Max_P

Max_P, 1 year ago

At this point there should probably be a generic “just ask random questions for other Lemmy users” community to direct those people to. People don’t seem to get that this one is similar to AskReddit in purpose, but Lemmy is small so there’s no immediately obvious general communities.

Max_P, 1 year ago

And like and comment as appropriate about the same as I would on Lemmy and used to on Reddit.

Not because they asked for it, but because I genuinely liked it and want to boost it, and because I genuinely have something useful to say/add to it in the comments.

Max_P, 1 year ago

People have been running Ext4 systems for decades pretending that if Ext4 does not see the bitrot, the bitrot does not exist. (then BTRFS picks up a bad checksum and people scold it for being a bad filesystem)

ZFS made me discover that my onboard SATA controller sucks and returns bad data occasionally under heavy load. My computer cannot complete a ZFS scrub without finding errors, every single time.

Ext4, bcache and mdadm never complained about it, ever. There was never any sign that something was wrong at all.

100% worth it if you care about your data. I can definitely feel the hit on my NVMe but it’s also doing so much more.

Max_P, 1 year ago

RAID doesn’t checksum and heal the rotten data. It’s game over before you even have a filesystem on top of it, because said filesystem can’t directly access the underlying disks because of the RAID layer.

Errors will occur, and RAID has no way of handling it. You have a RAID1, disk 1 says it’s a 0, disk 2 says it’s a 1. Who’s right? RAID can’t tell, btrfs and ZFS can. RAID won’t even notice there’s a couple flipped bits, it’ll just pass them along. ZFS will just retry the read on both disks, pick the block that matches the checksum, and write the correct data back on the other disk. That’s why people with lots of data loves ZFS and RAIDZ.

The solution isn’t more reliable hardware, the solution software that can tell you and recover from your failing hardware.

Max_P, 1 year ago

It’s mostly better, but not in every way. It has a lot of useful features, at a performance cost sometimes. A cost that historically wasn’t a problem with spinning hard drives and relatively slow SATA SSDs but will show up more on really fast NVMes.

The snapshots, it has to keep track of what’s been modified. Depending on the block size, an update of just a couple bytes can end up as a few 4k write because it’s Copy-on-Write and it has to update a journal and it has to update the block list of the file. But at the same time, copying a 50GB file is instantaneous on btrfs because of the same CoW feature. Most people find the snapshots more useful than eeking out every last bit of performance out of your drive.

Even ZFS, often considered to be the gold standard of filesystems, is actually kinda slow. But its purpose isn’t to be the fastest, its purpose is throwing an array of 200 drives at it and trusting it to protect you even against some media degradation and random bit flips in your storage with regular scrubs.

Max_P, 1 year ago

The only reason it will not work would be if OP has manually configured stuff in /etc/X11 in some way. You can even have both in the system at the same time (which does require a little bit of extra configuration). Absolute worst case you check out /var/log/Xorg.0.log it tells you the config you forgot in /etc/X11/xorg.conf.d/20-nvidia.conf 5 years ago doesn’t work because the GPU is gone, you delete it, restart Xorg and you’re good to go.

Even on Windows it’s kind of a myth. Some people are like you need to DDU the old driver in safe mode before swapping them out. You can really have them both installed it’s just going to be weird because on Windows both vendors come with ridiculous amounts of bloat.

AMD cards just works as long as your distro is reasonably up to date. No extra drivers, in fact, installing AMDGPU-PRO is usually worse unless you fit some specific use cases.

Max_P, 1 year ago

• Flip phone
• HTC Legend
• Galaxy Nexus
• HTC One M8
• Nexus 5
• Alcatel OneTouch Idol 3 (boy that one sucked)
• HTC One M8 (same device, just finally got S-OFF on it to use it with my carrier despite “incompatibility”)
• Galaxy S7
• OnePlus 8T

Max_P, 1 year ago

It still leads to unsolvable problems like, what is expected when two instances federate content with eachother? What if you use a web app to use a third party instance and it spits out unsanitized data?

If you assume it’s part of the API contract, then an evil instance can send you unescaped content and you got an exploit. If you escape it you’ll double escape it from well behaved instances. This applies to apps too: now if Voyager for example starts expecting pre-sanitized data from the API, and it makes an API call to an evil instance that doesn’t? Bam, you’ve got yourself potential XSS. There’s nothing they can do to prevent it. Either it’s inherently unsafe, or safe but will double-escape.

You end up making more vulnerabilities through edge cases than you solve by doing that. Now all an attacker needs to do is find a way to trick you into thinking they have sanitized data when it’s not.

The only safe transport for user data is raw. You can never assume any user/remote input is pre-sanitized. Apps, even web ones, shouldn’t assume the data is sanitized, they should sanitize it themselves because only then you can guarantee that it will come out correctly, and safely.

This would only work if you own both the server and the UI that serves it. It immediately falls apart when you don’t control the entire pipeline from submission to display, and on the fediverse with third party clients and apps and instances, you inherently can’t trust anything.

Max_P, 1 year ago

Because then you need to take care everywhere to decode it as needed and also make sure you never double-encode it.

For example, do other servers receive it pre-encoded? What if the remote instance doesn’t do that, how do you ensure what other instances send you is already encoded correctly? Do you just encode whatever you receive, at risk of double encoding it? And generally, what about use cases where you don’t need it, like mobile apps?

Data should be transformed where it needs it, otherwise you always add risks of messing it up, which is exactly what we’re seeing. That encoding is reversible, but then it’s hard to know how many times it may have been encoded. For example, if I type & which is already an entity, do you detect that and decode it even though I never intended to because I’m posting an HTML snippet?

Right now it’s so broken that if you edit a post, you get an editor… with escaped HTML entities. What happens if you save your post after that? It’s double encoded! Now everyone and every app has to make sure to decode HTML entities and it leads to more bugs.

There is exactly one place where it needs to encode, and that’s in web clients, more precisely, when it’s being displayed as HTML. That’s where it should be encoded. Mobile apps don’t care they don’t even render HTML to begin with. Bots and most things using the API don’t care. They shouldn’t have to care because it may be rendered as HTML somewhere. It just creates more bugs and more work for pretty much everyone involved. It sucks.

Now we have an even worse problem is that we don’t know what post is encoded which way, so once 0.19 rolls out and there’s version mismatches it’s going to be a shitshow and may very well lead to another XSS incident.

Max_P, 1 year ago

I think 0.19 is reverting that behaviour, because it was indeed a certified bad idea.

I think the idea was to attempt to bulletproof potentially crappy clients especially after the XSS incident, but the problem is it’s simply not even always rendered in a web context which makes the processing kind of a pain.

Wouldn’t surprise me if it becomes double and triple encoded too at times because of the federation. Do you encode again or trust that the remote sent you urlencoded data already?

Best format is the original format and transform as late as possible, ideally in clients where there’s awareness of what characters are special. It is in web, not so much in an Android or terminal app.

I don’t think the Lemmy devs are particularly experienced web developers in general. There’s been a fair amount of dubious API design decisions like passing auth as a GET parameter… Thankfully they also fixed that one in 0.19.

Max_P, 1 year ago

Yes but only if you use their Gapps packages unmodified or don’t use their services at all. They don’t look as kindly when it comes to microG and Aurora, or even ReVanced, and they still fight to make sure Google Pay doesn’t work through SafetyNet and Play Integrity, and you’ll only know at checkout too.

People have been banned for using Aurora. You can mess with the OS but they don’t want you to mess with their apps and especially not if it affects how much money they make off you.

Max_P, 1 year ago

And a fifth, complete nobody instance! It’s almost like you can just slap Lemmy on a server and you can immediately join in the fun everywhere!

Max_P, 1 year ago

Basically the idea is that if you have a lot of data, HDDs have much bigger capacities for the price, whereas large SSDs can be expensive. SSDs have gotten cheap, but you can get used enterprise drives on eBay with huge capacities for incredibly cheap. There’s 12TB HDDs for like $100. 12TB of SSDs would run you several hundreds.

You can slap bcache on a 512GB NVMe backed by a 8TB HDD, and you get 8TB worth of storage, 512GB of which will be cached on the NVMe and thus really fast. But from the user’s perspective, it’s just one big 8TB drive. You don’t have to think about what is where, you just use it. You don’t have to be like, I’m going to use this VM so I’ll move it to the SSD and back to the HDD when done. The first time might be super slow but subsequent use will be very fast. It also caches writes too, so you can write up to 512GB really fast in this example and it’ll slowly get flushed to the HDD in the background. But from your perspective, as soon as it’s written to the SSD, the data is effectively commited to disk. If the application calls fsync to ensure data is written to disk, it’ll complete once it’s fully written to the SSD. You get NVMe read/write speeds and the space of an HDD.

So one big disk for your Steam library and whatever you play might be slow on the first load but then as you play the game files gets promoted to the NVMe cache and perform mostly at NVMe speeds, and your loading screens are much shorter.

Max_P, 1 year ago (edited 1 year ago)

I don’t know, it’s going to depend a lot on usage pattern and cache hit ratio. It will probably do a lot more writes than normal to the cache drive as it evicts older stuff and replaces it. Everything has tradeoffs in the end.

Another big tradeoff depending on the cache mode (ie. writeback mode) if the SSD dies, you can lose a fair bit of data. Not as catastrophic as a RAID0 would but pretty bad. And you probably want writeback for the fast writes.

Thus I had 2 SSDs and 2 HDDs in RAID1, with the SSDs caching the HDDs. But it turns out my SSDs are kinda crap (they’re about as fast as the HDDs for sequential read/writes) and I didn’t see as much benefit as I hoped so now they’re independent ZFS pools.

Max_P, 1 year ago

Installing Ubuntu isn’t breaking any DRM or any anti-piracy measures.

Unless your country is really strict about using devices exclusively as the manufacturer intended, but that’d be countries that also want to monitor everything you do. Hard to tell without knowing what country that is.

That said, I’m pretty sure Google is perfectly okay with people doing that. Even on the Pixel phones, they openly let you unlock the bootloader, and even allows you to add your own keys so you can relock the bootloader with a custom OS. They only care about security and people not getting a device from eBay full of malware. That’s why there’s a message during boot that’s either orange or yellow warning, to tell the users the device has been tampered with. But everything works fine otherwise.

Max_P, 1 year ago

What is even the value of Netplan on… desktop? Most people just pick their WiFi in the menu in Gnome. That sounds like a lot of unnecessary complexity.

For servers, sure, it’s fairly nice. But, desktop? Why?

Max_P, 1 year ago

Netplan’s been the default since 20.04 on the server side and the article says it’s coming to the desktop release with 24.04.

Max_P, 1 year ago

If you’re just using DHCP, you won’t. What Netplan does is take a YAML input file and renders it as a systemd-networkd or NetworkManager configuration file. It’s a very quick and easy way to configure your network, and even have a try command that auto reverts in case you get kicked out of your SSH session.

It seems like what they’re doing for the desktop is hacking up NetworkManager so that it saves back its config as Netplan configs instead of regular NetworkManager configs. That’s the part I’m confused about, because NetworkManager is huge and Netplan doesn’t support close to every option. Their featuresets are wildly different. And last time I checked, the NetworkManager renderer was the least polished one, with the systemd-networkd one being close to a 1:1 match and more reliable.

It made a lot more sense when it was one way only. Two way sounds like an absolute mess.

Max_P, 1 year ago

Precisely. It’s not just “it works”, it’s third-party hardware that Canonical tests, certifies and commits to support as fully compatible. They’ll do the work to make sure everything works perfectly, not just when upstream gets around to it. They’ll patch whatever is necessary to make it work. The use case is “we bought 500 laptops from Dell and we’re getting a support contract from Canonical that Ubuntu will run flawlessly on it for the next 5 years minimum”.

RedHat has the exact same: catalog.redhat.com/hardware

Otherwise, most Linux OEMs just focus on first party support for their own hardware. They all support at least one distro where they ensure their hardware runs. Some may or may not also have enterprise support where they commit to supporting the hardware for X years, but for an end user, it just doesn’t matter. As a user, if an update breaks your WiFi, you revert and it’s okay. If you have 500 laptops and an update breaks WiFi, you want someone to be responsible for fixing it and producing a Root Cause Analysis to justify the downtime, lost business and whatnot.

Max_P, 1 year ago

Kind of but not really? You’d have to federate out every vote individually. There’s no upvotes totals anywhere, there’s a vote table that contains who voted up/down on what, and it’s counted as needed. So if you want to send out 1000 votes, you need 1000 valid users and also send 1000 different activities to at least one instance.

You can make it display 100000 votes on your own instance if you want, but it’s not going to alter the rating on other instances because they run their own tally.

If you really want this to work long term, you need a credible looking instance with credible looking users that are ideally actually subscribed to the target community, and credible activity patterns too. Otherwise, the community can detect what you’re doing and defederate you and purge all the activities from your instance, and also revert all those votes as a side effect.

Remember, all votes are individual activities, and all votes are replicated individually to every instance. On Kbin, you can even see all the votes right from the UI, they don’t even hide it! You can count them yourself if you want. So anyone with the dataset can analyze it and sound the alarm. And each instance can potentially have its own algorithm for that, so instead of having just one target to game, like Reddit and a subreddit, you have hundreds of instances to fool. There’s so many signals I could use to fight spam: instance age, instance user growth, the frequency and timing of the votes, are the users seemingly active 24/7, what other communities those users post into, what are they voting for, do they all vote in agreement with each other, and on and on.

So, you technically can manipulate votes but it takes a lot of effort and care to make it as hard as possible to detect in practice. We play the same cat and mouse game as Reddit, but distributed and with many more eyes on it.

Max_P, 1 year ago

Similarly, the high availability of source code may lead to malicious instances, actors, and/or back-end modifications that would favor specific instances resounding consequence throughout the Fediverse.

That’s ultimately just the Internet being the Internet.

On the fediverse, any instance shouldn’t blindly trust any other instance for that exact reason. That’s part of the game. Instances share the data over ActivityPub, and it’s up to you to process and make use of that data. That includes spam filtering and whatnot. Some instances have CSAM detection for example.

Every instance that’s subscribed to a user or community gets the full set of data: every vote, from every user, from every instance involved. We have the data, we can analyze it. And that’s what really matters.

It doesn’t matter if there’s rogue instances trying to manipulate votes. Everyone have the data to detect and filter out the noise. Maybe one day it’ll be like E-Mail where the majority of the traffic is spam. But just like E-Mail, we’ll make filters and make it work. If all else fails, there’s always the allowlist method: only see content from sources you trust not be spammy. You can even run AI models on it to filter the data if you want. You have the data, you can do whatever you want with it to make it useful for you.

I have faith in the protocol and its openness, not the software that runs it.

Max_P, 1 year ago

What Bluetooth controllers are you using? Is the Linux/Windows machine the same machine?

Not all bluetooth cheaps are equal. My phone will do Bluetooth all the way at the end of my back yard, but my desktop’s Bluetooth doesn’t even reliably reach the next room over.

I doubt it’s the headset, unless it’s defective and you need a replacement, those are pretty well regarded. I have a cheaper model and it’s been a flawless experience for years.

Max_P, 1 year ago

and then it will reach out to other instances to grab content from every external community that at least one local user has subscribed to

It’s the other way around. The local user subscribes to the community on the remote instance, which causes the remote instance to then push you every action that occurs on that community as it happens. The pull method is only used once and doesn’t bring in comments, it’s meant as a preview for when a remote community is used for the first time.

And this is why their content won’t make it to your instance: it expects the other instance to send it to you, but they’re refusing to. Similarly, they won’t accept content from your instance, even though it’s trying to.

Local and remote communities are pretty similar internally, federation happens as a separate process in a queue system.

This leads to this:

you can still subscribe to subs on defederated instances, it’s just the interactions that don’t get passed back and forth.

Max_P, 1 year ago

It’s been slow for quite a while for me too, and it can’t even be the ads because I have Premium.

It’s usually fine when it’s loaded but it does take quite a while to load for some reason, and I’ve got gigabit fiber and 16 cores to process it.

I heard YouTube falls back to a very slow path on Firefox because it uses features that Chrome implemented and never made it to the standard and something else was adopted instead.

Max_P, 1 year ago

There will be loss in the process so you should go a little above. You also need to account for the efficiency curve of your power supply: is it best efficient at 80% load? 90% load? Can it handle 120% momentarily in case of a spike?

CV power supplies are the standard: constant voltage. It outputs say 12V, and trips when overcurrent. A CC supply would limit current to say, 20A. It does so by dynamically adjusting the voltage output to match that target. That’s a lot less common and usually used for battery charging or testing/troubleshooting. So, I guess, don’t plug it on a battery charger.

It should come with specs as to what input it can take. Follow the recommendations. If it says DC give it DC unless you’re absolutely sure of the circuit in there. The presence of a rectifier and caps doesn’t tell you much given it’s an amplifier, it could be part of the amp circuit for the MOSFETs and not its power supply.