@[email protected] uhh crypto?

@[email protected] @[email protected] https://github.com/kkuchta/css-only-chat :neocat_woozy:

@[email protected] @[email protected] @[email protected] here you go (nsfw channel obv) https://t.me/femboythread/3775

holy shit this is so cool fuck ai, this is real shit https://www.youtube.com/watch?v=72y2EC5fkcE

@[email protected] our windows server had fucking eternalblue unpatched xd

kinda reminds me how i made my own web-based gdz ("ready-made homework") client with image proxying in like 6th grade and hosted it on a free php host and eventually set up a shadowsocks on port 53 because most non-standard ports were blocked and also made multiple step-by-step solvers for maths and also indexed solutions from pdfs myself for a few books

@[email protected] обсидиан это ваще пиздец, я ~полгода назад попыталась начать его вести чтобы хоть немного структурировать свои мысли/знания, забила через месяц потому что слишком много нужно effort-а принять что мой мозг это хаотичная магическая хуета оказалось проще чем вести обсидиан :blobcatgooglytrash:

@[email protected] fair enough, я тоже ни разу ими не пользовалась :troll: просто каналы имхо лишний фрикшен тоже создают, особенно если их несколько. "это надо записать в личку с Х, в сохраненки или в (один из) каналов?" - statements dreamt up by the non-adhd people

@[email protected] там теги завезли ведь

@[email protected] saved messages для кого придумали

@[email protected] these are likely all the same one-two servers with fake online too :neocat_woozy: though its kinda funny that it looks like that even outside cis countries lol i thought that list is geo-relevant

@[email protected] @[email protected] the thing is that they gave a few days prior notice, except the non-paying customers weren't able to log into the web panel nor connect to the server for a few days before the notice just checked the chat logs - we all started getting an error (pic1) around 5-6th march 2022, and only on 7-8th march did we receive the notice (pic2)

@[email protected] @[email protected] it was, but that doesn't justify banning like that.

@[email protected] @[email protected] ~1.5 years ago they straight up banned all russians without a way to recover data (because fuck you, support is only available if you pay) and without a prior notice so yea, wouldn't recommend hosting something critical there without regular backups

@[email protected] make a wrapper shell script that would read the secret and put it in the config file, then run the service in question

> To be eligible for Web Distribution, you must: > > - Be enrolled in the Apple Developer Program as an organization [...] > - Be a member of good standing in the Apple Developer Program for two continuous years or more, and have an app that had more than one million first annual installs on iOS in the EU in the prior calendar year. oh fuck you

holy shit they did it??? > Web Distribution, available with a software update later this spring, will let authorized developers distribute their iOS apps to EU users directly from a website owned by the developer https://developer.apple.com/news/?id=8c1m8hqt

@[email protected] @[email protected] at least not into command blocks...

@[email protected] uhh, idk, im in a few local communities which have been around for like 4-5 years already and aren't going anywhere anytime soon. most of my friends (both online and irl) are from there. imo its more of a connection thing. as long as there is a deeper connection than "oh well we all like X thing", those people are more likely to stick around *even if* that community dies eventually. there's definitely the irl aspect, but i do have a few long-time (2+ years) acquaintances/friends (friend is a strong word for me, i dont use it much) that i haven't met ever or met once. we might not be in touch very often, but that doesn't make that connection any less valuable (picrel) :neocat_hug:

@[email protected] - media proxy - wdym by "proxies ap traffic" - iirc meta is stripped by the software. though im always careful about meta in my attachs - previews are proxied as well, i checked. and me clicking on some link proves nothing :D no its not. at best they'll get to know my city (which is public anyway), to get my home address they'd need to somehow persuade my isp to give away that info. and at that point its some fbi/cia type shit which is unlikely to happen, and even if it is supposed to happen - it'll happen no matter what 🙃 and i can always just ask my isp to rotate my ip :D

@[email protected] of course if someone tries hard enough with a targeted attack they would probably eventually obtain it. but these are very simple ways to get a "good enough" protection - enough to keep skids away. security through obscurity is actually fine in some cases.

i tried changing my name to all-lowercase in 3 services - it didn't work in any of them, and support basically said "welp" :haggard: normalize all-lowercase names

@[email protected] @[email protected] yea (tho i did persuade her to switch to macos :neocat_devil:)

@[email protected] i used https://github.com/fatedier/frp its cool also ssh port forwarding

@[email protected] > you should be running an ActivityPub based server at all why not? if i proxy all inbound requests via cloudflare and proxy all outbound requests via an external proxy, there seems to be no way to leak instance's ip address i use cf because i host from home and obviously i wouldn't want to leak my home ip to everyone :neocat_woozy:

@[email protected] looks like a potential attack vector :neocat_think_woozy: assuming your session is stored in an HttpOnly cookie, this would allow an attacker to bypass that and just `fetch()` that docs page to extract a valid api token for the current user (assuming the docs are on the same domain)

@[email protected] imo its not really safe in many cases but i agree that more platforms should at least provide a "default" oauth app, so that you can just click a link and get a token for yourself

how the fuck is there no cross-platform way to detect when the network is gone :neocat_googly_shocked: in the browser there's `navigator.onLine` and `online`/`offline` events, but there's nothing even closely similar in other runtimes. there isn't even a proper native api for that - in the browsers it's implemented via weird platform-specific hacks. holy shit

@[email protected] true the least usable payment processesor

@[email protected] lmaoooo i never noticed their logo is a fucking ussr on wings :neocat_googly_shocked:

@[email protected] >statically compiled you mean ssg right for docs vitepress is very cool for anything else - vike/nextjs/nuxtjs all support ssg

@[email protected] it already does tho, i hear those fans spin up every time i open the frontend :troll: even works without speakers!

@[email protected] i dont think it will 2 years ago or so tiktok banned russia (it still works, it's just that we can no longer upload content and see content from other countries) and it mostly just pushed normies to get to know altstore and how to sideload modded tiktok with a faked country btw, due to us sanctions app store keeps removing russian banks' apps from app store. so the banks just keep getting more creative educating everyone on how to get the app ("restoring" it from another apple id/imazing or using a pwa) and assuming its the *usa* who bans tiktok and not vice versa, it'll likely be even easier to bypass (by simply making an apple id from another country and/or using a vpn) i really dont think it will

@[email protected] do you sign `(request-target) host date` and set a proper `Accept: application/ld+json; profile="https://www.w3.org/ns/activitystreams"`?

[mei](https://soundcloud.com/angelicxmei/tears) is so good,,,,,,,,, fucking goals

@[email protected] svelte sucks, better try react/vue/solid

it went fine, people seem to have liked it ^^ script was kinda useless, i mostly made everything up on the spot, but i definitely felt much safer having it in front of me. i really want to speak at some meetup sometime, but i have zero ideas and also anxious about my voice >_< colleagues are kinda used to it already, but speaking in front of total strangers is much more pressure