dan

dan , 1 day ago

Huh, interesting site.

dan , 7 days ago (edited 7 days ago)

I'm an Aussie in my early-mid 30s. I've been living in the USA for the past 11 years. I've been a software developer, mostly focusing on web development, since the late 90s personally and since the mid 2000s professionally. I was an early Digg user, moved to Reddit during the Digg exodus, then moved to Lemmy during the Reddit exodus.

I believe that people on the internet should own their platform, for example run their own blog or e-commerce site, participate in decentralized services like Lemmy, etc. Opera Unite was something I found very interesting in terms of allowing people to easily run their own decentralized stuff, and I'm kinda sad it never took off. I self-host things like email and DNS.

I'm a big believer in open-source software and released my first piece of OSS in 2005.

I love listening to people that are passionate about something and get excited when talking about it. Doesn't really matter what it is or if it's a topic I'm interested in.

dan , 7 days ago

Right in the middle of that range (1990). I started learning about computers when I was around 8 years old. My mum bought an old 486 second-hand, and I spent most of my free time using it. We didn't have a lot of money, and the computer was a great way to entertain myself without needing to spend anything. I had a bunch of shareware/freeware games, but something that really interested me was the Visual Basic system built in to Microsoft Office. In Excel, I'd record macros then look at the code to see how they worked.

Eventually, I did some web development work when I was at school. I built quizzes for some teachers - back when Internet Explorer was used by practically every one, and code was often in VBScript rather than JavaScript. I learnt web development by looking at the source code of the sites I used - that's not really possible these days due to how large and minified/obfuscated CSS and JS files are now.

I've got a copy of one of my sites from 2003: http://www.dansoftaustralia.net/oldest/. Unfortunately a lot of the images are broken. I need to find a copy of them... Maybe in the internet archive.

I went to university from 2008-2011, with a one year work placement (like an internship) in the third year. After I graduated, I started working again at the same company. In 2013, a recruiter from a tech company in Silicon Valley reached out to me over LinkedIn and asked if I'd be interested in applying. I didn't think I'd get through the interview process, but I did, and moved to the USA. 11 years later, I'm still working at the same company.

I'm sure there's things you've done that I haven't done. You should focus on things you've accomplished rather than things you envy about other people :)

dan , 15 days ago

What type of data are you looking for? Does http://www.nirsoft.net/utils/network_usage_view.html suit your use case? There's similar data somewhere in the modern settings app too.

There's also performance counters for real time data (bytes sent and received): https://learn.microsoft.com/en-us/windows-server/networking/technologies/network-subsystem/net-sub-performance-counters. You can use these in any tool that supports performance counters. There's an app that comes with Windows called Performance Monitor that can read these counters.

dan , 15 days ago

Did you try the first app I linked to? I can't try it since I'm away from my computer for a few days.

dan , 16 days ago

and leftist

Wasn't there some controversy a while back due to the political beliefs of the Lemmy developers and the instance they run (lemmy.ml)? Maybe I'm misremembering.

dan , 16 days ago

Enshittification refers to offering the same service (often free, or at least with an option to pay more) but making it worse in order to squeeze you onto a paid (or higher paid) tier of service

It doesn't have to be a paid service, it can also refer to (and usually does) a two-sided market. For example, a site with free users and advertisers. The platform first gains a critical mass of users, then they switch to focus more on the paying advertisers to increase value for shareholders. Over time, the main focus becomes the advertisers.

dan , 16 days ago

The first time I tried another programming language, I was confused as to how to write code without using GOTO.

dan , 20 days ago

How did you build this list? This is likely to break other things. Azureedge isn't just for ads, and msftconnecttest is literally only used to detect if your internet connection is working.

dan , 1 month ago

I'm currently using Google Keep for personal tasks and Microsoft To-do at work, but want to switch to something self hosted.

dan , 1 month ago (edited 1 month ago)

Of course Apple collect data. The reason they wanted to prevent other apps from collecting data was so only they can use their data, and their ad network could have an advantage over the others.

Yes, they have an ad network, and want to significantly expand it:

• https://proton.me/blog/apple-ad-company
• https://www.forbes.com/sites/johnkoetsier/2021/10/19/apples-ad-network-is-the-biggest-beneficiary-of-apples-new-marketing-rules-report/
• https://digiday.com/media-buying/apples-expanding-ad-ambitions-a-closer-look-at-its-journey-toward-a-comprehensive-ad-tech-stack/

dan , 1 month ago

It's an old version, but even today you can still make new apps that use it, using modern development tools (the latest version of Visual Studio). It's missing a large number of newer features, but all the essential stuff is available.

dan , 1 month ago

Wow I totally forgot about the compact version. I wrote a few C# apps for Windows Mobile using the compact framework and it worked pretty well. I posted some to XDA-Developers too (e.g. https://xdaforums.com/t/app-htcbutton-beta-change-function-of-wired-headset-button-skip-songs-via-button.492947/).

dan , 1 month ago

Nope I lost interest hahaha

dan , 1 month ago

one point registration for multiple communities,

Federation, or at least some form of single sign-on with arbitrary providers (like we used to do with OpenID), is a better way of solving this.

dan , 1 month ago

I genuinely don't understand why some open source communities rely so heavily on Discord.

dan , 1 month ago

now to begin the slow search for another private community for the friend group to very slowly migrate to.

Just don't pick another proprietary platform again.

dan , 1 month ago (edited 1 month ago)

In order to make it into a Discord or Zoom competitor you would need to solve far higher bandwidth things like HD video and low latency audio, and both of thouse are fundamentally very different things for a server to handle as compared to high latency short text messages.

A large number of Discord servers just use text.

For video, maybe integrate into something that already exists, like Jitsi? Instead of trying to build one single app that handles everything, maybe it would be nice to have a suite of apps that all work together and can all use the same login.

A lot of video conferencing systems are already mostly peer-to-peer, at least for enterprise apps. Skype was originally peer-to-peer too. NAT traversal is usually provided by STUN servers. There's some issues like that (for example it reveals the user's IP addresses) but you could proxy everything through a TURN server to solve that.

Peer to peer is the best way to implement end-to-end encrypted communication.

Having said that, very large groups can benefit from a client-server model, like what Zoom does.

dan , 1 month ago

I've never tried Matrix but I've heard good things about it.

dan , 1 month ago

Thanks! I'll have to see if there's Docker containers available. Ansible is definitely doable too, but I prefer Docker. I'll stick it on the same server I'm running Lemmy and Mastodon on :)

dan , 1 month ago (edited 1 month ago)

most people are on discord

There's a lot of people on Discord (around 200 million monthly active users) but it's still the smallest out of all the major messaging services that support group chats. For example, Telegram has over double the number of users, and WhatsApp has 10x the users.

For open source projects in particular, something that integrates with Github and Gitlab login (like Gitter which is now powered by Matrix) is a better choice, as developers are practically guaranteed to have one of those accounts.

dan , 1 month ago

Ahh... Interesting!

Do you know how much RAM it needs? I have a spare VPS with 9GB RAM - is that sufficient? I could run it in a VM on my home server instead, too.

dan , 1 month ago (edited 1 month ago)

Just tried out that playbook to set up a staging server, and it works pretty well.

I feel like it's a bit too magical though. I like knowing how all the software I'm using is installed and configured, and introducing another layer of abstraction makes that harder. I have particular ways things like my web server (Nginx), database servers, Let's Encrypt (certbot), etc are configured and want to keep things that way. I think I'll just use the Ansible playbook for the staging server, and set up the real server using the Docker containers directly, based on documentation from the upstream projects (Synapse, etc)

It looks like they have both Docker containers and Debian packages avaliable, so I'll have to see if it's worth using the Debian packages instead.

dan , 1 month ago

I want to keep using self-signed certs (my server is only reachable internally and I do not want to expose it to the internet). And the new server they use (I forgot which) didn't really have that option.

If you have your own domain name, you can get Let's Encrypt certificates for internal servers by using DNS challenges instead of HTTP challenges. I use subdomains like whatever.int.example.com for my internal systems.

Of course, it's possible that the Ansible playbook doesn't support that...

Thanks for the note about Python and the Debian packages. That's a good point. I'll definitely use the Docker containers.

dan , 1 month ago

You won't see much of a difference between SATA and NVMe (if at all) as the maximum speed for SATA (6Gbps) is higher than the maximum speed for USB 3.0 and USB 3.1 Gen1 (5Gbps).

dan , 1 month ago

Do you have a spare SATA SSD? This is my go-to USB cable for connecting SATA SSDs via USB: https://a.co/d/dQ5QXR1. Works well on Raspberry Pi and it'd work well on a thin client too.

Note that the Wyse systems don't have much CPU power as they're designed to be used as thin clients (where nothing runs on the system other than remote desktop connecting to a server somewhere). That's why they have so little space - they were never designed to run a full OS.

dan , 1 month ago (edited 1 month ago)

You likely won't notice much of a difference between SATA and NVMe when using the drive via USB, and many people have spare SATA SSDs, so I'd just grab a USB to 2.5" SATA cable: https://a.co/d/dQ5QXR1. You don't need an enclosure because the drive itself is already an enclosure.

dan , 1 month ago

Up to you... $20 isn't much and StarTech is a trusted brand, so it was worth it for me. I don't trust the cheap generic brands on Amazon as much.

dan , 1 month ago

Yeah this is pretty standard for software licensing. Free upgrades indefinitely is an unsustainable business model.

dan , 1 month ago

Hahaha true! Maybe they were going for a similar model to what VMware used to do: Provide ESXi for free for usage in homelabs, so that people get hooked and buy licenses for business use.

dan , 1 month ago

Sounds a bit like Gopher.

dan , 1 month ago

I'd love to host my personal site over Gemini but that site doesn't have any details about self-hosting. Guess I've got to research it in more detail. Do you have any recommendations? Should I just write my own server? 🤔

dan , 1 month ago

Nah you just need to use a provider that has an SMS API like Vonage, Telnyx, Twilio, etc. Many of them support replies too, so you can have something like "Reply with Y to RSVP"

SMS isn't too popular any more but it seems like a decent fit for a use case like this, as it effectively gives you nearly real-time push notifications without requiring everyone to install an app.

dan , 1 month ago

I love your analogy for ports, but I'm not sure about the VPN one.

If you imagine network traffic as mail going through the postal system, then a VPN is like a private mail tunnel between two locations, that nobody else can enter or look into. Mail sent via the tunnel is private and nobody else can read it. The person at the other end of the tunnel can either open the mail themselves (ie a VPN from your laptop to your home server to access it when you're away), or forward the mail somewhere else (ie if you're routing Internet-bound traffic through it) and nobody will know it came from you originally.

dan , 1 month ago

There are ranges of addresses that are reserved for local (non internet) network devices, such as my example IP address - 192.168.1.100

I just wanted to add that in some cases, the devices on your home network will have a public IP. For example, IPv6 uses a different public IP for each device on the network. You still need a router in that case, since your system still needs to know how to reach another network such as the internet.

dan , 1 month ago

Great point. Analogies are hard :)

dan , 1 month ago

Paying for a service is generally going to result in less of a push to monetize the data though, especially if it's a smaller provider or a private company.

We can't just give up and stick with ad supported services, but then not want to see ads... Ad-supported services are always going to have to try monetize you somehow, whereas paid services don't always need to.

dan , 1 month ago

Mine has decided it sometimes doesn't want to ring when people try calling. It's ringing normally on the caller's side, but I never get the call. It's a phone that's not good at being an actual phone!

dan , 1 month ago

does not protect from SQL injection attacks (many don't, despite it being easy to protect against)

Every modern database library automatically protects against SQL injection, usually by using prepared statements (where the query with placeholders, and the placeholder values, are sent as two separate things). so a system would have to be written extremely poorly to be vulnerable to it.

This post is just a joke as developers should hopefully be aware of the OWASP top 10 security vulnerabilities.

Edit: Bad developers will do bad things, but any reasonable developer should be well aware of these risks.

dan , 1 month ago

you can help other users by adding the missing albums to MusicBrainz.

There's also userscripts to automate a lot of the process of importing data from Discogs into Musicbrainz. There's lots of niche/rare albums that are on Discogs but not on Musicbrainz.

dan , 1 month ago

OpenSSL did add to the entropy pool a bunch uninitialized memory and the PID.

Did they have a comment above the code explaining why it was doing it that way? If not, I'd blame OpenSSL for it.

The OpenSSL codebase has a bunch of issues, which is why somewhat-API-compatible forks like LibreSSL and BoringSSL exist.

dan , 1 month ago

They're more likely to be based in Eastern Europe based on the times of their commits (during working hours in Eastern European Time) and the fact that while most commits used a UTC+8 time zone, some of them used UTC+2 and UTC+3: https://rheaeve.substack.com/p/xz-backdoor-times-damned-times-and

dan , 1 month ago

If a project only has Discord for support (no docs, no bug tracker), I'm not using it. Don't want to deal with trying to find anything in Discord.

dan , 1 month ago

It's not designed for real-time communication at all. ActivityPub is fine for things where it takes a little bit of time to sync everything, but a chat that worked that way would feel very slow. XMPP is a better fit.

dan , 1 month ago

Accessing an API is not scraping.

I probably used the wrong words... What I meant is that given API access, a malicious third-party can gather a large amount of data and store it in a way that goes against the service's terms of service, without the proper privacy guarantees (e.g. user data being deleted if they delete their account). Obviously that's a problem for a social network where people can post a lot of friends-only posts.

dan , 1 month ago

This is a good point. I know the WSL team were doing some optimizations to improve the performance of iperf3 in WSL, but I haven't tested it.

dan , 16 days ago

I see them!

Here's a screenshot:

https://upvote.au/pictrs/image/8ef19fa3-7aca-49b1-bd4b-58988e4e3ed5.jpeg

dan , 15 days ago

My screenshot is from the "Boost" mobile app on Android :) https://play.google.com/store/apps/details?id=com.rubenmayayo.lemmy