The federation aspect adds complexity. A lot of complexity.
The only thing the fediverse might enable is nobodies like me can theoretically write social media software and actually get them successful without becoming a VC funded social media startup and have to resort to ads and premium tiers.
But things that couldn't be done without the fediverse as a base? Nah not really.
Note that the concept of federation is really old. Emails are a form of federation. XMPP was federated too. Heck, Diaspora* is pretty old and tried to make open Facebook for almost as long as Facebook's been mainstream.
Been working great for me for ~1 year on my desktop and closer to 2-3 on my laptop.
The only thing missing for me was Barrier for input sharing, which libei is supposed to fix. I ended up going for a hardware solution as Barrier is jank af anyway.
Only thing not working for me is HDR (should be fixed in Plasma 6.1), not like you could do HDR on Xorg anyway. Also no HDMI 2.1 but that's because fuck the HDMI Forum.
Performance-wise, just blows away Xorg in every metric, and explicit sync should make that even better.
Were you using patched KWin or something? Because experimental HDR support is supposed to be one of the big features for 6.0, so unless it broke in 6.0.3 or something, you shouldn't have had an update to break HDR in the first place because it wasn't supported.
Well that's a weird one then. It got released February 38th and took a couple days for Arch to get it. I had the washed out colors too but I didn't have any HDR before that. That's ~6 weeks ago so yeah it's probably 6.0.3, the last that came out about that 2-3 weeks ago. I guess you were one of the lucky ones it worked and then broke! With a bit of luck it'll be fixed for good on 6.1.
It works for most people but there's some issues with some monitors where the color saturation doesn't work well and result in washed out colors compared to SDR.
It will also output RGB into YUV buffers if you have a display that only supports YUV colorspaces, so you end up with a very green and reddish purpleish screen.
Initial HDR support was introduced in 6.0, and 6.1 is supposed to bring some fixes for the washed up colors. I haven't found a bug for the YUV stuff and didn't have time to do a proper bug report.
It's obviously pretty valuable. How would we feel if say, China decided Microsoft/Google/AWS/Oracle had to sell to a Chinese company on the grounds of national security? They'd rather pull out too, despite China being a very large market too. Or what happens if other countries starts demanding the same?
Pretty sure ByteDance would rather keep their IP.
And if they sell, do they keep the rights for the other countries or it belongs to the US now?
Banks, email providers, booking sites, e-commerce, basically anything where money is involved, it's always the same experience. If you use the Android or iOS app, you stayed signed in indefinitely. If you use a web browser, you get signed out and asked to re-authenticate constantly - and often you have to do it painfully using a...
That's a safety thing. Phones are usually owned by one person or possibly shared in the family, but the security is such that app data is per-user anyway.
Websites though, people still sign in from all sorts of devices and often wildly insecure ones such as public/work computers, one malware away from hackers having access to your bank account.
Inconvenient for advanced users like us, but it would literally make all of those refund scams so much easier to pull off because they wouldn't even have to trick the victims into logging into their bank: blank the screen, transfer the money, tell them their computer is all fixed, bye.
If your bank really spies on you through its app, I would change bank. Neither of my bank apps even run in the background or even request sensitive permissions. I will happily change my mind if you can show any proof that this is happening.
It's purely security. On Windows and largely on Linux desktop as well, any app can easily look at other app's data, that's why there's so many browser credential stealers. Maybe you'll never be a victim of this sort of attack, but if it does happen your bank account is gone.
Android and iOS have complete data isolation between apps. Unless you have root on it, even if you install malware and give it the maximum amount of permissions Android can possibly give, it can't access your auth cookies from the bank app. The bank app can't even access them either until you input a pin or biometric data to get it from the TEE.
Thus it's safe for banks to actually let people stay logged in with reduced identification. Browsers can't do that, not without the web integrity.
We're an absolutely minuscule minority that cares, and could use a stay logged in feature safely in a browser environment.
Dealing with fraud cases is expensive for the banks, they have good reasons to ensure you can only access your bank account under safe conditions. The average person doesn't even know what a web browser is, they know they click the Google and enter what site they want to go to into Google and search for it. They're the people that get scammed on the phone. They're the people that have their entire life savings wired overseas.
Just let your password manager fill up the login everytime, it's not hard.
Android is open-source. My phone runs an open-source build of it.
At this point it's barely any worse than a web browser. I know it's sandboxed, it can't access anything I don't want to. All it lacks is isolation with the kernel since web browsers run JavaScript and Android runs native code.
Worst comes to worst you just run the app in Waydroid.
I recognize this will vary depending on how much you self-host, so I'm curious about the range of experiences from the few self-hosted things to the many self-hosted things....
Very minimal. Mostly just run updates every now and then and fix what breaks which is relatively rare. The Docker stacks in particular are quite painless.
Couple websites, Lemmy, Matrix, a whole email stack, DNS, IRC bouncer, NextCloud, WireGuard, Jitsi, a Minecraft server and I believe that's about it?
I'm a DevOps engineer at work, managing 2k+ VMs that I can more than keep up with. I'd say it varies more with experience and how it's set up than how much you manage. When you use Ansible and Terraform and Kubernetes, the count of servers and services isn't really important. One, five, ten, a thousand servers, it matters very little since you just run Ansible on them and 5 minutes later it's all up and running. I don't use that for my own servers out of laziness but still, I set most of that stuff 10 years ago and it's still happily humming along just fine.
So..in a short sentence...the title. I have a server in a remote location which also happens to be under CGNAT. I only get to visit this location once a year at best, so if anything goes off...It stays off for the rest of that year until I can go and troubleshoot....
You probably need the server to do relatively aggressive keepalive to keep the connection alive. You go through CGNAT, so if the server doesn't talk over the VPN for say 30 seconds, the NAT may drop the mapping and now it's gone. WireGuard doesn't send any packet unless it's actively talking to the other peer, so you need to enable keepalive so it's sending stuff often enough the connection doesn't drop and if it does, quickly bring it back up.
Also make sure if you don't NAT the VPN, that everything has a route that goes back to the VPN. If 192.168.1.34 (main location) talks to 192.168.2.69 (remote location) over a VPN 192.168.3.0/24, without NAT, both ends needs to know to route it through the VPN network. Your PIVPN probably does NAT so it works one way but not the other. Traceroute from both ends should give you some insight.
Instagram is profiting from several ads that invite people to create nonconsensual nude images with AI image generation apps, once again showing that some of the most harmful applications of AI tools are not hidden on the dark corners of the internet, but are actively promoted to users by social media companies unable or...
That's the big problem with ad marketplaces and automation, the ads are rarely vetted by a human, you can just give them money, upload your ad and they'll happily display it. They rely entirely on users to report them which most people don't do because they're ads and they wont take it down unless it's really bad.
Actually, a good 99% of my reports end up in the video being taken down. Whether it's because of mass reports or whether they actually review it is unclear.
What's weird is the algorithm still seems to register that as engagement, so lately I've been reporting 20+ videos a day because it keeps showing them to me on my FYP. It's wild.
Third floor ain't that bad as long as you don't exceed your carrying capacity. Going up 3 floors by stairs isn't much compared to the ~10 minutes of walking back from the store. Really not that bad with a bag each hand.
It starts getting much with places with > 4 floors but that's pretty rare without an elevator. You waste more time waiting for the elevator than actually going up anyway when you're on floor < 3.
Does cloud providers share the IP addresses and the alloted users to these big corps and defect the whole purpose of a privacy frontend? Are there any service (FOSS) that could randomise my servers IP?...
Lets say you run a Reddit/Twitter/YouTube proxy. Yeah, the services ultimately still get your server's IP, but you will just appear as coming from some datacenter somewhere, so while they can know it's your traffic, they can't track you on the client side frontend and see that you were at home (and where your home is), then you went on mobile data and then ended on a guest WiFi, then at some corporate place. The server is obfuscating all of that. And you control the server, so your server isn't tracking anything.
The key to those services being more private is actually to have more people using them. Lets say now you have 10 people using your Invidious instance. It'll fudge your watch pattern a fair bit, but also any watched video could be from any of the 10 users. If they don't detect that, they've made a completely bogus profile that's the combination of you and your 10 users.
You can always add an extra layer and make it go through a VPN or Tor, but if you care that much you should already always be on a VPN anyway. But it does have the convenience that you can use it privately even without a VPN.
A concrete example. I run my own Lemmy server. It's extremely public but yet, I find it more private that Reddit would. By having my own server, all of my client-side actions are between me and my server. Reddit on the other hand can absolutely log and see every interaction I have with their site, especially now that they've killed third-party apps. It knows every thread I open, it can track a lot of my attention. It knows if I'm skimming through comments or actually reading, everything. In contract, the fediverse doesn't know what I actually read: my server collects everything regardless. On the other hand, all my data including votes is totally public, so I gain privacy in a way but lose some the other way.
Privacy is a tradeoff. Sometimes you're willing to give away some information to protect other.
For selfhosting as a whole, sure some things are just frontends and don't give you much like an Invidious instance, but others can be really good. NextCloud for example, I know my files are entirely in my control and get a similar experience to using Google Drive: I can browse my stuff from anywhere and access my files. I have my own email, so nobody can look at my emails and give me ads based on what newsletter I get.
It doesn't have to be perfect, if it's an improvement and gets you into selfhosting more stuff down the line, it's worth it.
It's default since systemd afaik. I think systemd-tmpfiles manages this. It's never been a problem for me, it pretty much remains fairly empty most of the time. Most things like sockets are in /run which is also tmpfs.
I installed NetGuard about a month ago and blocked all internet to apps, unless they're on a whitelist. No notifications from this particular system app (that can't be disabled) until recently when it started making internet connection requests to google servers. Does anyone know when this became a thing?...
I was able to start some of its private activities with ActivityLauncher as root. Most of them just crash immediately, but the help page is available. And yikes, they got them covered against a possible bypass, no developer tools or sideloading.
That will depend on usage. If you subscribe to a lot of communities that are very active the database will grow fairly fast. If your users post a ton of large files then that will grow much much faster than the database. Your instance also caches image thumbnails so that can grow somewhat fast too.
Currently sitting at 750 MB for pictrs and 500MB for postgres after a week, so you may want to plan a decent size but 30-40GB should be fine for a while to get started. Add some monitoring for when it reaches 10, 20 and 30GB and keep an eye on it.
Does the concept of the fediverse act as a template for original apps that couldn't be done with non fediverse software?
Are we Wayland yet or Whats missing? ( lemmy.ml )
Curious from people who follow its development closely....
ByteDance prefers TikTok shutdown in US if legal options fail, sources say ( www.reuters.com )
Anti-web discrimination by banks and online services - is this even legal?
Banks, email providers, booking sites, e-commerce, basically anything where money is involved, it's always the same experience. If you use the Android or iOS app, you stayed signed in indefinitely. If you use a web browser, you get signed out and asked to re-authenticate constantly - and often you have to do it painfully using a...
AI Is Poisoning Reddit to Promote Products and Game Google With 'Parasite SEO' ( www.404media.co )
How much maintenance do you find your self-hosting involves?
I recognize this will vary depending on how much you self-host, so I'm curious about the range of experiences from the few self-hosted things to the many self-hosted things....
Server behind CGNAT - Reverse VPN? Or how to bypass?
So..in a short sentence...the title. I have a server in a remote location which also happens to be under CGNAT. I only get to visit this location once a year at best, so if anything goes off...It stays off for the rest of that year until I can go and troubleshoot....
Instagram Advertises Nonconsensual AI Nude Apps ( www.404media.co )
Instagram is profiting from several ads that invite people to create nonconsensual nude images with AI image generation apps, once again showing that some of the most harmful applications of AI tools are not hidden on the dark corners of the internet, but are actively promoted to users by social media companies unable or...
People that lived in walk up apartments *with no elevator*, did you like it?
Again, with no elevator....
[Question] If I selfhost a privacy frontend on cloud, wouldn't the original service get my server IP and track back to me?
Does cloud providers share the IP addresses and the alloted users to these big corps and defect the whole purpose of a privacy frontend? Are there any service (FOSS) that could randomise my servers IP?...
KDE Neon using tmpfs for /tmp seems like an horrible idea?
I get the idea behind it for sure but why use our available ram for this? I thought whatever init functionality would just wipe clean /tmp at boot....
Does anyone know of any free-speech oriented Lemmy instances?
I’m interested in an instance that only blocks illegal content and spam.
Google Allows Creditors to Brick Your Phone ( lemmy.world )
I installed NetGuard about a month ago and blocked all internet to apps, unless they're on a whitelist. No notifications from this particular system app (that can't be disabled) until recently when it started making internet connection requests to google servers. Does anyone know when this became a thing?...
[Question] Disk Space for Lemmy and Mastodon instances
Hi,...