• 197 Posts
  • 561 Comments
Joined 1 year ago
cake
Cake day: June 12th, 2023

help-circle
  • IsoKiero@sopuli.xyzOPtoSuomi@sopuli.xyzHei Jari!
    link
    fedilink
    suomi
    arrow-up
    5
    ·
    7 hours ago

    Kalajoella on puuskat yltäneet yli 120km/h lukemiin. Pyörä ei varmaan ihan tuota saavuta, mutta sanotaan että “tarpeeksi lujaa”. Lisäbonuksena ohjaamista, jarruttelua tai mitään muutakaan ajamiseen liittyvää ei varmaankaan tarvi murehtia.






  • – Tällä hetkellä ei ole mitään mahdollisuuksia arvioida kaapelikatkoksen syytä, mutta tällaiset katkokset ilman ulkoista impaktia eivät näillä vesillä tapahtu. Täällä ei ole sellaisia seismisiä tapahtumia jotka sellaisia tekisivät, Cinian edustaja arvioi.

    Eli näin suomeksi, joku siihen kaapeliin on osunut ja katkaissut sen. Mitään varmaa tietoa ei kenelläkään tietysti tässäkohtaa ole, mutta spekulaatiot itänaapurista on tietysti nousseet jo pöydälle. Jossain kohtaa tulevaisuudessa varmaan selviää puuttuuko kiinalaispaatilta taas ankkuri vai onko joku troolari laskenut verkkoja vähän turhan ahnaasti.

    Internet sietää onneksi tuollaisia katkoksia varsin hyvin ja ainakaan omassa netinkäytössä en ole mitään ongelmia havainnut, vaikka tänäänkin on tullut istuttua teamspalavereissa ja touhuttua etäyhteyksillä hommia vaikka mihin.






  • Ylen jutussa veikkaillaan, että koko lupasirkukseen menee useampi kuukausi. Luulisi (tai ainakin toivoisi) että kaupungilta nyt löytyy kuitenkin sen verran maalaisjärkeä että jollain poikkeusmenettelyllä, EU:n kanssa tai ilman, olisi mahdollista aloittaa ainakin jotain toimenpiteitä rakennuksen kanssa ennenkuin lopullinen siunaus kaupoille saadaan tehtyä.

    Myyjien ja ostajien nimet on kuitenkin papereissa, niin tuntuisi kovin hölmöltä että putkien pitäisi antaa jäätyä halki ja mahdollisten ammoniakkivuotojen tms ongelmien antaa pahentua ihan vaan siksi että Unkari tms lykkää kapuloita rattaisiin. Tuohon liiteriin on kuitenkin varmasti useampi miljoona lanttia lyöty tiskiin ja jos jostain EU-päätöslimbosta pitää odottaa ratkaisuja juhannukseen asti niin tarvittavan remontin lisäkustannus on äkkiä sadoissa tuhansissa, varsinkin jos vesijohdoissa on vielä täysi paine päällä.


  • All of those are still standing on Firefox’s shoulders and the actual rendering engine on the browser isn’t really trivial thing to build. Sure, they’re not going away, and likely Firefox will be around too for quite a while, but the world wide web as we currently know it is changing and Google and Microsoft are few of the bigger players pushing the change.

    If you’re old enough you’ll remember the banners ‘Best viewed with <this browser> on <that resolution>’, and it’s not too far off from the future we’ll have if the big players get their wishes. Things like google suite, whatever meta is offering and pretty much “the internet” as your Joe Average understands it wants to implement technology where it’s not possible to block ads or modify the content you’re shown in any other way. It’s not too far off from your online banking and other very much real life affecting services start to have boundaries in place where they require certain level of ‘security’ from your browser and you can bet that things which allow content modifying things, like adblocker, doesn’t qualify for the new standards.

    On many places it’s already illegal to modify or tamper DRM protected content in any ways (does anyone remember libdvdcss?) and the plan is to include similar (more or less) restrictions to the whole world wide web, which would say that we’ll have things like fediverse who allow browsers like firefox and ‘the rest’ like banking, flight/ticket/hotel/whatever booking sites, big news outlets and so on who only allow the ‘secure’ version of the browser. And that of course has very little to do with actual security, they just want control over your device and what content is fed to you, regardless if you like it or not.


  • I have no idea about cozy.io, but just to offer another option, I’ve been running Seafile for years and it’s pretty solid piece of hardware. And while it does have other stuff than just file storage/sharing, it’s mostly about just files and nothing else. Android client isn’t the best one around, but gets the job done (background tasks at least on mine tend to freeze now and then), on desktop it just works.



  • I have absolutely zero insight on how the foundation and their financing works, but in general it tends to be easier to green light a one time expense than a recurring monthly payment. So it might be just that, a years salary at first to get the gears running again and getting some time to fit the ‘infinite’ running cost into plans/forecasts/everything.


  • It depends. I’ve ran small websites and other services on a old laptop at home. It can be done. But you need to realize the risks that come with it. If the thing I’m running for fun goes down. someone might be slightly annoyed that the thing isn’t accessible all the time, but it doesn’t harm anyones business. And if someones livelihood is depending on the thing then the stakes are a lot higher and you need to take suitable precautions.

    You could of course offload the whole hardware side to amazon/hetzner/microsoft/whoever and run your services on leased hardware which simplifies things a lot, but you still run into a problem where you need to meet more or less arbitary specs for an email server so that Microsoft or Google even accept what you’re sending, you need to have monitoring and staff available to keep things running all the time, plan for backups and other disaster recovery and so on. So it’s “a bit” more than just ‘apt install dovecot postfix apache2’ on a Debian box.


  • Others have already mentioned about the challenges on the software/management side, but you also need to take into consideration hardware failures, power outages, network outages, acceptable downtime and so on. So, even if you could technically shoehorn all of that into a raspberry pi and run it on a windowsill, and I suppose it would run pretty well, you’ll risk losing all of the data if someone spills some coffee on the thing.

    So, if you really insist doing this on your own hardware and maintenance (and want to do it properly), you’d be looking (at least):

    • 2 servers for reundancy, preferably 3rd one laying around for a quick swap
    • Pretty decent UPS setup, again multiple units for reundancy
    • Routers, network hardware, internet uplinks and everything at least duplicated and configured correctly to keep things running
    • A separate backup solution, on at least two different physical locations, so a few more servers and their network, power and other stuff taken care of
    • Monitoring, alerting system in case of failures, someone being on-call for 24/7

    And likely a ton of other stuff I can’t think of right now. So, 10k for hardware, two physical locations and maintenance personnel available all the time. Or you can buy a website hosting (VPS even if you like) for few bucks a month and email service for a 10/month (give or take) and have the services running, backed up and taken care of for far longer than your own hardware lifetime is for a lot cheaper than that hardware alone.


  • Tuohan se on yksi ratkaisumalli mitä tähän on tarjottu, tosin ilman varsinaista tekoälyä. Eli että joka härvelissä olisi tietokanta, missä olisi ‘tunnistetiedot’ osapuilleen kaikesta lapsipornosta mitä on ikinä viranomaisten toimesta nähty. Ei tietenkään niitä varsinaisia kuvia, vaan jonkinlainen “sarjanumero”, mitä sitten verrataan ihan kaikkeen mitä kapulastasi tuuttaat ulos.

    Noh, kuten tiedetään, niin koneiden kuvientunnistus on vähän niin ja näin (mm. tyyliin reCaptcha haluaa että merkkaat liikennevaloista varoittavan liikennemerkin etkä niitä varsinaisia valoja), jolloin johonkin virastoon pärähtää hälytys että nyt keletappi postaa laitonta materiaalia, vaikka todellisuudessa kuvassa olikin karvaton kissanpentu. Tämä syö resursseja ihan oikeasti toimivalta työltä ja pahimmillaan saat kaivella keskustelulogeja puhelimesta siinäkohtaa kun karhuryhmä on tullut saranapuolelta sisään keskellä yötä.

    Ja sitten se toinen ongelma, joka on mielestäni ihan hemmetin paljon isompi: Jos kuvatunkaltainen ennakkosensuuri (tekoälyllä tai ilman) otetaan käyttöön, niin rikolliset kaivelevat sitten sen tunnistusmekaniikan laitteista ulos ja testaavat omat kuva-arkistonsa sitä vastaan, jolloin “turvattomat” kuvat saadaan helposti seulottua ja järjestelmän tunnistamatta jättämät kuvat voi laittaa darknettiin myyntiin. Tämän jälkeen järjestelmän tuntemat kuvat syötetään jollekin toiselle tekoälylle, joka muokkaa kuvia niin pitkään että käyttötarkoitus säilyy, mutta tunnistusjärjestelmän lippu ei enää heilu.

    Ja lopputuloksena tavan sukankuluttajien tietoturvaa on heikennetty, viranomaisresursseja tuhlataan siihen että katselevat kuvia possuista, pienikokoisista aikuisista ja tiessunmistä ja noista jonkinlainen osa aiheuttaa kevyesti sanottuna harmaita hiuksia joillekin onnekkaille, jotka päätyvät ihmisseulasta huolimatta tiukempiin tutkimuksiin. Samalla ne oikeat rikolliset osaavat piiloutua entistä paremmin, käyttää parempia salausmekanismeja ja saavat ihan kirjaimellisesti työkalut valvonnan parempaan välttämiseen.

    Kaupan päälle tietysti vielä vähän kalteva pinta, joka sanoo että jos lapsipornoa voidaan ennakkosensuroida niin olemassaolevaa järjestelmää on helpompi laajentaa muihinkin epämukavuuksiin kuin luoda isovelijärjestelmä tyhjästä.



  • I’m currently more of an generic sysadmin than linux admin, as I do both. But the ‘other stuff’ at work runs around teams, office, outlook and things like that, so I’m running a win11 with WSL and it’s good enough for what I need from a workstation. There’s technically a policy in place that only windows workstations are supported, but I suppose I could run linux (and I have separate laptop for linux-only stuff). At the current environment it’s just not worth the hassle, spesifically since I need to maintain windows servers too.

    So, I have my terminals, firefox and whatever I need and I also have the mandated office-suite, malware protection/IDR/IDS by the book and in my mindset I’m using company tools for company jobs. If they take longer, could be more efficient or whatever, it’s not my problem. I’ll just browse my (personal) cellphone while the throbber spins on the screen and I get paid to do that.

    If I switched to linux I’d need to personally take care of my system to meet specs and I wouldn’t have any kind of helpdesk available should I ever need one. So it’s just simpler to stick with what the company provides and if it’s slow then it’s not my headache and I’ve accepted that mindset.





  • The package file, no matter if it’s rpm, deb or something else, contains few things: Files for the software itself (executables, libraries, documentation, default configuration), depencies for other packages (as in to install software A you need also install library B) and installation scripts for the package. There’s also some metadata, info for uninstallation and things like that, but that’s mostly irrelevant for end user.

    And then you need suitable package manager. Like dpkg for deb-packages, rpm (the program) for rpm-packages and so on. So that’s why you mostly can’t run Debian packages on Fedora or other way around. But with derivative distributions, like kubuntu and lubuntu, they use Ubuntu packages but have different default package selection and default configuration. Technically it would be possible to build a kubuntu package which depends on some library version which isn’t on lubuntu and thus the packages wouldn’t be compatible, but I’m almost certain that on those spesific two it’s not the case.

    And then there’s things like Linux Mint, which originally based on Ubuntu but at least some point they had builds from both Debian and Ubuntu and thus they had different package selection. So there’s a ton of nuances on this, but for the most part you can ignore them, just follow documentation for your spesific distribution and you’re good to go.


  • Filtering incoming spam, while not 100% correct, is a pretty straightforward thing to do. Use DNSBL and other lists from spamhaus and it takes care of 90+% of the problem. Incoming spam has not been a huge issue for me, but when people try to send mail to someone in M365 cloud or to Gsuite and they just decide that your server isn’t important enough they just block you out and that’s it. Trying to circumvent that takes a ton of time and effort and while it can be done it’s a huge pain in the rear. And trying to fight your way trough the 1st tier support to someone who actually understands the problem and attempts to fix that while you customers are complaining that “problem with email” is actually affecting on their income is the part I’ll happily leave behind.

    I’ll set up a couple of new VPS servers to host my personal and friends emails, but if they complain that the service I’m paying from my personal pocket isn’t what they’re after then they’re free to switch into whatever they like. And as infrastructure for that is something like 100€/year I’ll happily pay it by myself so that no one has an option to say ‘I paid for this so you need to fix it’ anymore. On commercial case that’s obviously not an option and I’ve had my share of running a business in a very hostile environment.