Skip Navigation
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)ST
sugar_in_your_tea @sh.itjust.works

Mama told me not to come.

She said, that ain't the way to have fun.

Posts 47
Comments 6.9K
Mozilla restores Firefox add-ons banned in Russia
  • Sure, but you have to weigh the pros and cons. This request seems benign enough that Mozilla shouldn't be limited in delivering on its mission in Russia by following it, but they would certainly would be limited if they're completely blocked.

    If Russia asks Mozilla to do something that compromises their core mission, that's the time to refuse.

  • Elon Musk condemns the use of electronic voting machines (EVMs) used in general elections in some countries.
  • I don't know, that's certainly pretty sus. Here's an article I found about it for a House seat, which Kemp oversaw but was not running in.

    The server in question, which served as a statewide staging location for key election-related data, made national headlines in June after a security expert disclosed a gaping security hole that wasn't fixed six months after he reported it to election authorities.

    ...

    The plaintiffs were counting on an independent security review of the Kennesaw server, which held electronic poll book data and ballot definitions for counties, to demonstrate the system's unreliability.

    It looks like the lawsuit is finally being heard in court as of earlier this year.

    I haven't read a ton about it, but it sounds like there are legitimate concerns (at least about the original system), but the issues are theoretical. I read it as a smear lawsuit intended to cast doubt on the election process, similar to what Trump did when he challenged the election.

    I'm interested in seeing the outcome of the lawsuit, but I'm guessing there will be no evidence of vote tampering, just like with a Trump's suits. I hope evidence is still accessible but we won't know until the lawsuit concludes.

  • Here's what's happening to ad blockers in Google Chrome (and other browsers)
  • Firefox auto-updates with the snap version, whereas it doesn't with most package manager versions. So if it updates while you're using it, it won't let you open new tabs without restarting it (Firefox, not the machine), which can interrupt your workflow. On other distros, that only happens when installing updates manually, which isn't an issue because you're aware of it.

    This is second hand info though since I don't use Ubuntu, so YMMV.

  • DJI drone ban passes in U.S. House — 'Countering CCP Drones Act' would ban all DJI sales in U.S. if passed in Senate
  • That's the thing, we don't know. In the case where they were caught, it was to compromise SuperMicro servers in data centers for remote access.

    I don't know why they're so interested in controlling the drone market. Maybe it's as simple as securing manufacturing jobs for their people, but maybe it's part of their spy program.

    I don't think we should panic ban them, but we should make sure alternatives are viable so if we find a serious issue, we have a backup plan.

  • ASUS warns of critical remote authentication bypass on 7 routers
  • Another friendly reminder, enterprise-grade routers like Mikrotik are fantastic. They don't have wifi builtin, so you may never need to upgrade it if you get fast enough uplink (mine is gigabit, so should be fine). You'll need a separate AP (I got Ubiquiti). They're way more feature complete than nonsense like these from ASUS, and they generally have more secure firmware.

  • ASUS warns of critical remote authentication bypass on 7 routers
  • Yup, I did that last week and it's pretty easy. Basically:

    1. Set up a VPS and configure wireguard
    2. Set up your computer to connect to it (or your router if you literally only want remote admin); you'll probably want to configure persistent connections
    3. Set up your phone to connect to it
    4. Test it at work sometime to make sure it all works

    I do it in two hops: connect to VPS then to internal computer. There are other configurations (e.g. talk to peer computers directly), but this works well for me.

  • Takeaways from new poll: 3rd parties gain, Biden struggles, Trump fails to gain ground with Black voters
  • The President is a diplomat and our head of state, and he should be negotiating with other countries to maintain or create peace. He basically just said, "Israel, you're being naughty," and that's about it. He could and should be doing a lot more to convince Israel to agree to a ceasefire and a path toward an end to hostilities. Meet with regional leaders to discuss options.

    But no, he wags his finger and that's it.

    I voted for Biden last election for two reasons:

    • he wasn't Trump
    • he promised to get out of Afghanistan

    He delivered. Now I expect a bit more, and his actions have been... disappointing. Trump is still worse, but I'm not in a swing state, so I'll be voting third party this year.

  • DJI drone ban passes in U.S. House — 'Countering CCP Drones Act' would ban all DJI sales in U.S. if passed in Senate
  • Sure, but it doesn't need to happen here. If we get into a WW3 situation, we need to be able to protect our supply lines, and that can happen with friendly countries. We're unlikely to get into a situation where our navy is outmatched, so I don't think it's totally urgent to bring production back here.

    That said, we do have a lot of critical manufacturing capacity. Intel has chip fabs, we produce lots of oil, we build cars, etc. We import a lot more than we used to, but we could probably make it through a major war with only domestic production, provided it doesn't drag on too long until we can reestablish supply lines.

    I'll only get worried when China catches up in tech. That's certainly happening faster than I'd like, but I don't think China is ready to compete head to head on tech just yet. If they're at parity, that's when we need to worry about domestic production. Ideally we can improve diplomatic ties by then.

  • The US healthcare system is broken...
  • without public option private buisness is race to the bottom in terms of quality

    Agreed. I've seen examples of that with charter schools (privately run, but funded with tax dollars). With a good mix of charter and public schools, charter schools tend to do a bit better and specialize, but if public schools go away, charter schools become crappy.

    I'm a huge fan of public mass transit as a backbone and private transit to fill in the gaps.

    So the idea has merit, I just don't know how that mix should work for medicine where competition can be less realistic. Perhaps it should be like transit, public services for emergencies, and private services for scheduled services. Idk, I'm not a policy expert, but there needs to be a middleground between queues for care and massive medical bills for small procedures.

    does it go up every year?

    The 1.5% tax stays constant and subsidizes retirees' public insurance (and very poor people, or those with specific conditions).

    The rest is just what I approximate based on my income and my employer's selected plan. The plan is kinda crappy (1 free checkup and covered preventative care; deductible for everything else with ~$15k max paid by the individual in a given year). I'm pretty healthy, so I get an extra discount, but the amount is fixed and uncorrelated with income. So for someone making much less, it'll be a higher percentage of income.

    Most years we spend near-$0 out of pocket (except maybe $20-30 for medicine), but we've spent ~$10k per kid when they were born. I didn't factor that in, I just counted the premiums, which are about 3% of each paycheck.

  • Mozilla Welcomes Anonym: Privacy Preserving Digital Advertising
  • That's certainly true from Google's or Meta's perspective, but it wasn't always that way.

    I get ads in my mailbox that are completely irrelevant to me, like Medicare ads (probably for the previous owner). As a kid, I watched lots of ads on TV that definitely weren't applicable to me (e.g. cutco knives, when I wasn't old enough to use a knife). I see billboards on my way to work for debt relief (not in any debt, aside from mortgage) and addiction recovery (no addictions here). Companies pay quite a bit for those ads even if they won't be relevant for most people because of the sheer reach of those ads.

    I'm proposing a middleground. Ad companies don't get as accurate of targeting for ads, but in exchange they get seen by people who would otherwise block them.

  • Trump world reportedly flirts with a return to mandatory military service.
  • Yes, it's the mandate in general.

    taxes

    Yes, to an extent. I find capitation/poll taxes especially unethical because they're unavoidable.

    But most are avoidable, or at least structured in a way that targets heavier users of services (esp. vehicle and gas taxes). In a sense, I'm consenting to the tax by participating in the taxed activity, like income tax for earning income, or sales tax for buying/selling stuff, so it's not as bad as a completely non-voluntary tax. I find some taxes more distasteful than others, and the reasoning comes down to how reasonable avoidance is (e.g. income tax is impractical to avoid because even income from illegal activity is taxable).

    That said, taxes are vastly preferable to forced labor because I can choose how to earn money to pay the tax, so my liberty is in-tact. Forced labor limits my basic freedoms, and to me that is unacceptable without consent. Being "military" makes it worse because they could theoretically be forced to fight, but any form of forced labor is unethical in my mind (including prison labor, unless it's voluntary).

    Is mandatory schooling unethical?

    Mandatory public schooling is unethical. If parents can choose how their child is educated (home school, private school, etc) and the children only need to pass certain tests to prove proficiency, then I'm fine with it. But forcing someone to be in a classroom all day is unethical. Requirements are fine, but people need to be free in how they meet them.

    I feel the same way about forced vaccinations, mask mandates, etc. I'm fine with vaccinations or masks being required for certain voluntary activities (e.g. attending a concert), but I'm absolutely against it for required activities (e.g. if you force children to attend public school, they cannot be forced to wear a mask or be vaccinated).

    To be clear, my whole family is fully vaccinated (we all love vaccines), and we all wore masks in public and often in private, even when not required, when COVID-19 recommendations were in place. We think both are absolutely great ideas. But my state never had any form of vaccine or mask mandates for the general public (certain health personnel did have requirements IIRC), and kids were allowed to return to school or do remote learning in fall 2020 (schools were closed in March 2020 until the end of the school year until better data was available). I think that was the right call. The only times I showed my vax card were for boosters and crossing the border to Canada.

    That's my take. In a free society, everything should be voluntary.

  • SpaceX's Starlink May Be Keeping the Ozone From Healing, Research Finds
  • Why not both? I kinda want Starlink for road trips and camping. As in, pull into a national park, set up camp, do normal Internet things, then go hike the park the next day or whatever. I could even work from a national park if I really wanted to, which would be really cool.

  • SpaceX's Starlink May Be Keeping the Ozone From Healing, Research Finds
  • That's what my city is basically doing. They're contracting with a local installer to lay cable, then selling service on that network. No money is being awarded, in fact the contract states that they get paid with part of the subscription fee, so they are motivated to get people connected quickly so they can start collecting. The city owns the network and ISPs compete over customers on that network. They claim it'll take 2 years for everyone to be connected, which is pretty quick (but the proof is in the pudding).

    Seems like a decent system to me. We're being promised 10gbps available, but pricing details aren't finalized yet (and my router only handles 1gbps anyway, and I'm too lazy and cheap to upgrade everything).

    AFAIK, this plan was in the works before the infrastructure bill was passed, so I don't think we're taking money from that, but I could be wrong.

  • Google, Cloudflare & Cisco Will Poison DNS to Stop Piracy Block Circumvention * TorrentFreak
  • Interesting. Boot times aren't an issue at all for me on my NAS because it's running on an old desktop processor and has plenty of performance. Both boot in <30s, and I leave them both on 24/7.

    I tend to upgrade all my servers around the same time (RPi, NAS, VPS), and my laptop and desktop get updates about every week or two. I don't like leaving systems unpatched, so I stay on top of it. I haven't needed to swap HDDs in the 6-ish years I've had my NAS configured, so I guess it's not an issue I've run into. I'd probably just schedule it when I do a router firmware update (I run a Mikrotik router), which I do every few months as well, since that way everyone expects a little downtime.

  • Adobe's Employees Are Just As Upset at the Company As Its Users: Report
  • You're right! I didn't realize individual workers and informal unions had a right to strike.

    But their protections are a lot more limited than public unions, like the teachers or police unions. If you're striking for better pay or conditions, it seems you can be replaced and, depending on circumstances, fired without legal repercussions, whereas if it's for unfair labor practices, you have more protections.

    But you do have a lot more legal protections than I thought, so that's good to know.

  • m.youtube.com What does the Libertarian candidate really believe? | Chase Oliver | Just Asking Questions, Ep. 25

    The L.P. presidential candidate clarifies his views, amid criticisms that he is too "woke."SubscribeYouTube: http://youtube.com/reasontvApple: https://podcas...

    What does the Libertarian candidate really believe? | Chase Oliver | Just Asking Questions, Ep. 25

    This interview mostly goes over social policy, so I hope there's a follow-up with fiscal policy as well.

    Here's an AI-generated transcript, which has some mistakes but hopefully is helpful. I tried copying it here, but it was too long.

    Some interesting tidbits I liked:

    • Liz challenged Chase on gender affirming care - his response was "no to surgery before 18, yes to medication if parents and doctors agree"
    • open borders - wants an "Ellis Island"-style system where you register and then get to work, while still maintaining a strong police presence to keep out criminals
    • courting those on the right of the LP - wants to work together on common causes, but will disagree on social issues
    • vaccine mandates - no mandates from the government, but private businesses absolutely can; he thinks businesses requiring masks/vaccines is stupid because it limits customers

    The whole discussion was pretty interesting, and I think it's interesting that Liz Wolfe came out as more conservative than Zach (apparently, Zach rarely discusses personal opinions).

    So far I'm pretty happy with Chase as the candidate because:

    • he's pretty well-spoken - reminds me a bit of Gary Johnson with less "aloof"-ness
    • he appears confident and seems to do a good job justifying his positions on core libertarian principles
    • very different from both Trump and Biden, so he should contrast well
    • going after young voters - he's young, and he's highlighting issues that young people seem to care about, so I'm hopeful that'll resonate with young voters

    I certainly disagree with him on some issues, but I think he'll be a good voice for the party. I would like to see more discussion on economic policy though.

    Anyway, what are your thoughts? Are you excited for a Chase Oliver campaign, or do you think the Libertarian Party should have made a different choice?

    6

    IRS opening free online tax filing program to all states

    This is exciting for me because:

    • I model ny taxes in my spreadsheet anyway, so I'm likely to notice a mistake
    • I usually use FreeTaxUSA to file for free, and this means there's one less party to share my personal information with
    • my state's taxes are pretty simple, so I don't need state-specific tax software

    I hope this helps simplify things for some people and save a bit of money as well. I'm going to try it out next year.

    Do any of you estimate your taxes? Are you interested in trying out this service?

    1
    news.opensuse.org Aeon Desktop Brings New Features in RC2 Release

    Contributors developing the Aeon Desktop are happy to announce a major milestone with the launch of Release Candidate 2 (RC2) images. Within the last 24 hour...

    Aeon Desktop Brings New Features in RC2 Release

    Looks like most of the improvements have nothing to do with GNOME, so they should also probably impact Kalpa (the KDE MicroOS distro).

    I'm particularly interested in these developments because I'm going to upgrade the CPU on my NAS (old Phenom II -> Ryzen 1700), and I'm considering reinstalling w/ MicroOS. It's currently running on an old SATA SSD, but NVMe drives are getting so cheap that it's probably worth an upgrade.

    6
    reason.com Chase Oliver Is the Libertarian Party's Presidential Pick Chase Oliver is the Libertarian Party's Presidential pick

    Chase Oliver of Georgia won the Libertarian Party's presidential nomination in dramatic fashion on Sunday night.

    Chase Oliver Is the Libertarian Party's Presidential Pick Chase Oliver is the Libertarian Party's Presidential pick

    > Oliver's victory on Sunday night was a blow to the Mises Caucus, the right-leaning faction that took control of the Libertarian Party at the 2022 convention and that had orchestrated Trump's appearance at the convention. That faction's preferred candidate was Rectenwald.

    I'm not a fan of the Mises Caucus, so I think this is hilarious.

    > There was widespread media attention in recent weeks fixated on whether the Libertarian Party would nominate a prominent non-Libertarian like Kennedy or even Trump. > > Neither got anywhere close to winning. Kennedy was eliminated after the first round of balloting, while Trump did not even qualify for the first round and received just six write-in votes.

    Good on you LP.

    Now, I know next to nothing about Chase Oliver, but being gay and young will certainly set him apart from the old men he's competing against. I hope he'll get a good amount of media attention to spread the libertarian message.

    Anyway, what are your thoughts? Did the convention make the right call? Would one of the other candidates have been better? Would you prefer no candidate?

    6
    news.opensuse.org OpenVINO Arrives in openSUSE Releases

    While focused on the openSUSE Innovator initiative as an openSUSE member and Intel Innovator, it was frustrating for me to see that openVINO did not have sup...

    OpenVINO Arrives in openSUSE Releases

    From the website:

    > OpenVINO is an open-source toolkit for optimizing and deploying deep learning models from cloud to edge. It accelerates deep learning inference across various use cases, such as generative AI, video, audio, and language with models from popular frameworks like PyTorch, TensorFlow, ONNX, and more. Convert and optimize models, and deploy across a mix of Intel® hardware and environments, on-premises and on-device, in the browser or in the cloud.

    0

    Average Retirement Savings Balance by Age

    Here are just the number for all of you degenerates who just want some milestones for your spreadsheets.

    Average total retirement savings by age:

    • <35 - $49,130
    • 35-44 - $141,520
    • 45-54 - $313,220
    • 55-64 - $537,560
    • 65-74 - $609,230
    • >=75 - $462,410

    Average 401k balance by age:

    • <25 - $5,236
    • 25-34 - $30,017
    • 35-44 - $76,354
    • 45-54 - $142,069
    • 55-64 - $207,874
    • 65 and older - $232,710

    And retirement savings targets from various advisors:

    Fidelity:

    • 1x by 30
    • 3x by 40
    • 6x by 50
    • 8x by 60
    • 10x by 67

    Rowley:

    • 1x by 35
    • 5x by 50
    • 7x by 70

    Anyway, do you like metrics like these?

    9
    news.opensuse.org openSUSE Asia Summit Set for Tokyo

    openSUSE.Asia Summit will come back to Tokyo, Japan The openSUSE Project is exciting to announce that openSUSE.Asia Summit 2024 is going to be held in Tokyo,...

    openSUSE Asia Summit Set for Tokyo

    Important dates:

    • expected summit date is Nov. 2 and 3 soon after Open Source Summit Japan
    • call for speakers is going to end around the end of July

    There will be another announcement in a couple weeks.

    0
    news.opensuse.org Planned outage of Weblate on May 14th

    The openSUSE will undergo a critical update with the migration of Weblate to a hosted solution. Shifting to a hosted solution for the web-based localization ...

    Planned outage of Weblate on May 14th
    0

    May 10, 2024 (text in body)

    > For crying out loud, Jonah! Three days late, covered with slime, and smelling like fish! … And what story have I got to swallow this time?

    5

    May 10 2024 (text in body)

    > You know what I’m sayin’? … Me, for example. I couldn’t work in some stuffy little office. … The outdoors just calls to me.

    3

    May 10 2024 (text in body)

    > Look! Look, gentlemen! Purple mountains! Spacious skies! Fruited plains! … Is someone writing this down?

    9

    May 10 2024 (text in body)

    > Sure, I’m a creature—and I can accept that … but lately it seems I’ve been turning into a miserable creature.

    2
    news.opensuse.org Try Cockpit in Leap Release Candidate

    openSUSE Leap 15.6 exited Beta and entered its Release Candidate phase with build 669.1 last week. You can get Leap 15.6 RC install images from get.opensuse....

    Try Cockpit in Leap Release Candidate

    Looks like Leap 15.6 will ship with Cockpit, which looks pretty cool.

    I just set up a new VPS w/ Leap 15.5, so I'm thinking about giving this a try. I'm not a fan of YaST on the CLI, and I'm not going to install a GUI on my VPS, so being able to just SSH tunnel to the admin panel sounds really nice.

    Has anyone tried Cockpit (project link for the lazy)? It seems like it can manage most popular distros, so that's a pretty big value prop over YaST, which is pretty much only for SUSE. It looks like it's a RedHat project, but it's cool that openSUSE is pulling it in for 15.6.

    0
    news.opensuse.org openSUSE Factory enabled bit-by-bit reproducible builds

    In March, the configuration for building openSUSE Factory was changed to be bit-by-bit reproducible (except for the embedded signature). Following this, the ...

    openSUSE Factory enabled bit-by-bit reproducible builds
    0

    Monthly Recommendations Thread: What are you playing?

    It has been a while since the last one. So...

    Tell us what game you are currently, or recently played, greater than 6+ months old.

    If the game happens to be on sale, a link would be a plus.

    127

    I'm working on a P2P Reddit/Lemmy alternative using Iroh. Any interest? Thoughts?

    lemmy.world Anyone interested in discussing a Lemmy/Reddit alternative? - Lemmy.World

    This is still very much early-days, but I’m thinking about building a distributed link aggregator. Some notes: - no servers (all P2P) except to connect peers - no “instances” so everything is in one namespace (so like reddit /r/community, not lemmy instance/c/community) - everyone is a moderator - m...

    The link goes to a related post on another community so I don't have to duplicate it here.

    Basically, I'd like to discuss tech options for a Reddit/Lemmy alternative. Here's what I've found:

    • Iroh - early days alternative to IPFS promising improved performance and application control
    • Appleseed - old-ish proposal for a distributed trust system - I'm thinking of using it for moderation (i.e. if you block/report similarly to someone else, that will get automated; you could also explicitly trust someone else [e.g. a CP-detector bot])
    • TrustNet - builds on Appleseed - still reading through the paper to know what it adds over Appleseed, if anything

    Goals:

    • distributed storage - worried the fediverse will scale poorly (become too expensive)
    • distributed moderation - power-hungry mods suck
    • local-first - cache/host stuff you care about, reserve some space for preservation

    Non-goals:

    • make money - it's a hobby for now, everything would be FOSS
    • image/video hosting - legal issues if you get random CP or something
    • preserve all data - I'd rather sacrifice older/less popular content than lose users - community can run caching servers
    • fediverse compat - P2P makes that difficult, but a bridge should be feasible

    Thoughts? What am I missing?

    Also, would anyone like me to post updates? It'll mostly be stuff from my research, if I post code, it won't be for a while (I have limited time).

    0

    Anyone interested in discussing a Lemmy/Reddit alternative?

    This is still very much early-days, but I'm thinking about building a distributed link aggregator. Some notes:

    • no servers (all P2P) except to connect peers
    • no "instances" so everything is in one namespace (so like reddit /r/community, not lemmy instance/c/community)
    • everyone is a moderator - moderation based on a web of trust type system
    • desktop first, mobile/web later - web would require servers, mobile may have platform-specific issues
    • no plans to integrate with fediverse, but could be possible
    • initial intent is to be text-only - file storage could be supported later in an opt-in basis (for now, just link to an external img host), but I'm worried about disk storage since there's no central data lake and everyone needs to chip in some storage space

    Some technical details:

    • written in Rust and ReactJS - Tauri-based
    • uses Iroh for data synchronization
    • looking into Appleseed and maybe TrustNet for moderation

    Current status:

    • rewrote Appleseed and part of TrustNet to Rust for perf testing last weekend (Rust is waaay faster) - will probably rewrite again once I finish reading the paper (current code is a direct port)
    • have basic Tauri+Iroh app, but it's a glorified chat app w/ no syncing between peers (a peer can join a chat, but will lose access if the host goes down)
    • reading source code for SimpleX (re-learning Haskell too) - could be interesting for DMs or something

    I'm not sure how long I'll work on this, but I'll probably release some libraries under a relatively liberal license, so something like LGPL at the most stringent, but probably Apache/MIT (depends on if I need to clean-room the appleseed implementation).

    So, if there's interest here, I'm happy to post updates for discussion periodically.

    12

    Should there be a right to digital privacy?

    I'm thinking something along the lines of the GDPR where companies must get consent to track you, and must delete your data upon request.

    I see a few arguments here:

    • yes, websites are like stores and have the obligations of a store to protect user data (IP address, HTTP headers, etc)
    • no because the internet is "the commons," so no expectation of privacy (no expectation that the website follows your local laws)
    • no because you're voluntarily providing the data, but you're well within your rights to block tracking attempts

    So, some questions to spark discussion:

    • does data collection violate the NAP?
    • does sale of personal data (without a TOS in place) violate the NAP?
    • if no to each of the above, is it worth violating the NAP to enforce a right to digital privacy?
    8

    Are hardware security keys worth it? If so, which to pick?

    This isn't strictly a privacy question as a security one, so I'm asking this in the context of individuals, not organizations.

    I currently use OTP 2FA everywhere I can, though some services I use support hardware security keys like the Yubikey. Getting a hardware key may be slightly more convenient since I wouldn't need to type anything in but could just press a button, but there's added risk with losing the key (I can easily backup OTP configs).

    Do any of you use hardware security keys? If so, do you have a good argument in favor or against specific keys? (e.g. Yubikey, Nitrokey, etc)

    82