tal

On Android? Anysoft keyboard.

It's the best of the software keyboards available in F-Droid for general use in my opinion. It's FOSS, fairly-configuable (though I'd like to have a "macro board" where I could, in-app, assign arbitrary characters or text snippets to keyboards). It supports "splitting" the keyboard, which is nice on a tablet.

But it has some pretty substantial issues.

There's some bug it has, maybe a race condition, maybe multiple. On a slower, MediaTek-based Android device, I've seen it "miss" letters. Recently, on a faster one, I've seen it insert duplicate text when editing the middle of a word in various programs, like Firefox; I had to turn off the suggestions functionality to avoid that.

While it does have arrow keys, it doesn't support "drag left/right on the spacebar to move the cursor left/right", which is behavior that I think is very useful.

In general, with F-Droid software keyboards, I've typically found a lack of ability to input things like diacritics, often limited ability to emulate modifier keys for terminal use.

In general, I haven't really been happy with the Android text input situation. On desktop, I can use emacs, or at least use various plugins to edit the contents of a Firefox text field in emacs. On Android, I'd really like to usually go into a fullscreen editing mode with an external editor when editing text, especially given the small screen on many Android devices

I don't want to be editing text in a little text field in Firefox or whatever other app. Android doesn't really have "external editor" support, where the keyboard and editor are separate apps; it has just the software keyboard, which limits options. Maybe it's possible to implement that at the software keyboard level, have a "use external editor" option; I don't know.

To be blunt, two doesn't seem like a lot to me.

And one of those is on the LocalLLaMA community, which is for people running LLMs locally, so it's a pretty safe bet that they aren't going to have any fundamental ideological problems with LLMs. If you go to !localllama@sh.itjust.works, !imageai@sh.itjust.works, or similar, it'd be very surprising if you found people who had an issue with generative AI.

That one kind of reminds me of when I first showed up here and was using kbin, which puts random posts in the sidebar to encourage discoverability. Both myself and another new kbin user wound up in some thread on a pawb.social community. The other guy

who probably didn't understand the structure of the Threadiverse or where he was commenting

was complaining about "all these furries" in the thread.

I don't know if there's a term for them, but Bacula (and I think AMANDA might fall into this camp, but I haven't looked at it in ages) are oriented more towards..."institutional" backup. Like, there's a dedicated backup server, maybe dedicated offline media like tapes, the backup server needs to drive the backup, etc).

There are some things that rsnapshot, rdiff-backup, duplicity, and so forth won't do.

• At least some of them (rdiff-backup, for one) won't dedup files with different names. If a file is unchanged, it won't use extra storage, but it won't identify different identical files at different locations. This usually isn't all that important for a single host, other than maybe if you rename files, but if you're backing up many different hosts, as in an institutional setting, they likely files in common. They aren't intended to back up multiple hosts to a single, shared repository.

• Pull-only. I think that it might be possible to run some of the above three in "pull" mode, where the backup server connects and gets the backup, but where they don't have the ability to write to the backup server. This may be desirable if you're concerned about a host being compromised, but not the backup server, since it means that an attacker can't go dick with your backups. Think of those cybercriminals who encrypt data at a company and wipe other copies and then demand a ransom for an unlock key. But the "institutional" backup systems are going to be aimed at having the backup server drive all this, and have the backup server have access to log into the individual hosts and pull the backups over.

• Dedup for non-identical files. Note that restic can do this. While files might not be identical, they might share some common elements, and one might want to try to take advantage of that in backup storage.

• rdiff-backup and rsnapshot don't do encryption (though duplicity does). If one intends to use storage not under one's physical control (e.g. "cloud backup"), this might be a concern.

• No "full" backups. Some backup programs follow a scheme where one periodically does a backup that stores a full copy of the data, and then stores "incremental" backups from the last full backup. All rsnapshot, rdiff-backup, and duplicity are always-incremental, and are aimed at storing their backups on a single destination filesystem. A split between "full" and "incremental" is probably something you want if you're using, say, tape storage and having backups that span multiple tapes, since it controls how many pieces of media you have to dig up to perform a restore.

• I don't know how Bacula or AMANDA handle it, if at all, but if you have a DBMS like PostgreSQL or MySQL or the like, it may be constantly receiving writes. This means that you can't get an atomic snapshot of the database, which is critical if you want to be reliably backing up the storage. I don't know what the convention is here, but I'd guess either using filesystem-level atomic snapshot support (e.g. btrfs) or requiring the backup system to be aware of the DBMS and instructing it to suspend modification while it does the backup. rsnapshot, rdiff-backup, and duplicity aren't going to do anything like that.

I'd agree that using the more-heavyweight, "institutional" backup programs can make sense for some use cases, like if you're backing up many workstations or something.

Because every “file” in the snapshot is either a file or a hard link to an identical version of that file in another snapshot.) So this can be a problem if you store many snapshots of many files.

I think that you may be thinking of rsnapshot rather than rdiff-backup which has that behavior; both use rsync.

But I'm not sure why you'd be concerned about this behavior.

Are you worried about inode exhaustion on the destination filesystem?

I was familiar with the material he covered, but he also mentioned another video where he compared a "dessicant wheel" dehumidifer (common in the UK) with a vapor-condensation dehumidifier (common in the US), and that was really interesting, as I'd never heard of a dessicant wheel dehumidifer before. Thanks.

https://www.youtube.com/watch?v=JzClLWL-Eys

looks

For Linux, my off-the-cuff take is that I'm not that excited about it. It means that if you can launch a Unity game and pass it command-line arguments, then you can cause it to take actions that you want. Okay, but usually the security context of someone who can do that and the game that's running should probably be the same. If you can launch a game with specified parameters to do something bad, you can probably also just do something bad and cut the game out of the picture.

This is why you have few suid binaries on a Limux system (and should never make something large and complex, like a Unity game, suid)

because then the binary does have a different security context than the launching process.

Now, it's possible that there are scenarios where you could make this badly exploitable. Say games have chosen to trust command-line arguments from a remote system, and that game has community servers. Like, maybe they have a lobby app that launches a Unity binary with remotely-specified command line arguments. But in that case, I think that the developer is already asking for trouble.

Most games are just not going to be sufficiently hardened to avoid problems if an attacker can pass arbitrary command lines anyway. And as the bug points out, on Linux, you can achieve something similar to this for many binaries via using LD_PRELOAD anyway

you can use that route to make fixes for closed-source Linux games. Windows has similar routes, stuff like DLL injection.

It's possible that this is more serious on Android. I don't know if there's a way to pass command line parameters there, and doubt it, but part of the Android security model is that apps run in isolation, and so if that's exploitable by any local app, that could cause that model to break down.

But on Linux

GNU/Linux

I'd think that if someone malicious can already launch games with arbitrary command line parameters on your system, you're probably not really in much worse trouble due to this bug than you already are.

It sounds like the data they gather from the sensors in their autos isn't compromised, but this sure doesn't fill me with confidence that they're able to protect that.

Its my perfered travel mug for my morning coffee.

That's a lotta coffee.

If you don't drink decaf or do really dilute coffee or something, you might want to consider how much caffeine you're intaking, if you're kicking each day off with a full mug of that.

https://www.healthline.com/nutrition/how-much-caffeine-in-coffee#amount-by-type

A 12-ounce (oz) cup of brewed coffee may contain 113 to 247 milligrams (mg) of caffeine

At 52 fluid ounces, that'd be 490 mg to 1070 mg of caffeine if you fill it up.

https://www.mayoclinic.org/healthy-lifestyle/nutrition-and-healthy-eating/in-depth/caffeine/art-20045678

Up to 400 milligrams (mg) of caffeine a day seems safe for most adults.

EDIT: For comparison, a can of Coke has 34mg, so if it's at the higher end there of 1070 mg, that'd be like drinking 32 cans of Coke.

NAND flash shortages forecasted to arrive in 2026 will linger for the next ten years

I am not familiar with the industry, but I doubt it. It shouldn't take ten years to build out manufacturing capacity, so given an efficient market and a predictable shortfall, production should expand by then.

Even aside from the whole "fraud and running off with billions of euros" thing, the fact that he was working for Russian intelligence while running a large fintech company in Europe seems like a concern. First, financial transaction data seems sensitive. Second:

https://en.wikipedia.org/wiki/Wirecard

Wirecard was founded in 1999 and took care of the technical processing of credit card payments for online vendors. According to the Spiegel, its clientele initially "consisted primarily of porno and gambling sites".[13] In 2002, when it was close to folding at the end of the dot-com bubble, Markus Braun injected capital and joined as CEO. He consolidated the company and focused the business model on providing internet payment services, initially mainly to porn and gambling websites.[14]

Gambling transactions are one way to launder money.

You might want to clarify "decent amount".

These guys make a range of oversize mugs.

https://www.amazon.com/Bubba-Classic-Insulated-Desk-Black/dp/B00YG9SQM0

That holds 52 fluid ounces (or ~1.5 liters). I use a smaller version.

If it's cooler outside than in, then in general opening the windows and having the AC on will cool things off faster than just one or the other.

Caveats might include the AC output being near a window and it being cooler inside near the window, or humidity. But absent that, sure, both will cool it down faster.

Once the inside temperature drops below outside, though, probably want to close the windows or turn off the AC.

I'd also add that if your AC has a ventilation-only mode that can pull outside air in

a window unit or ducted unit probably does, split mini won't, portable may not

that'll help cool the inside and be more energy-efficient than running the compressor, if you don't care about getting inside colder than ambient temperatures. Might also consider putting a box fan in a window or two, which could also drastically increase air turnover rate.

I live in a pretty comfortable climate and normally always have an open window and a small fan near the ceiling blowing air out the window, to have more airflow than would normally be the case with purely-passive ventilation.

If you're in an environment that doesn't get much humidity

the Southwest in the US is a good example

you might also consider an evaporative cooler, which won't give you the potential very cold temperatures of an air conditioner (given enough power), but will cool things below ambient temperatures without needing much power.