Add SepiaSearch URL as default search index

I updated my weird wording but… you and they said something about the default [index] URL

If OP asked when global search was implemented the answer is 5 years ago. If they asked when SepiaSearch became the default index then sure, ChatGPT was wrong, but I’d bet they asked the first question

https://github.com/Chocobozzz/PeerTube/releases/tag/v2.3.0

ChatGPT is correct? The irony of people confidently asserting that ChatGPT is wrong, while being wrong, seems to be lost on the crowd here. Kinda makes you understand why ChatGPT is often so confident even when wrong.

In May 2020, Framasoft published a roadmap of the software for the later half of the year and created a fundraising campaign requiring €60,000 for aiding the development.[18] Five months later (in October 2020), PeerTube announced that they reached their fundraising goal of €60,000 after a €10,000 donation from Debian.[19][20] Throughout the later half of 2020, PeerTube has added features such as global search, improved playlists, and more moderation tools

End 2020, the meta-search engine Sepia Search was launched by Framasoft, allowing a global search on all PeerTube instances at once. As of 2021, Sepia Search covered close to 800 individual instances

https://en.m.wikipedia.org/wiki/PeerTube

https://github.com/Chocobozzz/PeerTube/releases/tag/v2.3.0

I don’t want to tell you one way or the other because it’s kinda dubious anyway, but if all services run as the same user the need for root is kinda moot when it comes to crossing between services or expanding the scope of an attack. Of course it is better than all things running as root, but if I popped a machine as some “low privilege” user that still had access to all running services I’m not sure I’d care so much about escalating to root.

Woah, no. Sure escaping via a kernel bug or some issue in the container runtime is unexpected, but I “escape” containers all the time in my job because of configuration issues, poorly considered bind mounts, or the “contained” service itself ends up being designed to manage some things outside of the container.

Might be valid to not consider it with the services you run, but that reasoning is very wrong.

It did give the right answer…

You can unlock the bootloader on a Pixel in about a minute.

I can understand some people finding the whole process a bit daunting, but it’s not actually that difficult with Graphene.

LXC is containerization. Both it and Docker are using the same kernel APIs.

This is also far from my personal experience, you might not even realize what free software you’re depending on?

Your browser is most likely the most complex piece of software you interact with daily and it is most likely FOSS. The Linux kernel is FOSS and is incredibly robust. Most compiler suites, FOSS. Most programming languages, FOSS. These are all incredibly well written and robust tools. AOSP, kinda FOSS, and the forks like Graphene are definitely FOSS. Hell even a lot of macOS programs are actually FOSS. I could go on and on, there is absolutely amazing work being done on FOSS by incredibly talented people.

There is great paid and proprietary software out there, sure, but no it’s not the majority of top quality software in my personal experience and likely a lot of people’s experiences and it is almost guaranteed to rely on a FOSS library somewhere

Sounds like you’re cherry picking both; I’ve seen plenty of garbage that costs money as well.

I have no skin in this game, but IPs are definitely not anonymous data. Also there is a lot of great info out there about de-anonymizing seemingly random data. Interestingly enough, this is similar to the Netflix prize dataset that was one of the more famous ones. Maybe a good introduction to that would be https://www.schneier.com/blog/archives/2007/12/anonymity_and_t_2.html

Nobody is gonna be using a quantum computer to “crack email hashes” of Plex users in a few years… I’m not even sure there is a speedup to hash cracking with quantum computers.

But depending on the hashing algorithm used, it’s likely pretty easy to crack hashes of email addresses today with a normal computer. They’re not particularly high entropy.

I feel seen

Honestly I wouldn’t even go so far as home assistant. Do you have any IP cameras or just USB webcams? If you have IP cameras all you need is the VPN and then just access them as if you’re at home. If you only have USB webcams, you’re going to have to stream the content and I believe ffmpeg is actually capable of taking /dev/videoX and serving it over RTSP somehow, but I don’t remember exactly how. I see some references to it in some quick searches though. Maybe start here (some blog) or here (Stackoverflow question)?

Another thing to remember is that you’re going to be limited by your upload speed. If you’re not on fiber and in the US that’s likely going to be pretty bad, so set your resolution and the like accordingly.

Sorry about your cat. We typically have a Rover stop in to check on our cats when we’re gone for a bit; it’s nice to get them some human interaction and they always send pictures and give updates.

I personally have a camera setup inside that just streams to HomeAssistant so we can check on them ourselves when we’re out just for the weekend. I disconnect it when Rovers are stopping by though because I don’t want them to feel spied on. No need for anything fancy really, but if you really want NVR I just use Frigate (for other things, the cat camera really is just a stream). It’s free and open source and really easy to set up.

WireGuard is a very easy way to set up the access. My router has just the single WireGuard UDP port forwarded

As long as it’s installed on a device you control it’s pretty easy to sniff TLS traffic from an Android application, even if they’re pinning certs. I do this all the time for work. Frida makes it extremely easy, even giving you the ability to edit boringssl if something important is happening in native code. I’ve had to do this a couple times.

If you don’t have root you’ll have to recompile the application though which could matter if you need the signature to not change, but that isn’t a common requirement.

It’d be nice to have a better way to test though; I’ve wanted to check out Waydroid. Some coworkers just use an emulator which works great if it doesn’t need specific hardware.

Redox also takes some inspiration from Plan9 and https://doc.redox-os.org/book/ch05-00-schemes-resources.html is interesting. Also reading https://drewdevault.com/2022/11/12/In-praise-of-Plan-9.html made me a bit more interested in things trying to be more Plan9-like than Unix-like.

This doesn’t seem to be a Rust problem, but a modern development trend appearing in a Rust tool shipped with Cargo. The issue appears to be the way things are versioned and (reading between the lines maybe?) vendoring and/or lockfiles. Lockfiles exist in a lot of modern languages and package managers: Go has go.sum, Rust has Cargo which has Cargo.lock, Python has pip which gives a few different ways to pin versions, JavaScript has npm and yarn with lock files. I’m sure there are tons of others. I’m actually surprised this doesn’t happen all the time with newer projects. Maybe it does actually and this instance just gains traction because people get to say “look Rust bad Debian doesn’t like it”.

This seems like a big issue if you want your code to be packaged by Debian, and it doesn’t seem easy to resolve if you also want to use the modern packaging tools. I’m not actually sure how they resolve this? There are real benefits to pinning versions, but there are also real benefits to Debian’s model (of controlling all the dependencies themselves, to some extent Debian is a lockfile implemented on the OS level). Seems like a tough problem and seems like it’ll end up with a lot of newer tools just not being available in Debian (by that I mean just not packaged by Debian, they’ll likely all run fine on Debian).

I agree and think that should be helpful, but I hesitate to say how much easier that actually makes writing sound unsafe code. I’d think most experienced C developers also implicitly know when they’re doing unsafe things, with or without an unsafe block in the language – although I think the explicit unsafe should likely help code reviewers and tired developers.

It is possible to write highly unsafe code in Rust while each individual unsafe block appears sound. As a simple example: https://play.rust-lang.org/?version=stable&mode=debug&edition=2021&gist=6a1428d9cae5b9343b464709573648b4 [1] Run that on Debug and Release builds. Notice the output is different? Don’t take that example as some sort of difficult case, you wouldn’t write this code, but the concepts in it are a bit worrisome. That code is a silly example, but each individual unsafe block appears sound when trying to reason only within the block. There is unsafe behavior happening outside of the unsafe blocks (the do_some_things function should raise eyebrows), and the function we ultimately end up in has no idea something unsafe has happened.

Unsafe code in Rust is not easy, and to some extent it breaks abstractions (maybe pointers in general break abstractions to some extent?). noaliases in that playground code rightly assumes you can’t have a &ref and &mut ref to the same thing, that’s undefined behavior in Rust. Yet to understand the cause of that bug you have to look at all function calls on the way, just as you would have to in C, and one of the biggest issues in the code exists outside of an unsafe block.

[1]: If you don’t want to click that link or it breaks, here is the code:

fn uhoh() {
    let val = 9;
    let val_ptr: *const usize = &val;
    do_some_things(val_ptr);
    println!("{}", val);
}

fn do_some_things(val: *const usize) {
    let valref = unsafe { val.as_ref().unwrap() };
    let mut_ptr: *mut usize = val as *mut usize;
    do_some_other_things(mut_ptr, valref);
}

fn do_some_other_things(val: *mut usize, normalref: &usize) {
    let mutref = unsafe { val.as_mut().unwrap() };
    noaliases(normalref, mutref);
}

fn noaliases(input: &usize, output: &mut usize) {
    if *input < 10 {
        *output = 15;
    }
    if *input > 10 {
        *output = 5;
    }
}

fn main() {
    uhoh();
}