Rose here. Also @umbraroze for non-kbin stuff.

  • 0 Posts
  • 11 Comments
Joined 1 year ago
cake
Cake day: June 14th, 2023

help-circle
  • Yup. The robots.txt file is not only meant to block robots from accessing the site, it’s also meant to block bots from accessing resources that are not interesting for human readers, even indirectly.

    For example, MediaWiki installations are pretty clever in that by default, /w/ is blocked and /wiki/ is encouraged. Because nobody wants technical pages and wiki histories in search results, they only want the current versions of the pages.

    Fun tidbit: in the late 1990s, there was a real epidemic of spammers scraping the web pages for email addresses. Some people developed wpoison.cgi, a script whose sole purpose was to generate garbage web pages with bogus email addresses. Real search engines ignored these, thanks to robots.txt. Guess what the spam bots did?

    Do the AI bros really want to go there? Are they asking for model collapse?



  • Depends on the type of account, but here are some of the common methods of how this might happen:

    • The attacker could be straight up guessing the password. (One possible way to mitigate this: the website can go “wow, 10 failed login attempts from that source. I’m going to ignore all attempts from there for 24 hours.”)
    • The attacker could be using previously exposed passwords. (One possible way to mitigate this: The websites should immediately require password reset for all users when that kind of data breach happens. For users: never use same password for multiple different services, certainly never reuse a compromised password even if it’s for a different service. Also: haveibeenpwned.com)
    • The attacker, currently using the same network, could hijack the session. (This was a really huge problem back in the day. In this day and age, websites should be using HTTPS, which limits this very much. Still possible if the site doesn’t use HTTPS, and through some other vectors, e.g. malware or hijacked network hardware).

    Also: Malware is a really scary big problem in that they’re rarely targeting you specifically. Why do that, when they can million people at the same time and sift through that stolen data for most valuable stuff, right?


  • Well, since it seemed to be a way to support the site and get to see new features ahead of time, so yeah, why not? I only decided not to renew my gold access when it became very clear Spez wouldn’t ban the hate subs he loved.

    As for getting gold otherwise:

    I’m an introvert, ok? I mostly only comment if I have something worthwhile to say.

    So the only comments I ever got gilded by others were drunken shitpost. And in one instance some random off the cuff post. …I don’t get it.

    Anyway. Basically, I didn’t want to post any Gold Baits™. because that way lies madness.


  • Been using a Suunto 5 Peak watch since May and it’s been absolutely great. Dunno if 250€ counts as inexpensive, but like we say in Finland, poor people can’t afford to buy cheap shit that breaks right away. (I think they have cheaper options?) Suunto watches talk to phone app which at least on Android is pretty great, and the app can talk to other services which can analyse stuff further.


  • I was a reddit user for ages. Reddit search always sucked. Heck, Reddit could barely make their own data available to the users (which is why their user histories are so limited and why the GDPR takeouts take a week). Everyone, and I mean EVERYONE, used external search engines.

    Do they want to block external searches? Literally enshittify their shit further? Are they willing to hold back progress?

    Just today I was thinking of Reddit Gold - back when I actually paid for it, the marketing spin was “you get to test new features before we add them to everyone else!” Literally none of the Gold features I’ve ever used made to the unwashed masses. I take it back, saving comments did.

    So yeah, they will hold back progress. In fact, progress isn’t on the cards. It’s just regress. AND you can be a premium user and PAY for it.


  • Well, Google Photos shouldn’t be considered a “backup” solution to begin with. Never mind that both Google and Apple scan the content in their respective services, but there’s just no guarantee that they don’t modify the data on cloud. “Oooh guys, we just invented a revolutionary new photo compression algorithm! Also hosting data is kinda expensive! So pay up if you want your originals.” …and there’s occasional reports that these services just straight up corrupted some old files while no one was looking at them. Good going.

    I just treat my Android phone like any other camera I own and use. Copy the files from phone to PC and from there to my NAS, and I use ACDSee’s DAM functionality.



  • Brave as a whole? Brendan Eich is the next Elon Musk. Not in wealth, mind you, but dude’s got the antics, is all I’m saying. (Not a good look. Look just what’s going on with Reddit.) Also, a dipshit of EPIC proportions.

    Brave Browser? Hell no. The whole marketing point is “oh, it’s a web browser, but with ad blocker”. …installing uBlock Origin is a 2 minute job on Firefox and even on Edge. Have literally walked elderly people through the process. (It got even weirder when they talked about replacing ads with approved ones. I don’t know if they still do that.)

    I do draw the line on the whole BAT nonsense. “Oh, you can use cryptocurrencies to support your fave content creators? Even if they didn’t opt in to the program in the first place, and you still make it seem like the donations go to them? And then say ‘oh yeah the donations will eventually go to them IF they sign up for the program’ oh FUCK YOU you’re just deceiving fans aren’t you.”


  • Scrivener is still the absolute best word processor for ginormous writing projects. There are FOSS projects that do some parts of it right, but fall far behind in the others. It’s particularly frustrating because my usual FOSS approach would be to use other tools that make up for the inadequacies, but Scrivener pretty much nails the “what to include and what to leave out” equation. It’s a great combo of a word processor, project management tool and a research/notes tool, all rolled into one.


  • I have a Zyxel NAS server that just offers a SMB share. I’m just dumping my photos there under YYYY/MM/DD scheme, and converting all of my Nikon NEF files to DNG. (For importing photos to the NAS and generating backups, I have a PowerShell script and a PowerAutomate action. Also mild usage of Dropbox to transfer files from my cellphone.)

    For actual management of photos, I use ACDSee Photo Studio Professional, and it just writes all tag information to the files themselves, so I can basically use any other software for photo management. For actual photo editing, I use DXO PhotoLab and Affinity Photo most of the time.