Best I can do is
"\ude41🙂".split("").reverse().join("")
returns "\ude42🙁"
Best I can do is
"\ude41🙂".split("").reverse().join("")
returns "\ude42🙁"
On my machine at least man openssl
shows that -k
is for specifying the password you want to derive the key from, so in that case I think you are literally using the string /etc/ssl/private/etcBackup.key
as the password. I think the flag you want is -kfile
.
You can verify this by running the command in strace
and seeing that there is no openat
call for the file passed to -k
.
Edit: metiulekm@sh.itjust.works beat me to it while I was writing out my answer :)
Ah yeah I don’t know how I would do that easily on a phone. Do those in my example above render for you? You should probably be able to just copy/paste them on a phone if they do.
I can’t find a keyboard with them, or a copy/pastable line where they’ve been typed
Maybe use combining diacritical marks?
I’m using 0x326 (Combining Comma Below), but you may need the CGJ in there to render correctly in all contexts
e.g.
Foo!̦ Bar?̦
Edit: Combining grapheme joiner, not zero width joiner
I hate that Google is exerting even more control on the internet with their TLD, but I don’t really think this attack is made all that much worse with .zip TLD. I can already bury a .com
in a long URL and end it in .zip just fine like so:
https://github.com∕foo∕bar∕baz@example.com/foo/bar/baz.zip
Or even use a subdomain to remove the @:
https://github.com∕foo∕bar∕baz.example.com/foo/bar/baz.zip
The truth is most people don’t look much at URLs outside of a domain to verify its authenticity, at which point the .zip
TLD does not do much more harm than existing domains do.
For mitigation, Firefox already doesn’t display the username portion of the URL on hover of a link and URL-encodes it if copy-pasted into the url bar. It also displays the punycode representation when hovering or navigating to the second example.
Edit: looks like lemmy now replaces 0x2215
which is a character that looks like forward slash with an actual forward slash, so my comment is a bit more confusing. For clarity, the slashes before example.com
in the above urls were 0x2215
and not “/”.
While I agree that first party systems suck, as someone with neither an iOS or Android device I personally prefer something work rather than a screen that says “connect iOS/Android”.
Ah yes cloudflare: MITM as a service.
It really depends on who your adversaries are that you want to keep private. The coffee shop owner + their ISP + your ISP, or cloudflare. Seeing as cloudflare MITMs an insane amount of the internet these days I’m way more suspicious of them than I am of the alternative. If you’re really after privacy I’d recommend self hosting wireguard or something.
Yeah I’ve played with git-issue and agree it’s not ideal. Have you checked out Sourcehut? It is entirely email based but with some pretty great tooling around it to make it more accessible.
I agree that in a perfect world we have a separate open protocol for all of the non-repository related workflows/data, that has all the features we need. But the nice thing about email is it’s decentralized, and everyone already has it. And in my opinion, with the right tooling built around it, it can get pretty close to the same quality of life as a github PR, but also degrade gracefully without it.
The problem isn’t the version control itself. Obviously git continues to function and I can commit things offline in a plane. What I can’t do is create/review PRs or read/open issues. That’s easy to brush off, but the most egregious thing is the fact that this used to be federated over email!
All we needed was more user-friendly tooling to make it easier for new college grads to start contributing to FLOSS, but instead of better email based tooling we got the centralized trash that github is today.
There’s no way of knowing, which is the whole problem with their model and why a lot of us self host things in the first place. Even if they super duper promise not to use the data, they could be lying. And if they are actually true to their word today, that could change tomorrow.
I haven’t used any flatpacks, mostly because they don’t seem to have a good solution for running terminal programs. (Also I don’t like that the application developer chooses the permissions to expose rather than the user.
However, I have been using bubblewrap which is what flatpack uses under the hood to sandbox. This allows me to run both gui and non-gui programs, and I have the control of exposing the minimum required permissions that I’m comfortable giving an untrusted piece of software.
I seem to be in the minority here but I personally prefer using and
#
to denote root. I like this because not everyone uses sudo and might not even have it installed.
That being said, if you already have other commands that are using sudo -u ...
to run commands as a different user then it might be best to just be consistent and prefix everything with it, but if there is only a few of those maybe a cp foo bar && chown www-data bar
is an alternative.
it has a nice working sync of connection profiles (even of ssh keys…encrypted!)
Sorry, but what on earth does this have to do with a terminal emulator? Something like this makes way more sense as a separate tool. It’s like if I was making a decision of what video player to use because it can sync my browser bookmarks.
The way I remember the order is that the parentheses around the link would make grammatical sense outside of markdown (the goal of markdown is to still be fully readable even when looking at the raw source).
For example if I were posting on a forum that didn’t have markdown support which one of these would make more sense:
You can find that on this lemmy instance (https://lemmy.world).
You can find that on (this lemmy instance) https://lemmy.world.
Option 2 makes no sense grammatically. Then you just need to use the square brackets (which rarely show up in non-markdown text) to denote the link range.
Alternatively, if you still have a hard time remembering the order, you can use reference-style links which make it even more readable outside of markdown rendered contexts (note that there are no parentheses in this version, nothing to get confused):
[Here is a link][1] and [here is another link][2].
[1]: http://example.org
[2]: http://example.com
Yes, it uses the Linux kernel, but usually when people are talking about running Linux on their mobile they’re talking about running GNU/Linux, which is way more free (as in freedom) than any android garbage is. For example it is impossible for me to run arbitrary POSIX compliant shell scripts on an android phone.
echo "127.0.0.1 old.reddit.com" | sudo tee /etc/hosts
If you’re not root
I’ve felt gross for years, ever since they switched from old reddit to the new trash design. I used old.reddit.com for a bit, but stopped once I saw how much tracking garbage ublock was blocking, even on old reddit.
Before lemmy I was using teddit as a privacy focused frontend for reddit which worked great. But now the API changes will kill teddit so no more reddit for me!
Personally I think Spotify is worth $10 a month.
While I agree that there aren’t any great self-hosted solutions, more diversity in the music space is important. I refuse to use Spotify, and for me it’s not about price. In fact, if they charged more and actually paid their artists more I would probably hate it less. But overall I mostly refuse to use it for other reasons:
It couples the company that delivers your music with the app you must use to stream your music. In my opinion these should be separate - perhaps an open protocol that streaming companies can all use and open source clients that can connect to one or many of them?
Spotify made it clear that they don’t care about Linux users when they killed their Linux client. Yes I know about librespot, it’s only a trivial decision away from Spotify killing it. And unlike Reddit’s API changes, the backlash would be minimal since most people use the official one.
It strongly relies on network effects to get everyone on the platform and keep them there. As mentioned above, this hurts independent artists because they are forced to publish their music on a platform that doesn’t pay well just because everyone is on that platform. But there are more than just network effects between artists and consumers: Spotify relies on social-network style antipatterns to keep users in their ecosystem. I’ve been told by my friends that I am “difficult” because I don’t use Spotify and they want to share something with me. That is Spotify’s manipulation
Their official client is electron, I don’t want to have to run a whole browser stack to listen to music. Not to mention the fact that npm is plagued with supply chain problems and unless the Spotify devs manually audit every dependency of every dependency of every dependency any time they add or update one (doubt it), users are one attack away from being compromised.
When I did briefly use Spotify many years ago I took the time to build up some playlists of music and randomly songs would disappear from the playlists when Spotify lost rights to stream it.
I personally use Bandcamp for recommendations/discovery, and then purchase music I like to listen to and self-host it with MPD. It works great.
I’m not saying this is for everyone, obviously streaming has its merits. But in my experience most people self host not because something costs money, but because they have zero control of the actual experience, and they want to avoid the vendor lock-in issue.
It is likely not worth your effort as whatever you come up with will likely result in discord deactivating your account for breaking their ToS, or them breaking their API forcing you to constantly play catch-up.
This is why open communication protocols are so important. Email is still as ubiquitous as it is because it’s a protocol, not an API.
I personally think it would be less overall effort to get your friends to switch to an open protocol like matrix, or XMPP than it would playing cat and mouse with proprietary APIs. But you do you, I wish you the best of luck!