I recommend transfering to Cloudfare, since they have guaranteed wholesale price (no added fees, and only what the tld owner and ICANN asks), so they should be cheapest (since anything less is selling at a loss for the registrar, at least ifI understand right).

Namecheap has started overcharging me like 20+$ on a renewal compared to CF. So, transfering after a first year (which is where registrars like Namecheap take a loss and give you a discount) is probably the cheapest way how to go about it.

As far as I know, Cloudfare is the only registrar that offers you wholesale price, as in the price asked by the tld owners. So, you a registrar can’t go lower, because that’s what they pay for it.

But, a lot of registrars will give you first year at a heavy discount (so, at a loss), just so they can ramp up the price to wholesale + a lot extra. I got my domain for like 5$, and they then asked for 40$ for renewal, while wholesale is around 25$.

So, I just transfered to Cloudfare for the renewal. Tbh I don’t remember if it was the first or second year, and what are the transfer rules, but I think it should be possible to just buy a first year at heavy discount with i.e Namecheap or something, and immediately transfer to Cloudfare for the first renewal at wholesale price.

Oh, nice. A sync with ProtonDrive, that looks promising.

I don’t trust myself enough to backup my passwords on something self-hosted, but ProtonDrive might actually be reasonable. I’ll look into it, thanks! And I sure don’t want to use stuff like GDrive or OneDrive.

If I’m not mistaken, Keepass doesn’t have cloud sync, right? That’s a pretty important feature for me, and a reason why I went with Bitwarden, even though Keepass is probably better.

Ah, damn. Bitwarden has Agents.md. That doesn’t really fill me with confidence, and it’s the most critical software I use.

I need to update my threat model, I’ve trusted them quite a lot to the point of using Bitwarden for MFA for less-important services (so it’s not really MFA, since both my password and MFA token is in Bitwarden, but it’s super convenient), and only had Yubikey for my Bitwarden account, so as long as the app itself isn’t compromised I should be good (and Bitwarden has a pretty good track record as far as I know), but if they are going to start vibe-coding their tools then it’s probably time to move to a proper MFA.

Oh, damn. You’re right.

When I first saw this, I read through the readme, and it sounded pretty cool. Needless to say, I know nothing about physics.

I didn’t suspect AI in the slightest, until I saw this comment thread.

Now I’m pretty taken aback. Looking at it again, it should be pretty obvious. I wonder what was it about the way it was presented that made me believe it and not suspect AI in the slightest, because that’s a mistake I don’t really want to do again.

Probably a combination of passionate presentation, topic I know nothing about combined with topic I love (game engines), and my whole interaction being “this is pretty cool” and moving on. I did try looking for some actual sources about the Tesla’s mythical “standart model”, which I found none, plus got suspicious about definiton of “standart model” feeling like it doesn’t match what the text was talking about, and I just moved on, but the conclusion I had was “i wonder what will turn up out of it”, instead of “probably llm halucination” as ot should’ve been.

Oh well, I guess it’s time to properly lock in on actual textbook knowledge in fields I’m interrested in, because recognizing stuff like this in tutorials/posts and eventually books will be only harder, and it won’t be really feasible to rely on “I’ll research it on the internet when I need it”

I had no idea, and this hurts. I have a few, but fond, memories about DeviantArt when I had a short phase on highschool where I was drawing for a bit (which was more than 10 years ago). It didn’t last long, but DeviantArt was a large part of it.

Hearing they are commiting to AI art - THE platform for actual artists (at least it was, 10 years ago), who AI hurts the most, is insane. That’s pure betrayal. I hate this.

I don’t really do courses anymore, but one thing that kind of matches the questions was playing through Turing Complete.

It’s a game where you start with NAND gates, and slowly build up from there. Other gates, then a counter, adder, single-bit memory, etc, where every puzzle uses the component design’s you’ve build before. Eventually you build up to an ALU, RAM, add instructions and connect it up to a working CPU.

It’s super fun, and even though hardware isn’t really something I usually look into, it has taught me a lot, way more than college courses about CPU architecture. Plus, seeing (and actually programming, in later levels) on a CPU of your own design, using your own opcodes, is actually pretty cool.

I wouldn’t be surprised if Unreal Engine being C++ is also a relevant factor in this, with Unity doing their bullshit while lagging behind in almost everything feature-wise.

AI Training: Training LLMs on the prose of this book is strictly prohibited without a Community Benefit Agreement.

It’s available in a Github public repository.

While I couldn’t find any specific clause in GitHub ToS that would explicitly mention that you give them a permission to train on it, it does have a clause that you are allowing them to (among others) parse and analyze the content as necessary to provide the service, which if I’m not mistaken is what they are using to justify them training their AI on public repositories, since technically their service is also Copilot.

Also, I think they accidentally replaced their LICENSE with README. https://github.com/chrisnchips42-blip/Logos-of-Aether-A-Measurement-Theoretic-Foundation-for-Physics/commit/7703fd43b859b6177738ca276e5eeafd77e17598

Maybe I’m misunderstanding, but are you saying that you use LLMs as refactoring tools, so things like to move code around, rename stuff, extract functions, and make changes that don’t change the logic?

Or is it something else? Because as far as I know, LLMs are pretty bad at not making random changes, even if told to just reorder stuff, plus we have a lot of deterministic tools for that job, so I guess you probably mean something else. Honest question.

This is a really good point.

This post is a great example of what will skipping a research and just trusting the first solution you find lead to.

When you are researching the thing yourself, you usually don’t find the solution immediately. And if you immediately have something that seems to work, you’re even less likely to give up on that idea.

However, even taking this into account (because the same can probably happen even if you do research the thing yourself - jumping to a first solution), I don’t understand how it’s possible that the post doesn’t make a single mention of any remote desktop protocols. I’m struggling to figure out how would you have to phrase your questions/promts/research so that VNC/RDP, you know - the tools made for exactly the problem they are trying to solve - does not comes up even once during your development.

Like, every single search I’ve tried about this problem has immediately led me to RDP/VNC. The only way how I can see the ignorance displayed in the post is that they ignored it on purpose - lacking any real knowledge about the problem they are trying to solve, they simply jumped to “we’ll have a 60 FPS HD stream!”, and their problem statement never was “how to do low-bandwith remote desktop/video sharing”, but “how to stream 60 FPS low-latency desktop”.

It’s mindboggling. I’d love to see the thought and development process that was behind this abomination.

Uh, I’m pretty damn sure I have seen an office with hundreds of people, all connected remotely to workstations, on enterprise network, without any of the problems they are talking about. I’ve worked remotely from a coffee shop Wifi without any lag or issues. What the hell are they going on about? Have they never heard about VNC or RDP?

But our WebSocket streaming layer sits on top of the Moonlight protocol

Oh. I mean, I’m sitting on my own Wifi, one wall between me with a laptop (it is 10 years old, though) and my computer running Sunshite/Moonlight stream, and I run into issues pretty often even on 30FPS stream. It’s made for super low-latency game streaming, that’s expected. It’s extremely wrong tool for the job.

We’re building Helix, an AI platform where autonomous coding agents…

Oh. So that’s why.

Lol.

Is there any OS that allows this config?

At least with Linux, if I encrypt my hard drive, I have to enter my encryption password on every login, for some even during boot.

Not sure about Windows. I wpuldn’t be surprised if you can have bitdefender on with auto login.

Unless I’m mistaken, this mostly depends on software/os you install.

A RPI with OpenWRT will be secured in exactly the same way as a router with OpenWRT and a laptop with OpenWRT. (At least I think so, I vaguely remember hearing about some Intel CPU vulnerabilities, but I don’t think there’s anything remote).

Power draw will be the main problem, along with more limited range because of the strength of the WiFi card.

I’m used to just sitting to pee, exactly for this reason, but there’s a rare case where I give up and pee standing, i.e when I’m already dressed and it’s way easier, where I used to risk it and pee standing.

I stopped doing that even in those rare cases when we’ve gotten the blood/horror bathroom mat, something like this, but not branded and from what I presume is the original source (Aliexpress).

It’s horrifying when you see the mess you’re making, even if you really try not to.

I have no experience with React, so I couldn’t tell. Thanks for the info, I’ll keep it in mind.

I think I’ve seen it mentioned that in case RSC isn’t used, it might be vulnerable but it’s not really confirmed, but you’re right that it probably doesn’t warrant shutting down the server.

I don’t really need it that much, though, so I’ll just wait for the update, take a scour through logs and use it as a learning opportunity for forensics, and skip the reinstall.

Well, Element seems to still be running at the unupdated version even after update, so I’m just shutting the server down.

I’m bummed that it took me 5 days to learn about it, does anyone have some tips how to get early warnings for techs you’re using? I’m guessing there’s a way with npm.

Also, anyone has some tips how to properly compromise-check your server? I’m guessing there are logs to check for compromise, and audit your startup scripts for persistence? Any tools that could help with that?

Fuck, Element for Matrix is apparently build on React, and I was updating like 4 days ago after few months.

Well, time to update again, I hope it’s fine. Never really learned how to properly compromise-check your server.

Element

This is my most used app on my phone. It does comes with a little extensive setup, because you need to have your own Matrix server, but thanks to the amazing Matrix Ansible Project, which is one of those rare docker/ansible projects that actually work and are very robustly set-up, deploying a server took me like an hour max, incuding bridge setup and getting hosting (for around 8$ a month on Hetzner).

I replaced Messenger, Discord, WhatsApp and Telegram apps with this, by setting up bridges in Matrix. The setup was relatively simple, the ansible is well documented and I mostly had to just add lile two config lines into the ansible. So far I haven’t had much issues and I’ve been using it for the past few years.

There might be better clients than Element, haven’t really looked into it. It’s not frictionless and it took some getting used to, but not having a ton of spyware appson my phone is worth it.