1.  

    For now, I’m using a Dell Poweredge R260 with a hardware RAID card, which I got from an old hardware resaler.

    Hosts a Proxmox instance, on which I containerize every one-process daemon (e.g. static websites) and virtualize systems (e.g. game servers, multi-process websites, etc).

    Being in a network I do not own, I cannot simply request a static IP and NAT my way out of the network, so I instead got a cheap VPS (PulseHeberg) on which I setup Wireguard and a few utilities (NFTables, Fail2Ban, Caddy as HTTP reverse proxy, DNSMasq for ad blocking).

    1.  

      Do you mean an R620?

    1. 1

      This looks cool, but what exactly is it? Is it more like tracking cookies or thousand eyes/smoke ping?

      1. 1

        How tokens works (in 3 short steps):

        Visit the site and get a free token (which could look like an URL or a hostname, depending on your selection.) If an attacker ever uses the token somehow, we will give you an out of band (email or sms) notification that it’s been visited. As an added bonus, we give you a bunch of hints and tools that increase the likelihood of an attacker tripping on a canary token.

        So, you generate a token, like a URL, and store that in your password manager, or a domain and have it look it up whenever a certain query is run on your DB, or you put some in your AWS credentials and then when that’s hit, you know you’re p0wned.

      1. 3

        I really like this on Linux hosts where I don’t have root or don’t want to pollute the globally installed packages.

        If it’s in your home directory, everything is compiled, so no random binaries, if you prefer to audit all of the build sources and instructions.

        1. 1

          If you’re in the Linux world you should definitely take a look at the Spack project. If you’re in the Mac world it still might be worth a look.

          It’s basically a superset of Homebrew’s functionality. Great for building complex environments (having multiple versions of an application installed, fine grained control of build options, microarchitecture-specific compiler optimizations, etc…). And, […] Spack can also be used to handle simple single-user installations on your laptop..

          Nicely documented and great community!

          1. 1

            Indeed! I use it two places that it’s become pivotal: on an ElementaryOS 5.x VM that’s using Ubuntu 18.04 as a base with some more recently dependencies required to work on this VM versus on a Mac that I’m otherwise using, and on a cluster for work that’s running RHEL 6 and won’t be upgraded anytime soon (but it’s being replaced by something running RHEL 7 by EOY).

          1. 2

            This probably got dug up on the occasion of Libgcrypt 1.9.0 vulnerability https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html

            There is a heap buffer overflow in libgcrypt due to an incorrect assumption in the block buffer management code. Just decrypting some data can overflow a heap buffer with attacker controlled data, no verification or signature is validated before the vulnerability occurs.

            1. 3
            1. 1

              Can you also identify any popular hashes, like that of null?

              1. 1

                Does this support live memory ballooning?

                1. 1

                  No, on purpose. It does implement a virtio-balloon device, but using only the “free page reporting” feature, which allows the guest to nofify the host which pages are no longer in use, so the latter can free them. This allows the VM to keep the actual memory usage close to what the guest actually needs.

                1. 1

                  Was this influenced by windows or mac’s system? It seems like all had the ‘programs minimize to the desktop’ but I assume that comes from Xerox? You can still see that same color scheme and see if the chrome in Java’s toolkits.

                  1. 3

                    This is slick. It’s so difficult to develop intuition around movement and space.

                    1. 1

                      Work gives us a free 1password family account, so I have been switching over to that for ease of sharing and usability by family. (Think of those 5 people you would share Netflix with but still want to change the password from time to time).

                      Before 1password I was all in on Pass, working on multiple keys for certain shared directories and deploy tokens for each device. My chromebook stopped copying from/to the x clipboard, so I started having usability issues, but it still is my long term favorite and I expect to go back to it in the future.

                      For everything: https://www.passwordstore.org/

                      For Android: https://github.com/android-password-store/Android-Password-Store

                      For Mac: http://qtpass.org/

                      For Firefox: https://github.com/jvenant/passff#readme

                      1. 3

                        Is this not basically just an except from this article: https://www.murilopereira.com/how-to-open-a-file-in-emacs/?

                        Shouldn’t the stories get merged?

                        1. 9

                          I didn’t read that story, as it talks about Emacs for many pages before it gets to this part that’s actually interesting (for me).

                          I wanted to submit this story as well (was beaten by a few seconds) and tagged it as culture, as I don’t think it’s really about Emacs or Vim at all, but rather about communities and open source development. Emacs, Vim, and VSCode are just used as examples, but you could just as easily have written this about any two other pieces of software.

                          Maybe they should be merged … but IMHO there’s value in just leaving it, as I suspect a lot of people didn’t read the original story as they thought it was going to be about Emacs (which, in large part, it was) and never got to the more interesting part.

                          1. 2

                            The original article only has an emacs tag, which I mentally filter. I would have not read it but for the vim tag, so I think this is distinct and valuable.

                          1. 1

                            I want more things like this. Interaggregate and substrate were my two favorite screensavers! http://www.complexification.net/gallery/

                                1. 4

                                  Regarding other systems, if the ARM arhictecure version is supported by a particular distribution, that doens’t mean the SoC and peripherals are supported. Both need to have support in the mainline kernel, otherwise the only choice is a vendor fork of the kernel.

                                  The other option is to find patches that forward port support to mainline. I’ve did this a while on my old ARM NAS for a while.

                                  1. 1

                                    For sure but that model is hardly sustainable for most users, even highly technical ones.

                                  1. 5

                                    Great write-up, I had no idea the REPL of lisp/smalltalk was so powerful. I need to get around to learning clojure.

                                    I think the elixir* REPL fits the bill for the most part - if I start up one iex instance and connect to it from another node I can define modules/functions and they show up everywhere. And for hot-fixing in production one can connect to a running erlang/elixir node and fix modules/functions on the REPL live, and as long as the node doesn’t get restarted the fix will be there.

                                    * erlang doesn’t quite fit the bill since one can’t define modules/functions on the REPL, you have to compile them from the REPL.

                                    1. 3

                                      Does Clojure actually have these breakloops though? I think I’ve seen some libraries that allow doing parts of it (restarts), but isn’t the default a stacktrace and “back to the prompt”?

                                      1. 1

                                        Well, prompt being the Clojure repl, but you’re correct that the breakloop isn’t implemented, as far as I got in the language. You can must implement the new function and re-execute, so you lose all of the context previous to the break. I think with all of the customizability of what happens when a stack trace happens, it’s possibly possible.

                                        I THINK the expected use with Clojure is to try to keep functions so small and side effect free that they are easy to iterate on in a vacuum. Smalltalk and CL have not doubled down on functional and software transactional memory like Clojure has. That makes this a little more nuanced than “has/doesn’t have a feature”.

                                        1. 1

                                          You’re correct. Interactivity and REPL affordances are areas where Clojure–otherwise an advancement over earlier Lisps–really suffers compared to, for instance, Common Lisp. You don’t have restarts, there is a lot you can’t do from the REPL, and it’s easy to get a REPL into a broken state that can’t be fixed without either a full process restart or using something like Stuart Sierra’s Component to force a full reload of your project (unless you know a ton about both the JVM and the internals of the Clojure compiler). You also can’t take a snapshot of a running image and start it back up later, as you can with other Lisps (and I believe Smalltalk). (This can be useful for creating significant applications that start up very quickly; not coincidentally, Clojure apps start up notoriously slowly.)

                                      1. -2

                                        Probably, but it’d be silly.

                                        These are designed for tasks where it does make sense to run a RTOS, not some unreliable, laggy, bloated Linux.

                                        1. 6

                                          Here’s a handkerchief; wipe that froth off your mouth. ;-)

                                          With an ARM9 and 512MB RAM, this is in a class above the microcontrollers I’ve seen that you’d use an RTOS with. (Probably in power draw, too.) Heck, you’ve got a full MMU in there, which you don’t find on your Cortex Ms or ESP32s.

                                          Maybe Linux isn’t your ideal OS for this, but there are probably ARM builds of some of the microkernel based OSs that would work…

                                          1. 2

                                            wipe that froth off your mouth.

                                            I swear I held back.

                                            With an ARM9 and 512MB RAM

                                            32MB RAM and 16MB storage.

                                            Maybe Linux isn’t your ideal OS for this

                                            Correct.

                                            some of the microkernel based OSs

                                            That’s indeed reasonable.

                                            1. 3

                                              Oops, I was looking at a bunch of other tiny computers and got the RAM mixed up. But even 32MB is luxurious compared to most embedded devices! Plus, with an MMU you can use virtual memory.

                                              1. 0

                                                Plus, with an MMU you can use virtual memory.

                                                If by virtual memory you mean swap, do note that using swap does automatically make the system non-deterministic.

                                                But then again, you could argue Linux is non-deterministic to begin with.

                                                1. 5

                                                  You say “non-deterministic” like it’s an insult. You’re aware that the computer you typed that comment on is non-deterministic, right?

                                                  If you want a deterministic device, there are plenty of dinky MCUs to choose from. This isn’t one of them. Doesn’t make it bad.

                                                  1. 2

                                                    As in every process gets it’s own virtual memory space.

                                                2. 3

                                                  Maybe Linux isn’t your ideal OS for this

                                                  Keep in mind that these were specifically designed to run Linux and ship with a Linux image on the onboard flash.

                                                  They are not however designed to run a full fledged Linux Disto like Debian although it runs fine.

                                                  1. 2

                                                    Keep in mind that these were specifically designed to run Linux

                                                    Seriously?

                                                    Let’s say I’m willing to accept that, somehow, the board designers only put 32MB RAM on a recent board destined to run Linux.

                                                    But then, why is there a RT-Thread logo on the board?

                                                    1. 3

                                                      Good question on the logo, presumably it is supported but trust me when I say this was designed to run Linux, it really was.

                                                      https://www.seeedstudio.com/Sipeed-Lichee-Nano-Linux-Development-Board-16M-Flash-WiFi-Version-p-2893.html

                                                      Edit: rt-thread is supported although the spi flash versions of these boards ship with Linux.

                                                      Software and development environment Support 3.10 BSP linux, Support 4.19 mainline linux, Support xboot bare metal development >environment Support RT-Thread

                                                      1. 1

                                                        Whole deal is, to me, reminiscent of some laptops shipping with FreeDOS.

                                                        It’s better than shipping them without an OS, but the expectation is that, once aware that the hardware works, the user will install a system fitting whatever purpose the user has in mind.

                                                        Yet of course, unsurprisingly, there’s going to be a few odd people that will actually use FreeDOS on these laptops.

                                              2. 4

                                                It runs Debian just fine, yes its a little bloated but using 7MB RAM at idle its not too bad.

                                                1. 2

                                                  With “running X on Y” blog posts, silly is usually the point. NetBSD on toaster, DOOM on printer, etc :)

                                                1. 1

                                                  Does this do usb gadget? This looks like it might fit in a keyboard.

                                                  1. 1

                                                    It does! Some guy used the same SOC to make a Linux powered business card running usb gadget.

                                                  1. 2

                                                    Does anyone have any recommendations for good epaper/eink devices? A lot of what I’ve seen are ereaders/tablets, which I’m not as interested in.

                                                    1. 1

                                                      What size/interface/battery/input requirements do you have?

                                                      Just a monitor, monitor + touch, hdmi/spi, mobile/fixed?

                                                      1. 2

                                                        Because it’s a single company who owns the patents, I think you can get an exhaustive list of products here: https://shopkits.eink.com/

                                                        1. 1

                                                          I’m curious about any that are an assembled thing. Monitors, laptops, phones.

                                                          1. 1

                                                            There used to be an hdmi display made by Waveshare and there were a few phones - Yotaphones.

                                                        2. 1

                                                          I got one from Waveshare this month, but you’ll have to get/build the enclosure yourself. My 7” one fits nicely in a 4x6 photo frame.

                                                        1. 8

                                                          TL;DR:

                                                          sudo launchctl config user path /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
                                                          
                                                          1. 2

                                                            This seems to imply that you can plug both in at the same time, but there is cable juggling to switch, right?

                                                            1. 1

                                                              It looks like you can connect two computers to the TS3 at the same time, but only one of them can see the the connected dock peripherals at a time.

                                                              I have a Caldigit TS3 dock and two Thunderbolt 3 capable machines (a Z390 based Hackintosh and my work MBP) and the way I share the all my TS3 connected devices between the two machines is by using three Thunderbolt 3 -> Thunderbolt 2 adapters in conjunction with a Thunderbolt-2 KVM switch.

                                                              This is a pretty ugly and expensive hack that I’d hesitate to recommend to anyone, but it works for me, in that it enables me to explicitly control which computer has access to the TS3 dock (with no cable juggling) at the cost of a 50% reduction in bandwidth.

                                                              1. 1

                                                                You also lose charging, right?

                                                                1. 1

                                                                  Yeah, no charging with Thunderbolt 2.