Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)S

smiletolerantly

@ smiletolerantly @awful.systems

Posts
9
Comments
946
Joined
2 yr. ago

  • 'The Frontier Lord Begins With Zero Subjects' Anime Officially Announced for July 2026! / New Key Visual

    Jump

  • Oh, whew! Just grooming then, that's A-OK!

  • The Cost of “Quick Fixes” in Codebases

    Jump

  • Isn't that exactly what the commit message is for?

  • Any good selfhosted instant messaging?

    Jump

  • Huh - you're right. I went back to Signal's X3DH spec because I was sure I was right, but it seems I misremembered how the "prekey bundles" work: Users publish these to the server, allowing (in my original assumption) for the server to just swap them out for a server/attacker-controlled key bundle for each Alice and Bob.

    However, when Alice wants to send Bob an initial message and she gets a forged prekey bundle, Bob will simply not be able to derive the same key and communication will fail, because Bob knows what his SPK private key is, while the server only knows the public key.

  • Any good selfhosted instant messaging?

    Jump

  • A compromised server would allow the server to man-in-the-middle all new connections (as in, if Alice and Bob have never talked to each other before, the Server/Eva can MITM the x3dh key exchange and all subsequent communication). That's why verifying your contact's signatures out-of-band is so important.

    (And if you did verify signatures in this case, then the issue would immediately be apparent, yes.)

    Edit: I was wrong. See below.

  • 8 characters? How about we make it 16?

    Jump

  • That's why safewords should be passphrases! /s

    Hold on, actually no, not /s

  • Aktueller Arbeitsmarkt für Berufseinsteiger

    Jump

  • Ich glaube ich hatte einfach Glück: bin vor ca. 8 Monaten als Software Engineer gestartet, kurz nach Abschluss vom MA Informatik. 100% remote und ziemlich zufrieden mit der Vergütung.

    Glück sage ich aber vor allem deshalb, weil mein jetziger Arbeitgeber das einzige Vorstellungsgespräch war, was ich hatte. Ansonsten nur eine negative Rückmeldung zur Bewerbung, eine Einladung zum Bewerbungsgespräch 4 Monate später (lol) und sonst gar nix.

  • Peter Thiel and Jeffrey Epstein Had a Yearslong Relationship

    Jump

  • Deleted

    Permanently Deleted

    Jump

  • Is this some sort of public tracker issue I'm too private trackers and Usenet only to understand?

  • Gas imports or solar panels?

    Jump

  • I mean... Isn't there though? You do a one time investment, and then you earn money for 20 years with negligible operating costs.

    Shouldn't every capitalist get a priapism from this idea?

  • Welche eigentlich völlig bekackte Vergangenheit wird bei euch in der Gegend unnötig glorifiziert?

    Jump

  • Aachen?

  • "look! the #signalapp income and salaries report for 2024 dropped!" #startpocketwatching #opentechnologyfund #usgovernmentsponsored

    Jump

  • Funny, I've also already read that 😄 Good blog and article.

  • "look! the #signalapp income and salaries report for 2024 dropped!" #startpocketwatching #opentechnologyfund #usgovernmentsponsored

    Jump

  • What blog?

  • Do you stick to the same linux distro across your devices?

    Jump

  • It's a very steep curve to start, with some additional minor steep parts along the way, but it's not a long curve. Once you got the core concepts and the basic language constructs, you've learned most of what you'll ever need.

    Two nice resources: search.nixos.org is super handy, and you can search GitHub with language:nix and a search term to get tons of examples from other people.

    Oh, and nix and just is actually a pretty common combo!

  • Do you stick to the same linux distro across your devices?

    Jump

  • Yep, exactly.

    To be fair, if you use Debian, Arch, Fedora,... long enough, you also know how to tweak your machine for every purpose. In Nix, it's just somewhat of a self-fulfilling prophecy, because you have to know how to tweak your system to achieve.... anything, and then it's the same tweaking mechanics for every other purpose as well.

  • Do you stick to the same linux distro across your devices?

    Jump

  • My Steam Deck also runs NixOS.

    Because this way I can much more comfortably configure it, plus everything game related I automated through nix for my Desktop (e.g. mod installs, reShade config,...) immediately and without any extra steps also applies to the Steam Deck.

    https://github.com/Jovian-Experiments/Jovian-NixOS

  • Do you stick to the same linux distro across your devices?

    Jump

  • Yes. Everything is NixOS. Because it's perfect for everything.

  • "look! the #signalapp income and salaries report for 2024 dropped!" #startpocketwatching #opentechnologyfund #usgovernmentsponsored

    Jump

  • Ha, thanks, I'd already read that. And I do, mostly, agree; the OMEMO implementation is not great both from the security perspective discussed in the post, as well as the UX (not being able to decrypt old messages on new devices at all).

    That being said, I primarily want a selfhosted, federated messenger which also takes privacy and security seriously, and at least for the former, XMPP is really refreshingly good.

  • "look! the #signalapp income and salaries report for 2024 dropped!" #startpocketwatching #opentechnologyfund #usgovernmentsponsored

    Jump

  • Ugh. I've always liked Matrix (and was not bothered too much by the metadata leaks because my home server was not federated anyways), but after noticing some issues and finally reading up on the actual protocol spec a couple of weeks ago... oof. Yeah. No.

    Set up XMPP for now. Works really well and the protocol seems so much saner. Unfortunately, it too has some annoyances that are unacceptable to me in the long term. I'm this close to saying "fuck it" and wasting the next couple of years of my life on a new protocol that no one is gonna use. (Cue the XKCD here.)

  • Fetcharr - a human-developed Huntarr replacement

    Jump

  • Not to dimish your work at all, but: the Sonarr upgrades absolutely do work.

  • Selfhosted @lemmy.world
    smiletolerantly @awful.systems

    Try BentoPDF if you haven't / are unhappy with StirlingPDF

  • Selfhosted @lemmy.world
    smiletolerantly @awful.systems

    Intent recognition for HomeAssistant without an LLM?

  • Asklemmy @lemmy.ml
    smiletolerantly @awful.systems

    What one book or piece of literature would adapt into a movie/TV series if given the funding and full creative control? Why?

  • Selfhosted @lemmy.world
    smiletolerantly @awful.systems

    continuwuity vs tuwunel: where to go from conduwuit? (Update: probably continuwuity.)

  • ich_iel @feddit.org
    smiletolerantly @awful.systems

    ich 🌶️🌶️🌶️ iel

  • Linux @lemmy.ml
    smiletolerantly @awful.systems

    How would I go about gaining access to a locked-down Linux device I own.

  • Selfhosted @lemmy.world
    smiletolerantly @awful.systems

    Self-Hosted setup for remote music lessons?

  • 196 @lemmy.blahaj.zone
    smiletolerantly @awful.systems

    Can someone rule-splain this

  • Selfhosted @lemmy.world
    smiletolerantly @awful.systems

    Can't use Crunchyroll via WireGuard