GoDaddy really lived up to its bad reputation and recently changed their API rules. The rules are simple: either you own 10 (or 50) domains, you pay $20/month, or you don’t get the API. I personally didn’t get any communication, and this broke my DDNS setup. I am clearly not the only one judging from what I found online. A...
It’s reasonably priced. I was in the same boat with the Google domains shutdown. As long as you aren’t a heavy user, it has lots of cool features. But if you get their attention they’ve been known to fleece the crap out of small businesses that were using their free services. Most of my stuff is self hosted applications to move myself off of Google services, so my traffic is minimal.
My certificates are in /etc/letsencrypt/live/example.com/, and when I trying to start coturn I receiving: “0: : WARNING: cannot find certificate file…” I’m interested, what is the best way to solve this problem?
Maybe sth like usermod -a -G letsencrypt coturn which puts the coturn user in the letsencrypt group. Allowing that user access to files owned by the group. I haven't checked the names. Maybe the group is called differently, certbot or something. Obviously that grants that coturn user access to all the certificates. You might want to set some directory permissions instead, if you have multiple certificates and don't want coturn be able to read or mess with certificates of other domains.
A BBC investigation reveals that Microsoft is permanently banning Palestinians in the U.S. and other countries who use Skype to call relatives in Gaza.
Holy shit, that’s a pretentious way to say you think you’re hot shit while showing you’ve barely got a chin above script kiddie.
Where the fuck are you gonna cram billions of new DNS records? You trying to nuke the whole system?
Billions of new IP addresses? From where, your ass? IPv4’s fucking dead and IPv6 is crawling.
You want billions of shitty home servers? Why not just hand cybercriminals the keys to everyone’s data?
No big email providers for spam filtering? Hope you like dick pills and Nigerian princes.
Home servers for email? Great plan. Who needs reliability when the power goes out or your shit internet drops?
You think everyone can afford this? Some people can barely pay rent, let alone run a fucking server.
“Private” home servers? Please. They’d fold faster than a house of cards in a hurricane up against any direct persistent attack from any capable threat actors.
Try running a big mailing list on your puny home setup. Watch that shit crash and burn.
Good luck explaining to the feds why you can’t cough up subpoenaed emails.
You really think billions of clueless users can handle this? It’s like giving toddlers chainsaws.
Everyone run their own email on locally hosted domains…? Jesus fucking Christ. What are you, 14?
Edit: lemy.lol has MX records that point to icloud.
This toolbag indeed uses someone else’s services for their email exchange.
A BBC investigation reveals that Microsoft is permanently banning Palestinians in the U.S. and other countries who use Skype to call relatives in Gaza....
Do you have an example? That’d block pretty much every business customer, including paid Google and Microsoft users (as the paid accounts use a custom domain). I’m not sure which sites and services would want to block all business users like that.
Also, FastMail is definitely mainstream. It’s pretty popular and has been around for 25 years.
one does not become dependent on tech giants without a critical loss at some day, no matter whats the “reason” for it and they tend to do weird stuff within or without laws…
For others or for a new start and how to avoid such in the future (maybe “migrate” your relatives to secure services “before” you get ripped off):
get your own domain like somestupidtext.info make sure the toplevel (.info .com .net or whatever) has laws that let you effecticely reclaim your domain if one of the providers block something or fail to do their job. also make sure you do not fall into only-first-year-very-cheap traps for domain prices. maybe check that the toplevel domain is not one regulary found to be used by spammers and thus maybe blocked by some providers.
use one company only for DNS related things, maybe name.com, but there are plenty others and lots of generic hosting providers also provide dns-only hosting.
get some provider to host email for your domain or run your own emailserver and set mx records to that mailserver.
configure and change valueable services to your email addresses under your domain
make sure you have a local(!) copy of all your emails that automatically updates itself, if you can, at least daily, offlineimap checked in into a git repo could do a good job
if one provider sucks, change it and leave the rest as is.
the setup alone already shows the provider, that only gov (of that toplevel domain) can effectively block you, as when the email provider tries to block you, you find a new one and change MX records (and obviously cancel and stop paying the blocking one), if the DNS provider tries to block you, you get a new provider and transfer the domain to it, if that fails a lawyer could help) also the small providers have usually no way to know what you do on another account at another company, only if you put your whole life into the hands of the few known big evil ones, you are that vulnerable to the chaos they produce.
also setting up recovery addresses (if possible) is a good idea, like when one email is unusable for whatever reason, the provider already has a known email address from you to start a recovery process, of course that second email address MUST be out of reach of the provider of the first one, that is, if you have somemailprovider.com address and one at microshits, then microshit buys somemailprovider.com, you have to change everything from that somemailprovider.com to a new one just to stay secure. due to this, your own domain with a connected email service of a random hosting provider comes in handy as you would not have to change all the email adresses but only that random email provider. also if skype/zoom etc does not work for you, there are plenty of other ways to do video talks on the internet. i prefer to be independent for same reasons even though i haven’t been blocked yet, i just saw the signs of possible approaching evil because of the shitflow big evil tech produces all the time just to flush their believers view of what would be possible down the drain and choosed independence ahead of losses. following signs like leaving companies with red flags (like just too big, like already robbed their users, like give a shit on their users security, like give a shit on their bugs and blame users while their own big-tech-company-network is pwned by someone unknown for month and such) a more privacy aligned messenger that supports videocalls would be for example matrix, there are multiple clients to choose from and lots of providers to choose from (also self hosting or becoming a provider is possible while for talking to each other it is NOT necessary to use the same provider, but again self-hosting of course is most-secure) one cannot do things securely without knowing a bit about what it is. to learn more about dns, email, matrix or other topics the internet is full of informations, sometimes wikipedia is very helpful and linux user groups exist for talking about stuff and helping each other. the type of support is different and -as i see it - much more efficient, but different, there is no one to do it for you (or you get into the very same dependency trap again) but you are encouraged to learn what it takes to do so and do it yourself.
example prices from a random dns provider: .de 10€ / year .eu 16€ / year
random mail provider imap email 100GB storage 3 € /month
that is having more control over your email than when using big tech, may cost you more or less 4€ per month (and maybe the learning time to set everything up). for matrix server one might use managed services, looking around i found etke.cc with 5€ as a base minimum when you provide your own VPS for it, but with many other options too. maybe the free hosting announced by element.io where i did not look into yet is an option too. i prefer my own domains and servers, but just using separate hosting companies for dns, email and matrix gives a whole lot more control while still beeing a simple and adjustable setup. while matrix does not lock you in into one instance from the beginning (i can chat/call from/to my own account/server to any other account on other servers while beeing able to try this out using a multi-account-client that connects to all acvounts/servers at the same time) they now have bridges so one can use the same client to chat with others on telegram or whatsapp (and others) too, so this is rather the opposite of vendor lock-in. while a matrix hoster could still block your account in error and if you did not use your own domain for your matrix account at the hoster, you could connect to your friends again from another account at another hoster as you would still have their matrix adresses stored in your client. however to securely use matrix one should read about its security mechanisms and what backup keys are and why one should validate new connections.
if you had the loss, at least take advantage of the message/lesson: big tech is too powerful and thus insecure. maybe do three steps in parallel: choose and migrate to smaller providers, more providers each for different things, if one f**ks up, everything else stays in place, thus less stressful on problems. second step in parallel: get yourself into DIY your digital life. every little step into independence is a step more powerful while removing the very same power from big tech to attack the stability of your digital life. third step in parallel: share your problem including the possible solutions, which you choosed and how it went to those you think might take advantage of that information ;-)
It turns out Google Chrome (via Chromium) includes a default extension which makes extra services available to code running on the *.google.com domains - tweeted about today by Luca Casonato, but the code has been there in the public repo since October 2013 as far as I can tell.
It looks like it’s a way to let Google Hangouts (or presumably its modern predecessors) get additional information from the browser, including the current load on the user’s CPU. Update: On Hacker News a Googler confirms that the Google Meet “troubleshooting” feature uses this to review CPU utilization
The code doesn’t do anything on non-Google domains.
Maybe it’s because you tried it on a non Google site? Idk.
If we agree that connectivity is a good thing, why has the adoption rate been so slow?
…
The first required piece is an actual connection between the device and the airplane. This connection can be wired or wireless. It’s now possible to have a wireless access point that’s dedicated to the crew. A wireless connection will need to include security capabilities so users can prove their identity to the wireless network. Let’s not forget that security must also be practical for in-service use. A wired connection is generally seen as more secure, since there has to be physical access from the flight deck, which is considered a secure domain.
In late 2006, programmer Jed McCaleb thought of building a website for users of the Magic: The Gathering Online tradable card game service, to let them trade "Magic: The Gathering Online" cards like stocks.[13][14][4] In January 2007, he purchased the domain name mtgox.com, short for "Magic: The Gathering Online eXchange".[15][16][17][18] Initially in beta release,[19] sometime around late 2007, the service went live for approximately three months before McCaleb moved on to other projects, having decided it was not worth his time. In 2009, he reused the domain name to advertise his card game The Far Wilds.[20]
In July 2010, McCaleb read about bitcoin on Slashdot,[21] and decided that the bitcoin community needed an exchange for trading bitcoin and regular currencies. On 18 July, Mt. Gox launched its exchange and price quoting service deploying it on the spare mtgox.com domain name.[14][22]
I'm not sure when people started to refer to it as Mt Gox.
Wondering if there is a simple way to block any instance or community at specific TLDs? I hate going in to settings and searching whack-a-mole style every time there is a new instance or community on a few TLDs with which I’d prefer to not interact.
You can block users, communities and instances in your account’s settings, but you can’t filter domains themselves in posts or comments on the Lemmy UI. However, some mobile apps provide that ability.
There are vast differences between Windows home and Windows pro and Windows Enterprise editions as far as how easy it is to control and block off the annoyance ware that Microsoft builds into it.
If you use deployment software to roll out your images after standardizing them and have a set image that you can deploy to a thousand computers as easily as one then it's very simple to sign in with a local domain account and disable the windows things through a group policy and just start rocking and rolling whereas your average Windows home user is not going to even have access to GPO and we'll have to tediously for each and every single computer every single time they reset it redo all of the things to disable all of Microsoft's crap activation.
They are not entirely different but definitely distinct versions of Windows and dismissing the home and non-enterprise users that their experience is inferior to your experience on the Enterprise side is what I'm saying is disingenuous
]com, was a legitimate open source project that allowed older browsers to handle advanced functions that weren’t natively supported.
On June 25, researchers from security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites.
Even then, content delivery networks such as Cloudflare began automatically replacing pollyfill links with domains leading to safe mirror sites.
The findings underscore the power of supply-chain attacks, which can spread malware to thousands or millions of people simply by infecting a common source they all rely on.
“Since the domain was suspended, the supply-chain attack has been halted,” Aidan Holland, a member of the Censys Research Team, wrote in an email.
What’s more, the Internet scan performed by Censys found more than 1.6 million sites linking to one or more domains that were registered by the same entity that owns polyfill[.]io.
The original article contains 645 words, the summary contains 148 words. Saved 77%. I’m a bot and I’m open source!
Perhaps this is a weird question I have, but I’ve been watching some technotim videos lately and he seems to have local dns addresses for local services. Perhaps I’ve got this wrong, but if not: how would you go over doing this?...
If you mean to do that in the public DNS records please note that public records that point at private IPs are often filtered by ISP’s DNS servers because they can be used in web attacks.
If you don’t use your ISP’s DNS as upstream, and the servers you use don’t do this filtering, and you don’t care about the attacks, carry on. But if you use multiple devices or have multiple users (with multiple devices each) eventually that domain will be blocked for some of them.
Kinda proud of this, so forgive me while I brag. I found a likely “phone home” tracking image in DocuSeal. I searched around: there was an extant issue about the image. I asked the devs: would they accept a PR to remove the image? A maintainer responded quickly that they were not interested in a PR to remove it, so I forked...
Okay, well they were very clear about it, and they have a pro version, so aren’t removing the customizations that exist.
Secondly, that isn’t a “phone home” bit that you hacked around, it’s literally a header that loads a GitHub badge, and that’s it. It’s part of a lot of open source projects.
Blocking the DNS of the GitHub host it’s calling back to is sufficient enough for everyone if this is a concern (it’s of no security concern, freal), and you don’t need a fork for this to be fixed. Maintaining a fork is an insane amount of work, and trusting someone who is maintaining a forked repo is WAYYYYYY more risky than just using the official repo, which has thousands of stars, and multitudes of users poking through it’s code.
I for one would never touch your forked repo without doing a full diff, and I’m not going to worry about doing that every time a release is missed by you, or a fix isn’t upstreamed…yada yada. I would just use the official repo, and block the offending GitHub domain if I found it offensive, which I don’t.
The “code” you linked to is not functional code of any sort. Not to be nitpicky, it’s just an HTML image tag, so its Markup at best. All you did was stop the loading of an SVG image. The fact that they source it from their own domain tells you everything: they have a script that runs to check the current number of stars, then generates this image that reflects that. SVG is an image format. It’s really standard.
All your other points you’re making because you do not have much experience in the software realm, which I’m not saying to be dismissive or anything at all, I’m simply illustrating that all the points you’re questioning or mentioning are 100% standard.
you don’t make a fork for three lines of code and ask others to “check it out”. If anything, just point out the issue and post a diff or a script to fix it. Simple.
They have a pro version, and are using images they generate in a template viewed by users to promote its popularity and try to sell pro. They’re running a business out of this. Not every FOSS project is non-profit, and these people are simply trying to sell a product AS WELL as keep it open source for others to enjoy, like yourself. Feel lucky to have the privilege they are letting you use it for free.
The term “phoning home” as you’re trying to use it, is wrong. You’re implying that it is functionally doing something unexpected. It is not. It is sourcing an image in HTML. The suspicious type of phoning home is code that executes locally and pulls down other functional bits of code that alter the way the software APPEARS to be used. It’s a way of obfuscating something shady, like a virus, or malware. This is not that kind of code.
If your concern is simply that the code you’ve run is sourcing an image from somewhere, I can only imagine how upset you’ll be to learn that software repos of this size are pulling things from dozens, if not hundreds of places. This project pulls from rubygems, yarnpkgs, and the dreaded example.com.
Lastly, the reason that team responded to you in that manner was more that they were taken aback. Like “WTF is this person talking about? I don’t get it.” Realize that they were nice enough to respond, where most project maintainers would just ignore or close the issue.
Also, you might want to freak out about the social badges being sourced in this as well. This isn’t a “privacy first” project or anything. They aren’t doing anytweird, you’re just misunderstanding some things.
Just to play devils advocate for a minute- Loading from their own domain means they can actually garner quite a bit of information from just the serving of the svg:
date and time of access
IP (country, state, region, etc)
Potential for SVG xss attack if hoster doesn’t clamp down their CSP settings
Date/time/IP are good enough for getting pretty good estimates of who all uses their software. Doesn’t matter if they are or aren’t using that data- it is being sent to them on their own accord and terms. The public has no way of knowing.
And this is all perfectly acceptable, as long as you do one of the following:
Prominent notice to user that tracking is enabled by default, and it can be disabled by doing X, Y, or Z. State the kind of tracking information collected and maybe even say logs are kept in memory or dumped after X days.
Allow for opt-in tracking. This one’s pretty straightforward.
All of this doesn’t really matter if the dev isn’t willing to change anything about the remote image.
But a fork?? Yeah, totally unnecessary. You can take easily care of this at the reverse proxy layer by preventing the svg (or anything else for that matter) from being served. Just serve a 404 or something instead or do a regex replace and remove it altogether from the page prior to serving.
Has anybody here managed to install Funkwhale using Portainer? I’ve already tried 3 times, first tried a template, but turns out the AIO container is deprecated, then tried modifying the default docker-compose and env files available on Funkwhale’s repo, didn’t work (couldn’t run the required commands to create a user)....
To anyone reading this, unless you absolutely must have the federation abilities of Funkwhale above your own sanity, it’s not worth it. Funkwhale is an absolute bear to setup by comparison to every other music server. I have been bouncing through them all spinning up containers for the same library and putting them through their paces.
Spinning up 4 Navidrome containers with 4 different domains for my user’s library preferences was quicker and easier than setting up one Funkwhale server for 4 users. It’s beyond absurd how clunky it is. And worst of all, 4 Navidrome containers are extremely faster, less resource hungry, and easier to maintain.
None of the local library importing works in the UI unless you’re the admin account. That means going into users to create libraries then spinning up an API container with a command to import the local files. But then it doesn’t watch them unless you include that flag and leave the detached container running.
On top of that, so few people are running it that you cannot just search the web for issues. It’s their lacking documentation only. You know something is obscure when you cant even find their own website by searching Funkwhale without going through the top result that links to it.
Funkwhale is just not ready for prime time compared to the other servers.
I have used Airsonic and then Airsonic-advanced for years after briefly using Subsonic. But recently as my more and more of my library migrated to FLAC I had issues with transcoding. Sometimes all transcoding would just start failing and when it did Airsonic would peg every thread it had available. (Heresy I know but when I or my users are on a mobile network I don’t want to chew through data in a few day long outings.) So that’s what led me down this path. I tried Navidrome and loved it except for the lack of library separation. I tried Funkwhale, and I tried Gonic. Gonic is wonderful in its simplicity but it’s almost too basic. It supposedly had library separation and has transcoding but neither was working out of the box so I just said fuck it and went with 4 Navidrome containers because copy and pasting is easy and everything about Navidrome just works. Most importantly, Navidrome is lightning fast loading in an app which is the only way my users interact with the server. It fires up transcoding so fast you almost cannot tell the difference between loading the native file and transcoding in terms of response. I swear there was at least one more server I looked at but passed over and I cannot recall the name.
Edit: FYI Navidrome said that they are currently reworking the entire server backend, but after that it will be easier to implement multiple libraries.
Yes, but should big companies with business models designed to be exploitative be allowed to act hypocritically?
My problem isn’t with ML as such, or with learning over such large sets of works, etc, but these companies are designing their services specifically to push the people who’s works they rely on out of work.
The irony of overfitting is that both having numerous copies of common works is a problem AND removing the duplicates would be a problem. They need an understanding of what’s representative for language, etc, but the training algorithms can’t learn that on their own and it’s not feasible go have humans teach it that and also the training algorithm can’t effectively detect duplicates and “tune down” their influence to stop replicating them exactly. Also, trying to do that latter thing algorithmically will ALSO break things as it would break its understanding of stuff like standard legalese and boilerplate language, etc.
The current generation of generative ML doesn’t do what it says on the box, AND the companies running them deserve to get screwed over.
And yes I understand the risk of screwing up fair use, which is why my suggestion is not to hinder learning, but to require the companies to track copyright status of samples and inform ends users of licensing status when the system detects a sample is substantially replicated in the output. This will not hurt anybody training on public domain or fairly licensed works, nor hurt anybody who tracks authorship when crawling for samples, and will also not hurt anybody who has designed their ML system to be sufficiently transformative that it never replicates copyrighted samples. It just hurts exploitative companies.
Strictly speaking, they’re leveraging free users to increase the number of domains they have under their DNS service. This gives them a larger end-user reach, as it in turn makes ISPs hit their DNS servers more frequently. The increased usage better positions them to lead peering agreement discussions with ISPs. More peering agreements leads to overall cheaper bandwidth for their CDN and faster responses, which they can use as a selling point for their enterprise clients. The benefits are pretty universal, so is actually a good thing for everyone all around… that is unless you’re trying to become a competitor and get your own peering agreement setup, as it’d be quite a bit harder for you to acquire customers at the same scale/pace.
PSA: GoDaddy gated their own API. DDNS users warned (loudwhisper.me)
GoDaddy really lived up to its bad reputation and recently changed their API rules. The rules are simple: either you own 10 (or 50) domains, you pay $20/month, or you don’t get the API. I personally didn’t get any communication, and this broke my DDNS setup. I am clearly not the only one judging from what I found online. A...
coturn can't get access to certificates
My certificates are in /etc/letsencrypt/live/example.com/, and when I trying to start coturn I receiving: “0: : WARNING: cannot find certificate file…” I’m interested, what is the best way to solve this problem?
'Microsoft killed my online life,' Microsoft is reportedly banning Palestinians in the U.S. for life for calling relatives in Gaza (www.windowscentral.com)
A BBC investigation reveals that Microsoft is permanently banning Palestinians in the U.S. and other countries who use Skype to call relatives in Gaza.
Microsoft is reportedly banning Palestinians in the U.S. for life for calling relatives in Gaza (www.windowscentral.com)
A BBC investigation reveals that Microsoft is permanently banning Palestinians in the U.S. and other countries who use Skype to call relatives in Gaza....
Google Chrome ships a default, hidden extension that allows code on *.google.com access to private APIs, including your current CPU usage (fedi.simonwillison.net)
cross-posted from: lemmy.dbzer0.com/post/23752739...
The “Netflix of anime” piracy site abruptly shuts down, shocking users (arstechnica.com)
Boeing 747s still get critical updates via floppy disks (www.theverge.com)
China-linked pollyfill[.]io attack impacts 380,000 hosts, including major companies like WarnerBros, Hulu, Mercedes-Benz, and Pearson (thehackernews.com)
Archived version...
After a 10-Year Wait, Mt. Gox Bitcoin Is Finally Being Returned (www.wired.com)
Can a User Block Top Level Domains on Lemmy?
Wondering if there is a simple way to block any instance or community at specific TLDs? I hate going in to settings and searching whack-a-mole style every time there is a new instance or community on a few TLDs with which I’d prefer to not interact.
My Windows Computer Just Doesn't Feel Like Mine Anymore (www.howtogeek.com)
384,000 sites pull code from sketchy code library recently bought by Chinese firm | Ars Technica (arstechnica.com)
In a sly move, Microsoft has removed the online help page that shows how to switch to a local account on its Windows 11 operating system. (www.pcgamesn.com)
Can you have local reverse proxies?
Perhaps this is a weird question I have, but I’ve been watching some technotim videos lately and he seems to have local dns addresses for local services. Perhaps I’ve got this wrong, but if not: how would you go over doing this?...
Phone home tracking image in DocuSeal, and how to remove it (www.reddit.com)
Kinda proud of this, so forgive me while I brag. I found a likely “phone home” tracking image in DocuSeal. I searched around: there was an extant issue about the image. I asked the devs: would they accept a PR to remove the image? A maintainer responded quickly that they were not interested in a PR to remove it, so I forked...
Funkwhale + Portainer? (www.funkwhale.audio)
Has anybody here managed to install Funkwhale using Portainer? I’ve already tried 3 times, first tried a template, but turns out the AIO container is deprecated, then tried modifying the default docker-compose and env files available on Funkwhale’s repo, didn’t work (couldn’t run the required commands to create a user)....
Truly.
My theory is that chihuahuas are so on edge because they know something is wrong with them, and they know it’s our fault.
FEP-7952: Roadmap for Actor and Object Portability, I.e. BYO Actor ID (socialhub.activitypub.rocks)
I think this is the most important (WIP) Fediverse Enhancement Proposal of this year for the #ActivityPub protocol:...
Meta admits using pirated books to train AI, but won't pay for it (www.techspot.com)
Cloudflare is bad. Youre right.
Centralization is bad for everyone everywhere....