Skip Navigation
The amount of sugar consumed by children from soft drinks in the UK halved within a year of the sugar tax being introduced, a study has found.
  • Have you considered drinking unsweetened stuff? Either plain water, or "flavoured" water. Basically soda without any sugar or sweeteners. It's surprisingly tasty, and pretty much as healthy as pure water.

    Alternatively there are tons of different sweeteners. Some like stevia should be fine even if you have issues with, say, aspartame.

  • SD cards finally expected to hit 4TB in 2025
  • They aren't really even in budget phones anymore. When you don't want a notch and want a headphone jack there is almost nothing to choose from: :/

  • SD cards finally expected to hit 4TB in 2025
  • Yeah, just like headphone jacks. Oh wait...

  • Microsoft starts testing ads in the Windows 11 Start menu
  • It's not just that they demand more, they demand more/faster growth all the time. It doesn't matter that the economy has slowed down to borderline recession, it doesn't matter that they pretty much captured all the market they can, they still need to make more and more money every quarter otherwise they're considered a failure even if they are one of the biggest companies in the world.

  • Ask ChatGPT to pick a number between 1 and 100
  • It generates code and then you can use a call to some runtime execution API to run that code, completely separate from the neural network.

  • How do we know if there aren't a bunch of more undetected backdoors?
  • Yes, that's one option. Then you only have to distribute the certificates and keys.

    Or you allow remote access to that DNS server (Bind has a secure protocol for this), do the challenge requests and cert generation on some other machine. Depends on what is more convenient for you (the latter is better if you have lots of machines/certs).

    Worst case if someone compromises that DNS server they can only generate certificates but not change your actual valuable records because these are not delegated there.

  • How do we know if there aren't a bunch of more undetected backdoors?
  • What you can (and absolutely should) do is DNS delegation. On your main domain you delegate the _acme-challenge. subdomains with NS records to your DNS server that will do cert generation (and cert generation only). You probably want to run Bind there (since it has decent and fast remote access for changing records and other existing solutions). You can still split it with separate keys into different zones (I would suggest one key per certificate, and splitting certificates by where/how they will be used).

    You don't even need to allow remote access beyond the DNS responses if you don't want to, and that server doesn't have anything to do with anything else in your infrastructure.

  • How do we know if there aren't a bunch of more undetected backdoors?
  • Have been for a long time. You just have to use the DNS validation. But you should do that (and it's easy) if you want to manage "internal" domains anyway.

  • How do we know if there aren't a bunch of more undetected backdoors?
  • ...which shouldn't be an issue in any way. For extra obscurity (and convenience) you can use wildcard certs, too.

  • XZ backdoor in a nutshell
  • Packages or dependencies with only one maintainer that are this popular have always been an issue, and not just a security one.

    What happens when that person can't afford to or doesn't want to run the project anymore? What if they become malicious? What if they sell out? Etc.

  • Does Reddit shadowban mentions of Lemmy?
  • "Removed by Reddit" implies admin action though.

  • Different digital world views
  • ...or maybe they just don't want a busy looking logo.

  • Android phone saving metadata for screenshots
  • Except you aren't questioning anyone's views, you're making an argument that barely touches the subject it responds to. And doing so in a very argumentative and condescending way.

    So yeah, it doesn't really belong in a civil discussion.

  • Android phone saving metadata for screenshots
  • A precise android version could for example be used to target you with an exploit for that version.

    I agree with OP, it shouldn't behave like this because the expectation with screenshot software is that it doesn't add any metadata and if it would it should be explicit and probably opt-in.

  • Proton Mail Finally Releases Desktop Apps With a Linux Beta Version
  • Waiting for Proton to acknowledge and fix critical bugs that can cause data loss was way more painful.. took them years with the solution being "just wait for the bridge rewrite it will be (most likely) fixed there".

  • Is it unnecessary to cover one's webcam on Linux?
  • Security is always applied in layers. If you aren't inconvenienced by it, it's a really solid layer to use. Doesn't matter how 'paranoid' you are, it's a good strategy.

  • Self hosted security cameras?
  • Their quality is adequate for the price and they are open enough to be used with any NVR.

    If you are worried about privacy you should segment the cameras onto their own network (VLAN) or at the very least block them on the firewall from accessing the internet, which you should do anyway.

  • Firefox plan to show ads and shopping in the near future in the browser as an opt-out
  • On the contrary, it's the only comparison you can make, since they are literally the only options.

  • Firefox plan to show ads and shopping in the near future in the browser as an opt-out
  • That's not something that'd likely scale enough to bring any meaningful sum of money.

    Even then it targets a tiny, tiny minority of their even current userbase, let alone if they want to approach more "average" users.

  • How do you reply to comments without using the gesture?

    I want gestures only on the right side for upvote/downvote. If more were possible I'd still add reply there, but they aren't.

    Left gestures are unintuitive to me and they clash with navigating back with a swipe from the left.

    When you hold on a comment there are very few options - why is there no reply and other actions you don't have as gestures?

    Stuff like visiting the commenter's profile should also be there.

    Otherwise an amazing app; a rough around the edges in a few places but still the best from what I tried.

    amju_wolf Amju Wolf
    Posts 1
    Comments 289