chameleon

My dotfiles aren’t distro-specific because they’re symlinks into a git repo (or tarball) + a homegrown shell script to make them, and that’s about the end of it.

My NixOS configuration is split between must-have CLI tools/nice-to-have CLI tools/hardware-related CLI tools/GUI tools and functions as a suitable reference for non-Nix distros, even having a few comments on what the package names are elsewhere, but installation is ultimately still manual.

It’s absolutely not the case that nobody was thinking about computer power use. The Energy Star program had been around for around 15 years at that point and even had an EU-US agreement, and that was sitting alongside the EU’s own energy program. Getting an 80Plus-certified power supply was already common advice to anyone custom-building a PC which was by far the primary group of users doing Bitcoin mining before it had any kind of mainstream attention. And the original Bitcoin PDF includes the phrase “In our case, it is CPU time and electricity that is expended.”, despite not going in-depth (it doesn’t go in-depth on anything).

The late 00s weren’t the late 90s where the most common OS in use did not support CPU idle without third party tooling hacking it in.

https://bagder.github.io/emails/ has the email collection.

Eh, no. “I’m going to make things annoying for you until you give up” is literally something already happening, Titanfall and the like suffered from it hugely. “I’m going to steal your stuff and sell it” is a tale old as time, warez CDs used to be commonplace; it’s generally avoided by giving people a way to buy your thing and giving people that bought the thing a way to access it. The situation where a third party profits off your game is more likely to happen if you don’t release server binaries! For example, the WoW private/emulator server scene had a huge problem with people hoarding scripts, backend systems and bugfixes, which is one of the reasons hosted servers could get away with fairly extreme P2W.

And he seems to completely misunderstand what happens to IP when a studio shuts down. Whether it’s bankruptcy or a planned closure, it will get sold off just like a laptop owned by the company would and the new owner of the rights can enforce on it if they think it’s useful. Orphan works/“abandonware” can happen, just like they can to non-GaaS games and movies, but that’s a horrible failing on part of the company.

There’s been an exFAT driver in the kernel for a couple of years now (merged after Microsoft’s patent pact added ExFAT), it works fine. Same driver gets used on Android for SD card support.

Pretty much every form of these scams is some kind of advance fee fraud. Two more possible avenues:

• “Upgrade to a business account”. They send you an email purporting to be from the payment provider you used saying you need to upgrade to business to receive a payment that large, and the upgrade page is a fake website run by the scammer that asks for a “refundable deposit” or the like (with a little helping of credit card fraud and of course a business account will require all kinds of personal info useful for identity theft too).
• “But I want it as an NFT” was popular for a bit, they want you to “pre-pay the minting fee but it’s ok I’ll add it to your payment” and then they disappear. But they want it on a website ran by them and the moment you put the crypto in they disappear. Not sure this scam is popular nowadays because NFT screams scam to just about everyone for a lot of different reasons. But “rich guy spends $5000 on dumbass NFT” was a legitimate genre of news for a little moment.

It’s all preying on someone that thinks they got an easy paycheck for work that they’ve already done, on a populace of artists that could really use said paycheck to pay for food and are thus willing to overlook weirdness or principles. They also tend to pick on newer and younger artists that haven’t quite figured out how to run a business yet, hoping that they haven’t heard of scams specifically targeted to their sector.

Probably an anti-piracy thing. It’s pretty common in the console hacking scene for only specific versions to be vulnerable, or only have exploits released for a specific set of versions. People can get around it by looking for games released with specific updates on the disc/cart but it’s a pain.

Easiest way would be to use borg create --read-special --chunker-params fixed,4194304 '/home/user/sdcardbackup::{now}' /dev/sdX (which I copied from the examples in the documentation). I’m not sure if Vorta has a way to activate --read-special but I suspect not; you can most likely still use it to make the repo and manage archives inside of it though.

Backing up from a command/stdin might also be relevant as an alternative, since that lets you back up more or less anything.

Browsing through the PDF, I’m getting the vibe that their way of measuring “skill” is weird. They claim to use multiple methods of measuring, they list a few obvious ones that they’ve found to be bad, but they don’t say which ones they are using because “we are constantly iterating on our performance metrics to optimize the player experience per game-mode”.

Elo-like systems tend to adjust skill based on the chance of winning current match X win/loss, but they’re not (just) doing that. I wonder if they have a few weird metrics that look good on paper/in the lab but don’t feel good in play.

Elixir, or Gleam/pure Erlang/some other Erlang VM language. I think Erlang is extremely cool and I’ve enjoyed the little time I spent with Elixir. I also have absolutely no use case to make proper use of it.

Requiring agreement to some unspecified ever-changing terms of service in order to use the product you just bought, especially when use of such products is required in the modern world. Google and Apple in particular are more or less able to trivially deny any non-technical person access to smartphones and many things associated with them like access to mobile banking. Microsoft is heading that way with Windows requiring MS accounts, too, though they’re not completely there yet.

Eh. I’ve been on the receiving end of one of those inboxes and the spam is absolutely, utterly unbearable. Coming up with a better system than a publicly listed email address is on Google at this point, because there is no reasonable way to provide support when you need a spam filter tuned up to such a level that all legitimate mail also ends up in spam.

Personally, I do believe that rootless Docker/Podman have a strong enough security boundary for personal/individual self-hosting where you have decent trust in the software you’re running. Linux privilege escalation and container escape exploits fetch decent amounts of money on the exploit market, and nobody’s gonna waste them on some people running software ending in *arr when Zerodium will pay five figures for a local privilege escalation or container escape. If you’re running a business or you might be targeted for whatever reason (journalist or whatever) then that doesn’t apply.

If you want more security, there are container runtimes that do cooler security stuff under the hood, like Firecracker/Kata Containers implementing a managed VM, or Google’s gVisor which very strongly intercepts kernel syscalls and essentially reimplements Linux in userspace. Those are used by AWS and Google Cloud respectively. You can integrate those into Docker, though not all networking/etc options are supported.

That’s because they had a lot of people “buying the dip”. CS is in a very similar position to SolarWinds during their 2020 security slipup. The extent of managerial issues there should’ve been unforgivable but unfortunately they got away with it and are doing just fine nowadays.

My suggestion is to use system management tools like Foreman. It has a “content views” mechanism that can do more or less what you want. There’s a bunch of other tools like that along the lines of Uyuni. Of course, those tools have a lot of features, so it might be overkill for your case, but a lot of those features will probably end up useful anyway if you have that many hosts.

With the way Debian/Ubuntu APT repos are set up, if you take a copy of /dists/$DISTRO_VERSION as downloaded from a mirror at any given moment and serve it to a particular server, that’s going to end up with apt update && apt upgrade installing those identical versions, provided that the actual package files in /pool are still available. You can set up caching proxies for that.

I remember my DIY hodgepodge a decade ago ultimately just being a daily cronjob that pulls in the current distro (let’s say bookworm) and their associated -updates and -security repos from an upstream rsync-capable mirror, then after checking a killswitch and making sure things aren’t currently on fire, it does rsync -rva tier2 tier3; rsync -rva tier1 tier2; rsync -rva upstream/bookworm tier1. Machines are configured to pull and update from tier1 (first 20%)/tier2 (second 20%)/tier3 (rest) appropriately on a regular basis. The files in /pool were served by apt-cacher-ng, but I don’t know if that’s still the cool option nowadays (you will need some kind of local caching for those as old files may disappear without notice).

Realistically, immutability wouldn’t have made a difference. Definition updates like this are generally not considered part of the provisioned OS (since they change somewhere around hourly) and would go into /var or the like, which is mutable persistent state on nearly every otherwise immutable OS. Snapshots like Timeshift are more likely to help.

For that card, you probably have to set the radeon.si_support=0 amdgpu.si_support=1 kernel options to allow amdgpu to work. I don’t have a TrueNAS system laying around so I don’t know what the idiomatic way to change them is.

Using amdgpu on that card has been considered experimental ever since it was added like 6 years ago, and nobody has invested any real efforts to stabilize it. It’s entirely possible that amdgpu on that card is simply never gonna work. But yeah I think the radeon driver isn’t really fully functional anymore either, so I guess it’s worth a shot…

Needed to write a syntax highlighter for VB.Net but I couldn’t find any weirdly written edge cases online, so I had to make some myself.

Company offering new-age antivirus solutions, which is to say that instead of being mostly signature-based, it tries to look at application behavior instead. If Word was exploited because some user opened not_a_virus_please_open.docx from their spam folder, Word might be exploited and end up running some malware that tries to encrypt the entire drive. It’s supposed to sniff out that 1. Word normally opens and saves like one document at a time and 2. some unknown program is being overly active. And so it should stop that and ring some very loud alarm bells at the IT department.

Basically they doubled down on the heuristics-based detection and by that, they claim to be able to recognize and stop all kinds of new malware that they haven’t seen yet. My experience is that they’re always the outlier on the top-end of false positives in business AV tests (eg AV-Comparatives Q2 2024) and their advantage has mostly disappeared since every AV has implemented that kind of behavior-based detection nowadays.

All GPUs released since they came out with the RTX 2000+ line are supported and all new GPUs will most likely have support, especially with this announcement saying they’re committed to it. There’s a support list on their GitHub and it includes all the weird little things you’d be worried about. Even silly little laptop chips like the new RTX 500 are on it.

I think the only reason they limited GPU support is because the older ones physically don’t have the hardware for this approach; they switched to their newer RISC-V “GSP” processors with the RTX line. In the new open module, all of their proprietary “secret sauce” was shoved off to firmware running on that new GSP. Previously, their proprietary kernel module loaded all of that same secret sauce as a gigantic obfuscated blob running on your normal CPU instead. The Windows side of their driver has also been moving towards using the GSP, they even advertised it boosts performance or whatever, and I can believe it.

That said, with this new stuff, the official Nvidia userland portions providing Vulkan/OpenGL/CUDA support and the like are still proprietary. It’s still worse than AMD in that regard. But at least it’s possible to replace those bits, and Mesa/NVK are working on getting Vulkan up and running (with NVK supposedly getting pretty damn good, and Mesa’s OpenGL-on-Vulkan is pretty good too so that’s free).