3
points
mgbmtl
Joined 2,450 karma
.
- I for one, am grateful to Mozilla for still being around, pushing for an open web.
Their documentation is excellent, the improvements and roadmap for Thunderbird made me finally adopt it, and I appreciate their privacy-friendlier translation services. uBO works great in Firefox, and I can't stand using a browser without its full features.
About MBA types: the free software project I work for has an MBA type, which I initially resented as being an outsider. However, they manage the finances, think about team and project growth long-term (with heavy financial consequences), and ignore the daily technical debates (which are left to the lead devs), and listen to users, big and small. Some loud users like to complain that we don't listen to them, and sometimes we kick them out, because we do listen to users.
I don't know much about Mozilla internals, if I am to judge from the results: Mozilla is still here, despite everyone saying for 10+ years that they are going to die. They are still competitive. They are still holding big tech accountable, despite having a fraction of their power. I can imagine that they make a lot of people here very uncomfortable.
- The sync would stall and I'd have to go retry, or it would fail with no error clear message. In the end, I had no idea what had really synched correctly. The app was unhappy if I deleted a photo too quickly.
With Syncthing, I sync to a directory that my Nextcloud user can access (a read-only mount), so I can still easily share photos using Nextcloud, for example.
(although it's unfortunate that the Android syncthing app is being retired. h/t for the heads up and the recommended alternatives)
- ICQ was a way of texting friends so that you could go party. At least for me, and I'm a nerd. I remember even "normal" friends were using IRC as a way to hookup. Cell phones were not very common.
Looking at my non-nerd 17 year old, they meet maybe once a month, and it's to cook food together during the day. Nobody drinks. They just see it as a waste of money. Maybe not the most normal sample. They love biking and also go to circus school together (Montreal).
- I like icinga's model, which can run a small agent on the server, but it doesn't run as root. I grant specific sudo rules for checks that need elevated permissions.
I find it easier to write custom checks for things where I don't control the application. My custom checks often do API calls for the applications they monitor (using curl locally against their own API).
There are also lots of existing scripts I can re-use, either from the Icinga or from Nagios community, so that I don't write my own.
For example, recently I added systemd monitoring. There is a package for the check (monitoring-plugins-systemd). So I used Ansible to install everywhere, and then "apply" a conf to all my Debian servers. Helped me find a bunch of failing services or timers, which previously went un-noticed, including things like backups, where my backup monitoring said everything was OK, but the systemd service for borgmatic was running a "check" a found some corruption.
For logs I use promtail/loki. Also very much worth the investment. Useful to detect elevated error rates, and also for finding slow http queries (again, I don't fully control the code of applications I manage).
- I mean, sure, you could blame the climate crisis on the petrol companies that have doubled production in Alberta in the past 10 years, or you suspect "eco-terrorists" which, as far as I know, is a Maxime Bernier conspiracy theory that has never been proven, despite the fact that environmental groups are constantly under CSIS watch? (https://www.france24.com/en/live-news/20230609-canada-wildfi...)
- The Crunchlabs agent seems to be based off the Arduino Agent, so I'm surprised they don't support Linux.
My teenager never had any issues with using Linux since the age of 10 (old laptop with Firefox and Minecraft), and never used Windows (school uses Chromebooks). Hopefully this works with just a standard editor too, although the Crunchlabs IDE looks nicer for learning.
- That's an odd reference to DEI. I'd say the negative consequences of authoritarian regimes is that they suppress freedom, and therefore art and technological innovation.
China is authoritarian, but also has a huge political system, somewhat strong institutions. That can't be said of many authoritarian regimes, which tend to be more fragile. It takes a really long time to build civil institutions. For example, Russia has the money and an authoritarian regime, but repeatedly fails to innovate, and we can't predict what will happen when Putin leaves.
- 18 points
- Looks neat, but I tend to get way too distracted by graphical interfaces. I assume it's really a question of personal preference. CLIs are faster to use, but have a bigger learning curve. (we will probably not solve that debate here, but I do wonder sometimes, whether to recommend the CLI or not)
Most of my git usage on the CLI is nothing fancy, just a few commands, but I keep a text file for some tips/tricks I don't use regularly.
- I'm surprised that you didn't mention the role of petrol in Alberta and hydro power in Quebec. They play a key role to sustaining the economy and social services. It's not just that though.
People are definitely less risk-taking, workaholics, despite having a social safety net, or maybe because of it. It's just maybe less in our culture to "go big or go home". Having a cabin in the woods and free time to live your life is nice.
Maybe because I live in Quebec, and language is definitely a barrier (requires immigrants to be trilingual), but I haven't met many shady people from China or India, on the contrary. My ancestors came here by accident from different countries, taking a random boat in a port, worked hard and made it. I hope we can give that opportunity to others too.
- This would be awesome. I wish it at least worked on Safari iOS. (Firefox seems unlikely: https://bugzilla.mozilla.org/show_bug.cgi?id=1553738)
We have a web app that does QR scanning for event badges, using a JS library, but it's painfully slow compared to the camera app.
- Isn't that a usability vs security trade-off? Asking naively as a non-expert here.
In some systems, a password reset lets you bypass MFA. On Gitlab, however, you might be able to reset the password, but it will not let you bypass MFA (which was a nice mitigation for this CVE).
I often wonder about this, because people's email should have fairly good security (MFA, detect new devices, suspicious IPs, alerts, etc), and MFA on the other service lets them have similar protections. Both services might not be bullet-proof, but an attacker will likely generate alerts in one or the other.
Most of my users are very non-technical, and might not have access to their MFA (MFA reset requests are fairly frequent), so to be able to access using a one-time-secret sent by email seems like an acceptable compromise, especially if it means that more users will enable MFA. In systems I administer, less than 20% of users tend to enable MFA (it depends on org policy, and it's often optional).
Speaking of, I wish services would do auth by: login -> MFA -> pass, instead of login -> reCaptcha -> pass -> MFA. Especially for scenarios where MFA is mandatory. Having reCaptcha is really annoying considering I went the extra step of enabling MFA (ex: Stripe, Quickbooks).
- Yeah I have an account on that Mastodon server and even logged-in, that page shows popular (rage-bait) content regardless of my personal preferences. It filtered by language but not region (so it was mostly content from another continent).
However, my actual Mastodon feed only has content from people I follow, without any recommendations, and that works great.
I see finances for a few free software projects, and many of them really struggle to get donations year after year, in a way that helps make the project predictable and sustainable.
For the US, people want you to be a 501c3, and then you need a EU equivalent. Canadians are unlikely to give to a US org (especially these days), but the market is too small to setup a local charity. So you need partners. All that has many compliance requirements and paperwork, so you need non-tech employees for the fundraising and accounting.
Eventually your big donors start blackmailing the project if you don't do what they want, and often their interests are not aligned with most users. You need various income sources.