Sal

Sal , 4 days ago

Thank you being around, bringing this nice community here, and helping with the federation!! 😁

Sal , 4 days ago

Some time last year I learned of an example of such a project (peerreview on GitHub):

The goal of this project was to create an open access “Peer Review” platform:

---

Peer Review is an open access, reputation based scientific publishing system that has the potential to replace the journal system with a single, community run website. It is free to publish, free to access, and the plan is to support it with donations and (eventually, hopefully) institutional support.

It allows academic authors to submit a draft of a paper for review by peers in their field, and then to publish it for public consumption once they are ready. It allows their peers to exercise post-publish quality control of papers by voting them up or down and posting public responses.

---

I just looked it up now to see how it is going… And I am a bit saddened to find out that the developer decided to stop. The author has a blog in which he wrote about the project and about why he is not so optimistic about the prospects of crowd sourced peer review anymore: theroadgoeson.com/crowdsourcing-peer-review-proba… , and related posts referenced therein.

It is only one opinion, but at least it is the opinion of someone who has thought about this some time and made a real effort towards the goal, so maybe you find some value from his perspective.

Personally, I am still optimistic about this being possible. But that’s easy for me to say as I have not invested the effort!

Sal , 3 days ago

That’s really cool, I will use it

Sal , 6 days ago

Yes, sorry, there was some serious lagg in fetching posts from Lemmy World that persisted for several days and accumulated a 1-week delay.

But after upgrading Mander it is now fetching data from LW quite rapidly and it should be back in-sync in about a day and a half from now.

If you are curious about the ranking algorithm, there is some info here: join-lemmy.org/docs/…/07-ranking-algo.html

Sal , 6 days ago

I find it satisfying to see the graph come down :)

Sal , 3 months ago

If the timing is right, I would bring a mushroom grow bag with mushrooms sprouting.

If not… probably my radiacode gamma spectrometer and some of my radioactive items. Maybe a clock with radium painted dials and a piece of trinitite. I think that there are many different points of discussion that can be of interest to a broad audience (radioactivity, spectroscopy, electronics, US labor law story of the radium girls, nuclear explosions, background radiation… etc). As a bonus I can bring a UV flash light and show the radium fluorescence. Adults love UV flash lights.

Sal , 3 months ago

I think that they are referring to Paxillus involotus

It is quite an interesting mushroom. It was considered “safe to eat” for a long time, but it contains an antigen that a human’s immune system can learn to attack.

The antigen is still of unknown structure but it stimulates the formation of IgG antibodies in the blood serum.

I once looked into whether this immune response builds up over many exposures, or if it is a random event that has a probability of happening for each exposure. I don’t remember finding a convincing answer… If it is a random event, then mushroom could be considered a “Russian roulette” mushroom that will usually provide a nice meal, but, if unlucky, you may experience the following:

Poisoning symptoms are rapid in onset, consisting initially of vomiting, diarrhea, abdominal pain, and associated decreased blood volume. Shortly after these initial symptoms appear, hemolysis develops, resulting in reduced urine output, hemoglobin in the urine or outright absence of urine formation, and anemia. Hemolysis may lead to numerous complications including acute kidney injury, shock, acute respiratory failure, and disseminated intravascular coagulation. These complications can cause significant morbidity with fatalities having been reported.

I agree with you that this is probably unrelated to the “generally similar to humans” comment. I feel like this fantasy is a combination of the above fact mixed in with the fact that the Fungi belong to the Opisthokonts, which places them closer to animals than plants, and so they share some interesting cellular characteristics with us. This places them closer to animals than plants, but “generally similar to humans” is perhaps a bit of a stretch ^_^

But, it is just a meme about a guy being hyped about mushrooms. Hopefully people don’t expect memes to be super accurate 😁

Sal , 3 months ago

First of all, congratulations for bringing a baby girl into this world!! You must be really excited! I am very happy for you!

This looks very cool. I set up a wiki (ibis.mander.xyz) and I will make an effort to populate it with some Lemmy lore and interesting science/tech 😄 Hopefully I can set some time aside and help with a tiny bit of code too.

Sal , 3 months ago

Thank you for the positivity 💚 I wholeheartedly agree!

Drama and negativity drives engagement, and this form of engagement can easily trigger a feedback loop in which negativity keeps piling on and voices of support are practically muted.

We are participating in an open source project that has some very ambitious goals. Things can be messy, mistakes happen, there are risks, and people have many different opinions and moods. Heated discussions can be a healthy part of the process. But, once the dust is allowed to settle for a bit, it is good to remember that we are humans and that we are here because we have some shared goals.

I think the majority of people around here are kind and have a positive outlook, but perhaps it is more motivating to speak out when we have negative comments than positive ones. So, thank you for taking the time to write this positive message!

Sal , 3 months ago

Woah - I had never heard of the Hatzegopteryx. I spent some time today watching videos of this guy today (and its relatives, Quetzalcoatlus and Argentinosaurus). They are really cool.

I know that there is a lot of arguments about what dinosaurs actually looked like - I hope that in the videos they make these guys scarier than they actually were… This video is especially: www.youtube.com/watch?v=pYniD_MQ7Rg

Personally, this style (from a great PBS Eons video) is my favorite interpretation:

https://i.imgur.com/Hptc0jc.png

https://arbordalekids.files.wordpress.com/2021/11/ihatz_09_soar.jpg

And artists apparently like to emphasize that these guys could eat small dinosaurs!

https://i.imgur.com/C6gZxgn.png

https://images.squarespace-cdn.com/content/v1/624b94e0a1971679b2a1d8da/1658165737287-UB7NR8B4IE0N5HVFTW5X/pablo-rivera-hatzegopteryx.jpg

https://a-z-animals.com/media/2022/06/shutterstock_1362863072-768x461.jpg

https://d.furaffinity.net/art/renfriammon/1704472255/1704472255.renfriammon_img_4649.png

https://image.pbs.org/video-assets/5kg0O0I-asset-mezzanine-16x9-RIS0K1C.png

Sal , 3 months ago

I am also quite interested in this. It is not something that keeps me awake at night, and I am not particularly paranoid about it. But I find that working towards answering this question is a fun frame from which to learn about electronics, radio communications, and networking.

Since this appears to be something that is causing you some anxiety, I think it is better if I start by giving you some reassurance in that I have not yet managed to prove that any electronic device is spying on me via a hidden chip. I don’t think it is worth being paranoid about this.

I can explain some things that could be done to test whether a Linux computer spying. I am not suggesting that you try any of this. I am explaining this to you so that you can get some reassurance in the fact that, if devices were spying on us in this manner, it is likely that someone would have noticed by now.

The “spy” chip needs some way to communicate. One way a chip might communicate is via radio waves. So, the first step would be to remove the WiFi and Bluetooth dongles and any other pieces of hardware that may emit radio waves during normal operation. There is a tool called a “Spectrum Analyzer” that can be used to capture the presence of specific radio frequencies. These devices are now relatively affordable, like the tinySA, which can measure the presence of radio frequencies of up to 6 GHz.

One can make a Faraday cage, for example, by wrapping the PC with a copper-nickel coated polyester fabric to isolate the PC from the radio waves that are coming from the environment. The spectrum analyzer antennas can be placed right next to the PC and the device is left to measure continuously over several days. A script can monitor the output and keep a record of any RF signals.

Since phones are small, it is even easier to wrap them in the copper-nickel polyester fabric alongside with the spectrum analyzer antenna to check whether they emit any RF when they are off or in airplane mode with the WiFi and Bluetooth turned off.

What this experiment may allow you to conclude is that the spy chip is not communicating frequently with the external world via radio frequencies, at least not with frequencies <= 6 GHz.

Using frequencies higher 6 GHz for a low-power chip is not going be an effective method of transmitting a signal very far away. The chip could remain hidden and only emit the signal under certain rare conditions, or in response to a trigger. We can’t rule that out with this experiment, but it is unlikely.

A next step would be to test a wired connection. It could be that the spy chip can transmit the data over the internet. One can place a VPN Gateway in between their PC and the router, and use that gateway to route all the traffic to their own server using WireGuard. All network packets that leave through the PC’s ethernet connection can be captured and examined this way using Wireshark or tcpdump.

If one can show that the device is not secretly communicating via RF nor via the internet, I think it is unlikely that the device is spying on them.

Sal , 3 months ago

Search engines like google aggregate data from multiple sites. I may want to download a datasheet for an electronic component, find an answer to a technical question, find a language learning course site, or look for museums in my area.

Usually I make specific searches with very specific conditions, so I tend to get few and relevant results. I think search engines have their place.

Sal , 3 months ago

You can take a lot of control by using search commands. Here is a list of commands for Google, for example: www.lifewire.com/advanced-google-search-3482174

By using commands like these you can narrow down your searches to the point that the impact of SEO is small. You give a much greater weight to the conditions that you have chosen.

It can be a bit of work to write a good search query, but the database that search engines search through is massive, so it makes sense that it would take some work to do this right.

Sal , 4 months ago

I don’t have much of an opinion on this topic, I haven’t really looked into it.

But as soon as I saw this image, the El Al Flight 1862 which crashed in the Bijlmer in Amsterdam in 1992 immediately came to mind. The shape of the hole is very similar!

https://www.kijkmagazine.nl/app/uploads/sites/3/2019/10/Bijlmerramp.jpg

This image shows the likely position of the Bijlmer plane during the crash:

https://upload.wikimedia.org/wikipedia/commons/thumb/1/12/Bijlmer_crash_impact_model.TIF/lossy-page1-1390px-Bijlmer_crash_impact_model.TIF.jpg

The image you posted of the Pentagon seems to me consistent with what I have seen of the Bijlmer accident, and so the shape of the hole and the absence of wings in the photo does not persuade me personally that no plane was involved.

Sal , 4 months ago

Fair enough. I just looked it up and if the scale in this image is correct, I agree that the size of the hole looks small in comparison. I also looked at the security video of the crash itself and it is frustrating how little we can see from it.

https://mander.xyz/pictrs/image/6d4db3da-2bbe-49f2-89fe-ce271328bd6b.png

Since this was such an important event and there seems to be a lack of specific pieces of essential evidence - either because of bad luck or because of a cover-up - I understand the skepticism. And I am not a fan of blindly believing any official narrative. But, without any context, if I see that photo and someone tells me that a plane crashed into that building, I would find it probable simply because the shape is so similar to the photo of the Bijlmer accident that I’m familiar with. A plane crash seems to me like a very chaotic process, so I don’t have a good expectation of what the damage should look like.

Maybe I’ll look for a pentagon crash documentary some time.

Sal , 5 months ago

Yes, you are right. If a mod wants I can send them the username and they can ban them from the community. I can see it as an admin from my instance but I can’t take action.

Sal , 5 months ago

There is one account that has a single comment from 5 months ago that is downvoting most posts and comments. That one is very suspicious

Other than that… No other accounts are as obvious. A few do have some reoccurrences but most of those votes do seem organic on first inspection.

Sal , 5 months ago

A botnet could have many unique accounts, and some could even appear like users. So I can’t rule it out. I also haven’t done a deeper dive into the accounts.

But when a post gets popular I would expect it to get at least a few downvotes, regardless of what it is.

Sal , 6 months ago (edited 6 months ago)

I can tell you one benefit: Money. Most of my server’s costs come from storing federated content. Federating with threads would likely be expensive.

Sal , 6 months ago

Yeah, I found out only after choosing that domain name… This TLD also gets penalized by the automatic e-mail spam detectors (like SpamAssassin). I wouldn’t pick the “.xyz” TLD if I were picking today 😅

Sal , 6 months ago

Sure.

If I make my own AI image generator and create a nice image with it, or use some AI engine that gives me full ownership of the output, I can choose to share it online with whatever license I want to share it with. I don’t see why the regular copyright rules for digital images and photographs would not hold… If someone shares their AI creation online and wants others to share with attribution, or not share at all, what is wrong with that?

I can take a ton of photos of objects with my phone, upload them to Flickr, and they are all copyrighted. That doesn’t mean that other’s can simply take similar photos if they wish to do so. The same with AI. One can decide whether to share with attribution, pay someone to let them use it, or to generate the image themselves using AI. It does not seem like a problem to me.

Sal , 10 months ago

All fungi are magical ;)

The mycology community is more general in scope. Psychedelic mushrooms are not excluded, but there can be so much specialized discussion in that sub-category that is worth it having a more specialized community.

There is also the first community !uncle_bens dedicated to growing, but it is not very active.

Sal , 10 months ago

Sure, what’s wrong with bird seed tech?

Sal , 10 months ago

Ah, actually, I responded thinking that you meant the /c/mycology community.

I’m not the creator/mod of the uncle_ben’s community, and the sidebar says “A community for the uncle ben’s mushroom growing technique.”, so I am actually not sure. I think it would be fine… Sorry!

Sal , 10 months ago

Thank you for making this open source!

Sal , 10 months ago

I would like to make a list at some point with several community integrations and ask my instance’s users whether they would like some of them installed into the instance. This application will definitely go on that list! I do need to take into consideration how many resources each of the apps consume, to make sure I don’t bloat my server. But this one seems quite light. Is it?

Sal , 10 months ago

I wiped all my data from a supercomputer by trying to ‘cd’ into a folder but making a typo and then running rm -rvf * from my home directory.

At least they kept backups… The system administrators were probably amused about who gets access

Sal , 10 months ago

For example I can go up to someone and insult them for all sorts of things - “you’re an ugly stupid worthless piece of trash” and that’s ok but I say “you’re a dirty [racial slur]” all of a sudden it’s different?

If it makes you feel any better, telling someone “you’re an ugly stupid worthless piece of trash” would get you banned from my instance too, so it is not so different.

Sal , 10 months ago

I wouldn’t use this language myself because I am not ready to defend that it is reasonable to apply the Universal Declaration of Human Rights in this context.

I think that they might be referring to Article 1, and possibly 5.

If this is their interpretation, then calling someone a worthless piece of trash is also a violation. You are talking to another human being as if they have less dignity, and you are treating them in a cruel and degrading manner.

Sal , 10 months ago (edited 10 months ago)

• Password hashing occurs server-side. Even without removing the hashing step an admin can intercept the plaintext password during login. Use unique safe passwords.
• An admin can intercept the jwt authentication cookie and use any account that lives in the instance.
• Private messages are stored as plaintext in the database
• Admins can see who upvotes/downvotes what
• These are not things that are unique to Lemmy. This is common.
• To avoid having to trust your admin, run an instance.

Sal , 10 months ago

The votes themselves are the federated action.

If you fetch an old post, your instance will not see the previous voters. After that, whenever a user votes the instance will get the message “User X@instance upvoted/downvoted post Y” and the vote will be added to the database with the voter’s user ID and counted.

This has a practical function. If you don’t keep a list specifying who voted for what, it would be much easier to fake votes from one instance to another by simply communicating the message “Downvote post Y”. With the current method it is still possible to create a lot of fake accounts and mass-vote, but at least you can get a better insight when looking at the database if the votes are associated with accounts with no activity from a single instance.

There are some federated platforms that will show who likes / dislikes something. I know that friendica used to do this - I have not checked if it still does. So it is not only admins who can see this, this is is basically open information in the fediverse.

Sal , 10 months ago

There is definitely a probability to deal with a non reliable instance admin, but not less than with any other social media, and in principle they collect even less data

Yeah. You can see the cookies that are stored by a site by right-clicking on the site, going to “inspect”, and the clicking “Storage”. By default, the only cookie that Lemmy has is an jwt cookie used to authenticate your user.

You are not asked for a phone number to be here. Providing an e-mail is often optional and even discouraged by some instances. When you want to send a private message through the site you get a message discouraging from doing that and encouraging to try to use an encrypted chat application instead, such as matrix.

The original Lemmy instance (lemmy.ml) is a community for FOSS and Privacy enthusiasts. What is asks from a user and what it does with the data is what it needs to be functional. Lemmy lets you take any proactive step that you would like to take to protect your privacy - use a VPN or Tor, use safe passwords, use a unique identity, and don’t provide any personal information. There are no built-in features to block you or discourage you from doing that. Lemmy never asks for your location, nor does it keep any logs of what content you visit, nor does it try to run any analytics on you. But even if that is not enough for you, the fediverse doesn’t lock you out, you can set up an instance or even create a new program to interact and communicate only precisely what you want to communicate via activity pub.

Sal , 10 months ago

No, there is no API to get the votes (join-lemmy.org/api/). If my understanding is correct, now that I upvoted your comment my instance will push that information. I’m not sure whether it pushes it to dandroid.app first or to all instances, saying basically "[email protected] upvoted dandroid.app/comment/441785", and so every instance that has that comment can save my user ID in the “upvote” list of that comment, and that upvote is counted.

If only the vote direction was federated, then it would be very easy for me to spam the message "Upvote dandroid.app/comment/441785". I would not even need to create an instance for that, I just need to speak ActivityPub. And it would be more difficult to detect that I am doing that, because the database would only hold the vote count.

I don’t think there is a way to ask an instance to reveal this list. You can only get it by directly querying the database if you have access to it. This is why if you fetch an older post or comment, it will arrive with a single or zero votes.

Sal , 10 months ago

I’m not sure about Web Hosting. Many of us use a dedicated virtual private server (VPS)

I use serverspace.io, I think Lemmy.ml is hosted with www.hetzner.com

These are servers that you access via SSH and can install the instance inside of it. I personally install using docker compose, but there are some other methods that are claimed to be easier. The cost starts at ~$5 / month. Currently I pay about $15 / month. You would then rent the domain name from a domain name registrar (I use namecheap.com) and ask them to point the domain name to your server’s IP address.

Sal , 10 months ago

You are a crawling microchip that possesses animals with cool abilities

Sal , 10 months ago

Nice to see he has had a graphics upgrade :p

https://mander.xyz/pictrs/image/b352eefe-1e8c-486b-9abd-2c3309d3e9a8.jpeg

Sal , 10 months ago

Woah, cool video! I think this video deserves its own post. I just need to figure out which scientific community it is most relevant to … Physics? Epidemiology? Hmmm 🤔

Sal , 10 months ago

My girlfriend kept complaining about losing her hearts on Duolingo and I was very confused as I never had any “hearts” during regular lessons. Eventually I found out that since I had created a classroom while exploring the site, I was given access to a teacher version of Duolingo - which is basically a free premium version 😅

Sal , 10 months ago

Full genome sequencing.

The price of sequencing continues to decrease as the technology evolves. I have already seen claims of under $1,000 for a full human genome. I haven’t looked carefully into those claims, but I think we are around there. In some years full genomes will be so cheap to sequence that it will be routine. I want to buy one of those small Oxford Nanopore MinION sequencers in the future. I’ll use it like a pokedex.

Sal , 10 months ago

There is a theoretical future in which full-genome sequencing is performed exclusively by large companies, hospitals, and governments, and the data is stored by them and they can access it.

But the technologies are becoming quite accessible. Unless regulations are introduced to force people to give up their genetic data, which I don’t think is so likely, there will be ways for us to get our sequences without the sequences being stored by a third party. I also think that there will be FOSS tools for us to run our own analyses.

Sal , 10 months ago

Nooo, I just recently discovered NewPipe 😔

Sal , 11 months ago

Mexican jumping beans are seeds that are inhabited by the larvae of a small moth (Cydia saltitans). Another fact about them is that they are not actually beans, and so now I’m not sure if this fact belongs here!

Sal , 11 months ago

Woah. That is a lot sooner than I had anticipated.

Sal , 1 year ago

Well, good thing that you prepared well in advance and have already built a nice alternative.

Reddit is done

Sal , 1 year ago

I think this underestimates how users will naturally gravitate towards more centralized instances, or they’ll give up because the bigger instances are closed.

(This is purely my personal opinion, of course!) In the scenario in which a few large instances dominate, the idea of the fediverse failed. One may estimate the likelyhood of success or failure given how they expect humans to behave, but in the end experiment beats theory. I think that for the fediverse to work a significant cultural shift has to occur, but I don’t think that it is an impossible shift. I would like the fediverse to succeed, and so I choose to take part in the experiment.

This also ignores that the system isn’t horizontally scalable at all, so scaling up gets even more expensive

Yes, that might cause some serious issues. The project is still in an early-development phase, and I don’t understand the technical aspects well enough yet to be able to identify whether there is obviously a fundamentally invincible barrier when it comes to scalability. My optimistic hope is that the developers are able to optimize horizontal scalability fast enough to meet the demand for scale. If it turns out to be impossible to scale, then only rich enough parties would be able to have viable instances, and that could be a reason for failure.

Sal , 1 year ago

This is what I think, but if anyone understands it differently please correct me.

Vertical scalability refers to scaling within a single instance. More users join and they post more content, increasing the amount of disk space needed to hold that memory, network bandwidth to handle many users downloading comments and images at once, and processing power.

Horizontal scaling refers to the lemmyverse growing because of the addition of new instances. The problem in this form of scaling is due to the resources that an instance has to use due to its interactions with other instances. So, you may create a small instance without a lot of users, but the instance might still need a lot of resources if it attempts to retrieve a lot of information (posts, comments, user information, etc) from the other larger instances. For example, at some point a community in lemmy.ml might be so popular that subscribing to that community from a small instance would be too much of a burden on the smaller instance because of the amount of memory required to save the constant stream of new posts. The horizontal scaling is a problem when the lemmyverse becomes so large that a machine with only a small amount of resources is no longer able to be part of the lemmyverse because its memory gets filled up in a few hours or days.

Sal OP , 11 months ago

Thanks!

Adblocking plugins aren’t limited by this and can filter the actual content and HTTP requests made by the browser.

Why is this the case? What rules do Adblock plugins use that allow them to determine that something that is being served is an ad? I understand from what you are saying that Adblock will block on the basis of the HTTP requests instead of filtering at the DNS level - do ads come with specific HTTP headers that are not processed by the pi-hole DNS server and thus can’t be used for filtering? I don’t fully understand yet the details of how the two ad-blocking mechanisms operate, so their differences are not obvious to me.

Sal OP , 11 months ago

Thank you - that makes sense!

I think I understand why this is done now. Most HTTP requests are hidden by the SSL encryption, and the keys to decrypt it are client-specific. So, if one wants to block ads at the network level without needing to get the SSL keys of every client that connects to the network, then this is the most specific amount of information that you can provide the PiHole with. The HTTP blocking needs to be set up in a client-specific manner, and that’s why they work well as browser extensions.