Did you know most coyotes are illiterate?
The Ratchet & Clank CPU Limited run has some noticeable FPS dips/loss under NTSYNC that FSYNC doesn't have. It seems like NTSYNC generally trails or ties FSYNC in most other cases. I didn't watch every minute of the footage - just skipped around through some of the CPU-limited sections since I imagine that's the only part that matters. In any case, it seems like there's not much to gain from using NTSYNC yet; maybe improvements will be made to at least tie FSYNC. My rudimentary (possibly incorrect) understanding is that FSYNC is hacky and that NTSYNC is the "correct" way to do it, so if nothing else getting NTSYNC to tie FSYNC means FSYNC can be deprecated at least.
Better yet, why put yourself at the mercy of something that can enshittify in the first place? I've never understood why people get into selfhosting and then go right back to giving power over their network to a 3rd party again.
I feel like it's 50/50 if that means that Bcachefs will be ejected from the kernel or if Linus is going to stop dealing with Kent somehow. I'm just not sure if Linus would leave Bcachefs people stranded on mainline? Hopefully this is for the best in any case; I'm very interested in seeing Bcachefs succeed, but the way Kent interacts with Linus is clearly getting in the way of productivity for everyone. If Bcachefs needs to go against the kernel schedule so often then it's probably not a good fit for mainline. Also, the way Kent continues to refuse humility even after this message really shows that this will never be resolved politely.
I'm used to LanguageTool, and at a glance it seems like Harper covers way fewer rules than LanguageTool does. Not sure if this is actually noticeable in practice, but I run my own LanguageTool server and am not too picky about the performance, so I'm not in a rush to move until someone figures out a good way to compare them. LanguageTool's rules are all open source at least, so it's only a matter of time before Harper gets anything it might be missing.
As a commenter on that post says, this sort of talk is also common in the comments of Phoronix articles. The commenter says they've completely stopped supporting Phoronix since it's clear that Michael enables this behavior by not moderating it (the least he could do is disable commenting; the type of people that are in the Phoronix comments are the absolute worst). It's been festering for a very long time, unfortunately. Click any Phoronix article that's older than a day and check the negativity. Worse, click an article about a controversial topic like X11/Wayland/Systemd/bcachefs/KDE/GNOME/etc. and it's just a shitshow.
I've been seeing it to a lesser degree here as well. I don't know what it is about X11 that really riles up the conspiracy theorists.
I'm a big fan of btop, and probably a big chunk of that is that the default configuration is useful and very easy to understand. I can't be bothered to spend hours configuring a monitoring app and learning obscure keyboard shortcuts to navigate it; if I'm opening a system monitor it's because I want info, not because I want to live in it.
- JumpRemoved
Anyone playing PokeRogue?
Okay, but I did just find this game, and it's a free game that I'm pretty sure already hit mega-popularity back a year ago, so I don't know what advantage astroturfing on the tiny threadiverse would serve. I've just been having fun with it today and wanted to post about it somewhere.
I've been using this a lot lately, and it's been great after a bit of a learning curve. It even incorporates some of the functionality from the addons and userscripts that I needed for YouTube, like getting rid of clickbait titles/thumbnails and blocking specific channels. Since you never really have a tracking profile when using YouTube this way, it's very obvious when YouTube is trying to shoe-horn in political channels and clickbait, and you can just continually keep blocking those channels in the recommended section until you get all of them. I'm still missing a way to boost the volume on certain videos that are too quiet for me, though. I use LibRedirect to auto-open YouTube links in FreeTube. FreeTube has occasionally broken because of YouTube API updates, which requires them to figure out the problem and push a new FreeTube release (which could take a day or more), but other than that I'm fairly happy with it.
I'm not a security expert by any means, but here are a few things I know as a regular user:
Always keep your system up-to-date and only download and execute software from the official Arch repository if you can help it. Malware often takes advantage of outdated systems that don't have the latest security patches, so by staying as up-to-date as possible you're making yourself a very difficult target. The AUR is a user-based repository and is not inherently trusted/maintained like the official Arch repos, so be careful and always read PKGBUILDs before you use AUR software. Don't use AUR auto-updaters unless you're reading the PKGBUILD changes every time. Ideally try not to use the AUR at all if you can help it; official Arch Linux is usually quite stable, but AUR software is often responsible for a lot of the "breakages" people tend to get with Arch. If you have to run sketchy software, use a virtual machine for it, as a 0-day VM escape is almost certainly not going to happen with any sort of malware you'd run into. ClamAV or VirusTotal may also help you scan specific files that you're wary of, but I wouldn't trust that a file is clean just because it passes an AV check. Also, never run anything as root unless you have a very specific reason, and even then try to use
sudoinstead of elevating to a full root shell.Don't open up any network ports on your system unless you absolutely have to, and if you're opening an SSH port, make sure that it: isn't the default port number, requires a keyfile for login, root cannot be logged into directly, and authentication attempts are limited to a low number. If you're opening ports for other services, try to use Docker/Podman containers with minimal access to your system resources and not running in root mode. Also consider using something like CrowdSec or fail2ban for blocking bots crawling ports.
As far as finding out if you're infected, I'm not sure if there's a great way to know unless they immediately encrypt all your stuff and demand crypto. Malware could also come in the form of silent keyloggers (which you'd only find out about after you start getting your accounts hacked) or cryptocurrency miners/botnets (which probably attempt to hide their CPU/GPU usage while you're actively using your computer). At the very least, you're not likely to be hit by a sophisticated 0-day, so whatever malware you get on your computer probably wants something direct and uncomplicated from you.
Setting up a backup solution to a NAS running e.g. ZFS can help with preventing malware from pwning your important data, as a filesystem like ZFS can rollback its snapshots and just unencrypt the data again (even if it's encrypted directly on the NAS). 2FA'ing your accounts (especially important ones like email) is a good way to prevent keyloggers from being able to repeat your username+password into a service and get access. Setting up a resource monitoring daemon can probably help you find out if you're leaking resources to some kind of crypto miner, though I don't have specific recommendations as I haven't done this before.
In the case of what to do once you're pwned, IMO the only real solution is to salvage and verify your data, wipe everything down, and reinstall. There's no guarantee that the malware isn't continually hiding itself somewhere, so trying to remove it yourself is probably not going to solve anything. If you follow all the above precautions and still get pwned, I'm fairly sure the malware will be news somewhere, and security experts may already be studying the malware's behavior and giving tips on what to do as a resolution.
I haven't used Arch in a while but from this news bulletin it looks like the [Community] repository doesn't even exist anymore, which is where the OP article supposedly says
rye-initresides.That makes a lot of sense, thanks.
Ugh, that's really unfortunate. I will probably just disable voting buttons for myself if that ends up being the case.
I don't really know what's stopping someone from creating 100 alt accounts without private voting though? If the voting ID is consistent and you can take punitive action on the voting ID, it seems the same as if the person had a cleartext name. The real problem is that an instance is allowing these 100 alt accounts to sign up and manipulate votes, which I assume there are already solutions/measures for?
Don't mind me though, I'm fairly new to all this, and I'm sure everyone's thought of all these vectors before. I just hope that there is some sort of middle ground that doesn't inevitably allow mass data harvesting.
This might be the funniest possible direction for this to go. Purported savior of X11 and anti-DEI dogwhistling developer writes X11 code so bad, asked to leave commit history.
I was under the impression that it's intentionally #1 so that other instances can still track malicious voting behavior (e.g. mass-downvoting posts in a community) of an anonymous account without knowing the real identity. But yeah I'm guessing we would need some clarification somewhere on the specifics; I tried looking for documentation on how the private voting works but couldn't find any, and I didn't feel like digging in the code or hitting the API just yet.
If the voting ID is static in any way, it's still inevitably trivial to de-anonymize a user's votes, but it would at least require a more heuristic approach (e.g. finding a thread that the user is in and checking to see if they have upvoted/downvotes any comments they're replying to). As well, the instance tag (@piefed.ca for example) on the voting ID can narrow things down significantly when trying to figure out which user is voting.
I'm mainly just thinking about how these systems can be scraped for mass data collection by e.g. advertisers/big tech in the future. Upvotes and downvote behavior can really paint a detailed picture of someone when all data is combined.
I think the best would be disabling the ability to vote your own comment/post with your voting account.
Actually yeah this is pretty easily the best option. Just make it so that every post/comment is upvoted once with your real account, and leave any other votes to the private voting account. This feels so obvious that I'm guessing it already works this way.
PieFed Meta @piefed.social Thoughts about private voting
It's important to use services with a workflow that works for you; not every popular service is going to be a good fit for everyone. Find your balance between exhaustive categorization and meaningless pile of data, and make sure you're getting more out than you're putting in. If you do decide that an extensive amount of effort is worth it, make sure that the service in question is able to export your data in a data-rich format so that you won't have to do it all again if you decide to move to a different tool.
I like DuckDuckGo's Email Protection a lot, and I switched from my paid SimpleLogin account to it. DDG is free and unlimited, the aliases are human-readable, and sites rarely block them. The downside is that they're sort of hard to manage in multiple respects, but Qwacky helps a lot with the generation of them. The only way(?) to disable an alias is to receive an email through the address and then click the link at the top. There's also no dashboard to see all your aliases, but I store each DDG email alias in Bitwarden next to the relevant account; that way if I start getting spam from an address I can figure out which account is doing it by searching my vault for it. Creation of an account also requires downloading their extension or their browser I think? You can uninstall it immediately after and manage with Qwacky instead though.
It definitely feels too good to be free considering the competition, but I'd honestly be happy to start paying for it again if they start asking, and I trust DuckDuckGo to not disappear overnight and leave all my accounts fucked. I'm also guessing DDG will eventually implement a better dashboard and management tools, so I'm okay with limping along on an okay UX experience for now given the end results.
Isn't one of the problems with X that applications can log your keystrokes in other applications and record your screen? Obviously you shouldn't be installing compromised software, but who knows if Borderlands 2 now includes some malicious code in its DRM or something.
I don't like how this article is framed as if everyone else not tiptoeing around Kent is The Real Problem. He was given clear warnings and way more second chances than he deserved. He was (and still is) unable to follow the rules and control his temper, and everyone decided he's a lost cause - as is completely logical. Just because you have a cool toy doesn't mean everyone is forced to be your friend. Go play in your own sandbox until you learn to follow the rules like everyone else. Consider writing a giant apology letter and giving the Linux community the best gift of all: changed behavior.