I hate that Google is exerting even more control on the internet with their TLD, but I don’t really think this attack is made all that much worse with .zip TLD. I can already bury a .com in a long URL and end it in .zip just fine like so:

https://github.com∕foo∕bar∕[email protected]/foo/bar/baz.zip

Or even use a subdomain to remove the @:

https://github.com∕foo∕bar∕baz.example.com/foo/bar/baz.zip

The truth is most people don’t look much at URLs outside of a domain to verify its authenticity, at which point the .zip TLD does not do much more harm than existing domains do.

For mitigation, Firefox already doesn’t display the username portion of the URL on hover of a link and URL-encodes it if copy-pasted into the url bar. It also displays the punycode representation when hovering or navigating to the second example.

While I agree that first party systems suck, as someone with neither an iOS or Android device I personally prefer something work rather than a screen that says “connect iOS/Android”.

Definitely agree, but your link is protected by cloudflare (yet another centralized service destroying the internet) and therefore I’m unable to get through because I have privacy.resistFingerprinting enabled on my browser so cloudflare is unable to determine I’m human I suppose.

I despire youtube and it’s monopoly, and I think it get’s an appropriate amount of hate on here and HN, but what confuses me to no end are the people who complain about youtube turn right around and constantly recommend cloudflare. Can someone explain what I am missing?

That’s wild, I’ve never seen an upside down port.

I agree reversibility is better and am happy usb c will finally kill this meme.

I would have more sympathy for Youtube if 1. it wasn’t the de-facto standard where essentially all video media gets uploaded to (which Youtube itself has done everything in its power to make happen) and 2. the company that owned it didn’t also own the most popular phone OS, most popular search engine, most popular email provider, most popular ad network, most popular maps, most popular online office suite, most popular airline booking, 2nd most popular cloud hosting… The list goes on

Until a federated solution like peertube gains more traction I have no problem paying content creators directly via patreon, and do everything in my power to not pay Google a dime. Trust me, they can afford it just fine.

Yeah that’s fair. But I feel like I’ve seen these “USB superposition” memes since before IoT was even a thing.

Can someone explain to me why I keep reading about people having problems plugging in USB A connectors upside down? I feel like I’m taking crazy pills. Per the spec, the holes always go up. They indicate the correct way to plug in the port. Not only that, but the printed logo on the connector also always goes up.

The only time this is SLIGHTLY confusing is if you have a desktop tower where the motherboard is essentially mounted sideways, but for that case it just takes an extra second to think which way is “up” from the perspective of the motherboard.

And before anyone says “who reads the spec?”, it feels like I subconsciously knew this for something like a decade before I even knew what a spec was.

Yes, you are correct in that a single individual’s action will make no difference, just like your single vote makes no difference either. However if everyone does their part it can make a massive difference.

While your individual contribution makes no difference, you still should try to do your part. Yes, change takes work and a bit of sacrifice. Just like how it takes time out of your day to do research on candidates and go to the polls.

If you don’t do the work, it doesn’t make you smart or clever, it just makes you an asshole taking advantage of others.

If I super heat a metal and it turns visibly red what is happening? Was it already emitting infrared and as it gets hotter the frequency shifts up? Or is it still emitting infrared but has a wider band of frequencies it is emitting as well (i.e. is it emitting frequencies below infrared as well as visible red)?

I just tried subscribing to [email protected], but it’s empty despite the peer tube channel having many videos. Any idea what’s going on?

The problem is all of these apps are using proprietary APIs to communicate to centralized backends, which then deprecate the APIs and the old versions cease to work. Back when software was largely communicating over standardized protocols it was feasible to run an old version of software for years after it had been stopped being maintained, but protocols don’t make money, APIs do.

There’s no way of knowing, which is the whole problem with their model and why a lot of us self host things in the first place. Even if they super duper promise not to use the data, they could be lying. And if they are actually true to their word today, that could change tomorrow.

I haven’t used any flatpacks, mostly because they don’t seem to have a good solution for running terminal programs. (Also I don’t like that the application developer chooses the permissions to expose rather than the user.

However, I have been using bubblewrap which is what flatpack uses under the hood to sandbox. This allows me to run both gui and non-gui programs, and I have the control of exposing the minimum required permissions that I’m comfortable giving an untrusted piece of software.

I seem to be in the minority here but I personally prefer using $ and # to denote root. I like this because not everyone uses sudo and might not even have it installed.

That being said, if you already have other commands that are using sudo -u ... to run commands as a different user then it might be best to just be consistent and prefix everything with it, but if there is only a few of those maybe a # cp foo bar && chown www-data bar is an alternative.

it has a nice working sync of connection profiles (even of ssh keys…encrypted!)

Sorry, but what on earth does this have to do with a terminal emulator? Something like this makes way more sense as a separate tool. It’s like if I was making a decision of what video player to use because it can sync my browser bookmarks.

The way I remember the order is that the parentheses around the link would make grammatical sense outside of markdown (the goal of markdown is to still be fully readable even when looking at the raw source).

For example if I were posting on a forum that didn’t have markdown support which one of these would make more sense:

1. You can find that on this lemmy instance (https://lemmy.world).
2. You can find that on (this lemmy instance) https://lemmy.world.

Option 2 makes no sense grammatically. Then you just need to use the square brackets (which rarely show up in non-markdown text) to denote the link range.

Alternatively, if you still have a hard time remembering the order, you can use reference-style links which make it even more readable outside of markdown rendered contexts (note that there are no parentheses in this version, nothing to get confused):

[Here is a link][1] and [here is another link][2].

[1]: http://example.org
[2]: http://example.com

Invidious is just a frontend to Youtube like Teddit was a frontend for Reddit. It’s not federated, and Google can and will do everything in their power to make it suck. Just like how Reddit will now destroy Teddit next month.

Peertube is the federated option for video hosting/sharing. But of course, like everything else currently controlled by the centralized mega-corporations, there is a huge network effect hurdle that users need to overcome to get their content off of the user-hostile megacorporations (Youtube) and onto the federated alternatives (Peertube).

I see invidious/teddit/nitter/quetre/rimgo/scribe/libremdb as stop gap band-aids to temporarily give power back to the users, but in the end the owners of the content have full control over stopping these.

This is why it is so important that we promote federated networks like lemmy, mastadon, matrix, peertube, etc… Otherwise the entire internet will be a user-hostile cesspool.

Personally I think Spotify is worth $10 a month.

While I agree that there aren’t any great self-hosted solutions, more diversity in the music space is important. I refuse to use Spotify, and for me it’s not about price. In fact, if they charged more and actually paid their artists more I would probably hate it less. But overall I mostly refuse to use it for other reasons:

It couples the company that delivers your music with the app you must use to stream your music. In my opinion these should be separate - perhaps an open protocol that streaming companies can all use and open source clients that can connect to one or many of them?

Spotify made it clear that they don’t care about Linux users when they killed their Linux client. Yes I know about librespot, it’s only a trivial decision away from Spotify killing it. And unlike Reddit’s API changes, the backlash would be minimal since most people use the official one.

It strongly relies on network effects to get everyone on the platform and keep them there. As mentioned above, this hurts independent artists because they are forced to publish their music on a platform that doesn’t pay well just because everyone is on that platform. But there are more than just network effects between artists and consumers: Spotify relies on social-network style antipatterns to keep users in their ecosystem. I’ve been told by my friends that I am “difficult” because I don’t use Spotify and they want to share something with me. That is Spotify’s manipulation

Their official client is electron, I don’t want to have to run a whole browser stack to listen to music. Not to mention the fact that npm is plagued with supply chain problems and unless the Spotify devs manually audit every dependency of every dependency of every dependency any time they add or update one (doubt it), users are one attack away from being compromised.

When I did briefly use Spotify many years ago I took the time to build up some playlists of music and randomly songs would disappear from the playlists when Spotify lost rights to stream it.

I personally use Bandcamp for recommendations/discovery, and then purchase music I like to listen to and self-host it with MPD. It works great.

I’m not saying this is for everyone, obviously streaming has its merits. But in my experience most people self host not because something costs money, but because they have zero control of the actual experience, and they want to avoid the vendor lock-in issue.