because they always run off the battery, so there’s no interruption for the connected computer at all. Losing power just means the battery isn’t being charged/kept topped off from the wall anymore so it starts discharging.
- Comment on UPS and servers : simulated sine wave good? 4 weeks ago:
To kind of visually see it, I found this thread of some guy that took oscilloscope captures of the output of their UPS and they’re all pseudo-sines: …anandtech.com/…/so-i-bought-an-oscilloscope.2413…
As you can see, the power isn’t very smooth at all. It’s good enough for a lot of use cases and lower end power supplies, because they just shove that into a bridge rectifier and capacitors. Higher end power supplies have tighter margins, and are also more likely to have more safety features to protect the PC so they can get into protection mode and shut off. Because bad power can mean dips in power to the system which can cause calculation errors which is very undesirable especially in on a server. It probably also messes with power factor correction circuits, which is something cheap PSUs often cheap out on but a good high quality one would have and may shut down because of it.
As you can see in those images too, it spends a significant amount of time at 0V (no power, that’s at the middle of the screen) whereas the sine waves spends an infinitely short time at 0, it goes positive and then negative immediately. All the time spent at 0, you rely on big capacitors in the PSU to hold enough charge to make it to the next burst of power. With the sine wave they’d hold just long enough (we’re going down to 12V and 5V from 120/240V input, so the amount of time normally spent at or below ±12V is actually fairly short).
It’s technically the same average power, so most devices don’t really care. It really depends on the design of the particular unit, some can deal with some really bad power inputs and manage just fine and some will get damaged over long term use.
Pure sine UPSes are better because they’re basically the same as what comes out of the wall outlet. Line interactive ones are even better because they’re ready to take over the moment power goes out and exactly at the same spot in the sine wave so the jitter isn’t quite as bad during the transition. Double conversion is the top tier because they always run off the battery, so there’s no interruption for the connected computer at all. Losing power just means the battery isn’t being charged/kept topped off from the wall anymore so it starts discharging.
- Comment on Single instance Lemmy? 5 weeks ago:
Latest. 0.18 is very old, over a year old, later versions dealt with a lot of scaling/performance problems.
That sounds very typical of YunoHost to have wildly outdated software
- Comment on Single instance Lemmy? 5 weeks ago:
- It seems to make a LOT of calls to other servers. Its almost constantly pinging other servers asking for updates.
The fediverse works the other way around: other instances push activities to yours. If you have a lot of subcriptions to large communities like !technology@lemmy.world it will indeed receive a lot of activities.
- It gets de-federated almost instantly from popular instances. Which kinda sucks.
Mine’s not been defederated from anywhere, not even Beehaw
- It uses up quite a bit of CPU compared to other federated applications.
It definitely uses a fair bit of CPU but it is ingesting a fair amount of data, but still not a ton either:
Although I do hear PieFed is a lot lighter.
- Subscribing to instances seems to work most of the time, but sometimes it just errors out and I have to re-do it.
That settled for me after a week or so of running mine. My subscriptions always go through.
- Comment on Beginner asking for advice on self hosting a lemmy instance 5 weeks ago:
If you look at my username you’ll see I do run my own instance so I’ve gone through the process :)
- Comment on Beginner asking for advice on self hosting a lemmy instance 5 weeks ago:
I would probably just skip the Lemmy Easy Deploy and just do a regular deployment so it doesn’t mess with your existing. Getting it running with just Docker is not that much harder and you just need to point your NGINX to it. Easy Deploy kind of assumes it’s got the whole machine for itself so it’ll try to bind on the same ports as your existing NGINX, so does the official Ansible as well.
You really just need a postgres instance, the backend, pictrs, the frontend and some NGINX glue to make it work. I recommend stealing the files from the official Ansible, as there’s a few gotchas in the NGINX config as the frontend and backend share the same host and one is just layered on top.
- Comment on Beginner asking for advice on self hosting a lemmy instance 5 weeks ago:
Hasn’t cost me a penny, hurray for unmetered bandwidth
- Comment on Docker firewall question 3 months ago:
With Docker, the internal network is just a bridge interface. The reason most firewall rules don’t apply is a combination of:
- Containers have their own namespace including network namespace, so each container have a blank iptables just for them.
- For container communication, that goes through the FORWARD table, not the INPUT/OUTPUT ones.
- Docker adds its own rules to ensure that this works as expected.
The only thing that should be affected by the host firewall is the proxy service Docker uses to listen on a port on the host and send it to the container.
When using Docker, each container acts like an independent machine, and your host gets configured to act as a router. You can firewall Docker containers, the rules just need to be in the right place to work.
- Comment on Is a filter for muting Lemmy 'power users' possible? 3 months ago:
You can block them and over time it should get better, or you can write a script that does some checks and blocks them for you.
- Comment on Telegram is exposing their users privacy. 3 months ago:
Telegram was built to protect activists and ordinary people from corrupt governments and corporations – we do not allow criminals to abuse our platform to evade justice.
So who gets to pick what’s a lawful request and criminal activity? It’s criminal in some states to seek an abortion or help with an abortion, so would they hand out the IPs of those “criminals”? Because depending on who you ask some will tell you they’re basically murderers. And that’s just one example.
Good privacy apps have nothing to hand out to any government, like Signal.
- Comment on AT&T is displeased with T-Mobile Priority, calls it out as a confusing marketing campaign 3 months ago:
Because AT&T doesn’t have confusing branding such as the whole 5Ge which is really just them catching up with 4G+ that everyone else already had but totally not to trick users into thinking they’re getting 5G
- Comment on Can I DIY water backwashing through my basement drain? 4 months ago:
I’d at least get a plumber to check it out. You could snake it yourself probably but you could also make it worse. If the pipe’s broken, you might as well just get more debris falling into it and clogging it further.
A regular plumber visit/check usually isn’t that expensive. Not cheap but far from 20k expensive.
It could also be connected to your flooding too, so you probably actually want to at least evaluate the damage ASAP. If the pipe’s broken, you just have a convenient pipe to drain all the rain water straight to your basement.
- Comment on I tried to selfhost Nextcloud at work 4 months ago:
Having the web server be able to overwrite its own app code is such a good feature for security. Very safe. Only need a path traversal exploit to backdoor
config.php! - Comment on I tried to selfhost Nextcloud at work 4 months ago:
Yep, and I’d guess there’s probably a huge component of “it must be as easy as possible” because the primary target is selfhosters that don’t really even want to learn how to set up Docker containers properly.
The AIO Docker image is an abomination. The other ones are slightly more sane but they still fundamentally mix code and data in the same folder so it’s not trivial to just replace the app.
In Docker, the auto updater should be completely neutered, it’s the wrong way to update the app.
- Comment on What are good harddrives to use with serves 4 months ago:
I’ve heard very good things about resold HGST Helium enterprise drives and can be found fairly cheap for what they are on eBay.
I’m looking for something from 4TB upwards. I think I remember that drives with very high capacity are more likely to fail sooner - is that correct?
4TB isn’t even close to “very high capacity” these days. There’s like 32TB HDDs out there, just avoid the shingled archival drives. I believe the belief about higher capacity drives is a question of maturity of the technology rather than the capacity. 4TB drives made today are much better than the very first 4TB drives we made a long time ago when they were pushing the limits of technology.
Backblaze has pretty good drive reviews as well, with real world failure rate data and all.
- Comment on OpenAI Threatening to Ban Users for Asking Strawberry About Its Reasoning 4 months ago:
OpenAI: Here’s a new model that can think in steps and reason about things!
User: How did you conclude this is the correct answer?
OpenAI: No! Not like that! banhammer
- Comment on YouTube confirms your pause screen is now fair game for ads 4 months ago:
That’s fine, the ad co struck a deal with speaker co to not bill for those sound-seconds.
- Comment on YouTube confirms your pause screen is now fair game for ads 4 months ago:
Soon: when you pause a video, it starts playing a video ad with audio, to make sure no silence time gets wasted from your speakers.
- Comment on Ethernet switch only partially working 4 months ago:
Ethernet splitter
What kind of splitter? Not a hub or switch, just a passive splitter?
Those do exist to do 4x 100M links on a single pair each, but you can’t just plug those into a router or switch and get 4 ports.
- Comment on I cannot seem to figure out how to get caddy automatic HTTPS to work behind cloud flair proxy. 4 months ago:
If you’re behind Cloudflare, don’t. Just get an origin certificate from CF, it’s a cert that CF trust between itself and your server. By using Cloudflare you’re making Cloudflare responsible for your cert.
- Comment on DuckStation Creator Considers Shutting Down Emulator Amid License Change 4 months ago:
What’s the problem with SwanStation? Forks are perfectly okay and normal with the GPL, that’s the fucking point of the GPL.
- Comment on Why is blender@lemmy.world empty when browsed from this instance? 5 months ago:
Lemmy only sync’s about one page of posts, and without the comments or votes. And only once too, so if someone comes in a month later and tries to see it, it won’t even update those old posts.
So yeah, just need someone to subscribe to it and be patient as new content rolls in naturally through federation.
- Comment on Threads deepens its ties to the open social web, aka the ‘fediverse’ | TechCrunch 5 months ago:
Only time will tell. They’ve definitely done their own share of EEE like for a while you could use Facebook Messenger over XMPP then closed it down.
- Comment on Threads deepens its ties to the open social web, aka the ‘fediverse’ | TechCrunch 5 months ago:
Definitely can appreciate the carefulness here. Imagine they just open the floodgates and now some random Mastodon instance on a $5 VPS is getting hammered with millions of activities because they followed an account with millions of followers on Threads, and now it’s federating millions of likes and thousands of posts.
Meta is trying to be a good fediverse participant here. They could just come in and crush the entire fediverse and be like “lol should have gotten beefier servers”.
- Comment on How to avoid "things going wrong" and immutable distros? 5 months ago:
If your stuff is all Docker then yeah, immutable makes sense as it makes the entire box declarative and immutable: you can get back the exact same operating Docker environment on the server, and then you can get back the exact same Docker workloads going with the Docker compose configurations.
If you ever need to run stuff you’d run on Debian, you can just shove it in a Debian container.
That said, if most of the stuff is containers, the risk of just the core Debian breaking is fairly low. Pick whatever is easiest for you to deal with based on your needs. Immutable distros have a bit of a learning curve.
- Comment on I can't find any NSFW Mastodon instances 5 months ago:
From a user’s perspective, yes, but as an instance admin that’s also a DMCA nightmare.
That’s a great example of the eternal fight between mods and users that ultimately drives admins away: users feel entitled to post that stuff, and mods have to take it down. The user is anonymous and possibly from a country with very lax laws, so they’re protected. The admins have to pay for the servers with real money and their real identity, and thus also an easy target for lawyers.
- Comment on I can't find any NSFW Mastodon instances 5 months ago:
Porn is often really high traffic, which is expensive to run. But a lot of people are weirdos too and tend to push it to the border of legality, which can be challenging for admins if your users keep posting lolis even if it’s not allowed. And they’ll scream at you “it’s not technically illegal”.
The other thing people do a lot with porn is post stuff from sketchy sources or repost paid content for free stealing from OnlyFans pages and the big porn studios. And lately, AI generated porn of non-consenting celebrities. And of course now the increasing pressure to make sure to keep minors out or heaven forbid they’re shown trans porn.
It’s expensive to store all that porn, it’s insanely expensive to distribute it, you need lawyers on standby for the firehose of DMCA reports, you need a solid team of moderators scrubbing the site as fast as possible for CSAM, or run AI tools that needs a lot of fast hardware to run at any decent speed (you need to analyze every frame of a video, for example).
It’s just expensive as fuck overall and that’s why a lot of the porn sites have the sketchiest ads ever, and that’s because you can’t run regular ads as most advertisers don’t want to be shown next to questionable content.
On the fediverse you have the added challenge that ideally, you scrub things before they get federated due to federation bugs. Or you risk being defederated which you probably will anyway as most admins just don’t want to deal with it.
