• 0 Posts
  • 17 Comments
Joined 1 year ago
cake
Cake day: June 17th, 2023

help-circle




  • How are the alternatives any better? Download a DEB that executes arbitrary code, signed with some .asc that’s sitting in the same webserver? Download an EXE?

    Your comment is so rambley that I can’t understand whether you’re criticizing the distribution method or the packaging. Both of those are very different in terms of attack surface, if you’re talking about supply chain attacks.


  • The thing is, nothing gets done unless the government regulates it. The industry would just keep pumping out ICE vehicles. The only reason we have EVs at all is because most car companies saw the writing on the wall about the very necessary phaseout of ICE and knew this would be legislated sooner or later. I fully expect EVs will have either great range or super fast charging by 2035 because the market will be there to support it. (Regulating is solves the chicken and the egg problem - it guarantees demand so it de-risks investing in EV tech for the entire supply chain.)


  • It just moves the pollution to places you don’t see it, like power plants, rare metal mines

    The thing is, many places already have power that is free of CO2 emissions and mines are not huge CO2 emitters (afaik).

    As a case point: In Toronto, 30% of our emissions are from vehicles, 60% from buildings (natural gas heating mostly). If we ran all EVs, that 30% emissions from vehicles would be eliminated because nearly all our power either comes from hydro dams or nuclear power plants. And there’s no shortage of power either - we have loads of excess capacity at night, when everyone would charge their cars.

    I think you’re getting downvotes because you’re misinformed about the cost/benefits of EVs and the broader important (and urgency) of reducing carbon emissions. It’s such a critical and urgent challenge that we have to tackle this to avoid huge impacts on our economies due to heating of the climate (crop failures, flooding, more severe weather, erosion, wildfires, etc.).



  • If it makes you feel better, Consumer Reports still operates like it’s the year 1990 and is completely detached from the world of media today. There are YouTube content producers who make far better content than Consumer Reports does, in every category. Sites like RTings and YouTubers like Project Farm or Vacuum Wars completely obliterate Consumer Reports in terms of quality, freshness, and usefulness.

    Look at the way cars are even rated on Consumer Reports. They post “samples of the data” from their surveys, and you get examples like somebody having an ancient phone and not being able to Bluetooth pair it to their car ending up lowering the reliability rating of the car. It makes no sense.

    Articles like the one linked are what you get when you have a clueless, outdated organization with management who have their head in the sand, feeding some SEO suggestions from ChatGPT to their writers. It’s just layers of badness and poor decisionmaking.




  • Your post couldn’t be more true. Decades ago I was sold on MythTV, this PVR software but it only ran on Linux and you had to compile it yourself. So I gave Linux and MythTV a shot. As it turned out, both MythTV and early desktop Linux were a buggy, frustrating mess. X broke all the time. Incomprehensible, ungoogleable compile errors all the time.

    I spent so much time troubleshooting MythTV and compilation problems that I ended up learning Linux inside and out and the C programming language to be able understand the compile errors. I went on to lead a major open source project and have had a long career as a programmer, using all the knowledge I gained that started with fighting MythTV.



  • I don’t see anyone else actually telling you how to figure out if you’re being DoSed, so I’ll start:

    Check your logs. Look at what process is eating your CPU in htop and then look at the logs for that process. If it’s a web application, that means the error and access logs for it. If you see a flood of requests to a single URL, or some other suspicious pattern in the log, then you can try blocking the IPs associated with them temporarily and see if it alleviates the load. Repeat until the load goes down.

    If your application uses a database, check your database logs too. IIRC postgres logs queries that take longer than 5 seconds by default, which can make it easy to spot a slow query especially during a time of high load.

    I don’t think DNS amplification attacks over UDP are likely to be a problem as I think most cloud providers filter traffic with forged src addresses (correct me if I’m wrong). You can also try blocking all inbound UDP traffic if you suspect a UDP flood but this will likely break DNS lookups for you temporarily. (your machine should not have any open UDP ports in any case though if you’re just running Lemmy).

    If you want to go next level, you can use “perf” to generate a system-wide profile and flamegraph which will show you where you’re burning CPU cycles. This can be extremely useful for troubleshooting performance or optimizing applications. (you’ll find that even ipfilters takes CPU power, which is why most DDoS protection happens on dedicated hardware upstream)



  • They always say the same opinions because it’s part of a massive astroturfing campaign by Chinese and Russian state actors. They’re both attempting to sow discord in the West and lay the foundation to ramp it up to interfere in the 2024 US election.

    Do you remember what a shit show Reddit became in 2016? We’ve seen this exact pattern before, where a deluge of people with the same carefully calibrated opinions on everything appear out of the blue. They want to create the illusion that there’s some popular movement towards all these inane opinions, and you can even see from the comments on this thread. They’re using the same known troll tactics to push this (eg. “Just asking questions”).

    This a good test of Lemmy’s moderation and federation model and will be indicative of how it fairs next year when these campaigns really ramp up. Good on the admins for taking this seriously and nipping it in the bud.