8-13-23 www.thefarside.com
PriorProject @ PriorProject @lemmy.world Posts 33Comments 726Joined 2 yr. ago
PriorProject @ PriorProject @lemmy.world
Posts
33
Comments
726
Joined
2 yr. ago
I also confirmed this as a long-standing bug.
https://blog.mastodon.world/ posts monthly-ish finance updates. I've never heard about formalizing as a non-profit, and their choice to do so or not is not something I'm concerned about given their track record with masotodon world and their voluntary transparency.
Two tips:
I have not tried running WINE yet but I plan on doing so soon.
Steam "just works" on Linux, you can install it via flatpak (which I use) or from their deb repo. It includes "Proton", which is a fancy bundle of wine and some extra open source valve sauce to make it nice and easy to use. Any game that runs on the steam deck also runs on Linux via proton, and there's no messing around at all. It looks and feels just like steam on Windows, and thousands of games just work with no setup or config beyond clicking the big blue and green buttons to install and run. Not EVERY games works, but tons do. I'd heavily recommend this over raw wine to a beginner.
The second tip is not to ask what you can do on Linux. The answer, to a first approximation, is that you can do everything on Linux that you can do on Windows or OSX. I daily drive all three, and mostly do the same stuff on them. Instead, ask YOURSELF what you WANT to do on Linux. Then Google and ask us HOW to do it... or what the nearest approximation is if the precise thing you want to do doesn't work on Linux.
cc @iturnedintoanewt@lemmy.world, not sure if you get reply notifications on cross-posts, but some good advice a out your Jellyfin question over here.
I use postgres for my install and had a similar thing happen to me. I tried moving an org credential to a folder, which moved the folder to the org, and kicked all other credentials to "no folder".
Thanks for confirming with your DB. That saves me sweating whether I should rebuild on PG at least, and also makes me feel better that it's a folder bug and not generalized database corruption.
Having finished the heavy organizing, my rate of big org transfers has slowed and I haven't reproduced again yet. Hopefully this will be uncommon enough to be a non-issue. Thanks again for the info.
Thanks for the suggestion, but sync seems to be working ok... at least on the read side. I was able to verify the pre-existing good state and the bad state afterward from multiple clients. If sync played into it, it must have been on a write somehow.
A very common DDoS attack uses UDP services to amplify your request to a bigger response, but then spoof your src ip to the target.
Having followed many reports of denial of service activity of Lemmy, I don't think this is the common mode. Attacks I'd heard of involve:
- Using regular lemmy APIs backed by heavy database queries. I haven't heard discussion of query rates, but Lemmy instances are typically single-machine deployments on modest 4-core to 32-core hardware. Dozens to thousands of queries per second to the heaviest API endpoints are sufficient to saturate them. There's no need for distributed attack networks to be involved.
- Uploading garbage images to fill storage.
Essentially the low-hanging fruit is low enough that distributed attacks, amplification, and attacks on bandwidth or the networking stack itself are just unnecessary. A WAF is still a good if indeed OPs instance is getting attacked, but I'd be surprised if wafs has built-in rules for lemmy yet. I somewhat suspect one would have to do the DB query analysis to identify slow queries and then write custom waf rules to rate limit the corresponding API calls. But it's worth noting that OP has provided no evidence of an attack. It's at least equally likely that they dos'ed themselves by running too many services on a crappy VPS and running out of ram. The place to start is probably basic capacity analysis.
Some recent sources:
There's https://lemmy.world/legal for a variety of instance policy things, but it doesn't cover privacy and I don't believe there is an official statement on that.
Having one would be nice, but my sense from how admins handle transparency in general is that the privacy practices here are best-in-clasd compared to commercial social media giants. That's speculation of course, but semi informed by watching how the admins have handled a wide variety of issues.
I think a couple things are in play:
- Very few people consumed these comics as we are... reading each one in sequence. You'd more likely sporadically encounter them in the funnies section of a physical newspaper. Which was a pretty hit/miss proposition to begin with. No one expected every one to be a winner, and people would routinely skip over stuff that didn't interest them without thinking about it too hard. You're operating under the assumption that Far Side is a classic, but at the time people would just cruise by and think "that comic is stupid, just like 60% of the other stupid comics on this page". And folks were pretty happy to have 40% of comics be a bit funny.
- What made Far Side a classic was not its consistency. Rather, there were a few strips that became cultural phenomena. Basically a handful of hits that were breakout memes of the 80s and 90s. Colleges used to sell t-shirts of the school for the gifted strip with the kid pushing on the door that says pull, which is pretty accessible and one of those breakout hits.
- Because of those breakout hit strips, some folks got into Larson's style of humor enough that fewer of his strips were inscrutable to them and he had a lasting market.
- Other comments point about topical references and those are also a big deal. If someone sees a beans meme with no context 30y from now, it ain't gonna be funny. But a few weeks ago on lemmy, it was part of a contextual zeitgeist that was more or less about "these idiots will upvote anything, I'm one of the idiots... I'll upvote this!" and it kind of captured the exuberant excitement of not knowing what lemmy was but wanting it to be something. Similarly, these strips often weren't intended to last multiple generations. They assumed you were reading the newspaper RIGHT NOW... and so could reference current events very obliquely and still be accessible.
TLDR: Like a stupid meme, many Larson comics require shared transient context we're missing now. Some are also just fukin weird, like cow tools. But some were very accessible and became hugely popular. These mega-star strips cemented Far Side's popularity, and which gave Larson the autonomy to stay weird when he chose. Now we waste time trying to figure out what they meant.
I haven't been playing any quake recently, but am glad to learn about the championship from this post... thanks for making it.
Any advice on where to catch up on the scene and who the favorites and rivalries are? Or are the commentators doing a good job setting context to for noobs like me?
Very true and good points, and when it comes to snap I mostly agree with you. I would guess the "war on Ubuntu" going on is more due to Ubuntu's history of making controversial decisions that go against the grain of what most other distros are doing at the time (creating and dropping Mir, creating Unity instead of using GNOME and then switching back to GNOME when they finally got Unity working well, installing an Amazon app out of the box in one version), many of which angered a lot of Linux community members before who are still angry despite Ubuntu rolling back most of those decisions, and they've found snap a great current scapegoat issue to use to vent their long-standing frustrations with Ubuntu at.
I agree with just about every word here. I lived through all this stuff. Mir and Unity were hugely disruptive to the OSS desktop community beyond Ubuntu and I was as salty about them as anyone. If someone is aware of this history and just fucking done with Ubuntu's bullshit they'll get no flak from me. I rarely see this coherent an argument made though, it's much more often "snap bad, use this other distro that's downstream of Ubuntu and shares all the same foundations but has a different default desktop and disables snap by default", which I think is pretty nonsense and is rampant in the comments of this post.
But I've done my share of distro hopping and if someone wants to use something else for any reason or no reason... more power to them. I will make the counterpoint that no one has to care about snap specifically and if you just pretend it doesn't exist then your life will be no different. And if history is any indicator, snap has about 2y left before they abandon it anyway.
Imgur, for instance, lets me filter in and out loads of specific tags from my feed (also specific use posts).
It's relevant to note that Imgur doesn't have a communities/subreddits equivalent. Images are the rough equivalent of a post, and tags are the closest they get to communities. I'm quite certain that there are tags for both Art and Drawing, and following the Art tag doesn't mean that you won't miss out on posts that are tagged as a Drawing and not as Art. The result is really not that different than Lemmy, you still have to discover all the different tags you want to follow.
Not to be flippant about your tag examples, but those exact communities already exist (edit: ok, admittedly the search for art returns a bunch of unrelated junk):
- https://lemmyverse.net/communities?query=%22Science%22
- https://lemmyverse.net/communities?query=gaming
Now, of course... those are not the only communities addressing those topics. There's retrogaming as a subset of games, there's photographyas a subset of art, etc. But as previously noted, that's true of tags as well.
A whitelist based subscription method DOES work, and is implicitly what everyone uses on very large community sites like reddit and also very large tag-based sites like Twitter/imgur. Of course you miss out on some stuff, but when you find something you're missing... you add it to your list. It's ok not to find every last post you care about and doing so is an impossibility.
Those doors are insanity. Weird find, love it.
I realize the alternative is to look only at the ones you subscribe to but then how do you discover other communities that were just created without flipping back to Show Me Everything?
Lemmyverse.net. Or browse all periodically but infrequently enough that you don't mind having unwanted posts there because your main feed is your subscribed feed and you're just cruising for 20m looking for new communities.
I realize lemmy is smaller and it's possible to do things here that don't work on something as big as reddit... but... the futility of trying to block every subreddit you DON'T like because you might miss some that you DO like registers right? At some point in the lemmyverse growth curve the same thing happens here irrespective of what blocking tools you have. Eventually one must overcome the fear of missing out and just sub the communities you enjoy.
All that said, lemmy communities don't have more general topic tags. The only tag that exists at all is nsfw, so there's no way to identify and block all sports communities as a group. You either have to play whack-a-mole blocking each unwanted community as you notice it or switch to browsing subscribed and sub to each desired community as you find it.
I have to wonder if NLNet has some process for amending commitments made in light of new lessons learned. By a wide variety of metrics, the impact of the project has been increased beyond all imagination and ambition that people could have had in January. And the technology and quality of the project has improved way way faster as its accrued new contributors. This is really a case where the the right milestones to measure by have changed.
One might also hope that a call for help from contributors on these specific milestones might just get them back on track.
But speculation aside... yeah your description of their funding challenges is accurate.
If you're serious about this, there's a post up calling for sysops: https://lemmy.world/post/2769245
It's somewhat of a commitment, rather than drop-in drop-out... but that's what it takes to make a difference here. There are already several sharp and experienced database engineers working on the Lemmy world team. The problem is that the site is under repeated denial of service attack, and there isn't one bad query to fix... each time one query gets addressed, the attackers move on to a new one.
While it's always possible that someone has missed a silver bullet, it's much more likely that a a series of ongoing independent mitigations and optimizations are needed to achieve a tipping point where lemmy is more or less protectable with some hidden dos-able bits rather than more or less trivially dos-able everywhere.
Tell me more about why I care that snap is setting up loop devices and not that docker is setting up virtual ethernet devices and nftables chains. System tools do system things, news at 11.
I say again, this impacts my life not at all and there is nothing easier to ignore than snap.
... those "pending update, close the app to avoid disruptions" popups are kind of disrupting.
I don't exactly disagree that it's slightly irritating but:
- No one declares war on an operating system the way snap haters have over a "restart to update" message. It's an irritation, but it's not an irritation proportional to the response snap gets out of people.
- Restarting to enable an update or complete an update is not something unique to snap. Except for a tiny number of very advanced live-patching systems like the one some kernel updaters use, every updater either nags you to shutdown to do the update, nags you to restart to finish the update, or doesn't nag you and the update just doesn't take effect till you restart (apt falls in this category and it's not unambiguously better than nagging because you're silently vulnerable when security patches are shipped until you restart). So again, this is just an extremely unremarkable thing that tons of updaters deal with similarly.
There are some offenses from which we can't reasonably expect people to "learn" from...
People always learn something, though not always what one is trying to teach. Immediate permanent bans often teach them to make an alt and come back with the same attitude and a chip on their shoulder. Temp bans leverage their investment in their existing account to either encourage them to leave the community they're not welcome in or return with a better understanding of the rules.
Do temp bans work every time? No, definitely not. Are permanent bans trivially circumvented in a federated ecosystem with not even the barest of account verification policies? Yes, definitely... which means permabans are a much weaker response here than in other spaces with better account verification. I'd submit that escalating temp bans are a strictly superior in such an environment because investment in one's existing account is very nearly the only leverage mods have and should be maximized.
I think that's sort of part of it, but I think it's at least as much about the people in the houses as the ornaments on the lawns, who I see as likely representations of a Boomer (an actual boomer, not merely "someone older than me") on the right and a gen-x on the left.
So anyhoo, I see this as a bit of a generational commentary, a bit of a commentary on asymetric identity broadcasting, wrapped up in a sort of a visual pun that just feels absurd. That's of course a mountain of speculation, and perhaps a mirror of my own biases as much as a read of Larson's intent... but this stuff would have been floating around in the cultural broth Larson was cooking with, and it a read that's not all that out of character for his style.