This is a really good point.

This post is a great example of what will skipping a research and just trusting the first solution you find lead to.

When you are researching the thing yourself, you usually don’t find the solution immediately. And if you immediately have something that seems to work, you’re even less likely to give up on that idea.

However, even taking this into account (because the same can probably happen even if you do research the thing yourself - jumping to a first solution), I don’t understand how it’s possible that the post doesn’t make a single mention of any remote desktop protocols. I’m struggling to figure out how would you have to phrase your questions/promts/research so that VNC/RDP, you know - the tools made for exactly the problem they are trying to solve - does not comes up even once during your development.

Like, every single search I’ve tried about this problem has immediately led me to RDP/VNC. The only way how I can see the ignorance displayed in the post is that they ignored it on purpose - lacking any real knowledge about the problem they are trying to solve, they simply jumped to “we’ll have a 60 FPS HD stream!”, and their problem statement never was “how to do low-bandwith remote desktop/video sharing”, but “how to stream 60 FPS low-latency desktop”.

It’s mindboggling. I’d love to see the thought and development process that was behind this abomination.

Uh, I’m pretty damn sure I have seen an office with hundreds of people, all connected remotely to workstations, on enterprise network, without any of the problems they are talking about. I’ve worked remotely from a coffee shop Wifi without any lag or issues. What the hell are they going on about? Have they never heard about VNC or RDP?

But our WebSocket streaming layer sits on top of the Moonlight protocol

Oh. I mean, I’m sitting on my own Wifi, one wall between me with a laptop (it is 10 years old, though) and my computer running Sunshite/Moonlight stream, and I run into issues pretty often even on 30FPS stream. It’s made for super low-latency game streaming, that’s expected. It’s extremely wrong tool for the job.

We’re building Helix, an AI platform where autonomous coding agents…

Oh. So that’s why.

Lol.

Is there any OS that allows this config?

At least with Linux, if I encrypt my hard drive, I have to enter my encryption password on every login, for some even during boot.

Not sure about Windows. I wpuldn’t be surprised if you can have bitdefender on with auto login.

Unless I’m mistaken, this mostly depends on software/os you install.

A RPI with OpenWRT will be secured in exactly the same way as a router with OpenWRT and a laptop with OpenWRT. (At least I think so, I vaguely remember hearing about some Intel CPU vulnerabilities, but I don’t think there’s anything remote).

Power draw will be the main problem, along with more limited range because of the strength of the WiFi card.

I’m used to just sitting to pee, exactly for this reason, but there’s a rare case where I give up and pee standing, i.e when I’m already dressed and it’s way easier, where I used to risk it and pee standing.

I stopped doing that even in those rare cases when we’ve gotten the blood/horror bathroom mat, something like this, but not branded and from what I presume is the original source (Aliexpress).

It’s horrifying when you see the mess you’re making, even if you really try not to.

I have no experience with React, so I couldn’t tell. Thanks for the info, I’ll keep it in mind.

I think I’ve seen it mentioned that in case RSC isn’t used, it might be vulnerable but it’s not really confirmed, but you’re right that it probably doesn’t warrant shutting down the server.

I don’t really need it that much, though, so I’ll just wait for the update, take a scour through logs and use it as a learning opportunity for forensics, and skip the reinstall.

Well, Element seems to still be running at the unupdated version even after update, so I’m just shutting the server down.

I’m bummed that it took me 5 days to learn about it, does anyone have some tips how to get early warnings for techs you’re using? I’m guessing there’s a way with npm.

Also, anyone has some tips how to properly compromise-check your server? I’m guessing there are logs to check for compromise, and audit your startup scripts for persistence? Any tools that could help with that?

Fuck, Element for Matrix is apparently build on React, and I was updating like 4 days ago after few months.

Well, time to update again, I hope it’s fine. Never really learned how to properly compromise-check your server.

Element

This is my most used app on my phone. It does comes with a little extensive setup, because you need to have your own Matrix server, but thanks to the amazing Matrix Ansible Project, which is one of those rare docker/ansible projects that actually work and are very robustly set-up, deploying a server took me like an hour max, incuding bridge setup and getting hosting (for around 8$ a month on Hetzner).

I replaced Messenger, Discord, WhatsApp and Telegram apps with this, by setting up bridges in Matrix. The setup was relatively simple, the ansible is well documented and I mostly had to just add lile two config lines into the ansible. So far I haven’t had much issues and I’ve been using it for the past few years.

There might be better clients than Element, haven’t really looked into it. It’s not frictionless and it took some getting used to, but not having a ton of spyware appson my phone is worth it.

NewPipe

I don’t really use YT that often on my phone, so I can’t vouch for how often it breaks, but I use FreeTube on Desktop and having a YT client that can subscribe creators without an account, can turn off all the recommended distractions, has an adblock, can play with screen off and the like is amazing.

Judging by my experience with Freetube, you do have to update it regularly since YT is actively fighting it, but so far every time I needed to watch a video on my phone, I could just update NewPipe and it worked.

Someone once posted here in a comment an app they are working on that is an K2K (keyboard to keyboard) encrypted keyboard app for android

I don’t remember how it worked and only skimmed the repo, since I didn’t think I’d need it, but given recent developments it might be good to have.

Does anyone remember what it was?

IIRC the idea was that you have a separate input box, and encryption keys saved in the keyboard app, and it just does I assume PGP before pasting the text into the app your inputing into. I’m curious how it did key exchange and how usable it was, but I lost the link and couldn’t find it.

If I understood it right, one of the projects he was working on as part of the experiment was the website.

Figures.

I was planning to look into Zig for this year’s Advent of Code. Haven’t really looked at it yet, but I’ve heard good things about it. Nowadays I mostly write in C# or Python for smaller scripts, so I kind of expect getting back to C-style code might have some friction, but it’s about time to refresh my memory. I had a pretty good time with Rust for AoC in the previous years (not that I ever used it for anything else), but I guess it’s time to try something else.

I’d say that’s because here on Lemmy, we already don’t give a fuck about and wouldn’t touch Chrome or Edge with a ten foot pole, but some of us trusted Mozzila, which is now starting to do dumb AI shit. And having your trust broken hurts.

Astroturfing would not be recommending LibreWolf as an alternative.

If you look into alternatives, Brave is one that’s usually mentioned but there’s always someone quickly posting all of the dumb shit they did.

To be honest I never really looked into Budhism, but my only experience with the practice is from the amazing Mind Illuminated book, which I think is loosely based on their practice as far as meditation goes, while providing a reasonable context and arguments about why it works. Learning to consciously control your subconsius feels kind of reasonable, and I highly recommend the book to anyone interrested in that.

Tbh I’ve never really looked into or talked with almost anyone who’s into oculltism. I do know a few friends who are heavily into the unformalized new-age stuff, and they are definitely not ok to the point it controls their life, but I realize that it’s a spectrum (and I don’t mean it as “it’s autism” way, but that the way people approach even to the new-age stuff can be a spectrum of reasonable-dangeeous). I’m mostly sad because you can’t really talk to people like that, and share cool lore on a topic most people consider downright crazy, because there isn’t any or they haven’t done any research. Even astrology has some cool lore and manuscripts, but they usually don’t care.

I just think it’s cool, and reading about the practices of different cults and orders is extremely interresting.

I’d vager a guess that “chaos magick” has a similar problem to LaVeye’s Satanism, where you get a lot of edgy people researching the bare minimum, if even that, and just being edgy. Not that it wasn’t edgy, it’s one of the few movements that was downright off-puting for me due to how extremely selfish and arogant it is (IIRC it’s basically “I m a massive dick and walk over anyone”), but people who don’t even know what they are subscribing to are worse.

I never got that feeling from chaos magick, it felt just like you said - extremely rational, and was actually the first movement that made sense, as in “I can imagine this actually working”, with the argument “rituals work by nudging your subconsciousness to the direction you need”.

That’s basically the same as Budhissm does, just by hacks and symbols instead of just sheer practice and will. And we kind of have a proof that budhism works.

And even for someone who doesn’t really believe in magic, this makes sense and I can imagine it actually working.

Plus, doing rituals is fun, and a little faith gives a pretty fun amount of LARPing into your life, as long as you don’t let it control you and are reasonable about it.

That’s actually exactly how the 70s “chaos magick” (I.e Peter J. Caroll or Phill Hine, to list some authors) occultism works. If you get past the cringy name, it was one of the more interesting occultistm movements which actually kind of make sense even to me, as someone who’s not really into esoterism (or rather - I like researching it because it’s extremely interesting - the actual formal occultism, not new age bullshit, but would feel dumb practicing since I’m skeptical)

Their core idea is that all of the other occultist movements and orders are basically all the same - through belief, rituals and symbols you affect your subconscious to manifest change (in your subconscious behavior, not “summoning money” or “cursing my ex”), and it doesn’t matter what “flavor” / dogma / lore you choose to believe in. What matters is that you really truly belive.

So, a wiccan making circles in a forest while invoicing spirits or someone making a pizza pentagram while invoking Garfield is the same,as long as he believes into it.

The only thing that matters is that it works for you, and to find what does and what doesn’t they work with “paradigm shifts”, where you decide that " I"m going to try wicca for a year", and then you delve deep into that practice, trying to trully accept it and go all in, noting your experience and results, to see if it works for you. Some even suggest throwing a dice each morning to see what you’ll do today.

After a year, you review your results, and move on to other practice, I.e “I’ll be a christian for a year”, and you really get into it, going to churches, practicing all the daily prayers and rituals, and the like.

It’s my favorite occultism movement, because it’s one of the few where I can imagine that it actually makes sense and could work for making your life better, if you have grounded expectations of course. Having an open mind and just experimenting, as long as you are safe and don’t let it control your life, should mostly be just a net-positive, plus it’s actually fun

It’s sad to see that we’re heading towards a future where people can’t read a text longer than one summarized paragraph, and write anything longer than a sentence without using LLMs.

Children are already skipping learning of very important skills by offloading it to AI in school.

Ngl I’ve been enjoying Pokemon TCG: Pocket.

I don’t really play that much, but my partner loves Pokemon and just being able to bond over opening packs each night is a minor fun. Sure, it’s just glorified gambling with cute pictures, but that doesn’t really matter that much. Setting the focus on collecting instead of playing has been a pretty good decision.

Plus I really like the simplified ruleset if you do decide to play.

If I had a project as succesfull as this, I’d definitely try to sneak in minor inconveniences like renaming parameters just to screw with them.