• 0 Posts
  • 19 Comments
Joined 1 year ago
cake
Cake day: June 10th, 2023

help-circle





  • The biggest red flag is when they try and stop you from pasting your password (or anything else for that matter) breaking password managers.

    There are years-long arguments on social media with companies who do this with actual security experts telling them they’re hurting security (including referencing organisations like the UK’s National Cyber Security Centre) and their only response is “we don’t allow pasting for security reasons” but they can never explain how it helps security - because it doesn’t. It drives me mad.


  • and now Google of all companies wants to lock down the whole internet?

    Of all the companies, Google always seemed the most likely, both to want to and to be successful. They’ve tried before, sometimes in small ways, sometimes in larger more obvious ways (AMP, the implementation of content filtering in Chrome etc.).

    They’re the world’s largest advertising and data harvesting company. It’s their business. Of course they want to lock the internet down to serve their goals of learning as much about you as possible and using that data to shove ads in your face.

    Whenever using any Google/Alphabet product you have to ask yourself, “am I ok with this thing I’m about to use being built by the world’s largest advertising company?”. The answer should be “no” more than it is “yes”, particularly for things that have access to lots of your data, like web browsers, phones, home speakers etc.




  • I particularly enjoy the “if you need immediate assistance” note for a telephone line that’s open even fewer hours than the website. it’s positioned as an alternative to the site, but absolutely isn’t. Also, if that message is only displayed when the site is closed, there are no hours when the phone line is open but the site is closed, so who’s it helping? You couldwrite it down and call it when it’s open, but the site is also going to be open then, several hours earlier in fact, so is less “immediate” than the site that’s closed.


  • It’s really hard. And really expensive. I used to work in five nine environments, life or death type use cases, and my rule of thumb was that you double your cost for every extra nine you add.

    When we got to five nines it was multiple hot standbys with a custom control and orchestration plane - literally custom hardware we had to build. This was for local installations, so not modern cloud environments (it was over a decade ago), but many of the challenges are similar, like session handling, transmission replay and caching, locking, clashing, routing, jitter, latency etc.


  • I moved from Organizr to Homepage via Heimdall.

    I had no end of issues with Organizr. It felt like something broke with each update and performance was pretty bad (not to mention some apps just not working with it). Seemed to be pretty common when I last tried it a couple of years ago, there were lots of similar complaints.

    The good thing about Homepage is that the widgets mean you rarely have to go in to each app’s ui, so it actually saves me time.


  • Don’t do any port forwarding, and test your network’s external exposure regularly. If you do that, you’ll set yourself up in the right way.

    If you need to access anything you’re self-hosting from outside your network, do it through a VPN and open up one single port, the one the VPN users, rather than accessing services directly. And use a non-standard VPN.

    This has other benefits too. For example, if you’re running a pihole, you’ll be able to use it when out and about on your phone if you’re going through your own VPN.


  • We (i.e. those of us who work in the industry and care about such things) really need to work on messaging to get through to normal people.

    For instance, people are genuinely freaked out at the idea of Facebook listening to them through their phones. It really hits a nerve. Now that isn’t happening, but what is happening is even worse. Facebook are able to predict your behaviour, your thoughts, so well that it gives the illusion that they’re listening to you. They’ve spent decades training their models on your behaviour, your content, both on their website and across the entire web and beyond. And they’ve fucking nailed it.

    That’s far far more scary than them listening to you. They know things about you that you don’t even say out loud. It’s terrifying.


  • I’ve been on reddit a long time, over 17 years, and I’m a member of some private subs that happen to have some quite influential users in them. It would be really interesting to open those up to the public to see what reddit influencers are saying in closed spaces, and the amount of gaming etc. that goes on between prominent users you see all across the site.

    Admittedly, at least the subs I’m in are relatively quiet these days, but in years gone by they’d basically decide what was going to be popular, who was going to mod which subs etc.


  • This is almost certainly true. But what I can’t figure out is that Reddit needs Mods for the subs. And surely mods, and potential mods, are more engaged and informed.

    There’s always been this implicit understanding that Reddit gets free moderation across the whole site, something other SM sites spend millions if not billions on each year, in exchange for those mods having autonomy, control, and a sense of ownership of the subs they mod. That social contract has completely broken down.

    I’d guess mods get into modding for one of two reasons. One is power/influence, which is now seriously diminished, and the other is because they care about the community, and they must now be wondering whether Reddit Inc is the best place to host such a community when it appears to be so hostile to users.