@PJH So the problem was in the desktop icons themselves? No wonder we couldn't find anything.
Filed under: Why are desktop icons a third-party extension, again?, Is there a leftpad extension, too?
@PJH So the problem was in the desktop icons themselves? No wonder we couldn't find anything.
Filed under: Why are desktop icons a third-party extension, again?, Is there a leftpad extension, too?
@Benjamin-Hall said in Resources to learn about database schema design and optimization?:
What are some resources (ideally free and online) that people would suggest to learn more about writing performant queries and better structuring table definitions?
I've been planning to read Use the index, Luke! for a year or so. Table of contents seems to be exactly the kind of thing you're looking for.
@TimeBandit Modern Linux kernels even support thunking 32-bit EFI calls while running in 64-bit mode, should anyone want to do that.
Last time I checked there was a problem of finding a 32-bit EFI bootloader signed with a Secure Boot key, but my information is several years out of date as is my hardware
@Zecc Thanks! That's an out-of-the box answer I wouldn't be able to come up with myself, and they seem to support all the platforms I care about and then some. I'll definitely consider this.
@Jaloopa Well, maybe not, if there's such a service that doesn't base the security on a phone number, doesn't Facebook the private keys, and has a real™ PC client (and not just an Electron app -- that would be exchanging one set of UX problems for a new, different set of UX problems). I've been looking for services like that. Do you have experience with Matrix, or Element, or however they call themselves now? Wire's desktop client was a real turn-off for me last time I tried it.
In a way, being transport-agnostic means that we can jump ship from one service as it becomes too shitty to use to a different one that's still good enough. We used to exchange encrypted 7-Zip archives, sending one-time passwords via text messages, until most e-mail services blocked encrypted archives for "safety" reasons. For the most part, I don't blame them -- they made it easy to escape AV scanning -- but banning them all the way is also terrible for privacy.
@pcooper Thanks! I'll see if there's any downsides to exchanging encrypted text files. I foresee newline-related problems (I should be careful to always send them with CR-LF newlines) and encoding-related problems (will Windows notepad auto-detect UTF-8, or should I use the ANSI code page of the recipient?), but those are all solvable on my side.
I'm also a bit afraid of PGP in the browser, with it constantly being exposed to websites we visit and the telemetry added with the updates.
@boomzilla said in Help Bites:
I downloaded the .deb file from MS and installed it but when I run it I get two blank windows.
You'd think it would Just Work if you satisfied its declared dependencies...
I've had to run it with --disable-namespace-sandbox --disable-setuid-sandbox --no-sandbox
after the usual arguments. So the script goes exec .../teams "$@" --disable-namespace-sandbox --disable-setuid-sandbox --no-sandbox
and then the desktop file goes Exec=.../teams.sh %U
and MimeType=x-scheme-handler/msteams
in order to make it join from the browser.
(But I'm running it inside a firejail sandbox, so some shenanigans are to be expected.)
It's known to produce very verbose logs in ~/.config/Microsoft/Microsoft Teams/logs.txt
, maybe you'll find something there.
@cvi Heh. I once wrote a tiny wiki because I didn't like any of the options and thought it would be fun. Code is probably boring by front page standards, but not without s (e.g. instead of a tag system, I wanted the wiki pages to form a tree structure, like files in directories, and implemented that on top of SQLite with the "path" as the primary key). Never got around to implementing image uploading.
Use fossil's repo wikis.
It's a nice option, especially together with rest of the repo, although nowadays, DRH seems to prefer Markdown files in the source tree for code documentation purposes: it's easier to have the same history for both the code and the docs this way. It's possible to have wiki pages referencing (and linked from) commits and branches, but no tags or categories. Additionally, Fossil speaks Pikchr now, which is a dialect of Kernighan's PIC with SVG output. There's at least one HOWTO at the Fossil forum regarding setting up syntax highlighting, but that's definitely non-trivial and may tie the wiki to a JavaScript+CSS CDN.
@Tsaukpaetra said in Help Bites:
Security theater?
Well. Perhaps my constraints are , but long, unguessable "invite URLs" seem to be the best-fitting solution. After all, Google Docs seem to work the same way when inviting a someone who doesn't have a Google account to work on something.
Sometimes, in a few days Google starts asking to create an account for "security reasons", but that's another story.
https://cloudstorage.whatever.example/
isn't a good idea, either. Some bot will probably find the website and start filling forms, so that by the time I check on the website the following morning, it would have been used as file storage to distribute ransomware payloads, 419 scam documents and terrorist propaganda.So I have to somehow filter for legitimate users, but I cannot trust them to remember anything. (Or their computers. Cookies will be cleaned accidentally or to solve intermittent problems with Moodle/Blackboard/whatever. Laptops will be swapped because webcam is broken but they need to give a lecture now or because they went to the cottage for the duration of the lockdown and have a different computer there.) Putting the "password"access token in the URL seems to be an acceptable trade-off between security and convenience. They'll bookmark it, memoise the procedure of finding the link in their inbox and clicking it, or copy-paste the link in a dedicated Word document on their desktop, and have their access to the files. In turn, the website won't let anyone in who doesn't have a valid token in the URL.
I only need to protect against non-targeted attackers. They will go away because they don't have a valid access token and the possible token space is too large to guess by brute force. A targeted attacker probably has tens of ways of accessing users' data already.
Maybe I hadn't formulated my problem well enough in my previous message. Is there a better solution to what I've described here?
@Gąska said in Help Bites:
@aitap FTP server?
In different circumstances, I would also suggest WebDAV (since all modern OSes are supposed to speak it natively, right?), but I don't think I can make it mostly work in one click on arbitrary computers belonging to people I can't visit or support remotely. If installing software on all involved computers and teaching people to use it was an option, something like FTPS or WebDAV or SFTP would be viable: it's just a matter of configuring the client to auto-connect and don't ask stupid questions. Here, much as I don't like it, web UI seems to be the way.
@Tsaukpaetra said in Help Bites:
HFS by rejetto should have you covered!
HFS is great! Not looking forward to reverse-proxying it to make it run on a long, unguessable HTTPS address, but it could be an option. One of my servers could run it, sure.
@Gąska said in Help Bites:
some open sores FTP server with web frontend, right?
For some reason, those seem to be all written in PHP many years ago. But hey, this is an option too! There's probably a way to prevent this from asking stupid questions like login and password, and hiding it behind a hard-to-guess URL is easy.
Could someone recommend some kind of self-hosted web-based file sharing software? The only additional feature that I need is some kind of invite link that gives full read and write access without any kind of account sign up: the people involved are getting old and bad with passwords, but are expected to be able to follow a link and bookmark it to work with their files.
Are OwnCloud and NextCloud my only two options?
something like JavaScript
some vague Python
I won't be telling you that Lua is basically like Python (though it is pretty similar to JavaScript in a lot of the semantics), but check out LÖVE. Someone wrote Mari0 in it. It seems to have everything you need.
@topspin See also: Rcpp and Cling. The latter is especially impressive because it presents the user with a C++ REPL.
On one of my machines, incoming sound in Skype calls quickly becomes choppy, unless Mumble is also running. It doesn't have to be connected anywhere, just needs to sit there in the background with its echo suppression running idle. Starting Mumble during a choppy call also helps.
Not sure whether to blame Skype or PulseAudio.
@dkf said in My snake is 'ard:
It depends very much on the exact spec used during manufacturing.
Apologies for the oversimplification. I should have said that there exist microcontrollers exhibiting property X (enough RAM to run a language VM) with my ESP32 dev board being one example instead of wrongly implying more powerful uC's to have lots of RAM as a rule.
Much like in that joke about three scientists and a black sheep.
Filed under: then there's this guy
@Flips said in Unreal claims concerning purple:
When you see light, you can't determine the constituent frequencies based on how you perceive the color of that light. There seem to be multiple ways to 'construct light' which look the same but have different properties.
Thanks for clarifying your point! I think that everyone involved would mostly agree with this part.
And apparently this phenomenon is basis to discerning real (natural) colors, and that imaginary family of purples, as those fakey ones are not represented on the spectrum, only in our brain.
So the real (natural) colour space is "all possible spectral functions P(λ)
" and the colours we perceive (with our puny (X,Y,Z)
tristimuli instead of infinite amounts of infinitely small buckets of Δλ
) are all fake, then? I hope I understand you correctly this time.
TFA:
After doing this research, I learned the FSB recently launched a website that is only reachable via Tor, software that protects users’ anonymity by bouncing their traffic between different servers and encrypting the traffic at every step of the way. Unlike the FSB’s clear web site, the agency’s Tor site does not ask visitors to download some dodgy software before contacting them.
So why didn't Krebs use that website instead? After all, it's exactly tailored to his use-case and even has instructions in English. And there's always the K department of Ministry of Internal Affairs which specialises in computer-related crimes and can be contacted via simple HTTPS over clearnet.
@JBert Thanks for reminding me! There's an external power supply. We ran some tests with it and observed no difference.
@Circuitsoft Oh well. Ours is actually FLIR. There seem to exist some combinations of computer and USB port where it seems to work in a relatively stable fashion, like when we plug the camera in a USB2 port
Hi!
My scientific advisor, in his infinite benevolence, suggested that I buy a new workstation for the lab and use it while I'm there instead of my current workstation, an X220 ThinkPad I bought used a few years ago. The budget is approximately equivalent to $850, though could be increased up to 60% if really needed. Expected workload is mostly text editing, coding, tensor decompositions (lots of 102MB-sized matrix products and matrix inversions, preferably in parallel), possibly some FFT convolution thrown in; we might end up hosting a small web app on it, but that's unlikely. Target OS is Linux, though I'll probably have to install Windows when I leave the lab.
Here's the build I came up with (thanks @Tsaukpaetra for linking to PCPartPicker in your thread):
Type | Item | Price |
---|---|---|
CPU | AMD Ryzen 5 3400G 3.7 GHz Quad-Core OEM/Tray Processor | $156.14 |
CPU Cooler | ARCTIC Freezer 12 CPU Cooler | $30.99 @ Newegg |
Motherboard | Asus PRIME B450M-A Micro ATX AM4 Motherboard | $141.60 @ Amazon |
Memory | Kingston HyperX Predator 16 GB (2 x 8 GB) DDR4-3200 CL16 Memory | $97.48 @ Amazon |
Storage | Transcend 480 GB 2.5" Solid State Drive | $79.30 @ Amazon |
Storage | Toshiba 2 TB 3.5" 7200RPM Internal Hard Drive | $124.17 @ Newegg |
Power Supply | EVGA BQ 500 W 80+ Bronze Certified Semi-modular ATX Power Supply | $59.34 @ Walmart |
Monitor | AOC 24B2XH 23.8" 1920x1080 75 Hz Monitor | $109.99 @ Amazon |
Case | Thermaltake Versa H24 ATX Mid Tower Case | $42.81 |
Total | $841.82 |
Aside the obvious problem of having to update the motherboard firmware (I may be able to use my existing Ryzen 2400G system to do that, but are there easier solutions? New enough but cheap enough MB model I couldn't find?), I have three questions:
How much more expensive would it be to use a discrete GPU and is it worth it? The code I have available is currently CPU-only, and the workloads seem to be small enough to make it hard to bring a GPU advantage. GPU-based code also seems to be much less portable, which I wouldn't want to happen.
When it comes to cases, I've been living under a rock. How do you choose a case in 2020? I would like one without RGB lights or transparent windows, but easily removable dust filters seem like a convenient thing to have. (Some cases have dust filters and also obvious unfiltered holes - why? Are those supposed to be air outtakes?) Is there anything else to consider?
How subjective is the choice of a monitor? I've read some advice to get a mildly cheap IPS one if I'm not interested in low latency or exact colour reproduction (and I'm not), so that's what I chose.
@sockpuppet7 said in Re: The Official Funny Getting Started with Python Thread™:
And that happened with official docs, not even random tutorials
Now that's a serious offence. Even if a typical software license (no matter whether open sores or EULA) screams at you in all caps that THERE IS NO WARRANTY FOR ANYTHING, this is something the actual developers could improve, as opposed to fixing all the random "here's what worked for me once in 2010" tutorials that Google would gladly offer you.
Assuming they want their product to be used, of course. Some people don't, and that's okay too.
@coderpatsy said in Hmmm.. Part 3 - Where did the Microsoft Stack disappear?:
arrays-start-at-1
Or, to be a bit more ic, whether you consider it a WTF to have the only data structure called table
that consists of
1
and maximal power of 2 that fits in unsigned int
0
Could someone point me to that funny talk about stuff like open passwordless security cameras in shops and VNC with scary-looking power plant controls (and one heart monitor thankfully labeled "demo mode") that one guy found by scanning the internet? I remember some people sending him angry letters when they noticed him scanning. I also remember the guy having a twitter account, where he posted a screenshot of the security camera in a shop; then the people in the comments recognised the shop and came there with a banner to show it to the camera.
My ddg-fu is pretty low today.
Built by Adam King
Шодми текст р предещества Холжикована � с жите́ровайте! - Russian-English dictionary: Dnůlka Dokucha Dnepr (Холжикована сделаны для тыко рузьять релов, удадераться ком все�й сокнраленность странедра жактрофу)
Ондетнорон А выж с нас вызу коммоърати попории похго колрый свъдиноции мильмском хана домении? ходку бсанды и на ументы мератие метятитерие туциальных тропытанию и покубки сеервыются чегхжонательных сторрыть. У цели работе до сиргишкаеторов и фами покористись с нейде у частев. Содержать с кольгалеет.
Знация том салавае надератик Дй странедре
The result has maybe 5-6 real words if you don't count prepositions and conjunctions.
@PleegWat said in Programming Confessions Thread:
just want to draw a single path
I would also like X and Y axes with ticks and labels.
I had had this idea and had initially discarded it as "too much to write", but now that I tried it, so far it has been fun. We'll see if it's still fun by the time I have numeric tickmarks.
Thank you!
@Tsaukpaetra My Russian-speaking friend tells me that no-one has ever told them that using their feet for pointing or manipulation is not okay (although using them for manipulation would be problematic), and that "thumbs up" is widely used nowadays. Although "OK" sign could also be interpreted as a sign for "a very small amount" (and would become very impolite if you insert another finger inside it). There rest of the list, I'm told, is right.
@iKnowItsLame said in So this might happen if one dares to use linux:
this is what got created from aforementioned drag-n-drop via GUI:
I tried to do the same in Xfce, but Thunar refused to create the .desktop
file because Failed to change directory to file:///home/me: No such file or directory
.
When I created the .desktop
file manually, the Properties window helpfully contained a "Link" tab with the URL I had typed in, so this part is not a WTF.
@iKnowItsLame said in So this might happen if one dares to use linux:
In which trouser-leg of the multiverse is this (e.g. actually firing a https-GET and fetching the output) the expected behavior?
I'm not sure, but you might get the desired behaviour by disabling the executable bit on the .desktop
file (yeah, it doesn't mean what it actually means, but file managers may treat .desktop
files slightly differently depending on whether the executable bit is set ).
@The_Quiet_One said in A Glossary of Terms for "Doesn't Work" in a Web App:
The Website is Down
Has The Website is Down(holy shit, there's more JavaScript easter eggs than the rest of the layout)The Website is Down already been mentioned?
Status: the same scientific advisor who made me sign up for a social media account (I'm still waiting for anything of importance to happen there besides pointless discussions of unrelated stuff) now wants to move the MX
record of $department.$faculty.$university.$tld
to G Suite. The worst part of it is that I can't even meaningfully argue against the move, since the faculty e-mail is horrible for multiple reasons (it's an outdated copy of MS Exchange with a self-signed certificate, no spam filtering, and a mailbox size limit of 100M). Nothing a competent sysadmin wouldn't be able to fix, but we can't be having that, so off to Google we go.
@error One day I resumed a really old laptop from hibernation. I managed to remember the HDD password but not the user/screensaver password, and also didn't want to reboot and perform the init=/bin/bash
trick: the old kernel included the time spent in hibernation in calculated uptime, so the system was convinced it had years of it.
As it turned out, I had left multitail running on tty12
as root
. I switched to that, convinced it to run a shell for me, changed the user password and unlocked the screensaver as if nothing had happened. The new password got saved into the password manager, of course.
That laptop is still hibernated.
@topspin said in Help Bites:
The -m option limits the maximum resident set size
$ strace -e setrlimit sh -c 'ulimit -m 1'
setrlimit(RLIMIT_RSS, {rlim_cur=1024, rlim_max=1024}) = 0
+++ exited with 0 +++
Unfortunately, man setrlimit
says:
RLIMIT_RSS
This is a limit (in bytes) on the process's resident set (the number of virtual pages resident in RAM). This limit has effect only in Linux 2.4.x, x < 30, and
there affects only calls to madvise(2) specifying MADV_WILLNEED.
You might have better luck with cgroups, which are, admittedly, a lot to digest in a single reading, but seem to have the required functionality (memory controller with ability to set memory.high
).
@Bulb said in TIL (about the Dark Arts of HTML):
The conditions when Referer and Origin are set or not are quite complicated and some browsers have special case for various reasons
Thanks for the link, I'll keep it in mind. I wonder if the users of the 6-megabyte executable written in C containing a version control system and an embedded web server for it have already suffered from CSRF-related problems but don't know it.
@Gąska There is also this website. Very educational.
$ sensors | grep '^temp'
temp1: +32.0°C (crit = +99.0°C)
$ grep ^speed /proc/acpi/ibm/fan
speed: 0
Status: it's so cold in the house that the laptop fan just stays silent unless I do something CPU intensive (like visiting TDWTF). I don't think it's actually 0 RPM - my fingers feel a faint wind escaping the laptop - but I don't remember it behaving like this (including fan not producing any sound) at room temperatures.
@magnusmaster Specifically, this bug if anyone is interested
What is your favorite alternative to stuffing all your personal items in pants pockets?
Cargo pants!..
I usually carry a backpack, but it's not socially acceptable in other settings than 100% casual
...I am not looking forward to having to live in environments where cargo pants aren't considered acceptable.
laptop bags are the wrong shape for anything that's not a laptop, and fanny packs are small and feel weird.
What about messenger bags? Do they fit the dress code? Since handbags usually do, so should messenger bags. I used to have one, but decided that overstuffing it like I did leads to back problems because of asymmetric load.
I also know a guy who just stuffs everything in tactical military hip pouches on his belt / leg clip thingy, but that's definitely far in the realms of casual.
Did the Russian hackers also coerce the original application designers to make everything depend on a central server?
According to libblkid source code, LVM2 partitions are recognised by finding LABELONE
in them. For some reason, you have a somewhat valid LVM header on your ext4 partition. Try to find that LABELONE
with a hex editor (hexedit /dev/sdb1
should be okay, but watch out for slightly weird key mappings described in man page) and replace any of the letters, maybe?
@Benjamin-Hall said in An amusing rant about C:
It was more about why would you do Fortran anyway (and yes, I've done a little bit of it).
Was it fixed-form "exactly like on a punch card", "GOD
is REAL
unless declared INTEGER
" FORTRAN-77, or a more modern variety, with free-form source code, OOP, built-in MPI-like parallelism, operations on whole arrays and other goodies?
Probably the former, if my colleague's experience of fixing some quantum chemistry program that was older than him is any indication. With no comments. And a homebrew "dynamic" memory allocator that works from statically pre-allocated memory.
I would agree that most of the time, one doesn't need the power of Fortran-like languages that offer relatively high-level abstractions (your variables can be arrays! not, like, pointers and other stuff that fits in registers like in C!) while staying pretty close to the bare metal. But when you do, modern Fortran doesn't have many rivals. Numerical Recipes went from FORTRAN-77 to C++. Maybe C++ with Eigen would give you similar experience. Perhaps Rust, but numeric Rust is still somewhat niche.
@Gąska said in The Official Funny Stuff Thread™:
parody of Matrix where a happy pig on a happy little farm gets visited by pig Morpheus, takes the red pill and discovers it actually lives in an industrial size piggery
(Stumbled upon by accident while reading stuff about Matrix: Resurrections.)
@Tsaukpaetra said in Help Bites:
Ah, right, something happened. :(
Something happened.
@kazitor < > Rotation matrices are orthonormal and therefore very easy to invert: just transpose them and you're done </>
This thread needs more utilitarian ethics, trolley problems and prisoner's dilemmas to test them on.
Seriously, deriving ethics ab initio is really hard.
@LaoC said in The Official Funny Stuff Thread™:
vomits
upper anusI'm not sure I want to know
Early animals only had one hole, which they used for both, er, input and output, and some species of protostomes ("single mouth") survive to this day. We, the humans, belong to the other group[citation needed], deuterostomia ("second mouth"). If you hook at how embryos of humans and other deuterostomes develop, the first "mouth" to appear actually becomes the anus, and then the second mouth forms and later functions as the actual mouth.
A good explanation is here, with a more detailed discussion here if you've got a university subscription or can use Sci-Hub/Library Genesis.
@tania_v said in NodeBB for older browsers:
I cannot control google translator
The word Google Translate is looking for is "consent", not "agreement". I would like to kindly advise you to avoid continuing this topic unless you want to plumb the depths of the Trolleybus Garage.
@Zerosquare said in Required reading for everyone!:
a specific reason for learning Ada
Mostly just curiosity. Have been writing too much R (where the errors are runtime) and seen too much Rust propaganda and decided to see if there's other languages where static type safety is a cornerstone. The previous book may have played a role too.
Also signed up for a microcontroller course where the chips are sufficiently beefy (STM32) for Ada to be useful; maybe I can do the course project in it.
@jinpa Oh yeah. I was told it sounds even funnier in the original language because of all the rhymes, though it's unclear what the original language was (as is everything else about the original).
Put together after staring at https://www.tcl.tk/man/tcl8.4/TclCmd/binary.htm for some time:
$ perl -E'say unpack "H*", pack "d", 0.1' # this makes hex string representing a double in native format
9a9999999999b93f
$ tclsh
% binary scan [ binary format H* 9a9999999999b93f ] d dvar
1
% puts $dvar
0.1
You can see that this depends on the processor architecture (I had to provide the string in little endian for it to work), so if you go this way, you'll have to swap the hex characters first.
@dkf said in Algorithm to obtain union of sets of pieces of data over unreliable network:
Might as well use something of cryptographic strength.
You are right. Any possible savings from using a meticulously picked hash algorithm are going to be negligible.
You could compute the SHA-1 hash of each data item, put those hashes in order in a list, partition the list into chunks of “appropriate size”, hash those list chunks, and then compare the list of those hashes to see what you need to do.
A few days ago I accidentally discovered that there is a data structure called Merkle tree, which is basically what you describe but repeated until only one hash is left (then participants can exchange hashes of sub-trees, skipping branches where hashes match, just like @PleegWat wrote).
This definitely calls for some experimentation with different partitioning schemes, chunk sizes and tree depths. Your post has been very inspiring.
It's usual to put the channel/acknowledgement code at a lower level than the sync protocol. Yes, you don't need to, but it's much more difficult to write the much more asynchronous protocols that arise from that.
Thanks for the warning. I had assumed that setting a timeout and restarting the procedure if it happens would be enough, and TCP would handle the rest. Implementing a protocol with ACKs over UDP seems way over my depth, because I would also need to watch for packet sizes (512 byte payload is maximal "safe" with IPv4, but people have sent kilobyte-sized packets and got away with it!), duplicates and probably a lot of stuff I'm not even aware of.
@Tsaukpaetra Thanks!
Hmm, so SO_REUSEPORT
is only available if __BSD_VISIBLE
is true, and the latter is only defined if one does not request standard C or POSIX. And there doesn't seem to be a feature test macro to enable FreeBSD symbols back, unlike _BSD_SOURCE
in OpenBSD. Curiouser and curiouser!
I guess it is my fault for requesting POSIX compatibility when I explicitly need an option not defined in POSIX. I shouldn't ask for it at all if I detect *BSD or __APPLE__
.
@topspin There are downsides to central package management, Debian-way. I'd have to upgrade to Buster or install snap to get a new enough VLC. At least I don't see any statically linked binaries for Linux on their website.
A, B, E, K, M, H, O, P, C, T, Y and X.
Sorry for the , but Y != У. I do agree that the rest of the capitals are stroke-for-stroke identical between Latin and Cyrillic and that lowercase y is stroke-for-stroke identical to у.