Canadian software engineer living in Europe.
That’s an interesting thought. There’s a lot of cases you see where people have stripped a comic’s name from the bottom of the image, but that’s not really what this project was designed for. Aletheia will guarantee you that the person/company sharing the media is who they say they are, but critically it won’t prevent infringement.
The example I give in my talk is that InfoWars could take a BBC news story and say “we made this”, but it wouldn’t let them modify that story and claim that “the BBC made this”. The goal is to be able to re-connect what someone is saying with the reputation of the person saying it, with the hope that we can start delegating our trust to individuals and organisations again.
I wrote a version of this in Python a few years ago, but it depended on external tools like ffmpeg to work, limiting its portability. The Python requirement was also a major factor for adoption.
If it were ported to Rust, doing the (de)serialisation internally, I believe that it could have far-reaching implications on how we share and consume news:
https://danielquinn.github.io/aletheia/
If you’re interested, I presented the Python version at PyCon UK a while back.
Not throwing any shade, just some advice for the future: try to always consider the problem in the context of the OSI model. Specifically, “Layer 3” (network) is always a better strategy for routing/blocking than “Layer 5” (application) if you can do it.
Blocking traffic at the application layer means that the traffic has to be routed through (bandwidth consumption) assembled and processed (CPU cost) before a decision can be made. You should always try to limit the stuff that makes it to layer 5 if you’re sure you won’t want it.
The trouble with layer 3 routing of course is that you don’t have application data there. No host name, no HTTP headers, etc., just packets with a few bits of information:
syn
) etc.In your case though, you already knew what you didn’t want: traffic from a particular IP, and you have that at the network layer.
At that point, you know you can block at layer 3, so the next question is how far up the chain can you block it?
Most self-hosters will just have their machines on the open internet, so their personal firewall is all they’ve got to work with. It’s still better than letting the packets all the way through to your application, but you still have to suffer the cost of dropping each packet. Still, it’s good enough™ for most.
In your case though, you had setup the added benefit of Cloudflare standing between you and your server, so you could move that decision making step even further away from you, which is pretty great.
Why didn’t this become a thing? Surely in 2024, we should be able to build packages from source and sign releases with a private key.
Ooh! Thanks for this! I had no idea it existed.
I recommend writing everything in Bourne shell (/bin/sh
) for a few reasons:
Also two bits of advice.
Nifty! I wrote something similar a couple years ago using Vosk for the stt side. My project went a little further though, automating navigating the programs you start. So you could say: “play the witcher” and it’d check if The Witcher was available in a local Kodi instance, and if not, then figure out which streaming service was running it and launch the page for it. It’d also let you run arbitrary commands and user plugins too!
I ran into two big problems though that more-or-less killed my enthusiasm for developing on it: (1) some of the functionality relied on pyautogui
, but with the Linux desktop’s transition to Wayland, some of the functionality I relied on was disappearing. (2) I wanted to package it for Flatpak, and it turns out that Flatpak doesn’t play well with Python. I was also trying to support both arm64 and amd64 which it turns out is also really hard (omg the pain of doing this for the Pi).
Anyway, maybe the project will serve as some inspiration.
I like Tilix, since it lets me split the terminal with a keyboard shortcut and easily switch between terminals too. I tried using GNOME terminal + tmux, but having to hit Ctrl+b
before the command I wanted got tedious fast.
42,396 installs… Holy shit.
Edit, from the article:
This “Exodus” application published in the Snap store was indeed a scam application. There is a genuine organisation that developed a real, seemingly ’legitimate’ cryptocurrency wallet application. This is not that.
Any chance that the FlatHub one is legit?
My guess would be that it’s because Flatpaks are easy. You have a handy GUI tool often pre installed that includes search and one-click install.
If you want something lower level, Arch users have the AUR, and others may actually do that horrifying curl https://... | sh
pattern.
Nix pancakes on the other hand… I have no idea how to use them and generally assume it’s the thing NixOS uses. Since I don’t use NixOS, I’ve never given them a second thought.
Enshittification, also known as platform decay, is the pattern of decreasing quality of online platforms that act as two-sided markets. - Wikipedia
Can anyone else confirm this? As a long time user and champion of Gitlab, this is a deal-breaker for me.
Dude, you’re the one being rude. I was done with this conversation yesterday and you just keep coming back like it’s an argument you can “win” by insisting that I think like you and change my behaviour to be like you.
You started the whole thread looking for input and when you didn’t get the response you wanted you just berated the respondents trekking then how wrong they were.
I’m done here. You’ve forced me to go digging around Lemmy to see if there’s a block function.
No, I haven’t tried to poke a hole in a sandbox. Generally speaking, if I have a choice between pacman -S <app>
or “install with Flatpak and then fiddle with sandbox settings” I opt for the former. I get that you think this is important, and Flatpak is a nifty idea, but in terms of usability, it has failed me repeatedly to the point where I don’t want to use it, so I don’t.
You seem to becoming from a position of “Flatpak good, so everyone must use it”, which is nice, but it’s naïve. Flatpak is ok, but it has usability problems, and since you want people to use it, usability is kind of important. It also introduces a frustrating divide from a user perspective. The idea that “desktop apps” should be installed via Flatpak, and everything else with a proper package manager is madness from a user’s perspective. I don’t understand how you can’t see that, but you’re going to have to accept it 'cause newsflash: not everyone thinks like you.
Finally, packaging for Flatpack is a Pain In The Ass. I say this as someone who’s tried it. The build system is clearly biased toward particular use cases and particular languages, which is great if you’re in that camp, but for everyone else it comes across as impractical for the intended purpose.
So yeah, it’s great that this is important to you. Go ahead and develop the shit out of Flatpak, and maybe even work on the user experience some more. I’ll keep having a look from time to time, but for now, it’s not happening, and this attitude of yours, that the rest of us will just “need to adapt” to your preferred way of working… if I wanted that I’d use a Mac. GTFO.
I wasn’t talking about Slack. Actually, my worst Flatpak experience was with PyCharm. The fs limitations mean it couldn’t see files like ${HOME}/.config/git/ignore
or load up my shell environment inside the IDE. It’s basically a neutered version of the app because someone decided to draw the security/usability line too far in the one direction.
It’s fine if you think that’s a good idea, but as a user, the choice of packaging means it’s not useful to me, so I won’t use it.
That’s an understandable goal, but as a user, breaking the user experience when I go to send a file to someone only to find that I can’t even see it in some apps is a deal breaker. If the app can’t be trusted to do that, I won’t use it.
Personally I install it with pacman and generally avoid Flatpaks due to annoying problems I’ve had with it limiting filesystem access in the past. My biggest problem is that it seems to “forget” that I’m logged in if I don’t use it regularly, meaning I have to regularly re-auth it on my desktop since I use it infrequently there.
deleted by creator
Awesome. Perhaps now there will be some renewed focus on screen reader support?