Ian Molton reshared this.
Arm Open Source makes a seamless migration to Gitlab - https://about.gitlab.com/blog/2022/05/17/arm-open-source-makes-a-seamless-migration-to-gitlab/
Ian Molton reshared this.
As of yesterday evening, my #avr #prologue generator can now generate reasonably optimal interrupt handler prologues and epilogues, even calling an optional schedule function which can "switch tasks" (it goes through the motions but doesn't yet change the stack pointer).
Ok, that doesn't address system calls, and there are corner cases (functions calling GCC internals with odd abis), but it ran, and didn't crash.
The only annoyance is that without an additional analysis pass, it's not possible to know the set of registers "not used in any interrupt handler", leading to a possiblity of "double saving" registers that are used in the interrupt handler, but not used in schedule(), but only in the case that schedule causes a thread switch, so the impact is hopefully low.
GCC favours allocating registers starting with the highest (r0 and r1 are specially treated), and schedule is a modestly complex function, so the odds of an interrupt handler being sufficiently complicated that this occurs are low, and I can, to a degree, tweak this, by varying the set of registers I save in __switch_thread, forcing them to be saved before calling schedule rather than if there is a thread switch.
I guess I should add an option to pop duplicates, which sacrifices speed for stack efficiency, but that's icing.
The next challenge is going to be rebuilding the thread handling code back into the project. It's been quite a long time since I last fiddled with it, and it's going to need a fair bit of rework.
Hopefully I'll have a demo of multiple threads running by the end of tomorrow.
After that, locking primitives, thread management, events, and system calls...
One interesting note here is that a consequence of all this is that the fewer registers one uses in interrupt handlers, the faster system calls can be handled (unless the syscall both schedules and cause a #thread switch).
#microcontroller
Ok, that doesn't address system calls, and there are corner cases (functions calling GCC internals with odd abis), but it ran, and didn't crash.
The only annoyance is that without an additional analysis pass, it's not possible to know the set of registers "not used in any interrupt handler", leading to a possiblity of "double saving" registers that are used in the interrupt handler, but not used in schedule(), but only in the case that schedule causes a thread switch, so the impact is hopefully low.
GCC favours allocating registers starting with the highest (r0 and r1 are specially treated), and schedule is a modestly complex function, so the odds of an interrupt handler being sufficiently complicated that this occurs are low, and I can, to a degree, tweak this, by varying the set of registers I save in __switch_thread, forcing them to be saved before calling schedule rather than if there is a thread switch.
I guess I should add an option to pop duplicates, which sacrifices speed for stack efficiency, but that's icing.
The next challenge is going to be rebuilding the thread handling code back into the project. It's been quite a long time since I last fiddled with it, and it's going to need a fair bit of rework.
Hopefully I'll have a demo of multiple threads running by the end of tomorrow.
After that, locking primitives, thread management, events, and system calls...
One interesting note here is that a consequence of all this is that the fewer registers one uses in interrupt handlers, the faster system calls can be handled (unless the syscall both schedules and cause a #thread switch).
#microcontroller
Zerody likes this.
Ian Molton reshared this.
"Pirate site blocking making its way into free trade agreements" https://torrentfreak.com/pirate-site-blocking-is-making-its-way-into-free-trade-agreements-220508/
This is much more serious than "can I get a pirated copy of something". The real effects of stuff like this is control, censorship, and gatekeeping of the internet in general.
This is much more serious than "can I get a pirated copy of something". The real effects of stuff like this is control, censorship, and gatekeeping of the internet in general.
Pirate Site Blocking is Making its Way Into Free Trade Agreements
The new free trade agreement between Australia and the UK includes a site blocking paragraph, which could expand to other deals.Ernesto Van der Sar (TF Publishing)
3 people like this
3 people reshared this
Ian Molton reshared this.
📣 Let's go #Portland! Show your support for reproductive healthcare at the #BansOffOurBodies rally 2:00 PM TODAY at Chapman Square downtown
https://maps.app.goo.gl/GQGUm4HnEUMcu9S87 #portlandprotest #pdx #AbortionIsHealthcare
https://maps.app.goo.gl/GQGUm4HnEUMcu9S87 #portlandprotest #pdx #AbortionIsHealthcare
Ian Molton reshared this.
Voter registration information for Oregon: https://sos.oregon.gov/voting/pages/registration.aspx?lang=en
#RegisterToVote
#RegisterToVote
Oregon Secretary of State
The Oregon Secretary of State works to maximize voter participation, is a watchdog for public spending, makes it easier to do business in Oregon, and preserves and promotes Oregon history.sos.oregon.gov
thanks, I'm new as of 2020 so this was be first time voting by mail in Oregon this past week :)
AVR update...
So I added an unconditional schedule.
I think it's working, but the interrupt isn't disabled so it's re-entering. Works for simple functions, printf dies.
I'll try disabling the interrupt tomorrow.
#avr #microcontroller #interrupts #kernel
I think it's working, but the interrupt isn't disabled so it's re-entering. Works for simple functions, printf dies.
I'll try disabling the interrupt tomorrow.
#avr #microcontroller #interrupts #kernel
Ian Molton reshared this.
Someone carved the alphabet into a tree and let it deform for five years and made a font out of it: https://bjoernkarmann.dk/occlusion-grotesque
2 people like this
7 people reshared this
Ian Molton reshared this.
That's very honest of you, Coinbase.
2 people like this
3 people reshared this
well, it is still not honest.
The "up to"-part could be described more transparent.
The "up to"-part could be described more transparent.
The honesty depends on the meaning of 'crypto' they use..
crypto
krĭp′tō
noun
1. One who covertly supports a certain doctrine, group, or party.
2. Cryptography.
3. An element in words of Greek origin, meaning ‘hidden, concealed, not evident or obvious.’
https://www.wordnik.com/words/crypto
I'd say it can mean either 1) or 3) where they honestly imply that it is not transparent. And then you can add arbitrary text ;p
crypto
krĭp′tō
noun
1. One who covertly supports a certain doctrine, group, or party.
2. Cryptography.
3. An element in words of Greek origin, meaning ‘hidden, concealed, not evident or obvious.’
https://www.wordnik.com/words/crypto
I'd say it can mean either 1) or 3) where they honestly imply that it is not transparent. And then you can add arbitrary text ;p
Ian Molton reshared this.
"Golden Advice"
submitted by thunderarea
https://reddit.com/r/ProgrammerHumor/comments/un84pn/golden_advice/
submitted by thunderarea
https://reddit.com/r/ProgrammerHumor/comments/un84pn/golden_advice/
Ian Molton likes this.
2 people reshared this
AVR Stuff
So I got done more done on my prologue generator...
I can now wrote ISRs in C, that call other functions, and will have generated, optimised prologues and epilogues that only save and restore the required registers.
It can't resolve functions outside the current source file, so if it encounters calls to them, it saves all the call used registers, and it doesn't yet follow trampolines, which shouldn't really be used from ISRs anyway, because they're slow, and it doesn't know about the special calling conventions for compiler builtins, like __umul* etc.
But it works!
I can call functions from ISRs, even printf!
I can even have it enable interrupts, and nest them.
next I need to add my os kernel hooks to the ISRs, allowing me to efficiently call schedule() on return...
#avr
I can now wrote ISRs in C, that call other functions, and will have generated, optimised prologues and epilogues that only save and restore the required registers.
It can't resolve functions outside the current source file, so if it encounters calls to them, it saves all the call used registers, and it doesn't yet follow trampolines, which shouldn't really be used from ISRs anyway, because they're slow, and it doesn't know about the special calling conventions for compiler builtins, like __umul* etc.
But it works!
I can call functions from ISRs, even printf!
I can even have it enable interrupts, and nest them.
next I need to add my os kernel hooks to the ISRs, allowing me to efficiently call schedule() on return...
#avr
This entry was edited (6 days ago)
LG customer support
Well, LG get a partial credit - finding my machine and (very) basic diagrams for it was easy.
But you cant click the part to get the entry from the parts list, which is HUGE, and there is no search.
Worse, the parts list seems to be incomplete.
Worse, they have no phone number.
Now on the phone to their engineers, after badgering them until they gave me the number.
Poor show so far, 2/10.
#LG #repair #righttorepair #customerservice
But you cant click the part to get the entry from the parts list, which is HUGE, and there is no search.
Worse, the parts list seems to be incomplete.
Worse, they have no phone number.
Now on the phone to their engineers, after badgering them until they gave me the number.
Poor show so far, 2/10.
#LG #repair #righttorepair #customerservice
And now I'm being put through the chain-redirect-madness-call-of-fuckwittery by their nominated repair company (4lg).
Disgusting. All I want is to buy a genuine spare from LG.
Disgusting. All I want is to buy a genuine spare from LG.
Friendica Support reshared this.
Feature request - account selection when posting
!Friendica Support
Hi folks,
I'd like to suggest a feature that allows you to select any of your sub-accounts when making a post, so that I can avoid tediously switching user when I want to post as one of my forum accounts.
I'm thinking, a dropdown listing your accounts (with avatars) in the post composer?
Hi folks,
I'd like to suggest a feature that allows you to select any of your sub-accounts when making a post, so that I can avoid tediously switching user when I want to post as one of my forum accounts.
I'm thinking, a dropdown listing your accounts (with avatars) in the post composer?
Friendica Support reshared this.
Friendica Support reshared this.
Dead node?
!Friendica Support
Hi folks,
I'm seeing a lot of these piling up in the queue over the last few days. My feeling is that the node is broken, but I don't know how to investigate further.
I expect I can just block the instance, but will that clear the queue?
Hi folks,
I'm seeing a lot of these piling up in the queue over the last few days. My feeling is that the node is broken, but I don't know how to investigate further.
I expect I can just block the instance, but will that clear the queue?
Roland Häder likes this.
Friendica Support reshared this.
Friendica Support reshared this.
Especially at this time of the day I'm too busy to answer more in depth, sorry.
Roland Häder likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Michael Vogel Thats fine - I'd much rather wait until you have time to reply in depth.
Roland Häder likes this.
Friendica Support reshared this.
Ian Molton reshared this.
Following our research, 31.8% of the tested mental health webpages reduced number of third parties.
But that’s not enough.
Mental health shouldn’t be for sale & websites mustn’t trade sensitive info about us for profit.
https://privacyinternational.org/report/3351/mental-health-websites-dont-have-sell-your-data-most-still-do
#MentalHealthAwarenessWeek
But that’s not enough.
Mental health shouldn’t be for sale & websites mustn’t trade sensitive info about us for profit.
https://privacyinternational.org/report/3351/mental-health-websites-dont-have-sell-your-data-most-still-do
#MentalHealthAwarenessWeek
Mental health websites don't have to sell your data. Most still do.
The changes discussed in this article are based on a second analysis performed in late November, 3 months after the original study Your Mental Health is for Sale and following the exact same methodology.Privacy International
Ian Molton likes this.
Ian Molton reshared this.
It's a good start eh?
Never thought I'd see the day.
Never thought I'd see the day.
What strange bizzaro world am I in https://developer.nvidia.com/blog/nvidia-releases-open-source-gpu-kernel-modules/
Nvidia OpenSauces their driversNVIDIA Releases Open-Source GPU Kernel Modules | NVIDIA Technical Blog
The first open-source release of GPU kernel modules for the Linux community help improve NVIDIA GPU driver quality and security.NVIDIA Technical Blog
2 people like this
Honestly at this point Im just going to say Linux won, everyone pack their bags and come on over
Ian Molton likes this.
@Ms Mad Lemon Thanks for providing today's soundtrack!
#music
#music
Destination Space
Provided to YouTube by IngroovesDestination Space · Jean-Jacques Perrey · Dana CountrymanDestination Space℗ 2008 Oglio EntertainmentReleased on: 2008-09-23Au...YouTube
2 people like this
I remembered that earlier today lol!
I don't remember actually watching it fully, but my brother did and I was faffing around in the background and used to enjoy the theme tune.
I don't remember actually watching it fully, but my brother did and I was faffing around in the background and used to enjoy the theme tune.
Ian Molton likes this.
Ian Molton reshared this.
Les premiers de cordées sous Macron pendant que tu finis tes mois sur la corde raide...
Ian Molton reshared this.
Ian Molton reshared this.
Don’t destroy the possibility of anonymity in public. We need a genuine ban on biometric mass surveillance https://edri.org/our-work/will-the-european-parliament-stand-up-for-our-rights-by-prohibiting-biometric-mass-surveillance-in-the-ai-act/
Will the European Parliament stand up for our rights by prohibiting biometric mass surveillance in the AI Act? - European Digital Rights (EDRi)
On 10 May, EDRi and 50 organisations wrote to the Members of the European Parliament to ask them to ban the remote use of these technologies in publicly accessible spaces to protect all the places where we exercise our rights and come together as com…European Digital Rights (EDRi)
Ian Molton likes this.
Ian Molton reshared this.
I think this is the most real thing I have ever heard from Adam.
Great thoughts on how to deal with negative feedback and how/when to give good advice (and when not):
https://www.youtube.com/watch?v=DNhbUQhiVf8Ask Adam Savage: Will I Ever Retire, Plus Combatting Negative Feedback
Adam answers live-stream questions from Tested members LexLuthorJr and wayn3w about combatting negative feedback and thoughts about his own retirement. Thank...YouTube
AxWax likes this.
Ian Molton reshared this.
Canonical: You like snaps now
Snaps: I don't respect your system settings, themes or anything!
Me: Oh no
Snaps: My file chooser doesn't remember your sidebar folders in Nautilus like everything else, also, get used to navigating from / every single time, because I don't remember anything else either
Me: That's not what I—
Snaps: Also now you have to remember to update your software in yet another place
Me: Please stop
Snaps: Btw I take up way more resources too
Canonical: You're welcome
Snaps: I don't respect your system settings, themes or anything!
Me: Oh no
Snaps: My file chooser doesn't remember your sidebar folders in Nautilus like everything else, also, get used to navigating from / every single time, because I don't remember anything else either
Me: That's not what I—
Snaps: Also now you have to remember to update your software in yet another place
Me: Please stop
Snaps: Btw I take up way more resources too
Canonical: You're welcome
2 people reshared this
Friendica Support reshared this.
!Friendica Support
So I realise that there are instances out there that allow stuff I don't want to see (ever).
I'm good at ignoring stuff, so whatever, BUT...
I just saw a post in the global feed that had such an image, but being served *from* my server.
Now I'm assuming it's cached it for some reason, but why is that cache exposed to users who aren't local (ie. Logged in)?
How can I find out how an image ended up on my server?
If it was because of one of my users, they are getting booted.
If not, how can I find out what instance the image is from in general (eg. If I can't find the post but have the image URL)?
I'd like to identify the source and remove any other images from it, it's gross, and probably illegal.
So I realise that there are instances out there that allow stuff I don't want to see (ever).
I'm good at ignoring stuff, so whatever, BUT...
I just saw a post in the global feed that had such an image, but being served *from* my server.
Now I'm assuming it's cached it for some reason, but why is that cache exposed to users who aren't local (ie. Logged in)?
How can I find out how an image ended up on my server?
If it was because of one of my users, they are getting booted.
If not, how can I find out what instance the image is from in general (eg. If I can't find the post but have the image URL)?
I'd like to identify the source and remove any other images from it, it's gross, and probably illegal.
Roland Häder likes this.
Friendica Support reshared this.
Friendica Support reshared this.
Let me try to answer you.
Someone on your server interacted with an account on pawoo.net, whether by following this account, or fetching a public post (by entering its URL in the search bar) or subscribing to a hashtag if you have configured your node to accept content from post relays (although it appears unlikely).
pawoo.net then sends this post including a link to an image hosted on pawoo.net to your node. To protect your user's privacy, your node will download the image locally and rewrite the URL in the post to point at its location on your node.
So you are right, your node will be publishing this image from your domain until you take a moderation action against the post itself, the remote account (node-wide account blocking includes an option to delete all the content) or the remote server (node-wide server blocking includes an option to delete all the remote accounts and their content.
This local copy is meant to protect your user's privacy, but unfortunately it can't be limited to users at it stands. Since the same exact process is used to publish your user's own pictures in their public posts, making it logged-in user only would prevent their public posts to show their images to non-logged users. Think about RSS users or simply their public profile page.
Now, as Michael mentioned, there are ways of limiting the risks for you as a website publisher. Moderation is the main point (and the URL of the picture you mentioned now returns "Not Found") but as you said it is a game of whack-a-mole. It is made easier by domain blocking but there will be an amount of time during which questionable content will be published by your node.
Making the community pages (either from your local users or the global network your node knows about) private to your users only is another way of limiting exposure, as only your users will be able to be exposed to this kind of content through images your node is publishing. But then they would be able to share the image URL publicly for anyone else to see.
Currently images know whether they should be served to anyone or just to your users based on the permissions of the posts their are embedded in but I guess we could improve this system to take the site setting to make the community page private into account. This would further reduce the risk for you as even if one of your users shared the URL of such a picture with a non-logged in user they wouldn't be able to access it.
Someone on your server interacted with an account on pawoo.net, whether by following this account, or fetching a public post (by entering its URL in the search bar) or subscribing to a hashtag if you have configured your node to accept content from post relays (although it appears unlikely).
pawoo.net then sends this post including a link to an image hosted on pawoo.net to your node. To protect your user's privacy, your node will download the image locally and rewrite the URL in the post to point at its location on your node.
So you are right, your node will be publishing this image from your domain until you take a moderation action against the post itself, the remote account (node-wide account blocking includes an option to delete all the content) or the remote server (node-wide server blocking includes an option to delete all the remote accounts and their content.
This local copy is meant to protect your user's privacy, but unfortunately it can't be limited to users at it stands. Since the same exact process is used to publish your user's own pictures in their public posts, making it logged-in user only would prevent their public posts to show their images to non-logged users. Think about RSS users or simply their public profile page.
Now, as Michael mentioned, there are ways of limiting the risks for you as a website publisher. Moderation is the main point (and the URL of the picture you mentioned now returns "Not Found") but as you said it is a game of whack-a-mole. It is made easier by domain blocking but there will be an amount of time during which questionable content will be published by your node.
Making the community pages (either from your local users or the global network your node knows about) private to your users only is another way of limiting exposure, as only your users will be able to be exposed to this kind of content through images your node is publishing. But then they would be able to share the image URL publicly for anyone else to see.
Currently images know whether they should be served to anyone or just to your users based on the permissions of the posts their are embedded in but I guess we could improve this system to take the site setting to make the community page private into account. This would further reduce the risk for you as even if one of your users shared the URL of such a picture with a non-logged in user they wouldn't be able to access it.
2 people like this
Friendica Support reshared this.
Friendica Support reshared this.
@Hypolite Petovan @Ian Molton Hypolite, can you help me find the "accept content from post relays" setting? thank you very much for your time
Roland Häder likes this.
Friendica Support reshared this.
Friendica Support reshared this.
It's here in the admin section: https://friends.polli.social/admin/site#admin-settings-relay-collapse
It also includes instructions on how to subscribe to relays.
It also includes instructions on how to subscribe to relays.
2 people like this
Friendica Support reshared this.
Friendica Support reshared this.
@Hypolite Petovan @Luca Nucifora @Ian Molton Try to enter hashtags you want to have seen blocked on your instance, e.g. #nsfw #pussy #dick and so on. The configuration entry is called
system.blocked_tags.Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Hypolite Petovan @Luca Nucifora @Ian Molton Well, to be precise, that's the old notation. Here is an up-to-date one:
It is only an excerpt of your full file in
return ['system' => ['blocked_tags' => 'nsfw,pussy,dick']];It is only an excerpt of your full file in
config/local.config.php.Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
I did not realise this could happen, and this is a problem for me too. Less of a problem since I'm on a single-user instance, but I don't like the possibilities here.
Since I am the only user on my instance, it seems reasonable that I would make my cache visible only to logged-in users. I would like that as a configuration option.
But it kinda sounds like you're saying that if I add a picture in this reply, then friendica.mrpetovan.com will attempt to retrieve that directly from the cache on friendica.exon.name. If I limited that to logged-in-only users, then your instance wouldn't be able to retrieve the image. Is that correct? If I'm not heading down a wrong turn, then the solution would be to allow serving of cached images if the requesting website has an authentication cookie, and that cookie is set by the handshaking between two instances. So ordinary web browsers wouldn't be able to see the images.
Since I am the only user on my instance, it seems reasonable that I would make my cache visible only to logged-in users. I would like that as a configuration option.
But it kinda sounds like you're saying that if I add a picture in this reply, then friendica.mrpetovan.com will attempt to retrieve that directly from the cache on friendica.exon.name. If I limited that to logged-in-only users, then your instance wouldn't be able to retrieve the image. Is that correct? If I'm not heading down a wrong turn, then the solution would be to allow serving of cached images if the requesting website has an authentication cookie, and that cookie is set by the handshaking between two instances. So ordinary web browsers wouldn't be able to see the images.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
There seems to be a technical misunderstanding. Cookies are arbitrary data set by a website on a user's browser for ulterior retrieval. Authentication cookies are typically used to persist a successful login on a given website for a given period of time. Server to server communication do not use cookies and cannot set cookies in any user's browser.
We do have a mechanism to authenticate a Friendica user on a remote node, but it involves several requests back and forth between the two nodes so it isn't really suited to authenticate image display.
We do have a mechanism to authenticate a Friendica user on a remote node, but it involves several requests back and forth between the two nodes so it isn't really suited to authenticate image display.
Roland Häder likes this.
Friendica Support reshared this.
Friendica Support reshared this.
OK. User A on Server X. User B on Server Y. User C out there on the internet.
The problem is that due to a moderation leak, Server X has an image I in its cache that is Bad, and we must prevent user C from seeing it. Server X also has image J in its cache, that belongs to a public post from A. We must allow user B to see that image. Ideally we would also like to prevent user B from seeing image I.
Right now, A makes their post on X, and X stores J in its cache. C can now see J on X, and Y can also retrieve J from X and store it in the cache on Y. When B logs in to Y, they see J served from the cache on Y.
So to achieve our aims, we make the cache on X, including I and J, only visible to logged-in users. But now Y can't retrieve J from X, because Y is not a logged-in user (i.e. does not have an authentication cookie). So B can't see J when they log into Y.
But what I'm saying is, when Y retrieves J from X, it can prove that it is not C, because X and Y went through a handshake procedure. That handshake procedure should have resulted in some kind of key exchange, I don't know the details. The outcome of such a key exchange usually is an authentication token, but perhaps you're public-key signing your requests. Either way, I don't know how Y gets J from X, but usually that's with an HTTPS request, and HTTPS requests certainly can include cookies, even if they are server-to-server. But there are other ways of sending that authentication token too, like doing a POST instead of a GET, or by appending a URL parameter.
The overall point, though, is that unless I misunderstood the first part of this description, then somehow limiting cache access to only 1) logged in users and 2) handshook friendica (or ActivityPub) instances, should be achievable. Right?
The problem is that due to a moderation leak, Server X has an image I in its cache that is Bad, and we must prevent user C from seeing it. Server X also has image J in its cache, that belongs to a public post from A. We must allow user B to see that image. Ideally we would also like to prevent user B from seeing image I.
Right now, A makes their post on X, and X stores J in its cache. C can now see J on X, and Y can also retrieve J from X and store it in the cache on Y. When B logs in to Y, they see J served from the cache on Y.
So to achieve our aims, we make the cache on X, including I and J, only visible to logged-in users. But now Y can't retrieve J from X, because Y is not a logged-in user (i.e. does not have an authentication cookie). So B can't see J when they log into Y.
But what I'm saying is, when Y retrieves J from X, it can prove that it is not C, because X and Y went through a handshake procedure. That handshake procedure should have resulted in some kind of key exchange, I don't know the details. The outcome of such a key exchange usually is an authentication token, but perhaps you're public-key signing your requests. Either way, I don't know how Y gets J from X, but usually that's with an HTTPS request, and HTTPS requests certainly can include cookies, even if they are server-to-server. But there are other ways of sending that authentication token too, like doing a POST instead of a GET, or by appending a URL parameter.
The overall point, though, is that unless I misunderstood the first part of this description, then somehow limiting cache access to only 1) logged in users and 2) handshook friendica (or ActivityPub) instances, should be achievable. Right?
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Matthew Exon @Hypolite Petovan
Surely an interim solution would be to serve local users from the cache, but serve the original URL to everyone else?
Surely an interim solution would be to serve local users from the cache, but serve the original URL to everyone else?
Friendica Support reshared this.
Friendica Support reshared this.
I don't think that would help, as long as the URL to the image file in your cache is still publicly viewable.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
Friendica Support reshared this.
It is possible, but this would require to alter a post content depending on the authentication status and this would yield a significant performance hit for all post display operations.
A less costly solution would be to redirect anonymous users to the original URL but the image URL with your domain would still be visible in the source of the post page, I don't know how tech-savvy are your roving pedo hunter gangs.
A less costly solution would be to redirect anonymous users to the original URL but the image URL with your domain would still be visible in the source of the post page, I don't know how tech-savvy are your roving pedo hunter gangs.
Friendica Support reshared this.
Friendica Support reshared this.
@Hypolite Petovan @Matthew Exon I can't imagine "if local user, serve cache URL, else serve original URL" should have a huge performance hit.
Likewise, when serving from the cache, only serve if local user.
Or is it impossible for the server to tell the difference between a cached image and a legitimate image belonging to a local user?
Likewise, when serving from the cache, only serve if local user.
Or is it impossible for the server to tell the difference between a cached image and a legitimate image belonging to a local user?
Friendica Support reshared this.
Friendica Support reshared this.
The devil is in the details. Computing a post display from a raw post body is a costly operation; we need to convert Markdown/BBCode tags to HTML, resolve mentions, rewrite image URLs... so we only do it once and store the result that we use for everybody, logged or not. Discriminating between logged in and anonymous users would require us to perform the same operation twice, store the result in parallel, and pick the correct version when building a page. This is possible, but not insignificant for overall performance.
Or is it impossible for the server to tell the difference between a cached image and a legitimate image belonging to a local user?It is possible, it would be part of the solution I suggested earlier, it just hasn't been implemented yet.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Hypolite Petovan @Matthew Exon ah, you did say that above, my bad.
So can we have a "remote" flag or something attached to an image, which is set for images that are cached for local users, and is unset, should a local user actually make a post with that image?
That wouldn't prevent anyone seeing it if a user shared the image, but at least from a legal point of view, it's more clearly their fault, and easy for me to fix (by booting them)
So can we have a "remote" flag or something attached to an image, which is set for images that are cached for local users, and is unset, should a local user actually make a post with that image?
That wouldn't prevent anyone seeing it if a user shared the image, but at least from a legal point of view, it's more clearly their fault, and easy for me to fix (by booting them)
Friendica Support reshared this.
Friendica Support reshared this.
Yes, the flag would work in conjunction with the setting for hiding the global community page from anonymous users. If the page is hidden, the image URL wouldn't work for anonymous users, and if the page is shown, the image URL would work for everybody.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Hypolite Petovan @Matthew Exon that would be a huge improvement, imo.
Certainly good enough for now.
Certainly good enough for now.
Friendica Support reshared this.
Friendica Support reshared this.
The less costly solution does sound pretty good. The important thing is that the bytes of the image are not transmitted from my server to an unidentified person's browser (and/or scraper). The redirect would strongly suggest that the image is physically stored on my server, but wouldn't prove it.
This I would consider an interim solution. I can definitely see that doing this properly would take quite some design effort. And doing it anything short of properly is pretty pointless.
This I would consider an interim solution. I can definitely see that doing this properly would take quite some design effort. And doing it anything short of properly is pretty pointless.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
The background here is laws that are being proposed in various countries (but especially the Anglosphere) that would effectively make automated content filtering mandatory for social media sites. Unless a miracle happens, that would include individual Friendica instances, but obviously would never be practical, effectively making them illegal. CSAM is the major target, with obvious potential for mission creep through "terrorism" to "inappropriate political opinions". In that climate, the threat model is:
* I post a legitimate but controversial opinion
* Mallory replies to my post from a bulletproof server with a Bad Image
* Mallory computes the URL of the image on my site
* Mallory reports the URL to the UK automated complaint site
* Automated complaint site retrieves the URL and records its findings
* Five minutes after the reply I notice the image and delete the post, but it's too late
* Jail for mother
"How tech-savvy are your roving pedo hunter gangs"? Not tech-savvy enough to understand one single word of this thread. Computer says jail, that is all.
* I post a legitimate but controversial opinion
* Mallory replies to my post from a bulletproof server with a Bad Image
* Mallory computes the URL of the image on my site
* Mallory reports the URL to the UK automated complaint site
* Automated complaint site retrieves the URL and records its findings
* Five minutes after the reply I notice the image and delete the post, but it's too late
* Jail for mother
"How tech-savvy are your roving pedo hunter gangs"? Not tech-savvy enough to understand one single word of this thread. Computer says jail, that is all.
2 people like this
Friendica Support reshared this.
Friendica Support reshared this.
@Matthew Exon @Hypolite Petovan
the pedo hunters are, frankly, blithering idiots, and they aren't above planting evidence (this has ruined many police investigations).
There are definitely people who will sell them tools to do this.
So this is a very real threat imo.
the pedo hunters are, frankly, blithering idiots, and they aren't above planting evidence (this has ruined many police investigations).
There are definitely people who will sell them tools to do this.
So this is a very real threat imo.
Hypolite Petovan likes this.
Friendica Support reshared this.
Friendica Support reshared this.
Friendica Support reshared this.
One of a large number of terms I would prefer not to have ever learned. Thanks, Internet.
It's a server that "cannot be taken down", usually in a country with poor enforcement, sometimes in a bunker. Hosting is sold on the dark web, hence the marketing-speak. Possibly this term is out-of-date by now. Wouldn't that be nice.
It's a server that "cannot be taken down", usually in a country with poor enforcement, sometimes in a bunker. Hosting is sold on the dark web, hence the marketing-speak. Possibly this term is out-of-date by now. Wouldn't that be nice.
2 people like this
Friendica Support reshared this.
Friendica Support reshared this.
Got it. I'll explore the feasibility of both solutions (redirect and settings-based) this week.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
Honestly this isn't 🚨🚨🚨. I can see why @Ian Molton would freak out, but in the short term I don't see this being an interesting way to attack anyone. I would like to see a well-thought-through, well-documented plan. (Also, I don't even live in Wicker-Man-Land any more so I'm probably OK 🤞)
2 people like this
Friendica Support reshared this.
Friendica Support reshared this.
@Matthew Exon @Hypolite Petovan I wouldn't have worried if not for actually seeing a post in the wild which directly referenced those URLs.
The people who share that kind of stuff will also share URLs out-of-band, so this is already a real world attack, rather than theoretical.
Really pleased to see this is high on @Hypolite Petovan 's priorities, that's all anyone can ask for :)
The people who share that kind of stuff will also share URLs out-of-band, so this is already a real world attack, rather than theoretical.
Really pleased to see this is high on @Hypolite Petovan 's priorities, that's all anyone can ask for :)
This entry was edited (1 week ago)
Friendica Support reshared this.
Friendica Support reshared this.
What tickles me in this issue is that image caching is supposed to be an asset, not a liability. It would be simpler for us to keep the original image URLs but we added this processing to protect Friendica users' privacy. This side-effect of changing the ownership of questionable material is typical of a feature which was only considered from one angle. and I'd like to correct the record.
Friendica Support reshared this.
Friendica Support reshared this.
The caching is also done as a performance improvement. There some really small servers out there.
Also: This kind of caching is done by each system out there (not only commercial ones like Twitter, but also Diaspora, Mastodon and so on)
But: We should display the remote url while delegating to the proxy.
Also: This kind of caching is done by each system out there (not only commercial ones like Twitter, but also Diaspora, Mastodon and so on)
But: We should display the remote url while delegating to the proxy.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
What do you mean by "delegating to the proxy"?
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
I mean something like
[url=https://proxy.tld/media/...]https://original.url/to/media[/url]2 people like this
Friendica Support reshared this.
Friendica Support reshared this.
Friendica Support reshared this.
Embedded pictures will still be served via the local system.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
Then what’s the situation where we get to rewrite the image link but not the displayed link?
Friendica Support reshared this.
Friendica Support reshared this.
And OMG it's such an important asset! Part of the whole reason I started using Friendica was that I was in China and accessing even one URL on the wrong server could shut down my whole connection. In fact at first I thought I was going to have to write my own plugin, but you guys implemented caching ❤️
Friendica Support reshared this.
Friendica Support reshared this.
Thank you for the elaboration, I want to take roving gangs of pedo hunters seriously.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
Also, i'd like to change my vote for code change priorities.
Id like to see this fixed before anything else
Id like to see this fixed before anything else
This entry was edited (1 week ago)
Luca Nucifora doesn't like this.
Friendica Support reshared this.
Friendica Support reshared this.
!Friendica Support
Hi all.
Adding a tag to a post results in these.
Firstly, i'd rather not see them at all, but the issue I'm seeing is the little yellow warning triangles - something seems malformed.
Edited to add missing image.
Hi all.
Adding a tag to a post results in these.
Firstly, i'd rather not see them at all, but the issue I'm seeing is the little yellow warning triangles - something seems malformed.
Edited to add missing image.
This entry was edited (1 week ago)
Friendica Support reshared this.
Friendica Support reshared this.
Thank you for the report, the yellow triangle means that the link URL isn't within the rigid guidelines we have for external URLs. They probably are generated as relative URLs (like
As for the post itself, if you want to categorize posts just for yourself, I'd suggest you use the "Save to Folder" feature instead.
/profile/spyro) when they should be absolute URLs (like https://friendica.mnementh.co.uk/profile/spyro).As for the post itself, if you want to categorize posts just for yourself, I'd suggest you use the "Save to Folder" feature instead.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Hypolite Petovan
I want to use tags, I like my tag cloud :)
I can't for the life of me find a way to delete tags from a post though, which sucks when I make a typo
I want to use tags, I like my tag cloud :)
I can't for the life of me find a way to delete tags from a post though, which sucks when I make a typo
Friendica Support reshared this.
Friendica Support reshared this.
Friendica Support reshared this.
Friendica Support reshared this.
Then I suggest you add all the desired tags in the post body which gives you an opportunity to review their spelling before you publish it by using the Preview button!
The "Add Tag" feature is mainly meant for tagging other people's posts where you don't have access to the post body.
The "Add Tag" feature is mainly meant for tagging other people's posts where you don't have access to the post body.
Friendica Support reshared this.
Friendica Support reshared this.
@Hypolite Petovan
Adding tags by editing the post seems to half work.
They get highlighted in the text, but I don't see the little coloured slabs below the post.
Adding tags by editing the post seems to half work.
They get highlighted in the text, but I don't see the little coloured slabs below the post.
Friendica Support reshared this.
Friendica Support reshared this.
I meant when you write the post initially. I'm not sure why we don't reprocess tags after post edition.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Hypolite Petovan IIRC it was the historic desicion, that *you* may add such a tag to the thread of mine, but *you* should not be allowed to change my original posting.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
I was talking about editing your own posts, it doesn't look like new tags added when modifying a post's body are processed the same way they are when first publishing a post. As Ian noticed, the new tags added this way don't show as colored labels under the post alongside mentions.
Friendica Support reshared this.
Friendica Support reshared this.
@Hypolite Petovan right, sorry - I was blended by the original screenshot showing the "add tag" feature result.
Hypolite Petovan likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Ian Molton it should be removed, when you remove the message that someone tagged the posting. At least that was the workflow so that the owner can remove tags applied by others to their postings.
Friendica Support reshared this.
Friendica Support reshared this.
@Tobias
I can't, because the tag was on the original posting, so there is no message to delete
I can't, because the tag was on the original posting, so there is no message to delete
Friendica Support reshared this.
Friendica Support reshared this.
@Tobias I messed up above, it was added in the original post, not with add tag, my bad.
Friendica Support reshared this.
Friendica Support reshared this.
@Ian Molton On editing posts: I tend to avoid doing that as editing a post will make it disappear entirely from a Mastodon instance that doesn't have editing enabled.
Tobias likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Jonathan Lamothe (he/him) True - I consider that a bug in Mastodon, however.
Tobias likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Ian Molton Yes, but given their current dominence in the Fediverse, I consider it a bug worth considering.
Ian Molton likes this.
Friendica Support reshared this.
Friendica Support reshared this.
@Jonathan Lamothe (he/him) Yes, sorry, didn't mean to sound dismissive.
Friendica Support reshared this.
Friendica Support reshared this.
Editing the post doesn't work, the tag isn't visible in the editing window
Friendica Support reshared this.
Whoever did this,
Congrats, you're very clever.
Also the entire world except the #cryptotwats hates you now.
Congrats, you're very clever.
Also the entire world except the #cryptotwats hates you now.
Nvidia LHR Lock Officially Cracked Bringing Full Crypto Mining Speeds - https://www.forbes.com/sites/antonyleather/2022/05/07/nvidia-lhr-lock-officially-cracked-bringing-full-crypto-mining-speeds/Nvidia LHR Lock Officially Cracked Bringing Full Crypto Mining Speeds
NiceHash breaks Nvidia's LHR mining limiterAntony Leather (Forbes)
@hackernews what's the harm in letting people use their own property for whatever they wish? NVidia should sell the high end cards at auction and use the money to fund R&D.
“it's no coincidence that TERF rhetoric increased just as feminist circles were finally beginning to have productive conversations about intersectionality & how historical feminist successes had largely benefited white women, straight women, cis women, wealthy women, able-bodied women, neurotypical women. Suddenly, a whole bunch of white feminists were told, 'hey, perhaps your voices aren't the ones that need centering right now. perhaps you should pass the mic.'”
https://nitter.42l.fr/fozmeadows/status/1510022794796404737#m
Mrs Mouse :verified: :queer: reshared this.
Christine Lemmer-Webber
•2 people like this
Chris Dennett and Ian Molton like this.
Lars Wirzenius reshared this.