Notices by Hugo 雨果 (whynothugo@fosstodon.org), page 2

If xz had been proprietary, would the bug have caught any attention?

600ms (the runtime overhead in this case) is a fraction of what it takes to log into some systems.

@lanodan a human needs to looks at the release itself anyway. The automation is would do the repetitive part (pull latest generate commit, push to new branch, open MR).

@martijnbraam While discussing the slowness of pkgs.alpinelinux.org today, I remembered pkgs.postmarketos.org (which is actually a lot faster). Did you write apkbrowser just to deal with performance? I'm trying to get a clearer picture of where each one stands.

@martijnbraam What changes or fixes did you need to make in the lua part? Or was running it a pain somehow?

@lanodan Email clients usually show the trust level of a key. I think that “bad signature” is red, signed” is yellow and “signed and trusted” is green.

At least that’s what I recall, it’s been a while since I’ve received gpg signed emails from known keys.

@lanodan @drewdevault How would you “fix” this? Eg: for stuff like OpenSSH.

@drewdevault This is basically privsep and what most daemons do on OpenBSD.

Synapse (the Matrix server implementation) is moving to an AGPL+CLA model.

Their announcement reminds us that this allows them to ship non-open-source derives in exchange for a fee. The wording is very clear: they intend to move from an open source model to an open core model.

Take great care when relying on this software. All the legal elements are in place so as to pull the rug from under you and screw over the community. There is no ambiguity here.

https://element.io/blog/element-to-adopt-agplv3/

@lanodan Please elaborate. I’d like to know more.

@gnutelephony @whynothugo There are no know mechanism to bypass the Activation Lock. Devices in this situation are usually turned to scrap. There’s nothing broken with the hardware itself, it’s simply a matter of Apple disallowing anyone from using it.

@gnutelephony @whynothugo The lock prompts for a PIN during the bootloader stage. You can’t boot into anything. You actually need to boot into macOS to install Asahi (or BSD, which requires going through Asahi’s installer).

If anybody wants it, I have an activation-locked M2 MacBook Pro with 32GB RAM and the highest specs.

It was given to me during a consulting job. I never again managed to get in contact with anyone. I tried getting ahold of someone to either return it or have it unlock for months with no luck. I don’t think anyone cares.

I feel bad about throwing this kind of high end hardware into the recycling bin, but this is the only option provided by Apple (what a great way to increase sales!! 🤑🤑).

@tyil @ZekuZelalem I think the big problem is how Mastodon itself scales.

Almost every time that I hear that someone runs their own instance, they mention how resource-demanding it is, and how heavy it is to run one. Running an instance for others is an even bigger commitment, and there's no easy way to delegate a domain to an existing instance.

All this leads to making the most convenient thing: "few very large instances". People always go for convenience.

@tyil @ZekuZelalem I don't quite understand what point you're trying to make.

What's up with this man page?

@lanodan @homeassistant Try contacting your local data protection authority?

I’d like to share geolocation with family members, but not with some third party or middleman. Is there any protocol / standard / prior art?

@lanodan And what exactly would this authentication server do? Do processes need to go through it every time they open a resource?

@lanodan Passing fds across processes is very well supported on Unix/Linux in general. What’s missing is commands that take an fd as input (and I agree here that this deficiency is a bad thing). Do note that commands can be fixed one program at a time.

@lanodan It you expose all these services via unix sockets, then you can control access to them in one place: via file system access (eg: restricting access to file system).

I’m not sure if this is in line to what you’re referring to with “controlling them in one place”.