Off-and-on trying out an account over at @tal@oleo.cafe due to scraping bots bogging down lemmy.today to the point of near-unusability.

  • 20 Posts
  • 1.16K Comments
Joined 3 years ago
Cake day: October 4th, 2023
  • tal@lemmy.todaytocybersecurity@infosec.pubSomeone Bought 30 WordPress Plugins and Planted a Backdoor in All of Them.
    0·
    7 hours ago

    The WordPress plugin marketplace has a trust problem.

    I think that the problem is really broader — that for any system, be it Linux distros or browser plugins or AI Python packages or NPM packages or whatever — even trustworthy software can change ownership. Most users are probably not monitoring those changes and are not in a position to evaluate the impact of those changes.

    Some of that can (and probably should) be handled by compartmentalizing software, limiting the effect it can have, though that has some costs of its own. But I don’t think that that’s going to handle everything.

  • tal@lemmy.todaytoGames@lemmy.worldGame franchises you like, but wish were another genre of video game?English
    4·
    1 day ago

    My main requirement was for the touchpad to actually have physical tactile buttons, fuck that whole solid slab of touch thing, I want 2 proper clicky buttons.

    I’m in the same boat, except I want three for Linux, where the third button is more-useful than in Windows, and there are very, very few laptops that have that any more — a few Thinkpad models. I finally gave up on it, just accepted that I was going to have a laptop without same, though you can get USB touchpads with physical buttons if you want to haul one around (and I keep one in my car for just this reason — sometimes it’s worth hauling out).

  • tal@lemmy.todaytoGames@lemmy.worldGame franchises you like, but wish were another genre of video game?English
    5·
    1 day ago

    I think that part of the problem is that there aren’t that many settings where it makes sense. Descent worked because you were supposed to be on low-gravity asteroids to justify the zero-G environment. That also means that it has to be in space and in the future. It had to be in mines, to justify the scale — most human-created environments are going to be smaller.

    I was playing Starfield and one of the moments there that I was impressed — most of the combat isn’t all that new — was in a zero-G gunfight on a space station (the Almagest or whatever the space casino is), where gunfire was sending objects flying around and riccocheting all over. I was thinking “it’s odd that more games haven’t done zero-G first-person shooters”. But…when you think about how limited the settings are where it really makes sense, I think it’s understandable.

    I mean, I guess you could create a fantasy world and just throw up your hands and say, “it’s all magic” or something, but…

  • tal@lemmy.todaytoGames@lemmy.worldGame franchises you like, but wish were another genre of video game?English
    25·
    1 day ago

    Some games that I like thematically, but don’t enjoy the gameplay on:

    • Elden Ring. If it was more RPG-like, avoided respawning enemies and reliance on learning patterns, I think I’d like it more.

    • Sunless Sea. Neat setting and writing. I don’t like the gameplay — simple combat, not very interesting choices, hunt-the-item stuff.

    • Cyberpunk 2077. This isn’t bad, but I wanted something like a Bethesda game, and I got something like a Grand Theft Auto game. I think that it’d be much better as a Bethesda-like game. Oh, though I never really liked Johnny Silverhand as a character much.

    • Fallout 76 — well, I don’t have a problem with the franchise — but on that particular game, I’d rather it wasn’t an online game, were a single-player open-world RPG. It’s more like that than when it launched, but…

    • To expand on that: a whole slew of games that are really intended to be played multiplayer, but where I only want to play against the computer. I don’t like playing games multiplayer. I would buy an expansion for these that went back and put in some major single-player improvements and good game AI. Carrier Command 2 can be played single-player, but it’s kinda repetitive and not balanced well for single-player teams. Wargame: Red Dragon. I like the game and the setting, but the AI is very difficult to enjoy playing against; just too primitive. Steel Division 2, later in Eugen’s series, really improved on the AI. Defense of the Ancients 2; the whole MOBA genre is really oriented towards playing with real humans.

    • Scanner Sombre. This is a mostly-psychological horror game, where the gimmick is that you can only see something that you’ve scanned with this LIDAR-type gizmo. You’re walking through a cave complex, and the mechanic of things slowly emerging and having to manage your visibility really works in a horror environment. But…the game isn’t really very replayable, and I like replayable games. I wish that someone would basically take the stumbling-around-in-a-cave-with-a-scanner thing and make a different sort of game out of it. (Note: If you play this, I played the Windows version in Proton. The Linux-native build was extremely unstable for me.)

    And just for the hell of it, the opposite — some where I like the gameplay, but not the theme:

    • The Binding of Isaac. I love the action roguelike gameplay. I don’t like the gore/fetus/abuse/scatological stuff all that much. I’ll deal with it, but I’d have liked the game more if it had a different theme.
  • tal@lemmy.todaytoSelfhosted@lemmy.worldProxmox audio for all guests solution?English
    2·
    2 days ago

    so I figured that using pipewire to co-ordinate this would be the easiest way forward, except it turns out that it’s a (GUI) user space process, which doesn’t make sense on a server with no GUI users.

    I’m not entirely sure what you mean by “(GUI) user space process”, but if it’s that it’s a systemd user process (e.g. it shows up when you run $ systemctl --user status pipewire rather than $ systemctl status pipewire, which appears to be the case on my system, where there’s one instance running per user session), then you probably can run it as a systemwide process, where there’s just one always-running process for the whole system. IIRC, PulseAudio could run in both modes. I don’t know if you have concerns about security on access to your mic or something, but that could be something to look into.

    searches

    Sounds like it’s doable. Not endorsing this particular project, which I’ve never seen before, but it looks like it’s possible:

    https://github.com/iddo/pipewire-system

    PipeWire System-wide Daemon Package (Arch Linux)

    This package configures PipeWire, WirePlumber, and PipeWire-Pulse to run as a single system-wide daemon as the root user. This setup is optimized for headless media servers, HTPCs, or multi-user audio environments.

  • tal@lemmy.todaytoTechnology@lemmy.worldD.C. Grand Jury Orders Reddit to Turn Over Data on Anonymous ICE CriticEnglish
    14·
    3 days ago

    You’re not wrong that you’re not safe posting on Reddit, but if this case is any indication you’re not any less safe posting in Reddit than any other site, including Lemmy.

    You can choose the location (and thus legal jurisdiction) of your home instance, but yeah, in general, I think that people need to be aware that server operators on the Threadiverse are probably not going to fight legal battles on your behalf.

    We had someone ask about turning over IP addresses to law enforcement a while back on lemmy.today. The lemmy.today server admin gave what I’d call probably a pretty accurate answer.

    https://lemmy.today/post/7255213

    How will Lemmy Today handle IP subpoenas?

    Lemmy instances are run by volunteers who wants to see a social media network without big tech.

    I dont think you can trust any of those volunteers, including this one, to not comply with law enforcement. Thats not why we are running instances. Its about providing a platform without tracking, ads and algorithms for talking to other people and having a good time.

    Hope that makes sense.

    Use a VPN if you have a reason to. :)

    It linked to a similar question for lemmy.dbzer0.com:

    How will dbzer0 handle IP subpoenas?

    Don’t know man. I’m not making enough in donations to pay for the server costs, never mind hiring lawyers. I’ll deal with this when I have to 😅

    There are platforms more-aimed at providing harder pseudonymity. I’d put Hyphanet fairly high on the list of “a pain in the ass to track a poster down due to technical barriers” list (though that comes with very real performance and latency and suchlike costs).

  • tal@lemmy.todaytoSelfhosted@lemmy.worldHow do you use VPN?English
    5·
    5 days ago

    I have not used such a configuration, but I believe that it’s fine to have multiple WireGuard VPNs concurrently up, at least from a Linux client standpoint. I have no idea whether your phone’s client permits that — it could well be that it can’t do it.

    Your routing table would have the default route go to a host on one of them (and your Internet-bound traffic would go there), but you should be able to have it be either. Or neither — I’ve set up a WireGuard configuration with a Linux client where the default route wasn’t over the WireGuard VPN, and only traffic destined for the LAN at the other end of the WireGuard VPN traversed the WireGuard VPN.

    From Linux’s standpoint, a WireGuard VPN is just like another NIC on the host. You say “all traffic destined for this address range heads out this NIC”. Just that the NIC happens to be virtual and to be software that tunnels the traffic.

    EDIT:

    It sounds like this is an Android OS-level limitation:

    https://android.stackexchange.com/questions/261526/are-there-technical-limitation-to-multiple-vpns

    In the Android VPN development documentation you can find a clear statement regarding the possibility to have multiple VPNs active at the same time:

    There can be only one VPN connection running at the same time. The existing interface is deactivated when a new one is created.

    That same page does mention that you can have apps running in different profiles using different VPNs at the same time. That might be an acceptable workaround for you.