Mikina

Mikina , 1 day ago

I'd like to mention one exception, because it took me ages to properly debug.

If your endpoint is serving mirrors for APT, don't redirect to HTTPS.

APT packages are signed and validated, so there is no need to use TLS. Lot of docker images (such as Kali) do not have root certificates by default, so they can't use the TLS, because cert validation fails. You also can't install the certificates, because they install through APT. If your local mirror redirects to https by default, it will break it for people who choose the mirror, which IIRC happens automatically based on what's closest to you. I think this issue is still there for Czech Kali package mirror, and it took me so long to figure out (because it's also not an issue for most of the users, since they have different mirrors), so I like mentioning this when talking http/s. It's an edge case, but one that I find interresting - mostly because it would never occur to me that this can be an issue, when setting up a mirror.

But that was more than a year ago, it may be better now.

Mikina , 2 days ago

That's weird, Meta has a whole department whose only job is to uphold user privacy. They even have a Chief Privacy Officer role, and they are saying that user choice and user privacy is super important to them and the core of every product 0-0.

https://about.fb.com/news/2019/07/ftc-agreement/

Yeah, fuck them. Gaslighting POS.

Mikina , 5 days ago

Depends, assuming a fresh install, can you even create account on win11 without internet access? Last i checked, it wont let you start with local account and requires MS account.

Mikina , 2 days ago

Btw, choco (and maybe even winget?) already has a gsudo tool, which implements sudo. It is super handy, and having a native version is definitely better, but before its available, I recommend gsudo.

Mikina , 11 days ago

I used TS for the first time in like 15 years litterally two days ago, funny timing.

Yeah, I lost EVE. Again.

Mikina , 10 days ago (edited 10 days ago)

Serious EVE players are something else. The mention about IT security isn't a hyperbole, some EVE players take the espionage meta-game very seriously, and even though it's not only against the rules but also illegal, that's not gonna stop them. I mean, once they literally got someone to turn off electricity for a whole town just so they can win a fight (I tried to find a link to the article, because I'm 90% sure I did read about it somewhere, but I can't manage to find it anywhere, if anyone has a link. Maybe it was just a rummor, or an unexecuted plan?)

Mikina , 12 days ago

Are the tactics and procedures used to break down such documents leaked? Id love to read more about it, and I suppose it may be part of some of the leaks that happened in the last few years.

I'm interested in how exactly they do/did it, so I know what to watch out for.

Mikina , 17 days ago

I never noticed that the logo in fact does look like am asshole. Cool

Mikina , 27 days ago

I'm really glad that my first introduction to RPGs, when I was on a summer camp and like 13yo, was with a GM who didn't use any rules (aside from a D10) and instead focused on RP, and resolved actions based on what exactly we described, intuition and a D10 roll without a set goal or number.

It has taught me an entirely different approach to pen&papers that has carried really well over to when I started playing more rules heavy systems, which is especially apparent when I play with groups who never really played without rules, where most of the combat or actions are reduced to playing a board game and a lot of talk revolves around stats and numbers, instead of on the RP, which is a shame. Which is understandable, since if your first experoence with RP is a rule heavy system, it's not exactly intuitive to just ignore the stats and rolls, because they seem important.

I'm used to paying almost no attention to stats aside from vaguely knowing what my character is better at, and threat them and the rolls in same way as I did when starting - don't care what are the odds, don't care about the roll, I just start with describing an action I want to do and figure out the stats as an afterthought. And it makes for such a better experience, and I higjly recommend for anyone starting a new group or having inexperienced players - just go with a single d10 for the first session, and guess the results based on a vague gut feeling based on the situation and the number rolled. Its suprisingly intuitive once you start from the GM side, and it teaches the new players way better habbits in how to approach the game and what is important, that will stay with them even after they add rules to the mix.

Mikina , 26 days ago

I agree, and I think that what may have also helped was that I was still basically a child when I was introduced to the dice-only RPGs. Also, it's definitely way more difficult for the GM, which I was fortunate enough to have a really experienced and amazing one.

It's true that if the whole group including the GM is starting out, going with something like Fate is better choice, which I also prefer nowadays. Or more experimental ones like Dread or the candles one.

Mikina , 25 days ago

This is a great point, and I definitely agree, and I haven't thought about it in this way. I don't think that I've ever ran into a group where our expectations would be so much different that it would cause an issue, but it's a great thing to keep in mind. Now that I read it again, I think I should add that I don't think that it's wrong to play RPGs as a board game, and I don't really mind if someone does even in our group and I'm having fun either way, but I mostly felt like it's a little bit shame that it may not even occur to some people that you don't have to focus mostly on rules - since thats what most of the game book is about, and can do it differently, especially when you're starting out. Which is also a good thing to keep in mind, to discuss and make the options and expectations clear before starting.

Mikina , 28 days ago

My favourite take on DI is this set of articles from like 12 years ago, written by a guy who has written the first DI framework for Unity, on which are the currently popular ones, such as Zenject, based on.

The first two articles are pretty basic, explaining his reasoning and why it's such a cool concept and way forward.

Then, there's this update:

https://programming.dev/pictrs/image/4029a87e-866e-48b2-9be6-3d1091bbf2fc.png

Followed by more articles about why he thinks it was a mistake, and he no longer recommends or uses DI in Unity in favor of manual dependency injection. And I kind of agree - his main reasoning is that it's really easy for unnecessary dependencies to sneak up into your code-base, since it's really easy to just write another [Inject] without a second thought and be done with it.

However, with manual dependency injection through constructor parameters, you will take a step back when you're adding 11th parameter to the constructor, and will take a moment to think whether there's really no other better way. Of course, this should not be an relevant issue with experienced programmers, but it's not as inherently obvious you're doing something potentially wrong, when you just add another [Inject], when compared to adding another constructor parameter.

Mikina , 29 days ago

Some kernel anticheats work too, I had no issues playing Helldivers and Hell Let Loose, both of which use EAC. Developers have to enable Linux support, which AFAIK is just one checkbox, so you still get games that don't allow it (like EVE Vanguard), but most of them are OK.

League and Valorant is a different story, those don't work.

Mikina , 30 days ago

I have a Nvidia gpu and I did run into issues on Fedora with drivers and cutscenes, switching from Gnome to KDE and wayland to X11 fixed some problems, but I fidn't manage to get it to work properly and have given up in a few weeks.

However, I switched to Nobara which is based on Fedora and handles the gaming related configuration for you, and so far O've had a great experience without any issues for half a year already, so if gaming is what you're primarily after, I'd recommend going with Nobara.

Mikina , 30 days ago

I preffer KDE and use x11. Wayland is getting better with nvidia, but I still had some bugs with taskbar freezing often when I first tried it, so I just switched to X11. I haven't tested it recently though, so it may be OK now.

Mikina , 30 days ago

We've had to work in Pharo for our OOP uni course, and it was one of the worse experiences I've had in school. Mind you, it was something like 7 years ago, so the language may very well be a lot better now, but the whole "your IDE is the code" felt cubersome, it was buggy and crashed randomly, and in general I spent more time fighting with the IDE than doing something useful.

It was a bad time, but also a great learning experience. Being forced to work in something that IMO sucks is an useful skill, but I never want to see that language again :D

Mikina , 1 month ago

I wonder, is it possible to create a license that would allow you to simply ban people who are being a dick about something from using it? Sure, it may turn away some people, since there's always a risk of abuse, but it's your work and as far as I know, you are the one who sets the terms.

If I'm not mistaken, most of the FOSS licenses (or maybe even laws?) guarantee you that you would be able to use the software even if the project later decides to change to proprietary license. But I assume you can simply specify in a licence "Everyone can use it, expect X.Y.Z".

Would that be legal? Sure, it would probably be pretty hard to enforce, but in some cases it could make for a pretty satisfactory (and petty, of course) C&D letters, for people that really deserve it. You insult the devs of a software your company depends on, demanding something while being a dick about it? Well, fuck you, no library for you and your company.

Mikina , 1 month ago

But a paid licence will affect users that are all right abd for whom you're doing it.

I understand that using something with a risk of loosong access because you've upset the developer is something that will turn away a lot of people, but then again, I'd say that "don't be a dick" is a pretty reasonable requirement. The only issue I see that it's a pretty vague definiton, but maybe just limiting it to profanities and insult towards the contributors is something more concrete, which would be easy to fulfill and also enforce.

Mikina , 1 month ago (edited 1 month ago)

Down the Rabbit Hole for EVE Online is absolutely amazing. I've played the game here and there for quite a long time, and it's one of my favourite experiences, that is however really hard to put into words.

That game is weird. I still can't explain why it's one of the best games I've played, but I always keep returning to it and love consuming content about it from time to time. And this document is amazing in explaining how extremely unique and cool the game is in it's metagame and the stories it generates. The game has it's problems, but I still think it's one of the most unique lifestyles in gaming, that nothing ever comes close to. It's the only MMORPG that's actually literally roleplay, that basically forces you to roleplay without you even realizing it. Sure, you may not speak in character, but the fleet doctrines, logistics, corp organization, propaganda, corp-politics and everything around it people do - that's literally roleplaying.

Another one would be B-Movie: Lust & Sound in West-Berlin 1979-1989. This document is really really hard for me to watch, because it's a subculture that was always really important to me, to the point where I help with event promotions and DJ at local 80s goth/synthpop events and it's my main hobby. But, since I'm now in my 20s, I've missed it. The way internet transformed music subcultures is terrible, especially so the alternative ones, but music consumption in general - sure, it's really amazing to have every almbum ever in the palm of your hand, but there's just so many that I don't know any. If I talk to anyone who started with music with the one MC tape, and each new relleas was something hard to get that you actually treassured, I really envy their relationship with music. And that's something that's almost impossible to build in this day and age.

The fact that I'll never get to experience the scene as it was in the 80s is one of the saddest things for me, and this documentary shows it in really genuine and amazing way.

And then there's The Social Dillema, about the dangers of social networks. A word of warning from people who worked at large social network companies and left because the way they exploit users got too much for them, and now they are trying to spread the word. I really recommend this for everyone, it's eye openning and really terrifying. It was one of the first impulses that got me heavy into privacy, and it everyone should see it at least once.

Mikina , 1 month ago

Another one came to my mind - ROBLOX_OOF.mp3 by hbomberguy.

It's really a wild ride. As traditional with his videos, it starts with a pretty innocent investigation into one of sounds popular on the internet, and then gets into a mindboggling rabbit hole about Tommy Tallarico, the guy behind Video Games Live, and how he accidentally discovered what an insane text-book example of pathological lier he is. It's funny, and really absurd - I'd recommend it to everyone, because it's really interesting insight into how bad can it get with pathological liers. It's a roller coaster, and a really fascinating one. And I also learned that Guiness World Record is a scam and literally only an advertisement business, which I never realised before.

It's a shame, I really liked Video Games Live, the live recordings of it's shows are great. Assuming you skip the ego-trip monologues he interupts the concert with.

Mikina , 1 month ago

There's not much they can do about PGP, though. Sure, encrypting stuff manually can get a little bit annoying, but nothing a quick browset extension wouldn't fix.

The moat difficult part will ve convincing your friends to use it, and actually sharing keys, but if you really need to hide what you're talking about, it's not like stopping a e2e rollout will help in amy capacity. Quite the contrary - people who they want to target with this will only start to be even more carefull, reaulting in them loosing access even to those backdoored privacy messengers they already probably have and criminals rely on.

Mikina , 1 month ago

Once you have a tool that uses pgp with keys you provide, and encrypts messages in normal chats, changing the actuall message format would probably be easy, so there's plenty of room for adittional steganography. Images would make for a perfect cover, with something like last-bit steganography.

But, I hope it won't come to that.

Mikina , 1 month ago

That's true. I guess that in this case, your best bet is (assuming you don't have something so illegal to hide, that they do want to expend large amount of resources on you) to just go security by obscurity, and have some kind of obscure custom steganography that's not widely used.

And for PGP - I though that there's a difference between signing and encrypting a message, and when you only encrypt and don't sign, they can't attribute the message to you, assuming they don't have your private key or the original plaintext? Or is it possible to attribute a encrypted message using only public key and cyphertext?

Mikina , 1 month ago

The final nail in the Unity coffin for me was when few years ago, they announced discontinuation of several of their features, like MP, fired hundreds of employees, and bought a new company that's focused on monetization of games and ads.

That's a pretty clear message about their intentions and area of focus. No thank you.

Mikina , 1 month ago

What gives me immense joy is that there's probably someone at Unity really really upset now. Fuck them.

Someone once told me a story how they made a game in Unity, and were in contact with them, since they are also a content creators. Then they decided it sucks and rewritten the project into Unreal, and when they met someone from Unity who asked how it's going and whether they need help with anything, and when they told them that they are actually working on Unreal now, the Unity guy got literally upset and angry at them how they can't do that and what are they thinking. It was hilarious.

Reportedly, then Unreal support was way better and more friendly.

Mikina , 1 month ago (edited 1 month ago)

I had the same issue with gamedev industry, but thankfully Ive very quickly realized that's how work works, and you usually have a choice - either earn a good living being a code monkey, or find a job in a small company that has passion, but they won't be able to afford paying you well, or do it in your free time as a hobby. Capitalism and passion doesn't work together.

So I went to work part-time in cybersecurity, where the money is enough to reasonably sustain me, and use the free time to work on games in my free time. Recently, Ive picked up an amazing second part time job in a small local indie studio that is exactly the kind of environment I was looking for, with passion behind their projects - but they simply can't afford to pay a competitive wage. But I'm not there for the money, so Ibdon't mind and am happy to help them. Since there are no investors whose pocket you fill, but the company is owned by a bunch of my friends, I have no issue with being underpaid.

But it's important to realize this as soon as possible, before trying to make a living with something you're passionate about will burn you out. A job has one purpose - earn you a living. Companies will exploit every single penny they can out of you, so fuck them, don't give them anything more than a bare minimum, and keep your energy for your own projects.

And be carefull with trying to earn a living on your own - because whatever you do, no matter how passionate are you, if it's your only income and your life depends on it, you will eventually have to make compromises to get by. It's better to keep money separate from whatever you like doing, and just keep your passion pure.

EDIT: Oh, I forgot to mention one important thing - I'm fortunate to not have children, share living costs with a partner, and live in a city with good public transport, so no need for a car, and free healthcare. I suppose that makes it a lot more easier to get by with just a part time.

Mikina , 1 month ago

I'm starting to think that "good code" is simply a myth. They've drilled a lot of "best practices" into me during my masters, yet no matter how mich you try, you will eventually end up with something overengineered, or a new feature or a bug that's really difficult to squeeze into whatever you've chosen.

But, ok, that doesn't proove anything, maybe I'm just a vad programmer.

What made me sceptical however isn't that I never managed to do it right in any of my projects, but the last two years of experience working on porting games, some of them well-known and larger games, to consoles.

I've already seen several codebases, each one with different take on how to make the core game architecture, and each one inevitably had some horrible issues that turned up during bugfixing. Making changes was hard, it was either overengineersled and almost impenetrable, or we had to resort tonugly hacks since there simply wasn't a way how to do it properly without rewriting a huge chunk.

Right now, my whole prpgramming knowledge about game aechitecture is a list of "this desn't work in the long run", and if I were to start a new project, I'd be really at loss about what the fuck should i choose. It's a hopeless battle, every aproach I've seen or tried still ran into problems.

And I think this may be authors problem - ot's really easy to see that something doesn't work. " I'd have done it diferently" or "There has to be a better way" is something that you notice very quickly. But I'm certain that watever would he propose, it'd just lead to a different set of problems. And I suspect that's what may ve happening with his leads not letting him stick his nose into stuff. They have probably seen that before, at it rarely helps.

Mikina , 1 month ago

But... They said that privacy is the most important thing for them 0_0
https://about.meta.com/actions/protecting-privacy-and-security/

Mikina , 1 month ago

I do feel kind of simillarly betrayed. Watch Dogs were my forst point of reference into what hacker subcultures look like, and it has shaped a large part of my life - next month i's going to be 5 years I've worked as a Red Teamer in a cybersec company. I'm also mostly a poser, and the aesthetics simply makes it way more fun - making art that's tied into what you do is great, assuming you dont take it too seriously, of course. Not that I do it, but the way Watch Dogs portraied it, it was fun.

Is it neccessary? Of course not. Is it a shame there aren't many hackerspaces with cool street art, and hacktivists making over the top manifests ajd cool streetart around our town? A little bit.

Mikina , 1 month ago

Not only investors. Everyone needs stocks to forever go up. We're kind of fucked, because once it becomes apparent that the infinite market growth isn't possible and we reach a theoretical ceiling of stock market, the world and economy will probably be in serious shit.

I've tried looking for some articles or papers about what would actually happen and couldn't find any, but our society right now is kind of based on that premise, and once it stops it's going to be a problem. Mostly for the ordinary people, though. And of course, caused entirely by the greedy investors struggling to figure out how to keep milking the cow. Fuck capitalism.

Mikina , 1 month ago

First thing I did after I got Kagi was to set lower priority for Reddit results. My search experience has been way better ever since.

Mikina , 1 month ago

What's really unhinged is the amount of resources invested into gaslighting Meta does.
https://about.fb.com/news/2024/01/investing-in-privacy/

They even have a "Chief Privacy Officer". They have brainwashed entire departments into believing that Meta actually cares about privacy, it's so terrifying. I wonder if people working there realize that, or they have simply fell for the gaslighting.

Mikina , 1 month ago

Max Schrems, the Austrian activist lawyer whose 13-year legal crusade against Meta is what gradually removed those options

I wonder, does anyone know how would one go about acomplishing something like this? One of major websites here in Czech, and a major search engine, has started doing exactly the same thing - pay or agree. And I really don't like that. Are there organizations you can contact, or do you have to have the resources to just sue them?

Mikina , 1 month ago

I work in gamedev and its really baffling how rare is for someone to read the docs. I've already solved so many issues by just reading through the related docs and discovering a feature that does exactly the thing we've been trying to solve with a workaround, or had a overcomplicated process for doing, while it could have been a single function/API call.

Read the docs people! You probably have a lot of downtime while waiting for stuff to build/compile, and just rabdomly (or systematically) scrolling through the reference or docs of the library/tool your working with, even when not looking for something specific, may save you a lot of time in the long run. Knowing what are your tools capable off is well worth the effort.

Mikina , 1 month ago

I've switched a few months ago mostly for gaming, and here are few tips and issues I ran into, in case you run into them too.

Not sure what distro you are using, but I've run mostly into issues when trying to get NVIDIA and Proton working on Fedora. Just getting the drivers to work took a few tries, and I never managed to get stuff like cutscenes to work properly.

However, I then switched to Nobara (I suppose PopOS may also work), and the experience was wastly better, with everything working out of the box (I did switch to KDE Plasma on X11, since Wayland kept freezing on me).

I'm not sure what of the many changes Nobara does helped solve my issues, but I guess it may be related to it including Proton GE by default, which I recommend getting, and a slightly streamlined installation of NVIDIA drivers.

I also recommend checking out Lutris, instead of using Wine directly. However, I never really managed to get it working, aside from WoW, so your mileage may wary. But I have most of my games on Steam, where everything is working out of the box, so it wasn't that much of na issue. I only sometimes have to switch Proton version (by right clicking the game - properties - Force a specific version of compatibility tool).

Mikina , 1 month ago

Mouse Guard, definitely. Lack of time and energy, mostly.

Mikina , 1 month ago

It helps a lot. Because then, a Linux support won't be such an afterthought, and you wouldn't have to deal with stuff like popular games adding anti-cheat that bans Linux users.

Right now, some game developers aren't even willing to enable EAC Linux support, which is like a one checkbox they need to enable for it to work.

Mikina , 1 month ago

This is definitely possible, since you can actually controll cars (at least some models) via a (non-public, but the capability is there) API. Two security researchers at defcon were able to find a way how to control a vehicle remotely, even including things like stopping or turning, and eventually made an exploit that could be used remotely to any car of the same model. So, if they wanted to, they were able to stop or turn the wheel of IIRC hundreds of thousands of cars around the world instantly, since the cars are connected to the network through GSM, so you don't even need to be anywhere near them.

It's been a few years since I saw the video, but IIRC the vehicle controls are on a separate board that should not be reachable from the other smart vehicle system. However, they were able to reverse engineer a way how to abuse framework update mechanism as a bridge, and use it to patch the framework to get it under their control. And then they discovered that they could actually trigger the update remotely.

Mikina , 1 month ago (edited 1 month ago)

I tried reading the website, but Im not really sure I get it. What it's supoosed to be? A way how to make FIAT payments thats open-sourced and private (so you dont have to pay stupid fees to banks), and it integrates into the current banking system, or is it some kind of digital currency that's not blockchain based?

If it's the former - isnt any kind of payment without KYC almost impossible, since its heavily regulated? So, you can't really have private payments in environment where there's stupid amount of laws about how much you can actually pay without it being identifiable, for example the super small monthly limit on anonymous prepaid debit cards?

Mikina , 1 month ago

Oh, I see. Oh well.

Can I send money to my friends with Taler?
Taler supports push and pull payments between wallets (also known as peer-to-peer payments). While the payment appears to be directly between wallets, technically the operation is intermediated by the payment service provider which will typically be legally required to identify the recipient of the funds before allowing the transaction to complete.

Mikina , 1 month ago

Wait, do i get it right that if we've had been Feferated, Threads users can view our (Lemmy) posts, but our users cant view or interact with any Threafs posts?

Mikina , 1 month ago (edited 1 month ago)

Anti viruses won’t care as it won’t be injecting executable code.

When I first started working on malware for my offensive cybersec job, I felt pretty at loss about how the fuck are you supposed to execute anything, if you simply have to 1) allocate memory with READ_WRITE_EXECUTE, and then 2) execute the memory.

I thought that's something that legit programs don't have any reason to do - why would you ever need to allocate RWX memory? I've never done that in my entire programming career, and every bit of your code is already loaded into memory once you start the program - at a special, protected part of memory. There's no reason to ever allocate anything manually. And I spent a lot of time trying to figure out how to deal with this issue when writing malware, since I kind of expected that once you try to allocate RWX memory manually, and god-forbid execute it the AV will simply not allow it and flag it as highly suspicious.

Well. It turned out that actually almost everything I've ever written does use this call. A lot. That's when I learned what "JIT compilation" means, and that I've really misunderstood the basic concepts of C#.

So, surprisingly, most of programs you run (that are in C#) actually inject executable code at runtime. Although, I'm not sure if Unity actually doesn't compile into something that's not JIT C#. I guess only if you use ILL2CPP?

Mikina , 1 month ago

It was a really interesting food for though, especially since both cybersecurity and game development are my main areas of focus (I work part time in offensive security, and part time as game dev). I has actually motivated me to start considering that I might give data-mining this game a try, because I'm really interested in how he wants to solve the many issues present.

I'm betting it would probably be mostly leaning into "security by obscurity", but if that's the case, throwing a gauntlet like this wasn't a good idea. Because every technically sound solution I came up with was a nightmare from game design standpoint, and I couldn't came up with any puzzles or secrets that wouldn't be extremely complex, mostly because you just require a really large problem and input space for it to not be brute-forcable at any of the reverse-engineerable stages.

Also, I have a soft spot for clever marketing tactics, and this one is amazing.

Mikina , 1 month ago

I was always aiming towards just being a gamedev, but since there weren't many Bachelors degrees at the time focused on that, I went for Software Engineering, and then Masters in gamedev. However, experience working for alongside school in QA for a bigger gamedev company has kind of made me realize that corporate and AAA gamedev isn't really art, and you're basically the same code-monkey as you would be anywhere else, just for a lot less money. And since at the time I just played Watch Dogs 2 and was running a Shadowrun campaign, I was pretty into hacking at the time, solving CTFs and generally researching into it, which was prompted by one optional class on pentesting.

So I decided that since working in gamedev will probably leave me burnt out and with lot less money, I just applied for part-time cybersecurity job so I could finance my hobby gamedev career that's not limited by the fact that it's my livelyhood and I have to make money - and that makes every kind of art so much better. I still went for Masters in Gamedev, though. And after several years, the cybersec company started to turn more and more corporate, and I was offered a job at a small indie studio made of mostly friends, so I switched from full to part-time, and took another part-time for a lot less money but with an amazing work environment.

Besides that, Red Teaming is basically just LARPing Shadowrun, it sounded like the perfect job, just trying to talk and hack you way into banks and corporations, I couldn't say no to that :D

Mikina , 1 month ago

If you don't use Discord for voice much, Matrix has a pretty solid bridges you can use.

Hosting your own Matrix server is suprisingly way easier than I though - got a VM on hertzner for like 5$ a month, and there is an Ansible script that takes care of the setup for you. It's also one of those rare cases where someone made an Ansible script that actually works, instead of you getting stuck in dependency-hell (seriously, fuck npm. Not a single docker or ansible tool that has used it ever worked for me out of the box. Python can get simillarly annoying).

They have a pretty easy to follow guide, and the whole setup took me like 20 minutes. I only edited a few options in config.yml (mostly to add Messenger and Discord bridge), and ran the ansible, and it worked at first try.

So I could at least ditch both messenger and discord apps from my PC and phone, without having to convince anyone to quit their poison - with only issue being that you can't use Discord voice. And that the messenger bridge is still unreliable sometimes, but those are still minor inconviniences in comparison to my deep-seated hate for Meta.

Of course - Meta still gets my chat data and content, same as Discord. But at least they don't get anything else from my phone or PC.

Mikina , 1 month ago

you need to do it not only for every Discord server you want to use on matrix, but every channel as well. It’s a huge chore. And ofc it doesn’t work with Discord DMs.

This wasn't my experience at all - all I had to do was message the Matrix bot with servers I want to join (I'm not a mod on any of them), and it bridged all channels in that server. Also, Discord DMs are working fine.

I'm using the mautrix bridge, which doesn't use a bot or anything like that, but uses your Discord session instead.

Mikina , 1 month ago

We can call them CCVE's! Critical CVE's.

EDIT: Oh, nevermind. I've forgotten that it's using CVSS, which has a tendency to really overestimate the risk, so almost everyting is CCVE according to them :D

https://programming.dev/pictrs/image/b0d9af7c-d184-4f1d-a027-ae4f8afe8ef8.png

Mikina , 1 month ago

that got me thinking, is there any kind of statistic for average maintainer age for major FOSS projects and libraries? Is the influx of new maintainers still going strong, or should we expect a really huge problem in the next few decades?

Also, what are some good resources if you want to start with maintaining or collaborating on something, if you have zero experience with the dev side of FOSS ecosystem?