4·
11 months ago
- My name is pronounced (/dɛlaɪəl/).
- You can find me on Mastodon at @[email protected].
- 0 Posts
- 13 Comments
Joined 1 year ago
Cake day: June 8th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Myst, Superhot VR, Beatsabre
15·1 year agoThank you! Here’s the actual PDF doc of their clarifications and here’s the original DSA
The specific language for number of users is:
average monthly active recipients of their service in the Union, calculated as an average over the period of the past six months
And the definition of active recipient:
(p) ‘active recipient of an online platform’ means a recipient of the service that has engaged with an online platform by either requesting the online platform to host information or being exposed to information hosted by the online platform and disseminated through its online interface;
So you just need 45 million EU citizens looking at a platform to qualify as a VLOP. Amazon probably qualifies, but it would be easy for them to prove they were unfairly discriminated against as well.
Did the EU even define the term “Very Large Online Platforms”? I think this is the bill, but it doesn’t ever define the term. Amazon may be right, purely because the legislators are incompetent idiots.
I can’t find the page that lists blocked instances on kbin, but lemmy.ml may be blocked. lemmy.ml (and lemmy in general) are controversial to some people, and those that dislike lemmy for those reasons have gravitated to kbin.
In short, the lemmy devs and lemmy.ml admins are considered “tankies”, so they don’t want anything to do with them. Thought-stopping newspeak to me, but I’m a strict “separate the artist from the art” person, especially if you’re not paying them.
EDIT: A comment from [email protected] you may not be able to see:
With full knowledge that OP is unlikely to check the comments from a non-ml instance, so they’ll likely never see this, I think in light of this sustained situation, we need to discuss whether or not we actually do defederate from lemmy.ml.
Some people over there do know about the dev’s weird scummy coding. Some, like OP, don’t. Either way, neither of the devs have said a word about it in over a week despite being repeatedly asked and the topic repeatedly coming up even on their own instance. They may be bogged, but I sense they would have by now and it’s likely to stay like this.
I think I’m going to give them a little more time, and then (maybe over the weekend?) I’m going to raise the question if someone else doesn’t, about how their contributions to the apparent activity of kbin feeds weighs against our wholesale inability to fully interact with any of it. We can talk with each other there, certainly, but I don’t think that’s enough and it gives a false impression.
Frostpunk is phenomenal! It sucked up all my free time for a couple weeks.
Oxenfree is gorgeous.
Oh man, there are so many great games if you’re willing to play old stuff (although it looks like the summer sale is over):
Still on Sale
- System Shock (remake)
- Psychonauts 2
- Myst 25th Anniversary Collection
- Death Road to Canada
- Alan Wake
- Alan Wake’s New Nightmare
- Project Zomboid
Classics
- Jazz Jackrabbit Collection
- Jazz Jackrabbit 2 Collection
- Contra Anniversary Collection
- System Shock: Enhanced Edition-
- System Shock 2
- Grim Fandango Remastered (I can’t recommend this one enough; best game ever)
- Mortal Kombat 1+2+3
- The Settlers 2: Gold Edition (this one is also fantastic)
- Theme Hospital
- Dungeon Keeper Gold
- Dungeon Keeper 2
- SimCity 2000 Special Edition
- SimCity 3000 Unlimited
- SimCity 4 Deluxe Edition
As a software dev, so much this.
PWAs are super fucking cool, but current web browsers are a SuperFund disaster site, so they make PWAs suck, and PWAs are partially to blame as Google and Apple keep adding features to browsers to mirror their phones’ native features. Every PWA is going to be slower than a native app for the foreseeable future, regrettably, and they’ll always be nothing more than a browser with the decorations hidden.
I hate this reality with a passion, but native apps are faster because it’s an app on your phone and not an app in a browser on your phone.
PWAs are great, because Apple and Google have no say in whether or not you can use them, and they get no cut if you spend money through them (scumbags at Apple taking 30%).
That’s why I said largely useless. An attacker can narrow down the attack surface by ignoring anything that can’t login, but that just leaves them with root and delial, and they already knew or could’ve guessed both of those pieces of information (in this context anyway).
And as you noted when looking at the service accounts, they might be able to login or crack their way in via xrdp or sshd. So, unless you’re port-forwarding those protocols from the internet, how useful is that really? I would say largely useless. Assuming they port-scanned your public IP, they still need either an insecure config or an unpatched, remotely exploitable bug.
That being said, you’re totally right. The average Linux user isn’t “administering” their system, so they probably aren’t following their distribution’s security mailing list, installing security patches as they’re released, and actually RTFM. It’s best for the average user to play it unbelievably safe.
In this case, the machine isn’t actually running xrdp, and sshd doesn’t accept passwords or root logins. (Although, I need to setup knockd to protect that non-standard sshd port a bit more.) All passwords used on the system are random and longer than 32 characters. My router doesn’t port-forward to this machine, either.
This has been an exercise of Cunningham’s Law for the benefit of those reading.
Since you told me not to. There isn’t a risk on most linux systems; passwords were moved to /etc/shadow a long time ago. It only leaks the names of your users and largely useless info for most attackers:
root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin man:x:6:12:man:/var/cache/man:/usr/sbin/nologin lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin mail:x:8:8:mail:/var/mail:/usr/sbin/nologin news:x:9:9:news:/var/spool/news:/usr/sbin/nologin uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin proxy:x:13:13:proxy:/bin:/usr/sbin/nologin www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin backup:x:34:34:backup:/var/backups:/usr/sbin/nologin list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin _apt:x:100:65534::/nonexistent:/usr/sbin/nologin systemd-network:x:101:102:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin systemd-resolve:x:102:103:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin messagebus:x:999:999:System Message Bus:/:/usr/sbin/nologin systemd-timesync:x:998:998:systemd Time Synchronization:/:/usr/sbin/nologin systemd-coredump:x:997:997:systemd Core Dumper:/:/usr/sbin/nologin delial:x:1000:1000:,,,:/home/delial:/bin/bash sshd:x:103:65534::/run/sshd:/usr/sbin/nologin xrdp:x:104:110::/run/xrdp:/usr/sbin/nologin dictd:x:105:111:Dictd Server,,,:/var/lib/dictd:/usr/sbin/nologin nm-openvpn:x:106:112:NetworkManager OpenVPN,,,:/var/lib/openvpn/chroot:/usr/sbin/nologin sssd:x:107:113:SSSD system user,,,:/var/lib/sss:/usr/sbin/nologin
Google and Apple tit-for-tat adding features to browsers and the never-finished living standard are the most egregious examples of this. They are very slowly strangling the web to death by making it impossible to make a browser except to increase a large corporation’s profits.
1·1 year agoFor me, it has to be Grim Fandango
Great game with a fantastic soundtrack
POSTAL: Brain Damaged is an interesting shooter in this genre, and a faithful addition to the series.