Yeah, this is actually a pretty great application for AI. It’s local, privacy-preserving and genuinely useful for an underserved demographic.

One of the most wholesome and actually useful applications for LLMs/CLIP that I’ve seen.

It would be better to have this as a FUSE filesystem though - you mount it on an empty directory, point the tool at your unorganised data and let it run its indexing and LLM categorisation/labelling, and your files are resurfaced under the mountpoint without any potentially damaging changes to the original data.

The other option would be just generating a bunch of symlinks, but I personally feel a FUSE implementation would be cleaner.

It’s pretty clear that actually renaming the original files based on the output of an LLM is a bad idea though.

I saw a job posting for Senior Software Engineer position at a large tech company (not Big Tech, but high profile and widely known) which required candidates to have “an excellent academic track record, including in high school.” A lot of these requirements feel deliberately arbitrary, and like an effort to thin the herd rather than filter for good candidates.

Idk… in theory they probably don’t need to store a full copy of the page for indexing, and could move to a more data-efficient format if they do. Also, not serving it means they don’t need to replicate the data to as many serving regions.

But I’m just speculating here. Don’t know how the indexing/crawling process works at Google’s scale.

This is probably an attempt to save money on storage costs. Expect cloud storage pricing from Google to continue to rise as they reallocate spending towards ML hardware accelerators.

Never been happier to have a proper NAS setup with offsite backup 🙃

Sure, but I should be able to have both. We used to have both, and it was taken from us by monopolistic megacorps.

So, I accept that the situation is what it is, but I’m allowed to be pissed off about it. I’m also allowed to support regulations that would force Apple to give their users options.

As a power user, I find Apple’s approach to sideloading insulting as a customer and blatantly anticompetitive.

I buy an Apple phone because the phone market is effectively a duopoly: Android or iOS. I choose iOS over Android because of its much longer security support window and better accessory ecosystem (AirPods Pro + Apple Watch in particular), and also because I don’t want absolutely everything in my life to be owned by Google.

None of that detracts from the fact that Apple’s position on this issue hurts its customers and is fucking annoying. And their claims of “it’s for security” are disingenuous at best.

Moon is such a fantastic film in its own right. Absolutely shook me when I saw it the first time.

It’s an interesting idea! I think there are many such applications for federation protocols.

A few thoughts/questions:

• Ideally you’ll need a stable identifier for each specific product. Most small online stores I use have product names riddled with typos, so a way to tackle that would be nice.
• What’s the data model? Would each store be an ActivityPub Actor? Like each one would have a username and publish inventory updates?
• Where do these updates go (maybe something akin to a Lemmy “community”)?
• If you’re just relying on stores’ self-reported stock levels, where’s the benefit of using a federated model? Could you just build an open source app that scrapes retailers’ websites and collates that information?
• Is the eventual goal that this competes with Amazon et al? I.e. it becomes an actual marketplace, perhaps with a “buy” and “sell” Action, and where vendors’ instances are effectively web stores?

Crostini is an official feature built by Google that allows you to run Linux on a tightly integrated hypervisor inside Chrome OS. You keep a lot of Chrome OS’ security benefits while getting a Linux machine to play with.

That said, no, it’s not illegal to install a different operating system on your Chromebook hardware. They are just PCs, under the hood. You might lose some hardware security features though, e.g. the capabilities provided by integration of the Titan silicon.

If you had a job at Google, corporate IT would definitely not be happy if you wiped the company-managed OS and installed an unmanaged Linux distro :)

The reddest of red flags.

Open source vulnerabilities typically stem from poorly written code

Yeah, because paid programmers never write bad closed-source code…

Tl;dr: TPMs are very unlikely to make your privacy better or worse, but they could definitely be abused by a company like MS to make end users’ experiences worse. They could also be used for significant security and privacy gains… they’re a tool.

The TPM can be used to provide a cryptographic binding between aspects of your system’s configuration and a unique key which is resident within the TPM (a process called “attestation”). It can also generate secondary keys that are associated with the base key, and use those to do cryptographic operations like encryption/decryption and authentication.

Telemetry wise, the TPM’s only utility might be to “prove” that the data sent from your PC wasn’t tampered with. That said, I don’t think MS is actually doing that, and they don’t need to in order to be incredibly invasive in their telemetry.

The (imo) worst way in which a TPM might be abused in a user-hostile sense is to detect if the OS has been modified by the user, or if an installation isn’t legitimate, etc. That could be used to disable certain features if you try to install unauthorised software, dual boot Linux or whatever. This would be similar to the smartphones of today, which can for example disable access to banking apps if jailbroken/rooted.

TPMs (>2.0 at least) otherwise have the potential to realise a significant improvement in security and privacy for users, if used correctly. They can be used for encryption and credentials that are bound in hardware and therefore practically impossible to steal. And can detect hardware tampering and potentially foil Evil Maid attacks. Imagine if your login sessions for various websites were bound to your hardware, such that a dodgy extension could never steal your cookies.

I found it much more barebones in my tinkering. It doesn’t seem to support pulling via SSH (and definitely doesn’t support signing commits). Configuration options appear extremely limited, both in documentation and the UI.

It looks nice, but I don’t really see the point to it when Gitea Actions is now a thing. Gitea is a more mature product, and is similarly fast and lightweight.

This is why self hosted to me means actually running it on my own hardware in a location I have at least some control of physical access.

That said, an ISP could perform the same attack on a server hosted in your home using the HTTP-01 ACME challenge, so really no one is safe.

HSTS+certificate pinning, and monitoring new certificates issued for your domains using Certificate Transparency (crt.sh can be used to view these logs) is probably the only way to catch this kind of thing.

Of course they do, but it isn’t the ISP’s job to do so. I believe that is the point that the EFF is making here.

Censorship sometimes needs to happen to protect people, but it should be conducted by website owners/platforms and government authorities – on each end of the information transaction, not in transit by an ISP.

Njalla is mine. I like the privacy protections they offer.

Are CloudFlare, Amazon or Microsoft any better? Google at least take security (if not privacy) very seriously.

In general it seems bad to have any huge profit-driven organisation exercising significant control over open standards, but I do think that Google is lesser than many of the other evils.

Surprised I had to scroll this far down to see this!

Sonarr and Radarr with Ombi for requests if desired. Transmission + OpenVPN for the download side.

Or you could manually rip DVDs/Blu Rays if you can still get ahold of them for the stuff you want to watch.

I use OTP Auth. Syncs via iCloud and has an Apple Watch app. Plus allows export which is convenient for if I ever want to switch platforms back to Android.