The scale is backwards lol.

Also Proton: “metadata logging does not count as logging, and handing our logs, I mean non existent logs that only contains totally useless metadata, over to the Swiss government is fine because its the Swiss law”

GitHub gets autoscanned by thousands of malicious actors for keys and credentials on every commit, including the comments lol.

The fact that CISA themselves never saw an automated breach attempt only minutes after pushing to github is the more interesting story here.

Either the contractor is so incompetent that they didn’t have any logging set up and the breach went completely unnoticed for 6 months.

Or this really is some fat honeypot that they won’t admit is a honeypot because they’ve been using it to watch or bait APTs.

Currently, there is no indication that any sensitive data was compromised as a result of this incident

This is literally impossible unless it really was a honeypot. You can demo this yourself in real time. Make a throwaway cloud account on your favorite provider, commit the cloud auth token into a repo, and you will see an automated bot login within minutes.

Commiting any secrets to a public repo should just be considered auto compromised because of how potent it is.

That stuff ususlly gets exposed via poor CI/CD permissions where credentials are required, but straight up file commit is like publicly announcing exactly where you left your house keys lol.

No, its just that the current administration has been going around and depoting visa and greencard holders.

Employee of the Year

If it were not, it would just be inviting the government take a massive dump all over it.

Despite the crapshow that is the current US government, you can’t be arrested for standing in front of the Whitehouse shouting your support for whatever idea or group you beleive in (granted you are a Citizen of the USA).

Compare that to something like the UK where people have been charged and thrown in jail for wearing a t shirt or holding a sign, even outside of a protest because the government can just designate whatever it wants to be “hate speech”.

Private spaces like social media are not bound by this which is fine, but social media is so ridiculously controlled and filtered as a result, that you’re better off sticking to a non mainstream platform (like lemmy) where your comments won’t get banned and deleted for stepping out of line.

• Anything that you can shove hardware into (CPU, RAM, HDDs, maybe a PCI slot), so any used workstation is a great start, and don’t bother splurging initially, just follow the quality tool rule and only buy when something becomes inadequate. If you want to jump straight into loud and noisy severs, you can pick up used servers for cheap like R730s which there’s a ton of out there. Just avoid 2.5" drive bays because 3.5" HDDS are way cheaper per Gb.

• Would recommend podman over docker as its matured to the point where it has a lot of better features like rootless, quadlets, etc that you might want to take advantage of in the future. OS is whatever linux you prefer, but I recommend you stay away from Ubuntu. If you want something RedHat but not as cutting edge as Fedora, I’ve heard OpenSUSE is pretty nice.

For apps, If you want to do HTTPS via GUI then npmplus is nice option, Otherwise caddy can do the same with text config. Rest is whatever you want to try out :)

EDIT: If you start making an *arr stack, I would recommend recyclarr to handle the quite expansive content filter settings for sonarr and radarr.

I have this really old save file on Mario & Luigi Partners in Time where I basically tried to skip combat as much as possible, and it took me like 5 years to reach the final boss (compared to like two weeks on the other save).

Its been stuck there on the Shroob finale because it legitimately takes you like 40 minutes to clear the first princess and you have basically no one-ups or a useful amount of bros items, so you have to make every hit and dodge count.

I’ve seen several good speed runs of the game so it’s definitely doable, but it requires about 2 hours of perfect inputs, so I probably won’t be finishing it soon lol.

I hate to break the news but the issue with Bitwarden is that the client sucks total ass, and there are no drop in 3rd party replacements for the browser plugin.

Been running Vaultwarden for a while now and even though the sync implementation is nice and clean, it’s just not worth the end user experience.

This is really dumb when compared to literally every other password manager, open source and enterprise which does a much better job of actually being a password manager and not a glorified encrypted text file.

I’m eventually going to switch back to KeePassXC and just suggest setting a master password with Firefox’s builtin password manager for everyone else who just wants a painless user experience and not have to deal with syncing vaults.

How much does colocation end up costing?

I doubt it’d be worth it, but it would be funny to move my dated homelab servers next to some shiny new stuff and get SLA level internet.

NIMBY is usually more to do with perceived loss in value though no?

People don’t want AI datacenters because they are directly offloading energy costs to neighborhoods via substantially higher power bills. Which is happening because the demand is so high, they can’t compensate by building more power sources in the same time frame.

That and the poor reception to the AI market, which is wrecking jobs, the economy, etc.

Otherwise, datacenters were pretty well known for being built with very little resistance before this, especially since lots of providers, like Google, would fund geopower sources to power their datacenters which would add power to the grid with surplus.

I know people are reacting like its expected anyway because of the amount of espionage that goes on, but this is honestly more of a cold war era tactic.

Why would China risk souring relations right after a major diplomatic trip with some throw away gadgets that any competent military security would find immediately and proceed to document it?

China can just get that high level information via a million other ways including Trump himself. They probably have a truthsocial scrapper that automatically tells them exactly what Trump is gonna do next by deciphering his insane posts lol.

TPM microslop magic.

What’s even funnier is that we already have TCG, ISE, and SE drives that hardware encrypt AES256 by design, so you still get at least an instant delete option if you never bother to set a key.

Windows wants to double screw you over by never telling you it added a key, and then leaving you dead in the water if your TPM breaks, and then also failing to maintain their own TPM requirements making it completely useless lol.

This is nothing new actually, the same thing happend during the crypto boom.

There’s slop users (autoclankers) and then there’s researchers or developers actually doing the same stuff they’ve been doing for 5+ years.

I think it just seems that way because there’s always a clash on practically every post.

Some people don’t see the inherent flaw in outsourcing their physical thoughts to a cloud model, or the massive economic bubble they are helping to create.

But some people are doing some genuinely interesting things that would have otherwise been impossible several years ago just because AI and model training research got a huge boost for everyone the past few years.

My personal favorite is a drone that rapidly identifies and counts produce plant quality, output, issues, etc for large farms with some brand spanking new image models, and it costs about as much as maybe a new toolbox. No one wants to manually weed through hundreds of acres to count buds and try to catch problems before its too late. It’s a great upgrade from doing random samples that misses a lot of data.

On the other hand, those opposed to AI also have a subgroup that wants anything and everything with AI in the name dead, without any regard to what it is or what it does.

It’s like when you throw world and ml users into one post. They both think the other is louder, and also the big dumb lol.

Now all that high tech electronics jacking from the first Fast & Furious movie doesn’t look so dumb lol.

The real use case for redroid lol

Lenovo running the show is what makes it viable, otherwise I would have thought it was a Google backed conspiracy to drain GrapheneOS resources on a product that would never release.

Tbh the mobile industry is long overdue for some competitive upgrades anyway. A lot of their underlying functionality has fallen far behind desktop OSs.

It’s funny because they’re trying to find ways to cut cloud costs by offloading to users, but when that’s not a concern, they shove everything into the cloud and then ensure no local running option is available or viable.

Linux will do more because Apple and every sillicon valley giant has collusion SLAs with eachother, no matter what they publicly claim.

There’s the MTT S80 (First PCIe Gen 5 GPU lol) which is the consumer grade version of Moore Thread’s enterprise GPUs like S4000, but the problem is that they trade off super cheap VRAM and PCIe bandwidth for low compute power compared to even antiquated stuff from Intel, AMD, and Nvidia.

They’re actually a great choice if you want to run AI/LLM stuff for really cheap, and Moore threads has their own CUDA knockoff called MUSA which iirc does have support in the various LLM backends available. Back when they released, it was going for something like $160 in China and ~$200-250 online. Could easily pool the VRAM, though finding a mobo+CPU combo with enough PCIe lanes to spare meant you’d most likely not be taking advantage of more than maybe 2 or 3 cards in one tensor parallel split.

China’s domestic processor production is still catching up, so even though they have access to high speed RAM and all the latest standards, they don’t have the cores to match.

Their last KX7000 x86 CPU was comparable to a skylake i5 or i7, but just with newer standards like DDR5 and PCIe gen 4. So they’re about 7 years behind based on that estimate.