Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)M

moonpiedumplings

@ moonpiedumplings @programming.dev

Posts
18
Comments
455
Joined
2 yr. ago

  • [solved] Why is there no .gz.tar?

    Jump

  • This is what zip does. It compresses files individually, and then combines them into the archive. This comes with the advantage that you don't have to extract the whole archive to view and edit files, but it comes with a very big disadvantage, which is that there is no compression across files. Redundant data in each file is not deduplicated.

    Tar.gz does compress across files, which saves more space. That is to say, the reason why we don't just tar gzed files together, is because people decided that compression savings matter more than not having to extract the whole archive to view/edit files.

    7z is the best of both worlds, as it compresses across files, but also lets you view and edit files without extracting the whole archive. But it's important to remember that tar.gz is ubiquitous for it's compatibility, rather than it's performance or features. Even the most smallest, stripped down utilities, or the most oldest, out of date systems, always have gz and tar, whereas even on modern desktop distros 7z may need to be explicitly installed.

  • Average Debian system update experience:

    Jump

  • Despite all the warnings not to install kali linux, I decided to install kali linux and I am now encountering an issue I would not face had I chosen to use a linux distro designed with normal desktop use in mind. Can anyone help me?

    Actually, modern kali is a lot more usable than the older kali. Kali used to only have a root user, so chromium and electron apps wouldn't start since they don't run as root.

    Despite this, nowadays I generally recommend new people away from kali, because I believe the process of installing the tools that kali provides on other distros is a valuable learning experience.

    Kali is great for the professional, but but learners I prefer they get to experience the package manager or other aspects of system management.

  • Harper: Free, Open Source Grammar Checker

    Jump

  • Languagetool's browser extension is no longer open source, which has me concerned. You can still point it at a local server, but yeah.

  • WinBoat adds support for Podman, UWP, app filtering and more

    Jump

  • UWP 💀

    UWP is Microsoft's "new" app format, it's what the windows store and the xbox use.

    It also isn't compatable with wine, and my pet theory is that this was the entire point of it. Combined with Windows S mode, which doesn't let you install apps other than from the windows store, the goal was to lock down the windows ecosystem by having apps that can't be made to run on linux.

    I remember seeing a compatability layer for UWP apps a while ago, and I am pleased to see that it has come this far. Great work!

    Edit: wait this uses a windows VM. Still good though and lets people escape the windows ecosystem.

  • Example authelia config for OIDC only

    Jump

  • As simpler and easier to use alternatives, check out voidauth and kanidm.

  • NSFW Deleted

    Permanently Deleted

    Jump

  • Why did you link to a knot that's not the ian knot?

    I used to triple tie my shoes, but they would keep getting untied. After I learned a balanced ian knot my shoes would never get untied again.

    Balanced friction > total friction

  • Which company has a better reputation Lenovo or ASUS?

    Jump

  • Both have products with varying degrees of quality. Don't follow companies around, follow specific named model lines instead.

  • Docker setup for debian 13 trixie Ansible Playbook

    Jump

  • I don't really understand why this is a concern with docker. Are there any particular features you want from version 29 that version 26 doesn't offer?

    The entire point of docker is that it doesn't really matter what version of docker you have, the containers can still run.

    Debian's version of docker receives security updates in a timely manner, which should be enough.

  • What are the silliest reasons people have given you for not wanting to try Linux?

    Jump

  • I recommend libvirt + virt-manager as an alternative to hyper v.

    The cool thing about virt manager is you can do it over ssh.

  • Docker setup for debian 13 trixie Ansible Playbook

    Jump

  • You are adding a new repo, but you should know that the debian repos already contain docker (via docker.io) and docker-compose.

  • Share your music playlist for concentration

    Jump

  • Interoperability between self-hosted services

    Jump

  • I use authentik, which emables single sign on (the same account) between services.

    Authentik is a bit complex and irritating at times, so I would recommend voidauth or kanidm as alternatives for most self hosters.

  • Blame qt

    Jump

  • Has bad branding ever turned you off from software, FOSS or not?

    Jump

  • Would you use the cli?

    One of the cool things I liked about calibre is that extensions worked via the cli interface as well, which made it easy to do batch workflows of operations on ebooks.

  • The fate of “small” open source

    Jump
    1. I hope you realize the irony of posting this in an online community dedicated to open source.
    2. I physically go to Linux and tech meetups and conferences near me. So yeah.

  • Headscale vs Netbird vs Pangolin - How do you like selfhosting them?

    Jump

  • No, they added a beta vpn feature.

  • I made a project that can install/configure/orchestrate 115+ applications on your homelab using Ansible!

    Jump

  • Does it require docker installed and being in the docker group, with the docker daemon running?

    Just an FYI, having the ability to create containers and do other docker is equivalent to root: https://docs.docker.com/engine/security/#docker-daemon-attack-surface

    It's not really accurate to say that your playbooks don't require root to run when they basically do.

  • calico in Kubernetes is so helpful, I want it everywhere

    Jump

  • I just installed Ciliium (another Kubernets CNI), and it also comes with a host based firewall, and an observability tool.

    I didn't have Hubble (observability tool enabled), but I previously didn't have a firewall, and I finally decided to enable it, which caused my ceph deployment to fail. This will help me figure out where it is failing and what rules are needed to remediate it.

  • FFmpeg to Google: Fund Us or Stop Sending Bugs

    Jump

  • With a concrete bug report like “using codec xyz and input file f3 10 4d 26 f5 0a a1 7e cd 3a 41 6c 36 66 21 d8… ffmpeg crashes with an oob memory error”, it’s pretty simple to confirm that such a crash happens

    Google's big sleep was pretty good, it gave a python program that generated an invalid file. It looked plausible, and it was a real issue. The problem is that literally every other generative AI bug report also looks equally as plausible. As I mentioned before, curl is having a similar issue.

    And here's what the lead maintainer of curl has to say:

    Stenberg said the amount of time it takes project maintainers to triage each AI-assisted vulnerability report made via HackerOne, only for them to be deemed invalid, is tantamount to a DDoS attack on the project.

    So you can claim testing may be simple, but it looks like that isn't the case. I would say one of the problems is that all these people are volunteers, so they probably have a very, very limited set of time to spend on these projects.

    This was the first search hit about ffmpeg cve’s, from June 2024 so not about the current incident. It lists four CVE’s, three of them memory errors (buffer overflow, use-after-free), and one off-by-one error. The class of errors in the first three is supposedly completely eliminated by Rust.

    FFMpeg is not just C code, but also large portions of handwritten, ultra optimized assembly code (per architecture, too...). You are free to rewrite it in rust if you so desire, but I stated it above and will state it again: ffmpeg made the tradeoff of performance for security. Rust currently isn't as performant as optimized C code, and I highly doubt that even unsafe rust can beat hand optimized assembly — C can't, anyways.

    (Google and many big tech companies like ultra performant projects because performance equals power savings equals costs savings at scale. But this means weaker security when it comes to projects like ffmpeg....)