notabot

It’s always fun to get your offset slightly wrong, and jump into the middle of an instruction.

I like what you’ve done so far. It’s quick and simple to use. The one bugbear I’ve come across so far is it converting tables to html, rather than storing them as proper markdown.

I read the reasoning in the documentation, and certainly for my usecases, maintaining it as markdown is more important than trying to perfectly preserve the visual formating, especially as I use multiple devices with different sized screens, so I need different fornatting on each! That’s one of markdowns main strengths, it doesn’t preserve formatting so you don’t need to think about it and it’ll be displayed in a reasonable manner anywhere.

Is there any reasonable chance that there could be an option, at the server level rather than per page, to store tables as markdown?

That’s a fantastic shot. I think it belongs in !accidentalrenaissance@lemmy.blahaj.zone too.

Given its nature and functionality, it’s hard to see how the TPM subsystem itself could be backdoored in any meaningful fashion without the rest of the CPU also being compromised. Whilst that is certainly possible, and the remote management engines (IME and such) almost certainly are, it seems more likely to me that the encryption algorythms themselves are deliberately weakened in some way. The NSA, famously, have done that sort of thing before, subtly influencing aspects of the design of cryptographic systems to make them easier for them to break. It would not surprise me, for example, to discover that the supposedly random key material is actually linked to something like your CPU’s ID.

None-the-less, using functionality help prevent someone who has your password, but isn’t a government actor, decrypting your data.

That’s absolutely possible, but there’s not much you can do about that really. My point was simply in response to OP’s assertion about encryption protecting your data from ‘alphabet agencies’. It wont because it is very unlikely you consider keeping your data confidential more important than your life.

I edited my comment, it was the mod who deleted your comment.

I don’t see many people debating you, but I do see a number of comments, including my own, that are pointing out things that need to be considered, or expanding on what you’d said. I don’t see much that could be called ‘stupid’, but you seem to be carrying a lot of pent up frustration and anger. You’ll probably find you have much more productiv£ and pleasant exchanges if you dump that on other people though.

One need only read or watch the news to know that a disturbingly large number of people are being abducted, predominantly under the umbrealla of ICE, but also for political reasons. It seems likely that if an agency has interest in the data of someone like that, presure of various sorts will be brought to bear on them. Most people will hand over their passwords long before the threat of physical violence is manifested, but the threat is there none-the-less. As you say, this won’t apply to most everyday citizens, for now at least.

Ultimately, it’s a case of setting up your security posture to match your own threat models. Encryption is an excellent step, but only addresses some threats, online attacks being the most obvious set that it does not help with.

You can have your machine unencrypt using the TPM module, have a look at clevis for example. Once you’ve got it set up you can pretty much forget it’s there.

I was actually largely agreeing with you, but responding to the bit where you said:

It Protects your files in case your computer is ever stolen and prevents alphabet agencies from just brute forcing into your Laptop or whatever.

It’ll stop alphabet agencies from brute forcing it, sure, but that’s not how they would approach extracting the information.

I see ~you’ve~ the mod has deleted this comment thread though, so it’s unlikely anyone else will see it.

As to your question about what technology would stop it, I think you may need to think differently as no technology will stop a determined enough opponent torturing you for a password, but they’re much more likely to attempt a malware style attack against you to skip all that bother. So countermeasures would involve a well locked down system (think about things like SELinux with MLS enabled and using VMs to isolate processes) and good information hygiene practices to reduce the risk of infection and the risk of it spreading if you are infected.

You want to think very carefully before giving a duress password, or using a destructive panic button when dealing with law enforcement. If you do, you will be charged with, at least, destruction of evidence. You have to decide if your data is worth that. A duress password that only decrypts part of your data is probably safer if twinned with deniable encryption, although you still risk legal trouble.

Encrypting your drives is a very sensible step to take, and it’s so low effort that it’s a no brainer in most cases. It’ll stop casual thieves stealing you machine and reading your files, and combining your password with a TPM encrypted one will mean your data isn’t readable on any machine except yours, even if the attacker has your password, which adds a little extra protection.

Unfortunately, none of that protects you against an adversary who is willing to kidnap and torture you to get your files. At that point you have to make a choice, which is more important; your files or your life/not being tortured. Fortunately, most people will never be in that situation, so should encrypt their drives and accept they’ll reveal their encryption passphrase if taken hostage/arrested.

Instructions may have been unclear, but you got the gist of it.

Community block lists or bans are handled at the protocol level (I think this is task that did that), and are pretty simple, in that they just tell a server not to let a particular user comment or post on a particular community. Thats straightforward enough, and as long as the user’s server obeys that, the user doesn’t get to post.

Trying to do something similar for every user becomes much more complex as it requires coordinating each user’s settings to all the relevant servers every time they change. It also leaves open the issue of what happens if a user you’ce blocked simply posts a sibling comment to yours, as you won’t see it, but the rest of the community will.

Personally, I would like to see invite only communities where posts and comments are public (it’s activitypub, so there’s no huding them), but only whitelisted users can post. I know there’s a WomensOnly community here that has a hard time stopping men wading in (I’m guilty if that, I saw an interesting postvand didn’t notice the community name, but the mods were very nice about it). I’m sure they’d like a way of vetting first time posters and commenters.

All credit to you for advocating for needs of marginalized groups for protected spaces to communicate, but the fediverse simply isn’t the right tool for that. It’s entire philosophy, design and implementation is centered around making everything public, from posts and comments to votes and moderation actions.

Asking the fediverse, or the activitypub protocol to allow blocking a user from responding at all is rather like asking a car to be a bike. It’s just not what it is. I can’t really concieve any way of making a decentralized public forum work like that as there is no central point that can control permissions. It might be possible to design a system where communities can control membership and posting priviledges, but even then, if it’s distributed, it would take very little for a hostile instance to simply ignore any central control and display its users posts locally, leading to the same effect as if you just mute them, leaving them visible to others, albiet only on their instance or others that cooperate with it.

I think that those who are in need of a controlled system should probably be looking at a centralized system that is run and controlled by someone, or a group, that they trust. That would give them the best chance to keep discussions private, and access to read or post controlled. Read access would need to be controlled too, or their discussions can just be mirrored to a hostile server and harassment can occur there where the poster is unaware, just as if they’d muted them.

Bear in mind that evrrything you do or say on the fediverse is public, so there is no possible way to stop someone seeing it. Likewise, because the entire system is federated, there is no way to stop an individual from replying to you. Even if the community server rejected their message their own server would be able to display it.

This works well for general discussions, but I can see where it isn’t ideal for more sensitive topics. People having those sorts of discussions should probably be using a system that is better suited to their needs.

I get the sentiment behind this post, and it’s almost always funny when LLM are such dumbass. But this is not a good argument against the technology.

It’s a pretty good argument against the technology, at least as it currently stands. This was a trivial question where anybody with a basic reading ability can see it’s just completely wrong, the problem comes when you ask it a question you don’t already know the answer to and can’t easily check and it give equally wrong answers.

Sorry, it wasn’t meant to be sarcastic, I just thought it was a funny, if silly, solution to the problem you’d presented. I think that route has actually been done in the past, so I didn’t think it was too far out of line.

In answer to your question about sailing the Atlantic and the boat sizes needed, it looks like a cruising yacht culd do it in somewhere between 15-30 days, so you wouldn’t need a particularly large ship, but you’d definitely want an experienced crew.

People need these sorts of craft moved across the ocean every so often (when they’re being delivered to their new owners for example), so if you trained as a crew member you might be able to get a berth on a trip like that, arguably reducing your footprint even more.

Once again, my appologies for the way my previous post came across, if was not meant like that.

You haven’t said anything about practical, so the answer might be to cycle across Alaska, take passage on a sail boat across the Bering Strait, then cycle across Russia to reach the eastern borders of Europe, continue cycling until you reach either Brussels or Paris, then take the Eurostar to London. Cycle from there to a port on the west coast of Great Britain (Hollyhead probably leaves the shortest crossing), cross the Irish sea by sail boat, and you have finally arrived in Ireland for your cycling trip!

N.B. Current geopolitical concerns may impact the feasibility of this route.

That depends on your team composition. Decoupling story points and hours means that the points indicate the complexity of the task; each developer might take a different amount of time to deliver that depending on their ability and expertise in that part of the system. The points give you a simple metric to show how much complexity the team have left to deliver, and tasks get assigned to whoever is best placed to deliver them at the time.

Nevermind spears, they’ll be able to operate tin openers!

So, rainbows at every intersection is what you’re saying? I bet they’d have some difficulty policing that.