Badabinski

What's accessibility like for Lemmy/kbin? I wonder if we could get an early start on accessibility with kbin, since it has a much younger codebase.

I want to offer my perspective on the AI thing from the point of view of a senior individual contributor at a larger company. Management loves the idea, but there will be a lot of developers fixing auto-generated code full of bad practices and mysterious bugs at any company that tries to lean on it instead of good devs. A large language model has no concept of good or bad, and it has no logic. It'll happily generate string-templated SQL queries that are ripe for SQL injection. I've had to fix this myself. Things get even worse when you have to deal with a shit language like Bash that is absolutely full of God awful footguns. Sometimes you have to use that wretched piece of trash language, and the scripts generated are horrific. Remember that time when Steam on Linux was effectively running rm -rf /* on people's systems? I've had to fix that same type of issue multiple times at my workplace.

I think LLMs will genuinely transform parts of the software industry, but I absolutely do not think they're going to stand in for competent developers in the near future. Maybe they can help junior developers who don't have a good grasp on syntax and patterns and such. I've personally felt no need to use them, since I spend about 95% of my time on architecture, testing, and documentation.

Now, do the higher-ups think the way that I do? Absolutely not. I've had senior management ask me about how I'm using AI tooling, and they always seem so disappointed when I explain why I personally don't feel the need for it and what I feel its weaknesses are. Bossman sees it as a way to magically multiply IC efficiency for nothing, so I absolutely agree that it's likely playing a part in at least some of these layoffs.

lol, I'd love to see the fucking ruin of the world we'd live in if current LLMs replaced senior developers. Maybe it'll happen some day, but in the meantime it's job security! I get to fix all of the bugfuck crazy issues generated by my juniors using Copilot and ChatGPT.

That's incredibly impressive! I haven't noticed a single hitch and I've been browsing nonstop for the past hour or so.

John Oliver understands the internet. Like, IMO it's clear he likes it because he posted more exploitable images of himself, but even if he felt ambiguously about it, the best path forward isn't to fight the internet, it's to say nothing, or make a joke of it.

Someone else could learn a lesson from John Oliver.

This is the second time I've seen someone incorrectly refer to chlormequat as a pesticide. It's not a pesticide, it's a chemical that encourages plants to grow thicker stems, which in turn makes harvesting easier.

I don't say this to defend its use. I just feel that it's important to call it what it is.

I wonder if we could find/contact/contract a developer with an accessibility focus. I'm planning on leaving some moderately significant donations in a few days (damn settling periods and bank holidays making that slow), and maybe there could be a community fundraising effort to get an accessibility expert in to submit some PRs. I made a big fuss out of accessibility on Reddit in the lead up to the protest, and it feels hypocritical of me to not keep pushing for it now. Not sure if Ernest would be interested in that or not, but it seems like it might be a good idea.

As much as I despise Oracle and the lawn mower man known as Larry Ellison, I don't think this is a problem. Oracle also had a lot to do with btrfs, and while that filesystem has problems, they're not the sort of problems usually associated with Oracle (i.e. rapacious capitalistic practices like patent trolling and suing the fuck out of everyone all the time always). Oracle won't own XFS, it's owned by every single person who has ever contributed to that codebase.

In addition to the fact that it's not just English via hand gestures, I believe it's done because sign language is speech, with all of the benefits that comes with. There are extra channels of communication present in sign language beyond just the words. There's equivalents of tone and inflection, and (I beleive) even accents. Like, this video of this lady performing "Fuck You" in ASL is what made it click for me when I first saw it many years ago. She's just so fucking expressive, in a way that subtitles could never be.

EDIT: changed my wording to be more accurate, since sign language literally is speech through a different medium. There's no need to draw an unnecessary boundary.

Perhaps only allow users to post titles and comments that are a command and a line? Like this: ⌘–

EDIT: and have that be the only moderation restriction going forward besides things that would get the subreddit removed. The more relevant the post is to the literal words "command" and "line" and the unicode symbols I posted, the better.

EDIT: correction, I posted an endash. Something like a box drawing line would be better, i.e. ⌘─

Hey @Ernest and @piotrsikora,

I haven't looked too closely at how kbin is architected yet, but would it benefit from horizontal scaling? I do full-time development of tooling to administrate very large k8s clusters for a company that you've probably interacted with today without knowing it. Not sure if k8s is the right orchestration system for you, but I'd be more than happy to provide some input on a potential migration to k8s (if kbin is a good fit there). I know there's a community on Matrix as well — I'll try to reach out there too, although it may be a bit.

I've been incredibly happy with Kagi. All of the listicles and blogspam get shunted off into their own sections. Kagi also seems to do a pretty good job at finding "deep" results. Like, when I want to find out more information about some home automation gizmo, Kagi does a good job of finding some random blog post where someone has torn the gizmo apart and analyzed every strength and weakness it has. I still prefer Google for looking up restaurants and stuff, but I hardly use it anymore. I don't at all regret the $10 a month I pay to use Kagi.

Edit: I also like that Kagi lets you define rules. Occasionally I'll be forced to go to Reddit to get some information (I really try to go elsewhere first). I deleted my account, so I go to new Reddit by default (which I hate). I don't want to add an extension to redirect to old Reddit, but I can just replace the www with old automagically for all Reddit search results. Works great.

There are no free lunches. You want a nice platform? You've gotta pay for it somehow. You want a platform not filled with spam? You gotta keep it clean somehow. Funding and moderation. I really hope that kbin can survive off of donations, and I have already financially contributed fairly heavily in pursuit of that. Ernest is doing the right thing by communicating about these issues early, and often. Part of why Reddit got so fucked up was that there was no community engagement when it came to raising money. That's the nature of all for-profit platforms IMO.
This is where federated, FOSS platforms can do better.

He can definitely speak with a lot of vitriol :/ It's why I stopped watching his videos. I'm glad he's pushing for right-to-repair stuff, but I just couldn't handle the anger and negativity.

Having a frank and vulnerable discussion of your trauma with someone you have emotional intimacy and trust with is incredibly important and can help the healing process. I'd highly encourage people to do that.

However, I think the term "trauma dumping" often refers to the practice of sharing your trauma with people who you don't have a close relationship with, or with people who you haven't interacted with long enough to generate trust.

I am a former trauma dumper, and I dumped my trauma all over a person who I should not have. That person turned out to be a very untrustworthy person. Their knowledge of my wounds allowed them to do some incredibly harmful things to me over the course of an eleven months relationship. I managed to escape, but it was a bad move, and I learned to become more careful about who I shared that information with.

Plus, there is always more to you than your trauma. It certainly doesn't feel that way when you're really stuck in it. Hell, me saying that may have just made some people very, very angry. I got really angry when my therapist said that to me, because it felt like she was minimizing what I went through.

I came to understand that she meant I was an adult with passions and a whole life, and that adult is what I should share with people. By letting my adult self live in the present, I became more able to take care of my trauma using the inner child metaphor. My wounded inner child is precious and deserves care, and I share that with people who will appreciate that. The adult that I am also deserves to live and see the world, and deserves to be recognized by friends and family. Trauma dumping inverts that.

People stop getting to see the awesome person you grew into because humans are wired to pay attention to wounded children, be they physical or metaphorical. Some people will be tender, some will be dismissive, and a few people will take advantage.

So yeah, please share your trauma when it makes sense to, with people you love and trust. If there's a mutual understanding, then any sadness they feel will likely be offset by the warm knowledge that they've helped you make it through another day and maybe heal a bit more. That's what is shown in this meme. Let your adult self live your life the rest of the time, and use that adult to give the kid the care they needed but didn't get.

(Wow, now that I'm rereading this post, I feel a strong sense of irony. Like, it's not a trauma dump, but also nobody asked for me to write a fucking essay about a meme lol)

Methinks this will pass, or at least get better. Some degree of community centralization will happen. I don't think (and also don't want) complete centralization to happen, but I expect a we'll reach a fairly agreeable middle-ground. Lemmy and the fediverse have been around for a bit, but this is still early days.

Same here! I upvote/boost a lot more than I did on Reddit, and my threshold for commenting is much lower than it used to be. Part of it is that I want this place to succeed, so I want to help it be more active. I absolutely agree that this community is smaller, friendlier, and less cynical than what we had on Reddit. That's the other part, it's really lowered my threshold of engagement.

I'm convinced that Orson Scott Card suffered a traumatic head injury at some point. I don't know how you could go from writing something as beautiful and intimate as Ender's Game to shit like Hidden Empire, which is creepy right wing Christian disaster porn (from what I can remember of that trainwreck).

Because greedy investors are gullible and want to make money from the jobs they think AI will displace. They don't know that this shit doesn't work like they've been promised. The C-levels at Gitlab want their money (gotta love publicly traded companies), and nobody is listening to the devs who are shouting that AI is great at writing security vulnerabilities or just like, totally nonfunctioning code.

I'm really glad you're working on this. @hariette is making Artemis for Lemmy and kbin, and soon the world will have another app for Lemmy. More apps == more better, IMO. Your app is looking great!

I love markdown, but it's such a mess. There are too many competing specs out there. @ernest, have you worked with the Lemmy folks on this before? This is probably a lot lower priority than stability/performance/efficiency stuff you've got roadmapped, but it might be nice to try to build some consensus on a markdown spec amongst the community.

EDIT: actually, I should check the git repo and see if anyone has filed an issue. You're already way too busy and I've pinged you several times when I should have taken the initiative and filed issues myself. Sorry, Ernest!

Folks should definitely donate! I recently had a bit of a windfall and I really want this place to succeed, so I'm planning on donating a few hundred dollars. @ernest, I really hope you get an open collective or Patreon account set up. I'll happily and freely donate 2x what Reddit would demand of their users. I'm sure I'm not alone!

That's an excellent point! Like, I still think that it would be great for kbin and Lemmy to be accessible (if they're not), but that's another benefit to federation that I hadn't considered.

Kimble.

Drat! That's super disappointing. I don't know why they rejected your application, since you seem like their target demographic (FOSS developer running a community-funded alternative to a proprietary platform). Some gentle community outreach might get them to reconsider, but I'd also be worried about people being jerks.

Well, it's monthly coffees for now! I'll make sure I have something in my calendar.

You joke, but using air dropped bombs to put out fires is a tactic that's been used for quite a while. probably not the best thing to do next to a site with nuclear materials on-hand, but it's absolutely been done before.

Oh my God! I was ready for this to just be another instance of someone erroneously being called a bot, but instead I learned how to bait ChatGPT-based bots into outing themselves. An absolutely brilliant move. I wonder who's running the bot...

EDIT: as others here and on the linked instance have said, this may just be someone trolling.

I've said it before — I'm not sure if you have it roadmapped, but I'd be really happy to contribute $5-25 on a monthly basis using Patreon/Open Collective to help pay for ongoing development and infrastructure costs. I really love what you've built here, and I'm super excited to see where it will go.

I'd like to interject for a moment. What you're referring to as FTP is, in fact, smelly hot garbage.

For context, I wrote this while waiting for a migraine to pass. I was angry at my brain for ruining my morning, and I like to shit on FTP. It's fun to be hyperbolic. I don't intend for this to be an attack on you, I was just bored and decided to write this ridiculous rant to pass the time.

I must once again rant about FTP. I've no idea if you're serious about liking it or you're just taking the piss, but seeing those three letters surrounded by whitespace reminds me of all the bad things in the world.

FTP is, as I've said, smelly hot garbage, and the infrastructure built to support FTP is even worse. Why? Well, one reason is that FTP has the most idiotic networking model conceivable. To see how crazy it is, let's compare to a more sane protocol, like HTTP (for simplicity's sake, I'll do HTTP/1.1). First, you get the underlying transport protocol stuff and probably SSL. The HTTP client opens a connection from some local ephemeral port to the destination server on port 80/443/whatever and does all the normal protocol things (so syn->synack->ack and Client Hello -> Server Hello+server cert -> client kex+change cipher -> change cipher -> encrypted data). FTP does TCP too! Same same so far (minus SSL, unless you're using FTPS). Next, the HTTP client goes like this:

GET /index.html HTTP/1.1
Host: www.whatever.the.fuck
# a bunch of other headers

and you know what fucking happens here? The fucking server responds with the data and a response code on the same goddamn TCP connection. You get a big, glorious response over the nice connection you established:

200 OK
# a bunch of headers and shit

HERE'S YOUR DAMN DATA NERD

So that's nice, and the client you're using to read this used that flow (or an evolution of that flow if you're using HTTP/2 or HTTP/3). So what does FTP do? It does one of two really stupid things depending on whether you're using active or passive mode. Active mode is the default for the protocol (although not the default for most clients), so let's analyze that! First, your FTP client initiates a TCP connection to your server on port 21 (by default), and then the server just sends this:

<--- 220 Rebex FTP Server ready.

ok, that kinda came out of nowhere. You're probably using a modern client that saves you from all of the godawful footguns, so it then asks the server what it supports:

---> FEAT
<--- 211-Supported extensions:
<---  AUTH TLS;SSL;
<---  CDUP
<---  CLNT
# A whole bunch of other 4 letter acronyms. If I was writing an FTP server, I'd make it swear at the user since there are a lot of fun 4 letter words

There's some other bullshit we don't care about right now, although highlights include sending the username and password in plain text. There's also ASCII vs binary mode. WE'LL GET BACK TO THAT. :|

So then we want to do a LIST. You know what happens in active mode? Your computer opens up some random fucking TCP port. It then instructs the FTP server to CONNECT TO YOUR GODDAMN COMPUTER. Your computer is the server, and the other side is now the client. I would post a more detailed overview of the FTP commands, but most servers on the internet disable active mode because it's a goddamn liability. All of the sudden, your computer has to be internet facing with open firewall ports, and that's just a whole heap of shit.

I'm probably not blowing many minds right now because people know about this shit. I just want to mention that this is how FTP was built. The data plane and control plane are separate, and back in 19XX when this shit was invented, you could trust your fellows on ARPANET and NAT didn't exist and sure HAM radio operators here's the entire goddamn 44.0.0.0/8 block for you to do packet switched radio. A simple protocol for simple times, back before we knew what was good and what was bad.

So, active mode sucks! PASV is the future, and is the default on basically all modern clients and servers! Passive mode works exactly the same as the above, except when the client goes to LIST, the server opens some random TCP port (I've often seen something like 44000-44010) and tells the client, "hey you, connect to 1.2.3.4:44000 to get you your tasty data." Sounds great, right? Well, there's a problem that I actually touched on in my last paragraph. Back when this dogshit was first squeezed out in the 70s, everyone had a public address. There were SO MANY addresses! 4 billion addresses? We'll never use all of those! That is clearly not the case anymore. We don't have enough addresses, and now we have this wonderful thing called NAT.

Continued in part 2.

I didn't downvote those posts, but I did feel like the thread was aggressive when it didn't need to be. I'd guess that a flippant/passive aggressive remark like "New to US civil law?" was (rightfully) upsetting to the user who clearly has an understanding of the law here. That user responded in kind and defended their original comment. However, they then kept responding to other users in a fairly aggressive fashion, even when those other users were communicating in alright way.

I totally get it. I'd be pissed if, after posting a well reasoned and researched comment on Kubernetes, someone responded saying "new to container orchestration?" I try (and sometimes fail) to express the more vulnerable feelings underneath anger online after dealing with my anger in meatspace. I find it results in more productive conversations. It's hard to do that, so I'm not casting aspersions. I think that's probably why people downvoted in this case though. People try to suppress and avoid aggression and conflict because those things are uncomfortable and used to be precursors to actual physical danger. It's just biology and emotions at work.

Lemmings is absolutely delightful! Like, it is vaguely insulting sounding, but it's cheeky and I hope it becomes an accepted term.

I've also said nice things about it, and it's just because I'm happy that I can look shit up again. The results are relevant, the blogspam and listicles get stuck in their own sections that I can safely ignore, and I don't get constantly tracked by Google when I search for random shit. It feels like using Google way back in the day before enshittification.

At least for me, the comments are currently paginated. I don't like the pagination, but it makes getting to the bottom easier. I'll say that I would prefer the comment box to be at the top, but I'm sure as hell not going to let that stop me from enjoying this site. kbin and the fediverse have done a great job replacing Reddit for me.

PART 4.

You expect a file transfer program to reliably and faithfully transfer your files, byte-for-byte, from one system to another. FTP spits in your face and shits on your chest. You know how Linux uses LF (i.e. \n) for newlines and Windows uses CRLF (i.e. \r\n) for newlines? Pretty annoying, right? Well, FTP's ASCII mode will automatically rip off those \r characters for you! Sounds pretty sweet, right? Fuck no it's not. All of the sudden, your file checksums have changed. If you pass the same file back to a Windows user with a different and more sane file transfer system, then they get a broken file because FTP didn't mind its own fucking business. If you have a CRLF file and need an LF file, just explicitly use dos2unix. Wanna go the other way? unix2dos. The tool has been around since 1989 and it's great.

Now, what if you're not transferring text, but instead are transferring a picture of a cute cat? What if your binary data happens to have 0x0D0x0A somewhere in it? Well, ASCII mode will happily translate that to 0x0A and fucking ruin your adorable cat picture that you were going to share with your depressed significant other in an attempt to cheer them up. Now the ruined JPEG will remind them of the futility of their situation and they'll slide even deeper into cold emptiness. Thanks, FTP.

You can tell your client to use binary mode and this problem goes away! In fact, modern clients do this automatically so your SO gets to see the adorable fuzzy cat picture. But let's just stop and think about this. Why use a protocol that is dangerous by default? Why use a protocol that supports no form of security (unless you're using fucking godawful FTPS or FTP over SSH)? Why use a protocol that is so broken by design that small business hardware has been designed to try to unfuck it? Is it faster? I mean, not really. SFTP has encryption/decryption overhead, but your CPU is so fast that you'd need to transfer at 25+ Gb/s to notice it. Is it easier? Fuck no it's not easier, look at all of the stupid footguns I've just mentioned. Is it simpler? The line protocol is simple, but so is HTTP, and HTTP has a much simpler control flow path (merging the data and control planes is objectively the right thing to do in this context). And shit, you want a simple protocol for cases where you don't have a lot of CPU power? Use fucking TFTP. It's dogshit, but it was intentionally designed to be dogshit so that a fucking potato could receive data with it.

There is no task that is currently being done with FTP that couldn't be done more easily, more securely, and more quickly with some other protocol (like fucking SSH and SFTP, which is now built into fucking Windows for god's sake). Fuck FTP.

PART 2.

NAT, much like the city of Phoenix, is a monument to man's arrogance. Fuck NAT and fuck FTP. If your FTP server is listening directly on a public IP address hooked up directly to a proper router, then none of this applies. If you're anything like me, the last company I worked for (a small startup), or my current company (many many thousands of employees making software you know and may or may not hate, making many billions of dollars a year), then the majority of your servers are living in RFC1918 space. Traffic from the internet is making it to them via NAT (or NAT with extra steps, i.e. L4 load balancers).

A request comes in for $PUBLIC_IP TCP port 21 and is forwarded to your failure of a boxen at 10.0.54.187. Your FTP server is a big stupid idiot and doesn't know this. It thinks that it's king shit and has its own public IP address. Therefore, when it's deciding what ADDR:PORT it's going to tell the stupid FTP client to connect to, it just looks at one of the adapters on the box and says "oh, I'll tell this client on the internet to connect to 10.0.54.187:44007" and then I fucking cry. The FTP client is an idiot, but the IP stack on the client's home/business router is not and says "oh, that's an address living in RFC1918 space, I shouldn't send that out over the internet" and they don't get the results of their LIST.

So, how do you fix this? Well, you fix it by not using FTP. Use SFTP USE SFTP USE SFTP FOR GOD'S SAKE. But since this world is a shit fucking place, you have two options. The best option is to configure your FTP server to lie about its IP address. Rather than being honest about what a fool it is, you can tell it to send your public IP address to the client rather than the network adapter IP address. Does your public IP address change? Fuck you, you get to write a daemon that checks for that shit, rewrites your FTP server config, and HUPs the bastard (or SIGTERMs it if your server sucks and can't do a live config reload).

Let's say that you don't want to do that. Let's say you work at a small company with a small business internet plan that gives you static IPs but a shitty modem. Let's say that you don't know what FTP is or how it works and your boss told you to get it set up ASAP and it's not working (because the client over in Bendoverville Arkansas is being told to connect to a 10.x.x.x address) and it surely must be your ISP's fault. So you call up Comcast Business/AT&T/Verizon/Whoeverthefuck and you complain at their technicians for hours and hours, and eventually you get connected to a human that knows what the problem is and tells you how to configure your stupid FTP server to lie like a little sinner. The big telco megacorps don't like that. They don't want to waste all those hours, and they don't want to hire too many people who can figure that shit out because it's expensive. You wanna know what those fucking asshole companies did?

Continued in part 3.

You can edit titles‽ That's fantastic.

I want both. Flatpak has saved me some heartburn a couple of times, but the distro I'm using dramatically reduces the need for it. I like native applications running with the shared libraries present on my system. I use flatpak as an escape hatch for when that breaks, meaning I've used it twice.

There's always Termux and whatever you can install there. That sounds silly, but when I download from my phone, I do it using aria2c in Termux. It works great, and everything (AFAIK) is FOSS. zsh + fzf history completion/file finding (\ is a godsend) makes it possible to use a CLI on a phone without going crazy. Only really works well if you're already comfortable with the command line, which is definitely a big if. It works really well for me, but I'm one of those weirdos that doesn't have a graphical file manager installed on their computers.

Thanks for all you do! I do devops shit for a living and I can't imagine what it's like to keep the lights on in a situation like this. I'm just really excited for what it feels like this place will become, as are so many others here.

Thanks for pointing this out, I've updated my comment to get rid of the unnecessary distinction.