@Atemu@lemmy.ml avatar

Atemu

@Atemu@lemmy.ml

Interested in Linux, FOSS, data storage systems, unfucking our society and a bit of gaming.

Nixpkgs committer.

github.com/Atemu
reddit.com/u/Atemu12 (Probably won’t be active much anymore.)

This profile is from a federated server and may be incomplete. Browse more on the original instance.

Atemu, (edited )
@Atemu@lemmy.ml avatar

You could take the revision number. nixos-unstable has 567011 commits currently.

Atemu,
@Atemu@lemmy.ml avatar

Problem is that the average person cannot discern between an actual expert and a charlatan.

Atemu,
@Atemu@lemmy.ml avatar

It’s unkown whether he improved his temper or whether he just built a very good mail filter for himself though.

Atemu, (edited )
@Atemu@lemmy.ml avatar

I meant that as a reply to the second paragraph which generalised anarchism; including the non-Linux world.
I also disagree that this isn’t an issue in the broader Linux community however. See for example the loud minority with an irrational hate against quite obviously good software projects like systemd who got those ideas from charlatans or “experts”.

Atemu,
@Atemu@lemmy.ml avatar

I was worried about possibly needing to change license.

I’d rather ask the contributors to consent to licensing their code under the new license. You don’t need the copyright in the hand of one entity to change license, it’s enough if all copyright holders agree.

The situation is made seemingly complicated by the possible need to use copylefted images

WDYM by “images”?

As in art assets? I’m not sure those would even be infectious. I think it’s possible to even use non-free assets in a GPL’d application. It may be better to treat them as such to keep the licensing simple though.

Even then, it’s usually possible to “upgrade” permissively licensed code (such as Apache 2.0) to a copyleft license as long as the original license’s conditions are still met which usually involves denoting which parts of the code is also available under the permissive license.

Atemu,
@Atemu@lemmy.ml avatar

Why does it need to be public-facing? There may be solutions that don’t require exposing it to billions of people.

Security is always about layers. The more independent layers there are, the fewer the chances someone will break through all of them. There is no one technology that will make your hosting reasonably secure, it’s the combination of multiple.

You’ve already mentioned software ran inside an unprivileged sandbox.

There’s also:

  • Sandbox ran unprivileged inside a VM
  • VM ran inside unprivileged sandbox
  • Firewall only allowing applications to open certain ports
  • Server running all of that hosted by someone else on their network with their own abstractions
Atemu,
@Atemu@lemmy.ml avatar

Not really. It was publicly available information. It’s, by definition, not private.

Atemu,
@Atemu@lemmy.ml avatar

You gave them an irrevocable license to basically use your content in any way they see fit. Them not showing posts you deleted is just them being nice, not being obligated to do so. They could simply ignore your request or restore posts later.

You should have thought about that when you gave them that license to your content.

Atemu,
@Atemu@lemmy.ml avatar

Not what you’re asking for but a potential solution: Your TV itself might support Miracast.

Atemu,
@Atemu@lemmy.ml avatar

I’d highly recommend setting up a swap partition instead.

Atemu,
@Atemu@lemmy.ml avatar

If you need to set up a special dedicated subvolume, might aswell set up a partition instead; it’s just simpler.

With a swapfile you also can’t do multi-device setups which is a limitation I personally couldn’t live with.

Atemu, (edited )
@Atemu@lemmy.ml avatar

This is a lot to take in; it’s basically an overview of all the interesting features of Nix. When starting out, you don’t need this kind of in-depth knowledge. I personally gathered most of what was covered here in over 6-12months of using it and I did just fine.

It might still not be for you but don’t take this as the reference point.

Atemu,
@Atemu@lemmy.ml avatar

While that is true, it’s also r13y on another level: Reproducible evaluation. That mostly stems from pure eval and locking.

In the “before times”, you’d get your Nix expressions from some mutable location in the Nix path, so running i.e. a nixos-rebuild on your configuration could produce two different eval results when ran at two different times, depending on whether anything about your channel configuration changed in the mean time. This cannot happen with flakes as all inputs are explicitly given and locked.

You could achieve the same using niv etc. before but that had its own issues.

Atemu,
@Atemu@lemmy.ml avatar

I haven’t used channels in years, but doesn’t that just refer to the running system, not using Nix to build projects?

I have no idea what you’re trying to say here.

Atemu,
@Atemu@lemmy.ml avatar

There’s the WIP NixOS-based SnowflakeOS that aims to make NixOS approachable for mere mortals but that’s still declarative configuration and of course still NixOS under the hood.

There’s a bunch of immutable distros out there that use OStree or some other imperatively managed snapshotting mechanism such as Fedora Silverblue or VanillaOS.

Atemu,
@Atemu@lemmy.ml avatar

How do you compose Guix projects?

Atemu,
@Atemu@lemmy.ml avatar

Why go through all of that complexity when you could just sudo apt install docker?

Atemu, (edited )
@Atemu@lemmy.ml avatar

Yes, a slight speed decrease is expected even with good proxy services at common residential speeds. Given that yours is far above the average, a greater decrease can be expected. It shouldn’t be this much though.

If this is installed on a common “router” SOHO gateway appliance, it’s likely that its hardware is simply not able to keep up with the tunnelling workload (encryption, package handling). For troubleshooting, try the same proxy server on a more powerful machine while disabling the proxy on the gateway. If it’s faster, that’s likely your issue.

Also try a different proxy server. That particular one might simply not have enough capacity to serve you more than that.

Is there such a thing as split-screen grep?

I want to run a command and see all of its output on the left hand side, while simultaneously searching/grepping for particular lines on the right hand side. In other words, I want a temporary vertically split screen in my CLI, ideally with scrollback on each side of the split, but where I expect the left hand side to be...

Atemu, (edited )
@Atemu@lemmy.ml avatar

That’s not at all grep-like. Grep is a line filter, not a character sequence highlighter.

I'm looking for a privacy respecting vacuum robot

I’m looking for a vacuum robot preferably under 500€ and with a cleaning station. My main concern is that most robot vacuum providers seem to need to be connected to the internet. Are there any providers that either don’t need that, where I can block the internet connection or any other way not getting a spy in my home?...

Atemu,
@Atemu@lemmy.ml avatar

That mitigates a rather minimal leak while ignoring the gaping black data hole.

Atemu,
@Atemu@lemmy.ml avatar

Now that’s meta.

Atemu,
@Atemu@lemmy.ml avatar

They’re not doing like proton and close basic stuff like IMAP and SMTP as a way to force you on the official apps

The reason Proton cannot do IMAP/SMTP is that they cannot read your emails which is required for both. That’s a feature, not a bug.

PM works with any app as long as the app implements their custom protocol for which there are at least two FOSS implementations as a reference.

proton is a “fake” open source that is mostly used for marketing: they opened only the UI, which communicates with a proprietary protocol to a proprietary server - useless

While I’d also prefer their back-end to be OSS, it’s not nearly as critical as the clients.
As a user, it doesn’t make a difference. I’m paying for an opaque service either way.

All the interesting stuff (E2EE, zero access storage) happen in the clients anyways. The BE is fairly uninteresting; it’s a mail server + zero-access encryption + Proton account handling. If you really wanted to build a mail service similar to Proton, you could build that yourself and probably would have to anyways.

Atemu,
@Atemu@lemmy.ml avatar

The backend is the real interesting part, and the only way that we can be sure that “they cannot read the emails”

While I’d still prefer it, OSS can’t really help with that because what’s really required here is remote attestation.
That is an unsolved problem to my knowledge; there is no way to know which software they’re actually running. Even if they published the source code, they could trivially apply a patch in their deployment that stores all incoming email somewhere and you’d be none the wiser.

Even if they published source code and could somehow prove to you that they’re running a version derived from it, you would still not be safe from surveillance as one could simply MITM all connections. See i.e. notes.valdikss.org.ru/jabber.ru-mitm/.

That’s likely one of the reasons they do everything they can to make PGP accessible to every user.

imap/smtp can be toggled with a warning, if that’s really their concern

It’s plain and simply not how their service works. They’d have to build most of their service a second time but unencrypted.

It’s like asking Signal to build in support for IRC; it does not make sense for them to do that in any way without malicious intent needed.

no IMAP = no easy migration to somewhere else

You have IMAP access via the bridge. That’s what it’s for.

Atemu,
@Atemu@lemmy.ml avatar

BSD which iOS is based on

Note that Apple’s OSs have very little to do with BSDs unless you deem coreutils the only criteria for an OS’ quality.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • localhost
  • All magazines
    •
    Loading…
    Loading the web debug toolbar…
    Attempt #