moonpiedumplings

joined 1 year ago
[–] moonpiedumplings 8 points 1 day ago (1 children)

The whole point of it is that in a truly random system all known patterns should eventually emerge somewhere within it.

So pi (probably) has this property. There are some joke compression programs around this (they don't really work because it takes up more space to store where something in pi is, than storing the thing itself). But it is funny, to think that pi could theoretically hold every past, present, and future piece of information within those digits after the decimal.

https://github.com/philipl/pifs

https://ntietz.com/blog/why-we-cant-compress-messages-with-pi/

[–] moonpiedumplings 1 points 1 day ago

No need for AI for that, humans can do it better:

https://youtube.com/watch?v=l7ZUZerGwK4

https://youtube.com/watch?v=zn_rx8Zyl54

If you know where to look, someone already did it.

[–] moonpiedumplings 1 points 1 day ago* (last edited 1 day ago)

A new k8s cluster was created and planned to replace the current setup. Instead of ad-hoc scripts, conventions and associated documentation, it relies on a declarative description

Gitops!

It seems that they are using fluxcd, just like I am, to manage their kubernetes cluster.

I really like it as a solution, as you just edit configuration files, push then to git, and then your kubernetes cluster changes. Deploying an app is as simple as adding a file, and deleting an app involves deleting that file.

[–] moonpiedumplings 9 points 1 day ago* (last edited 1 day ago) (1 children)

I honestly don't know how this could turn out.

It could be an amazing change that results in much more progress for hardware acceleration on guests of various types (since that is what vmware is good at) in kvm...

Or it could mean that they are dropping that feature from vmware altogether.

Regardless, I like this change because it means I would be able to run vmware machines and libvirt kvm machines at the same time, at least when I am forced to use vmware workstation.

I also dislike proprietary software in general, so I think less proprietary software and more FOSS is a good thing.

[–] moonpiedumplings 4 points 1 day ago* (last edited 1 day ago) (1 children)

I found this: https://github.com/tenclass/mvisor-win-vgpu-driver

But it is for another foss kvm based hypervisor called mvisor.

[–] moonpiedumplings 17 points 1 day ago* (last edited 1 day ago)

I disagree, because they are not the same thing.

Immutable means read only root.

Atomic means that updates are done in a snapshotted manner somehow. It usually means that if an update fails, your system is not in a half working state, but instead will be reverted to the last working state, and that updates are all or nothing.

I create a btrfs snapshot before updates on my Arch Linux system. This is atomic, but not immutable.*

There is also "image based" which distros like ublue (immutable, atomic) are, but Nixos (also immutable and atomic) are not.

*only really before big updates tbh, but I know some people do configure snapshits before all updates.

[–] moonpiedumplings -1 points 4 days ago* (last edited 4 days ago) (1 children)

FYI, DeVault’s Stallman Report explicitly attacks the FSF as well as Stallman.

I read the report. You are free to show me exactly where it criticizes the FSF beyond their interactions with Stallman.

I took it mean that the report was such a deceitful and irrational work, presented in such a duplicitous manner as to constitute an attack on the senses of the community.

I'll just copy my older comment, and put it here

Begin quote:

Stallman doesn’t seem to get that pedophilia is wrong because of the hierarchy of power, and the power imbalances between older/younger people, not because of some inherent wrongness about being attracted to a prepubescent person. This is shown by how he condemns some pedophilia, but is accepting of 12+/past puberty. (I despise this logic, because it would also make gay sex and sodomy wrong, as well).

I find this deeply ironic, because his primary issue with proprietary software is the way that it gives developers levels of power over users. From his article Why Open Source Misses the Point

But software can be said to serve its users only if it respects their freedom. What if the software is designed to put chains on its users? Then powerfulness means the chains are more constricting, and reliability that they are harder to remove.

You would expect someone who is so in tune with the hierarchies that appear with software developers, publishers, and users, to also see those same hierarchies echoed in relationships between people of vastly different ages, but instead, we get this. I’m extremely disappointed.

These failures to understand hierarchy and power, are exactly why Stallman shouldn’t be in a position of power. Leaders should continually prove that they understand hierarchy and the effects of their actions on those below them. Someone who doesn’t understand how their power could affect another, shouldn’t be a leader.

End quote.

And I'll add onto this a little bit: Although Stallman seems to have redacted his earlier claim about pederasty, continuing to defend the legality of the possession of CSAM (beyond safe harbor/hospitality provisions), is very problematic, and clearly shows that he hasn't learned his lesson. CSAM ownership should be heavily disincentivized, to disincentivize the selling/buying of CSAM, as that's one of the most effective ways to stop more CSAM production.

I don't view pointing out that Stallman is not fit for a position of leadership to be an "attack" on the FSF or the free software community. And although the information gathering of the linked post is very, very impressive, it doesn't really invalidate what was said in the Stallman Report, or the Stallman Report's core points.

[–] moonpiedumplings 3 points 4 days ago (4 children)

the report was an attack on the FSF and the free software

Stallman is not the FSF. The FSF is not the free software community. The free software community is not free software.

I'm so tired to people presenting these things as if they are equivalent.

[–] moonpiedumplings 7 points 5 days ago

Yeah. this was in high school, in my math class, and we were playing a math game.

The way it worked, was that every table was a team, and each team had a "castle" drawn up onto the whiteboard. A random spinner was used to determine a team, who would then solve a problem the teacher assigned. If you successfully solved the problem, you could draw an X on another teams castle. 3 X's mean that you are out.

My team was out. But, since this was a class, we could still solve problems, and still draw X's. Our table got selected to solve a problem, and I did successfully. I looked at the board, and realized that only two teams had a single X, every other team had either two or three. In other words, I could choose who won the game, even though I could not win.

So, I started trying to get bids. I tried to get real money, but someone tried to scam me with some "draw the X first" nonsense. But, the other team offered to pay me four of the school's fake money, and I accepted that and allowed them to win.

I may not have won the game, but I certainly felt victorious that day.

[–] moonpiedumplings 4 points 6 days ago* (last edited 6 days ago) (1 children)

Is installing a package as simple as $ nix install vscode ? And would it “just work”?

You fool. You absolute buffoon. You're doing it wrong. That's the wrong command, and even if it was the right command, this method could cause issues down the road. It goes against the declarative philosophy of nix. You're supposed to refer to packages by their attribute, rather than name. If you launch the installed app that way, it won't have any hardware accererated graphics becuase hardware accelerated graphics are impure, don't you know this?

You need to read the nonexistent documentation to find all of this out, and then select a declarative solution, like home manager or nix-shell or nix develop, to install software, and nixgl to get hardware accelerated graphics for nix packages on non nix systems.

(/s (ish) over)

Yeah. Nix has some issues. If you just want more packages available, I would recommend distrobox.

It's a very powerful tool, and I use nix to manage all of my development environments, but it has some severe limitations that only have hacky workarounds. I could not get hardware accelerated nix packages to have a working dekstop entry. So instead, I have to type nixGLIntel gzdoom in my terminal when I want to play doom.

In addition to that, the documentation is very poor.

The other comments in this thread elaborate on these, and a few other issues.

[–] moonpiedumplings 2 points 1 week ago

Maybe Whisper? This github repo: https://github.com/linto-ai/whisper-timestamped

Says thay whispher can do timestamps on speech segments. However, I don't know if that's what you want, since whispher might only be able to do that if it is transcribing the actual audio, rather than editing another text file.

11
Cuttle (en.m.wikipedia.org)
 

This card game looks really good. There also seems to be a big, open source server: https://github.com/cuttle-cards/cuttle

[–] moonpiedumplings 2 points 1 week ago

It's not. Noncommercial limitatation makes it also not open source.

I also think they don't allow forking.

 

Source: https://0x2121.com/7/Lost_in_Translation/

Alt Text: (For searchability): 3 part comic, drawn in a simple style. The first, leftmost panel has one character yelling at another: "@+_$^P&%!. The second comic has them continue yelling, with their hands in an exasperated position: "$#*@F% $$#!". In the third comic, the character who was previously yelling has their hands on their head in frustration, to which the previously silent character responds: "Sorry, I don't speak Perl".

Also relevant: 93% of paint splatters are valid perl programs

 

https://security-tracker.debian.org/tracker/CVE-2024-47176, archive

As of 10/1/24 3:52 UTC time, Trixie/Debian testing does not have a fix for the severe cupsd security vulnerability that was recently announced, despite Debian Stable and Unstable having a fix.

Debian Testing is intended for testing, and not really for production usage.

https://tracker.debian.org/pkg/cups-filters, archive

So the way Debian Unstable/Testing works is that packages go into unstable/ for a bit, and then are migrated into testing/trixie.

Issues preventing migration: ∙ ∙ Too young, only 3 of 5 days old

Basically, security vulnerabilities are not really a priority in testing, and everything waits for a bit before it updates.

I recently saw some people recommending Trixie for a "debian but not as unstable as sid and newer packages than stable", which is a pretty bad idea. Trixie/testing is not really intended for production use.

If you want newer, but still stable packages from the same repositories, then I recommend (not an exhaustive list, of course).:

  • Opensuse Leap (Tumbleweed works too but secure boot was borked when I used it)
  • Fedora

If you are willing to mix and match sources for packages:

  • Flatpaks
  • distrobox — run other distros in docker/podman containers and use apps through those
  • Nix

Can get you newer packages on a more stable distros safely.

 

cross-posted from: https://programming.dev/post/18069168

I couldn't get any of the OS images to load on any of the browsers I tested, but they loaded for other people I tested it with. I think I'm just unlucky. > > Linux emulation isn't too polished.

 

I couldn't get any of the OS images to load on any of the browsers I tested, but they loaded for other people I tested it with. I think I'm just unlucky.

Linux emulation isn't too polished.

 

According to the archwiki article on a swapfile on btrfs: https://wiki.archlinux.org/title/Btrfs#Swap_file

Tip: Consider creating the subvolume directly below the top-level subvolume, e.g. @swap. Then, make sure the subvolume is mounted to /swap (or any other accessible location).

But... why? I've been researching for a bit now, and I still don't understand the benefit of a subvolume directly below the top level subvolume, as opposed to a nested subvolume.

At first I thought this might be because nested subvolumes are included in snapshots, but that doesn't seem to be the case, according to a reddit post... but I can't find anything about this on the arch wiki, gentoo wiki, or the btrfs readthedocs page.

Any ideas? I feel like the tip wouldn't just be there just because.

 

I've recently done some talks for my schools cybersecurity club, and now I want to edit them.

My actual video editing needs are very simple, I just need to clip parts of the video out, which basically every editor can do, as per my understanding.

However, my videos were recorded from my phone, and I don't have a presentation mic or anything of the sort, meaning background noise, including people talking has slipped in. From my understanding, it's trivial to filter out general noise from audio, as human voices have a specific frequency, even "live", like during recording or during a game, but filtering voices is harder.

However, it seems that AI can do this:

https://scribe.rip/axinc-ai/voicefilter-targeted-voice-separation-model-6fe6f85309ea

Although, it seems to only work on .wav audio files, meaning I would need to separate out the audio track first, convert it to wav, and then re merge it back in.

Before I go learning how to do this, I'm wondering if there is already an existing FOSS video editor, or plugin to an editor that lets me filter the video itself, or a similar software that works on the audio of videos.

11
submitted 11 months ago* (last edited 11 months ago) by moonpiedumplings to c/[email protected]
 

cross-posted from: https://programming.dev/post/6822168

I was watching a twitch streamer play the game pogostuck (A game similar in frustration and difficulty to Getting over it with Bennett Foddy — Don't Fall!).

They were also reading chat at the same time (usually out loud, as well). Multitasking.

Lots of sources (here's one) say that true multitasking is impossible. Rather, it's very fast switching, where there is a degradation of performance.

Knowing this, I naturally made it my mission to trip the streamer up with seemingly benign messages.

I was sharing some actual information about another streamer who beat another game, but a made a typo something like:

I remember a streamer beat the game a game ...

And I noticed how much more the streamer struggled to read this compared to previous, accidental typos (missing spaces, extra spaces, etc.). He spent a good 5 seconds on this message, and during the process, he fell really far. 😈

So I decided to do some testing. Inserting words, swapping them around, and whatnot, to see what tripped him up the most. Most typos didn't affect him.

There was one typo that tripped him again, where I said something like:

If it wasn't for a for

So it seems to be repetition? But I couldn't always replicate this with other forms of repetition.

Later on, I copied the two guards riddle, with an alteration:

One of the guards always lies and the other always lies as wekk. You don't know which one is the truth-teller or the liar either. However both guards know each other

Sadly, I didn't cut the part about "don't know which is truth teller or liar" out.

The streamer spent a good 5 minutes interpreting this puzzle, and eventually interpreting it as the original puzzle. Then, he was trying to solve a riddle, game, and read chat all at once.

He was stuck on the bottom until he gave up on the riddle (I revealed that I meant what I said when I said both guards lie). 😈

Anyway, that was a bit off topic but still relevant.

I'm wondering if any studies have been done on this? I know studies have been done on human's ability to read words with the letters partially scrambled, but what about typos?

How can I improve my distraction game (with plausible deniability of course)?

 

I was watching a twitch streamer play the game pogostuck (A game similar in frustration and difficulty to Getting over it with Bennett Foddy — Don't Fall!).

They were also reading chat at the same time (usually out loud, as well). Multitasking.

Lots of sources (here's one) say that true multitasking is impossible. Rather, it's very fast switching, where there is a degradation of performance.

Knowing this, I naturally made it my mission to trip the streamer up with seemingly benign messages.

I was sharing some actual information about another streamer who beat another game, but a made a typo something like:

I remember a streamer beat the game a game ...

And I noticed how much more the streamer struggled to read this compared to previous, accidental typos (missing spaces, extra spaces, etc.). He spent a good 5 seconds on this message, and during the process, he fell really far. 😈

So I decided to do some testing. Inserting words, swapping them around, and whatnot, to see what tripped him up the most. Most typos didn't affect him.

There was one typo that tripped him again, where I said something like:

If it wasn't for a for

So it seems to be repetition? But I couldn't always replicate this with other forms of repetition.

Later on, I copied the two guards riddle, with an alteration:

One of the guards always lies and the other always lies as wekk. You don't know which one is the truth-teller or the liar either. However both guards know each other

Sadly, I didn't cut the part about "don't know which is truth teller or liar" out.

The streamer spent a good 5 minutes interpreting this puzzle, and eventually interpreting it as the original puzzle. Then, he was trying to solve a riddle, game, and read chat all at once.

He was stuck on the bottom until he gave up on the riddle (I revealed that I meant what I said when I said both guards lie). 😈

Anyway, that was a bit off topic but still relevant.

I'm wondering if any studies have been done on this? I know studies have been done on human's ability to read words with the letters partially scrambled, but what about typos?

How can I improve my distraction game (with plausible deniability of course)?

 

cross-posted from: https://programming.dev/post/5669401

docker-tcp-switchboard is pretty good, but it has two problems for me:

  • Doesn't support non-ssh connections
  • Containers, not virtual machines

I am setting up a simple CTF for my college's cybersecurity club, and I want each competitor to be isolated to their own virtual machine. Normally I'd use containers, but they don't really work for this, because it's a container escape ctf...

My idea is to deploy linuxserver/webtop, as the entry point for the CTF, (with the insecure option enabled, if you know what I mean), but but it only supports one user at a time, if multiple users attempt to connect, they all see the same X session.

I don't have too much time, so I don't want to write a custom solution. If worst comes to worst, then I will just put a virtual machine on each of the desktops in the shared lab.

Any ideas?

 

docker-tcp-switchboard is pretty good, but it has two problems for me:

  • Doesn't support non-ssh connections
  • Containers, not virtual machines

I am setting up a simple CTF for my college's cybersecurity club, and I want each competitor to be isolated to their own virtual machine. Normally I'd use containers, but they don't really work for this, because it's a container escape ctf...

My idea is to deploy linuxserver/webtop, as the entry point for the CTF, (with the insecure option enabled, if you know what I mean), but but it only supports one user at a time, if multiple users attempt to connect, they all see the same X session.

I don't have too much time, so I don't want to write a custom solution. If worst comes to worst, then I will just put a virtual machine on each of the desktops in the shared lab.

Any ideas?

 

So basically, my setup has everything encrypted except /boot/efi. This means that /boot/grub is encrypted, along with my kernels.

I am now attempting to get secure boot setup, to lock some stuff, down, but I encountered this issue: https://bbs.archlinux.org/viewtopic.php?id=282076

Now I could sign the font files... but I don't want to. Font files and grub config are located under /boot/grub, and therefore encrypted. An attacker doing something like removing my hard drive would not be able to modify them.

I don't want to go through the effort of encrypting font files, does anyone know if there is a version of grub that doesn't do this?

Actually, preferably, I would like a version of grub that doesn't verify ANYTHING. Since everything but grub's efi file is encrypted, it would be so much simpler to only do secure boot for that.

And yes, I do understand there are security benefits to being able to prevent an attacker that has gained some level of running access to do something like replacing your kernel. But I'm less concerned about that vector of attack, I would simply like to make it so that my laptops aren't affected by evil maid attacks, without losing benefits from timeshift or whatnot.

I found the specific commit where grub enforces verification of font files: https://github.com/rhboot/grub2/commit/539662956ad787fffa662720a67c98c217d78128

But I don't really feel interested in creating and maintaining my own fork of grub, and I am wondering if someone has already done that.

view more: next ›