I have no experience with React, so I couldn’t tell. Thanks for the info, I’ll keep it in mind.

I think I’ve seen it mentioned that in case RSC isn’t used, it might be vulnerable but it’s not really confirmed, but you’re right that it probably doesn’t warrant shutting down the server.

I don’t really need it that much, though, so I’ll just wait for the update, take a scour through logs and use it as a learning opportunity for forensics, and skip the reinstall.

Well, Element seems to still be running at the unupdated version even after update, so I’m just shutting the server down.

I’m bummed that it took me 5 days to learn about it, does anyone have some tips how to get early warnings for techs you’re using? I’m guessing there’s a way with npm.

Also, anyone has some tips how to properly compromise-check your server? I’m guessing there are logs to check for compromise, and audit your startup scripts for persistence? Any tools that could help with that?

Fuck, Element for Matrix is apparently build on React, and I was updating like 4 days ago after few months.

Well, time to update again, I hope it’s fine. Never really learned how to properly compromise-check your server.

Element

This is my most used app on my phone. It does comes with a little extensive setup, because you need to have your own Matrix server, but thanks to the amazing Matrix Ansible Project, which is one of those rare docker/ansible projects that actually work and are very robustly set-up, deploying a server took me like an hour max, incuding bridge setup and getting hosting (for around 8$ a month on Hetzner).

I replaced Messenger, Discord, WhatsApp and Telegram apps with this, by setting up bridges in Matrix. The setup was relatively simple, the ansible is well documented and I mostly had to just add lile two config lines into the ansible. So far I haven’t had much issues and I’ve been using it for the past few years.

There might be better clients than Element, haven’t really looked into it. It’s not frictionless and it took some getting used to, but not having a ton of spyware appson my phone is worth it.

NewPipe

I don’t really use YT that often on my phone, so I can’t vouch for how often it breaks, but I use FreeTube on Desktop and having a YT client that can subscribe creators without an account, can turn off all the recommended distractions, has an adblock, can play with screen off and the like is amazing.

Judging by my experience with Freetube, you do have to update it regularly since YT is actively fighting it, but so far every time I needed to watch a video on my phone, I could just update NewPipe and it worked.

Someone once posted here in a comment an app they are working on that is an K2K (keyboard to keyboard) encrypted keyboard app for android

I don’t remember how it worked and only skimmed the repo, since I didn’t think I’d need it, but given recent developments it might be good to have.

Does anyone remember what it was?

IIRC the idea was that you have a separate input box, and encryption keys saved in the keyboard app, and it just does I assume PGP before pasting the text into the app your inputing into. I’m curious how it did key exchange and how usable it was, but I lost the link and couldn’t find it.

If I understood it right, one of the projects he was working on as part of the experiment was the website.

Figures.

I was planning to look into Zig for this year’s Advent of Code. Haven’t really looked at it yet, but I’ve heard good things about it. Nowadays I mostly write in C# or Python for smaller scripts, so I kind of expect getting back to C-style code might have some friction, but it’s about time to refresh my memory. I had a pretty good time with Rust for AoC in the previous years (not that I ever used it for anything else), but I guess it’s time to try something else.

I’d say that’s because here on Lemmy, we already don’t give a fuck about and wouldn’t touch Chrome or Edge with a ten foot pole, but some of us trusted Mozzila, which is now starting to do dumb AI shit. And having your trust broken hurts.

Astroturfing would not be recommending LibreWolf as an alternative.

If you look into alternatives, Brave is one that’s usually mentioned but there’s always someone quickly posting all of the dumb shit they did.

To be honest I never really looked into Budhism, but my only experience with the practice is from the amazing Mind Illuminated book, which I think is loosely based on their practice as far as meditation goes, while providing a reasonable context and arguments about why it works. Learning to consciously control your subconsius feels kind of reasonable, and I highly recommend the book to anyone interrested in that.

Tbh I’ve never really looked into or talked with almost anyone who’s into oculltism. I do know a few friends who are heavily into the unformalized new-age stuff, and they are definitely not ok to the point it controls their life, but I realize that it’s a spectrum (and I don’t mean it as “it’s autism” way, but that the way people approach even to the new-age stuff can be a spectrum of reasonable-dangeeous). I’m mostly sad because you can’t really talk to people like that, and share cool lore on a topic most people consider downright crazy, because there isn’t any or they haven’t done any research. Even astrology has some cool lore and manuscripts, but they usually don’t care.

I just think it’s cool, and reading about the practices of different cults and orders is extremely interresting.

I’d vager a guess that “chaos magick” has a similar problem to LaVeye’s Satanism, where you get a lot of edgy people researching the bare minimum, if even that, and just being edgy. Not that it wasn’t edgy, it’s one of the few movements that was downright off-puting for me due to how extremely selfish and arogant it is (IIRC it’s basically “I m a massive dick and walk over anyone”), but people who don’t even know what they are subscribing to are worse.

I never got that feeling from chaos magick, it felt just like you said - extremely rational, and was actually the first movement that made sense, as in “I can imagine this actually working”, with the argument “rituals work by nudging your subconsciousness to the direction you need”.

That’s basically the same as Budhissm does, just by hacks and symbols instead of just sheer practice and will. And we kind of have a proof that budhism works.

And even for someone who doesn’t really believe in magic, this makes sense and I can imagine it actually working.

Plus, doing rituals is fun, and a little faith gives a pretty fun amount of LARPing into your life, as long as you don’t let it control you and are reasonable about it.

That’s actually exactly how the 70s “chaos magick” (I.e Peter J. Caroll or Phill Hine, to list some authors) occultism works. If you get past the cringy name, it was one of the more interesting occultistm movements which actually kind of make sense even to me, as someone who’s not really into esoterism (or rather - I like researching it because it’s extremely interesting - the actual formal occultism, not new age bullshit, but would feel dumb practicing since I’m skeptical)

Their core idea is that all of the other occultist movements and orders are basically all the same - through belief, rituals and symbols you affect your subconscious to manifest change (in your subconscious behavior, not “summoning money” or “cursing my ex”), and it doesn’t matter what “flavor” / dogma / lore you choose to believe in. What matters is that you really truly belive.

So, a wiccan making circles in a forest while invoicing spirits or someone making a pizza pentagram while invoking Garfield is the same,as long as he believes into it.

The only thing that matters is that it works for you, and to find what does and what doesn’t they work with “paradigm shifts”, where you decide that " I"m going to try wicca for a year", and then you delve deep into that practice, trying to trully accept it and go all in, noting your experience and results, to see if it works for you. Some even suggest throwing a dice each morning to see what you’ll do today.

After a year, you review your results, and move on to other practice, I.e “I’ll be a christian for a year”, and you really get into it, going to churches, practicing all the daily prayers and rituals, and the like.

It’s my favorite occultism movement, because it’s one of the few where I can imagine that it actually makes sense and could work for making your life better, if you have grounded expectations of course. Having an open mind and just experimenting, as long as you are safe and don’t let it control your life, should mostly be just a net-positive, plus it’s actually fun

It’s sad to see that we’re heading towards a future where people can’t read a text longer than one summarized paragraph, and write anything longer than a sentence without using LLMs.

Children are already skipping learning of very important skills by offloading it to AI in school.

Ngl I’ve been enjoying Pokemon TCG: Pocket.

I don’t really play that much, but my partner loves Pokemon and just being able to bond over opening packs each night is a minor fun. Sure, it’s just glorified gambling with cute pictures, but that doesn’t really matter that much. Setting the focus on collecting instead of playing has been a pretty good decision.

Plus I really like the simplified ruleset if you do decide to play.

If I had a project as succesfull as this, I’d definitely try to sneak in minor inconveniences like renaming parameters just to screw with them.

You’re right, I used a wrong word there. It wasn’t science, more like public perception maybe? I’d consider lack of research as a part of science, though.

I’m not sure what better word would fit there instead. I wouldn’t say it’s the fault of marketing, I’m giving them the benefit of the doubt that they thought it’s actually healthier to use this kind of filter.

The comparison that sparks to my mind are vapes. There’s AFAIK lack of research that can tell us anything about long term issues, but a lot of people consider it as healthier. But in this case, common sense is also not correct - because it kind of makes sense that it probably isn’t, and it’s just marketing.

But in the case of an asbestos filter, I can see why people (and common sense at the time) would asume that it helps.

So, I guess common sense is the word that I should’ve used, because that’s what was wrong at the time.

While I get where are you comming from, and I’m also not fan of smoking, isn’t asbestos extremely worse?

I remember my friend had a roof over his summer house that was using asbestos, and it was extreme problem. Like, you can’t even take it down without investing heavily into protection, or hiring a company that specializes in it’s diasposal, because it’s just that much toxic to handle.

My favorite asbestos trivia, which I learned only recently, is that at the start of public realozing that smoking causes cancer, one company came up with the solution of “cigaretes with asbestos filters”.

It’s kind of morbidly funny reminder how catastrophically wrong can current science be.

I second this. I only started slowly switching to nvim few months ago, and I already can feel slightly annoyed when I have to take off my hands of the keyboard to reach for a mouse, or when I’m editting a text in i.e a browser, want to make an edit few words back, and I have to spam keys like a madman instead of just jumping where I need to be.

It’s addicting and extremely comfortable, having a good keyboard navigation controls.

I really need to look into tiled window managers and a browser.

I do also like all the alt and ctrl combinations with arrow keys to move lines, blocks and jump over words.

That’s what I love the most about VIM, that it has dozen little tricks like these. Need to jump over a word? Jump to next occurance of letter L? Jump five words? Jump to second parameter of a function definition? Jump to matching bracket? There’s a motion for all of that, and more. Including “go to definition” or “go to references”, if you set up your vim correctly.

I don’t even know where to start to make vim or neovim do all that.

What I did was simply install IdeaVIM into my Rider, so I can start learning the motions while also keep the features of the IDE I’m used to, but also more importantly installed LazyVim, which is a pre-made config for nvim that can do most of that by default, or has a simple addon menu (LazyExtras) that automatically download and install plugins relevant for a language you are working on. I.e I need to work in Zig, I just open LazyExtras menu, find zig-lang, and it install LSP, debugger, linter, etc that’s specific for that language.