lemann

@[email protected]

Hey 👋 I’m Lemann

I like tech, bicycles, and nature.

Dancing Parrot wearing sunglasses

This profile is from a federated server and may be incomplete. Browse more on the original instance.

lemann,

Same boat as you - most of my time is spent on subscribed, not /all

No need for me to block anything at the moment tbh…

lemann,

#2f2

A nice eye searing lime green that I used to use a bit when I first got into web development. Originally copied from goodness knows where lol.

Now I use it in my current job alongside the color red when designing CSS grids

lemann,

100% this is the best choice for op IMO.

A big pro is that they literally don’t need any Google services whatsoever by the sounds of things

lemann, (edited )

I agree with OP here, these results are not great.

OP searched for the redis docker image, not a tutorial on how to use it, not a tutorial on why redis should be run in docker, and did not search for redis docker docs. While these are relevant, they should be further down, not the top result. DDG gets this right, and I’m pretty sure other search engines do too.

For a total newbie, these results are probably OK, but for a technical person who knows what they want literally as they type it, Google’s results are (excuse my french) simply shit. DDG is miles better at handling this stuff, and they don’t need your personal data to do it well either.

Edit: Just went and searched “redis docker image” in a private tab on Google, and the docker hub image for Redis is not even shown on the first page of results

lemann,

I think most people are just used to Google, I used to be several years ago before moving to DDG.

Now I find Google is way too… “tutorially” and “bloggy” with results, and actually slows down my workflow a lot when I’m looking for a specific thing immediately - usually a bit of scrolling to get what I’m looking for.

DDG (for my use case as a casual search engine, and something to search docs for work) gets you to whatever you want with a much, much shorter and concise query, and pretty much always gets it right each time as the first result

lemann,

This comment is underrated lol

How to enable persistent notifications on Android 14?

Hello! Just switched from my old device with android 10 to my new pixel with Android 14 (GrapheneOS), and I’m missing a lot the persistent notification feature of android 10: I used Tasks.org from fdroid to get reminders in my notifications tray, and until I manually clicked “completed” there was no way to remove them, not...

lemann,

Wait hold on - persistent notifications (where when you swipe, a settings cog icon appears) have been ripped out of A14? Everything disappears when you swipe?

Why 😭

NYC MTA sets Manhattan congestion price at $15 for most vehicles, just one MTA vote left before the first congestion pricing in North America (www.planetizen.com)

New York City’s congestion pricing program is moving forward with a $15 fee on passenger vehicles, reports Stephen Nessen in Gothamist, after the MTA board voted to approve it. The program now enters a 60-day public comment period before a final vote....

lemann,

Sounds good overall, should reduce traffic levels significantly and make people consider whether they really need to drive their car in such a compact city.

Not sure if I agree with tolling motorcycles though, they don’t take up anywhere near the same footprint as the average car

lemann,

fair point that I didn’t consider! my assumption would be traffic, seeing as the toll is branded as “congestion pricing” - which wouldn’t really make sense for motorcycles because they make up so little of the actual cause of traffic in NYC (large motor vehicles).

If we’re talking about noise though, and how clean the engine burns fuel, motorcycles are 100% guilty as charged IMO.

Deaths and injuries is a little muddier because there are several factors at play, fault could lie on any individual involved in the accident, or maybe even the road design itself. I don’t think these would be robust enough to use as the sole basis for a toll fee

lemann,

Neat, thanks for the additional insight!

lemann,

@PostWatchBot

lemann,

Time flies man. I remember the hype for this game back in 2014 like it was yesterday

lemann,

In this asklemmy comm specifically?

There are two very popular asklemmy communities and they both are run differently 🤷‍♂️

!asklemmy
!asklemmy

lemann,

If MIT AppInventor is still kicking around, you should be able to use it for this… although sadly you won’t have access to the source code since it’s a Scratch-like way to create apps.

By default the Android voice assistant uses Google tech AFAIK, if you’re after a truly source-available solution then there’s ”Futo voice input" to handle STT, and “RHVoice” to handle TTS - though these would still need a HTTP API bridge to do what you want

lemann,

First one that came to mind when I saw the title TBH. First it was period tracking apps, now this. Scary state of things

Polish Hackers Repaired Trains the Manufacturer Artificially Bricked. Now The Train Company Is Threatening Them (www.404media.co)

The situation is a heavy machinery example of something that happens across most categories of electronics, from phones, laptops, health devices, and wearables to tractors and, apparently, trains. In this case, NEWAG, the manufacturer of the Impuls family of trains, put code in the train’s control systems that prevented them...

lemann,

I hope this NEWAG gets raked over the coals for this.

It’s outrageous to hold public infrastructure at ransom because the equipment spent X days in an independent repair shop - and pretty invasive to have DRM monitoring the train’s GPS location, and in some cases live reporting these back to the manufacturer to facilitate a remote lockdown.

Not to mention pushing an update to flag up a copyright warning on a screen in the drivers’ cab while the train is running 🤦‍♂️

I commend the engineer at the independent repair facility that had the idea to have hackers pick apart the train’s control unit, and the rest of the team for agreeing to it.

lemann,

The last time I checked, piped had a button right on the playlist page to export playlists as JSON. You can then switch instances and re-import that data back in

I’m not sure about subscriptions though, only really use piped for watching videos quickly or listening to music playlists

lemann,

I like this, but would really prefer if Google works with the GSMA to get these implemented into the actual RCS specs, rather than using specially crafted proprietary RCS messages to add features to RCS (like they have done for E2EE)

lemann,

From GoG specifically, as they patch the older games on their store to “just run” on modern Windows

lemann,

Of course its Admiral AAB 😭

Does safari have a reader mode you can use to bypass it? I use a FF extension that allows me to disable all scripts on a page when I come across junk like this.

Alternatively just chuck the link into Wayback or archive.is

lemann,

I assume it’s a feature to prevent Android’s memory management from forcefully killing Firefox… for me the tabs don’t unload, but they behave as if the JS running inside them has been frozen/paused.

Maybe installing those tabs as apps via Firefox’s menu will bypass this

lemann,

It’s not natively supported by the base RCS standard, in the section at the end of the paper in the section titled “Third Party RCS Clients” Google explains that they’ve built the e2ee their Messages app themselves, (on top of standard RCS).

A developer has to use Google’s implementation specifically in order to send and recieve e2ee messages to Google’s Messages app (and Samsung Messages who also implemented this recently)

Although the e2ee implementation is using the Signal protocol under the hood, it’s for message content only - this is what is transmitted in cleartext (taken from the paper)

  • Phone numbers of senders and recipients
  • Timestamps of the messages
  • IP addresses or other connection information
  • Sender and recipient’s mobile carriers
  • SIP, MSRP, or CPIM headers, such as User-Agent strings which may contain device manufacturers and models
  • Whether the message has an attachment
  • The URL on content server where the attachment is stored
  • Approximated size of messages, or exact size of attachments

Without using this implementation of the Signal protocol on top of RCS, the message will deliver to the contact’s phone, but shows up as unencrypted garbled text

That is a very useful resource though, never knew there was a paper available on the implementation. Saving 😁

Does Google still hold contact data after deleting from Google Contacts? (libranet.de)

I am in the process of moving out some contacts from Google Contacts, specifically those that I do not have a Gmail address. It's a way for me to give these people a tiny bit more privacy, as I'm doing a cleanup of my contact list. My concern is that Google will still keep their data even after I delete it from my end. Is it so?...

lemann,

Not directly an answer to your question, but this is a really nice gesture. I’d appreciate it a ton personally

lemann,

This is what I use. Also supports exporting/importing data to and from Gnome Authenticator so you have 2FA on your computer too 👍

lemann,

I use FreeOTP+ and it requires biometrics to open

lemann,

Yes please. Very frustrating encountering businesses and groups that only have a presence on facebook, no dedicated website or anything 😒

lemann,

Element has added so much to Matrix that the barrier for even making an MVP app is a bit intimidating IMO

lemann,

BTRFS has encryption now? Yay!! I have been wrapping it inside a LUKS partition for years at this point…

lemann,

Holy moly that is an absolute sh*t ton of ads!

lemann,

Second this. Zorin OS, and Mandriva Linux (before they went bankrupt, and the community picked up development) were my first exposure to Linux over a decade ago, and the ux familiarity really helps a ton.

A lot of the other distros had funny stuff going on with multiple docks, open apps showing in the top dock, others looked like a Stardock Special and it was just a little confusing for younger me lol

Life_is_Beautiful, to newpipe
@Life_is_Beautiful@infosec.exchange avatar

@newpipe

How anonymous is Newpipe?
I only use Newpipe with a Anonymous VPN. (Mullvad/Proton)
Is google still able to make a big profile about me?
Does Newpipe clear cookies so that if you restart you have a completely new session?
Is there something like fingerprinting in Newpipe? For example the Language or Settings in Newpipe?

The most anonymous way to watch YouTube is using Tor and Invidious.

I think that Newpipe is way better then directly YouTube, but google will still almost completely track you even when using a VPN.

lemann,

IIRC NewPipe just scrapes the YT website, it doesn’t persist Youtube-specific cookies between interfaces and actions. It’s doing the equivalent of performing each action in a blank slate incognito/private window AFAIK.

Only cookies I’ve seen discussed are recaptcha cookies, which can be cleared in the settings (Settings -> History and Cache -> Clear recapcha cookies) however no cookies of this type are stored unless you have actually solved a captcha in NewPipe

lemann,

Yepp looks like this is the one - thank you!

lemann,

X.509 certs are commonly used in TLS/HTTPS.

Why is one needed in your boot process?

Don’t know why but I found this funny

lemann,

Or about the D.E.V.I.L.S. format listing option on ffmpeg

lemann,

Disordered; especially, disordered in mind; crazy; insane.

This is hardly deranged, there is a lot worse than this which is more deserving of that description IMO lol

lemann,

Probably a good idea to look for a different client, call me tinfoil but I wouldn’t want to touch a very old mechanism that is supported/pushed by a very recognisable 3 letter agency

lemann,

I delete them from the ssh config folder after installation, along with the DSA and ECDSA keys. No ed25519? No auth.

Also prevents a handful of bots from attempting SSH login into your cloud infra, a lot of them don’t support ed25519 kex

lemann,

Why have they got three separate areas for it? That seens really counterintuitive IMO

Searching on stock Android gives a handful of results, but they’re all under one dedicated system area called “Gestures” 🫠 not spread out across several like what Samsung has done

lemann,

A bird walked in the path of my bicycle at the last minute 😭

lemann,

Blahaj needs to lock down their registrations for a while, seen three different spammers flooding lots of comment sections within the past day or so registered on their instance.

I think it’s a trolling group from a specific instance, if you inspect the location of the images attached in the comments

lemann,

Somewhat related;

Recently saw a video where the presenter attended a press event, but ended up watching the thing from other attendees’ phones being held in the air, because the presenter wasn’t tall enough to see the stage 😢

I guess it could be a nice hack at concerts if you can’t see the stage properly

lemann,

When these kinds of exploits are discovered, my first fear is people with Flipper Zeros running custom firmware exclusively for trolling…

Imagine you’re listening to music in your headphones (or in your car with Bluetooth), then without warning it reconnects and now you’re hearing baby shark 😣

lemann,

Both were minor annoyances for me at first lol, thankfully the widget button can be removed (Settings, Home Screen, Edit button - toggle off)

The favorites box is an interesting one, I was originally puzzled with it being empty until I started opening and pinning apps. Now settled on using it as an overflow for my home screen, where 5 of the most used are shown under the clock (with music permanently pinned), and the rest sit in the favorites box.

I did notice some stutter on the apps menu which only occurs while the keyboard is open, but goes away completely when the keyboard disappears. For others it seems like the entire app drawer is stuttery (noticed a long discussion on GitHub with some potential solutions: github.com/MM2-0/Kvaesitso/issues/257 )

lemann,

Ooh that Focus launcher looks pretty clean, enjoy!

Also TIL videos can be inserted in the GitHub readme 🤯

lemann,

Free google play credit, I usually get an email every year for it

But I do pay for Plex, despite Jellyfin being a thing. If I like something and it’s worth it to me personally, why not 🤷‍♂️… but you will never find me defending their kinda crappy decisions like the new Discover feature, removal of “All Songs” from the plex apps in favor of moving people to Plexamp, removing the Gallery sync a few years ago etc.

Some people want their software to be 100% FOSS all-eyes-on-the-codebase, others just do a balancing act based on their personal values.

I value my software to be “transparent enough” in how it operates, “just work”, and hackable to some extent - if I really wanted to I can swap out the ffmpeg binary that Plex uses for transcoding to something else (doesn’t remove the Plex Pass limitation for those curious), I can hook into the server API to change ambient lighting colour based on the cover/background of whatever media is playing, I can create speakers running a Linux board to cast Plex media to, etc. But once that hackable ship sails, then I will look to FOSS alternatives.

For Niagara, everything “just worked”. No noticeable bugs, fast search, consistent feel and design, useful contextual info (e.g. next calendar event shows under the clock), and gestures that made sense for its overall UX. Using it felt less like you were using a “launcher”. The yearly sub was cheap enough that I wouldn’t mind covering for it if I didn’t get credits, and having a single person working on software usually comes with a high level of attention to detail (particularly in performance and UX) but it does have the downside that the experience may be more opinionated and closed compared to if it was a community-driven FOSS project instead IMO.

Alas, google didn’t send credits this year, Niagara made less sense for value/worth-it compared to Kvaesitso, so I abandoned it.

For me, Kvaesitso does everything in a slightly different, much more customizable way, and being FOSS was one of the things that made it particularly attractive as a replacement

lemann,

I’m sorry to say this but, your way of picking software is wrong. You should always look for the open source software first, then use proprietary software.

I agree here, this is what I generally do nowadays. The exception for me is only software that I’ve been using for years, such as Plex and Niagara - finding an open source alternative for a proprietary solution is the easy part, the hard part is actually making it fit into your workflow.

This is why I’ve settled on just jumping ship to an open source option when the existing proprietary option is no longer fit for purpose (hackable, “transparent” etc) because of the time sink.

Niagara to Kvaesitso was really easy though, thanks to that developer and contributors absolutely knocking it out the park with the amazing search and UX.

But using Plex when Jellyfin exists is just wrong. I personally have a jellyfin instance, and there’s nothing jellyfin can’t do when compared to Plex.

Jellyfin is great, particularly for us and tech enthusiasts. For non-techies though, the first hurdle of different clients for mobile/desktop/insert-platform-here is a very tough sell (each with a slightly different UX, rearranged settings etc) and is even trickier when there are no apps available for games consoles and some smart TVs. I share my Plex server with my partner and parents, so moving to something else seems like more trouble than its worth at the moment.

Regardless I do have my eye on Jellyfin (and particularly the music apps like Finamp, since that is my personal primary use case for Plex) - for TV libraries and Movies the gap is closing fast, I believe the only major thing that is missing is the “Skip intro/outro” on some of the clients, but for music sadly the gap is only widening. It’s very much a watch-this-space type thing though as the community catches up, but I feel the sonic analysis in Plexamp and the many features built on top of that are going to take a lot of volunteer time to replicate

Encouraging proprietary software makes them stronger and erodes our rights. Like using chrome instead of Firefox is voting for a future where remote device attestation and forced DRM is a normal thing. Do you want the corps to eradicate your free will?

I agree.

With remote attestation sadly we are already there on Android: most apps require GMS even when they don’t need it, and some paranoid non-banking apps unnecessarily call Google’s attestation API, and subsequently block some actions if your device doesn’t pass.

I personally run a rooted device for full control over app backups, my device’s BMS, and various other stuff - where possible I pretty much use open source& source-available apps, as well as browser shortcuts and PWAs, where I have the freedom to perform any desired action without being restricted by any attestation. My partner has a very keen interest in the freedom offered and is actually very annoyed at the state of things on modern Android - but sadly the attestation issues and Samsung Knox in particular are big showstoppers (I use an FP3, so no “security void” hardware fuses here)

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • uselessserver093
  • Food
  • aaaaaaacccccccce
  • test
  • CafeMeta
  • testmag
  • MUD
  • RhythmGameZone
  • RSS
  • dabs
  • KamenRider
  • TheResearchGuardian
  • KbinCafe
  • Socialism
  • oklahoma
  • SuperSentai
  • feritale
  • All magazines
    •