1. 4

    We need some form of “strict” mode which turns these all onto sane settings by default.

    1. 2

      XKCD #927 😜

      1. 4

        I don’t think this is really relevant - it wouldn’t be a competing standard, or a standard at all really, just a baseline to start from that could vary from server to server.

      1. 2

        I really like this, especially seeing as I’m still painfully slow at tuning anything with more than four strings :’)

        One tiny nitpick: the constant note while you’re using the electric tuner is a bit annoying and maybe counter-productive..? I was under the impression that it’s best to let the note ring out as you tune rather than to keep playing it.

        Oh, and if you fancy making a similar post for drums, that’d be very cool.

        1. 2

          Thanks! I agree some of the interactions still aren’t perfect, I’m still getting used to the web audio API.

          I like the drums idea a lot, but don’t play myself. Any ideas for what would make good starter material?

          1. 2

            Well, the snare drum is probably the hardest to tune so I’d probably do that. Synthesising the sounds of an unturned drum would be difficult though, I’ve got no idea where you’d start

        1. 3
          • AdAway - DNS ad blocker (requires root iirc)
          • AnkiDroid - companion app to Anki, a flashcard-type program
          • K-9 Mail - email client extraordinaire
          • KISS Launcher - simple search-based app launcher
          • Lightning - simple web browser with nice tabbing
          • OpenVPN for Android - better than the official OVPN client app
          • OsmAnd+ - slightly buggy but otherwise pretty good GPS/navigation app
          • Silence - (badly) encrypted SMS messages, I just use it because I like the UI
          • Weechat for Android - remote client for the weechat IRC client. Best Android IRC experience I’ve found to date.
          1. 5

            Weechat for Android - remote client for the weechat IRC client. Best Android IRC experience I’ve found to date.

            If you want even better Android IRC experience, you could try the new Quasseldroid beta https://quasseldroid.info/ (as soon as the new version is released it’ll also replace the current F-Droid entry) with the new quassel 0.13 (try it by compiling from git).

            The result looks something like https://i.k8r.eu/63U1pA and works quite nicely. The repo is at https://git.kuschku.de/justJanne/QuasselDroid-ng/ and beta builds are available on the Play Store or at https://s3.kuschku.de/releases/quasseldroid-ng/Quasseldroid-latest.apk (sadly I haven’t found a nice way to get beta builds onto F-Droid yet, but thanks to this thread I’m right now trying out a way to do so)

            EDIT: An F-Droid binary repo of the latest beta releases is now available, its direct link (not usable in the browser) is https://repo.kuschku.de/repo?fingerprint=A0CBC2C29E38ED9542F86A1188412A60C5A756FC4D7A31C4C622242D7AD021F2

            Disclaimer: I’m the dev.

            1. 2

              I would, but my quassel experience wasn’t that great ~1 year ago. Got really unstable and took several minutes to start the desktop client as I approached 400 buffers. Granted, this is a lot, and people have told me that using postgres for the backend can improve it, but I don’t really want to use postgres for my IRC bouncer and I’m accustomed to weechat and its own problems now :’)

              That said, I used the old quasseldroid for a long time, and it was actually a life-saver when the desktop client kept crashing and I needed to read some old messages. Thanks for many years of IRC on the go!

              1. 2

                Yeah that’s a real issue with SQLite, it really wasn’t designed for many separate threads writing and reading at the same time, causing timeouts. That said, with the recent versions, that issue should go away as now loading backlog is only really required for the buffers you actually open – which reduces the amount of data that has to be loaded on connection massively.

                Still great that you liked it :)

                1. 1

                  What’s the memory usage like with postgres? I might try it again at some point, seeing as weechat keeps eating all the RAM I can feed it (not much).

                  I’m still a bit unsure about the internals of quassel… for example recently I found out that it inexplicably sends NAMES for every channel it’s in quite regularly. When you’re in a few hundred that ends up being quite a lot of traffic, which is really unnecessary.

                  Edit: I just noticed that you edited your post to clarify about sqlite, all of this is sounding pretty good so far, maybe even good enough to tempt me back to the dark side — but certainly good enough to stop me warning people against using quassel nowadays :-)

                  1. 2

                    A lot of people are using it successfully on systems as small as a raspberry pi. Personally I have been hosting a core for 5 people, some of which with 400+ channels (not buffers) on this: https://www.online.net/en/server-dedicated/start-2-s-sata

                    So performance is actually quite great, especially with more recent versions of the core.

                    for example recently I found out that it inexplicably sends NAMES for every channel it’s in quite regularly. When you’re in a few hundred that ends up being quite a lot of traffic, which is really unnecessary.

                    That’s done to update the away status, the modes, etc all correctly on servers that don’t yet support the IRCv3 extensions for doing this automatically. The 0.13 beta uses IRCv3 away-notify and IRCv3 account-notify for this, if available.

                    1. 1

                      That’s done to update the away status, the modes, etc all correctly on servers that don’t yet support the IRCv3 extensions for doing this automatically. The 0.13 beta uses IRCv3 away-notify and IRCv3 account-notify for this, if available.

                      Oh fair enough then. Is there a way to turn this off?

                      1. 2
            2. 3

              Silence - (badly) encrypted SMS messages, I just use it because I like the UI

              Afaik Silence is a fork of TextSecure and uses the Signal Protocol, just over SMS/MMS. So the encryption, authentication, and integrity properties it provides should be very good–not bad as you state. If you read the Signal blog post on why they stopped using SMS/MMS they list user experience, metadata leakage, and development overhead as the main problems.

              1. 1

                Oh, I was under the impression they were using some different crypto because the messages produced by Signal would be too large, or something. I retract my statement :-)

            1. 1

              Cool. Anyone recommend a good place to buy it besides the one provided… gearbest?

              1. 2

                Is there a reason that Gearbest should be avoided?

                1. 1

                  Well, AliExpress have it, but why not just buy it from Gearbest?

                  1. 1

                    Nothing bad that I know of, I’d just never heard of it before. I usually get my Chinese goods from AliExpress.

                  1. 18

                    I think the search issue alone already justifies a tag. UX-wise, there are few things more annoying than trying to find something the search won’t let you find.

                    1. 6

                      Thats what I hate about most language names. Couldn’t they pick something a little more unique?

                      1. 2

                        Walter Bright actually wanted to call the language Mars, but his coworkers wouldn’t stop calling it D so the name stuck. At least I think that’s how the story goes.

                    1. 22

                      Ironically, the biggest thing that stops people from joining a Mastodon instance is the paradox of choice. If you want a Twitter account, there’s exactly one place to go and a newcomer has zero things to figure out before joining.

                      If you want to join a Mastodon instance, you have to grok the distributed nature, figure out why some instances block other instances, which code of conduct you endorse (or pick an instance without one). All those choices create a higher barrier new users have to overcome to “get in”.

                      1. 2

                        Ironically, the biggest thing that stops people from joining a Mastodon instance is the paradox of choice.

                        And network effects. I am not very active on Mastodon, since most friends and colleagues (computational linguistics, ML) are not on Mastodon.

                        I also think that the default user interface, even though it is nice for advanced users, is not simple enough.

                        1. 2

                          I think it largerly depends on how your interests match the instance you join.

                          I was invited to join mastodon.social social but I now realize that I mainly follow people from other instances.

                          Probably the fact that I’m mostly interested in software related matters (even if from a wide range of perpectives, including law and ethics) is what make the local timeline pretty boring to me…

                          Finding the right instance might not be simple.

                          Maybe a tag cloud representing the topics threated in the instance could help in the decision (together with the code of conduct obviously).

                        2. 2

                          I can see why you’d think this, but my experience has been that it really doesn’t matter, other than obvious stuff like not picking a fascist-friendly place. If you’re on a small instance then your local timeline will be quieter, but personally I found the majority of people to follow thru IRC or threads like this, so the local timeline didn’t really come into it.

                          1. 1

                            I have never depended heavily on the local or federated timeline for discoverability, but I joined during a wave of signups where lots of people I already knew on Twitter were already joining.

                            I imagine that, if the one person you know on the fediverse is also the person who told you about it, and that person is also a newbie or has mostly different interests, the local timeline matters a lot more. (And, if you’re reasonably ‘normie’ – if your strong interests aren’t geared toward witchcraft, furry fandoms, communism, and the internal politics of the FSF – you might have a really hard time finding an instance geared toward you anyway.)

                            I couldn’t be the one to do it, but I wonder if it would make sense to make a handful of sports-centric nodes. It would probably attract a lot of users.

                          2. 1

                            And so instead of taking the time to make informed choices, these users would rather delegate that responsibilty to a corporation which then makes all sorts of important choices for them….

                            1. 12

                              I think it’s a bit flippant to say that they don’t make an informed choice. Some people really do prioritize their time over other things.

                              1. 3

                                or they have no idea what advantages a decentralised system would provide, and completely overlook its existence

                                1. 5

                                  or they don’t value the benefits the decentralised system provides, and consider the centralisation a pro.

                          1. 1

                            would be nice to try this out, anyone want to join lobsters on 2ton.com.au?

                            1. 1

                              You are all alone. :(

                            1. 2

                              De-clickbaited: Why I don’t like open offices, and an overview of the alternatives

                              1. 4

                                I don’t think this is really clickbait, it’s just an attention-grabbing headline. There’s a difference. If it were a clickbait headline, it’d be like, “10 Reasons Why YOUR Workplace Will Be The DEATH Of You”

                              1. 16

                                I don’t see “hate speech” the issue there.

                                The most was just not on subject and derailing the subject towards something else. It was no discussion of the app at hand. The following thread needed 4 replies to get somewhat into the range of something usable. Also, I didn’t see it as a good critique of “minimal”, as that was pretty clearly referring to the user model of the app.

                                I’m a bit split on outright removing it, but I’d be happy if that behavior were a little less popular here.

                                1. 28

                                  I think pointing out a dependency or framework for a posted project should always be on topic. It’s definitely relevant to my decision to investigate further. If there are a lot of electron haters such that “electron; stay away” gets upvotes, then so be it. It’s not necessary for the electron lovers to engage in every such thread.

                                  1. 13

                                    It’s not worth anyone’s time to read a comment entirely consisting of “electron; stay away”. If people dislike it, fine, write a long criticism and link it, but a disdainful three-word brush-off is terrible rhetoric only useful for making newbies feel bad and starting flame wars.

                                    1. 26

                                      “It’s electron” is all the info I’m looking for. I don’t need a fully articulated 1000 word copy pasta for that.

                                      1. 1

                                        And I’d delete copypasta. I said link.

                                        1. 34

                                          With all due respect, I don’t think you should delete anything on this site until you gain more confidence of the community to exercise good judgment.

                                      2. 19

                                        I would find such a comment useful. I’m not remotely interested in using any electron-based software, so to find that out at the same time as I’m looking at the page means I can close the tab and move on faster.

                                        1. 8

                                          I think if a flamewar were to break out, that would be the time to delete the comment (and thread). Or preferrably put on your moderator hat and just ask to keep discussion constructive.

                                          I implore the moderation team to continue to use a light touch approach to removing content.

                                          1. 2

                                            It’s not worth anyone’s time to read a comment entirely consisting of “electron; stay away”.

                                            On the plus side, it only takes an instant to read it!

                                      1. 10

                                        I still like my old, bulky TP X200.

                                        On top of trouble-less servicing, I can run blobless coreboot just fine.

                                        1. 5

                                          Bulky? Since when does “has space for an Ethernet port” place a laptop into the bulky category?!

                                          That said, I have an x200s and it’s great. I’m still working up the courage to install core/libreboot.

                                          1. 3

                                            Honestly, since a few years ago. I’m currently on my 2015 model XPS 13, which I’d consider fairly thin at 1.85cm, but even it is rather far from the least bulky laptop you can get your hands on, being almost 50% thicker and heavier than Apple’s MacBook.

                                            That’s not to say being “bulky” enough to have space for an Ethernet cable is a bad thing; different priorities for different use cases and all that. I, for example, much prefer this machine with actual active cooling and a proper Core i5 CPU than passive cooling with a Core M.

                                            1. 1

                                              Actually, Ethernet port doesn’t really matter here. There are much thinner notebooks with Ethernet port.

                                              1. 1

                                                Really? I don’t have mine with me right now but I seem to remember the Ethernet port taking up most of the vertical space.

                                                1. 1

                                                  Newer ThinkPads (like X270) are thinner.

                                                  1. 1

                                                    There are some (like the original Librem) that have fold-down ethernet ports to allow less vertical space still with a full-size port when in use

                                                    1. 1

                                                      Are there any others that have that? I had been planning on ordering a Librem, but then they removed the ethernet port from the design.

                                            1. 2

                                              Good god, this still seems absolutely insane to me.

                                              Would you blindly run a binary served automatically from any of these vendors on your production web server? No? Then don’t inject their code into your webpage! (or at least, not without a checksum)

                                              1. 1

                                                This is an important point – when adding a 3rd party to your site it’s critical to evaluate the quality of their service, they could severely harm your site.

                                                Ultimately the control does lay with the site owner though – once you’ve identified problems, you can remove a tag, generally with minimal effort.

                                                1. 1

                                                  You can remove the tag, but said tag may have done irreparable damage: what if it steals user sessions or clicks certain buttons (such as delete) when logged in? it could destroy user data.

                                                  1. 1

                                                    You’re absolutely right - as part of reviewing you should be checking the tag is from a legitimate trustworthy company.

                                                    My personal opinion is that it’s highly unlikely a commercial company would do something so malicious as to delete data on purpose.

                                                    Of course it could happen by accident, but other than avoiding all 3rd party scripts, which is inherently impractical for most significantly-sized sites, there is nothing you can do to avoid that.

                                                    1. 1

                                                      Best method I’ve seen is to use scripts from vendors who won’t change them suddenly, then you can make use of subresource integrity.

                                                      I’m not too worried about companies acting maliciously; they already make their money by gathering user data. I’m more worried about someone attacking the server and causing malicious scripts to be sent.

                                              1. 3

                                                OpenNIC’s TLDs grant you access a whole new space on the web. These domains can only be accessed using our democratic nameservers.

                                                This seems like a bad idea considering ICANN keeps approving new TLDs all the time and the OpenNIC ones could potentially conflict in the future. Then users using OpenNIC servers suddenly can’t see properly-registered domains on the internet. I would imagine it’s also impossible to register TLS certs for such domains, since providers can’t do domain/whois validation on these fake domains.

                                                1. 1

                                                  Then running a local resolver could be a better compromise.

                                                  1. 1

                                                    This very thing happened with opennic’s .free TLD, and it was a cause of some annoyance.

                                                    There have been talks of trying to set up a CA, but nothing concrete yet.

                                                  1. 3

                                                    Know your rights in both your home country and the country you’re visiting helps, but it’s inadvisable to travel with any device you’d mind being siezed. Store your important files remotely and download them when you reach your destination, especially if you’re going to a country known to do such searches (I’ve heard storied about UK/US/NZ/DE so far).

                                                    1. 4

                                                      I know that the systemd hate is strong here, but this was already posted a couple of days ago:

                                                      https://lobste.rs/s/lockbb/usn_3341_1_systemd_vulnerability

                                                      I was worried that there was yet another vulnerability in systemd-resolved ;).

                                                      1. 1

                                                        Yeah, you should flag it as ‘already posted’ I think

                                                      1. 10

                                                        I’ve read many people say that dvorak was fine for the vim movement keys.

                                                        And as for the keycaps, I’m not sure I see the problem, why not just use a blank keyboard and switch at will?

                                                        1. 5

                                                          Although I am in theory capable of typing without looking at the keys, in practice I do a lot of key stabbing as well. And a lot of one handed typing as well. I’ve practiced this some in the dark, and it’s no fun. Definitely not interested in a blank keyboard.

                                                          Anyway, same experience as the author. Learned dvorak because there were people who didn’t know dvorak, used it for a while, then found I had trouble using a qwerty keyboard. Now I just use qwerty full time, but go back and practice dvorak for a week or so at a time to maintain the skill in case I ever have a compelling reason to switch.

                                                          I like dvorak for English, but find it substantially more annoying for code. And it’s a disaster for passwords. I usually set up hotkeys so I can quickly change on the fly depending on what and how much I’m typing.

                                                          1. 2

                                                            I love Dvorak for code! Having -_ and =+ much closer is so convenient.

                                                            1. 1

                                                              More than { [ ] }?

                                                              1. 2

                                                                For sure, think about where it’s now positioned. Typing …) {… is so easy when ) and { are side by side. And for code that doesn’t use egyptian braces, )<enter>{ is easier for me too. When I hit enter with my pinky, and follow up with { with my middle finger, that’s natural. But trying to squeeze my middle finger into the QWERTY location for { while my pinky is still on enter totally sucks.

                                                                Meanwhile -_=+ are all typed in line with other words (i.e. variable names). And - and _ are frequently part of filenames and variables, so it’s great that they’re closest to the letter keys.

                                                            2. 2

                                                              I like dvorak for English, but find it substantially more annoying for code.

                                                              Exactly! If I were a novelist I would probably just continue using Dvorak.

                                                              1. 2

                                                                in practice I do a lot of key stabbing as well

                                                                I recently bought a laptop with a Swiss(?) keyboard layout. (It really is a monstrosity with up to five characters on one key). I thought I wouldn’t need to look at the keys at all and I could just use my preferred keymap, but I’ve been caught ought a few times. I’m just about used to it now, though.

                                                              2. 4

                                                                When I am typing commands into a production machine I feel like it is only responsible of me to use a properly labelled keyboard.

                                                                This is really important when you’re on your last ssh password/smartcard PIN attempt, because you can go slow and look at what you’re doing.

                                                                1. 5

                                                                  I got a blank keyboard, and I must admit that I still look at it from time to time. like for numbers, or b/v, u/i… I only do so when I start thinking “OMG this is a password, don’t get it wrong!”

                                                                  Having a blank keyboard doesn’t stop you from looking at your hands. It only disappoint you when you do.

                                                                  1. 5

                                                                    As a happy Dvorak user I’d have to say there are better fixes to that problem. Copy it from your password manager? (You use one, right?) Type it into somewhere else, and cut and paste? Or use the keyboard viewer? (Ok that one is macOS specific, perhaps.)

                                                                    Specifically re: “typing commands into prod machines” I don’t buy the argument. Commands generally don’t take effect until you hit ENTER and until then you’ve got all the time you need to review what you’ve typed in. Some programs do prompt for yes/no without waiting for Enter but it’s not like Dvorak or Qwerty’s y or n keys have a common location in either layout, so I don’t really see that as an issue either.

                                                                    1. 2

                                                                      Yes, the “production machines” argument is a strange one. I’d imagine it would only be an issue on a Windows system (if you’re logging in via ssh it’s immaterial) and then it would be fairly obvious quite quickly that the keyboard map is wrong. And if the keyboard map is wrong in the Dvorak vs QWERTY sense you’d quickly realise you’re typing gibberish. Or so I’d think?

                                                                      Ignoring the whole issue of “you shouldn’t be logging in to a production machine to make changes”…

                                                                    2. 1

                                                                      In this case, I find the homing keys, reorient myself, and type whatever I need to type. (Or just use a password manager & paste). Haven’t mistyped a password in years, and I’m using Dvorak with blanks.

                                                                      Homing keys are there for a reason.

                                                                      Labels are only necessary when you don’t touch type. If you do, they serve no useful purpose.

                                                                    3. 2

                                                                      I’ve read many people say that dvorak was fine for the vim movement keys.

                                                                      Dvorak is fine for Vim movement keys, but not as nearly as nice as Qwerty.

                                                                      And as for the keycaps, I’m not sure I see the problem, why not just use a blank keyboard and switch at will?

                                                                      The problem is, when I’m entering a password or bash command sometimes I want to slow down and actually look at the keyboard while I’m typing. In sensitive production settings raw speed isn’t nearly as valuable as accuracy. A blank keyboard would not solve this problem :)

                                                                      1. 6

                                                                        Dvorak is fine for Vim movement keys, but not as nearly as nice as Qwerty.

                                                                        They actually work better with Dvorak for me, because the grouping feels more logical than on qwerty to me.

                                                                        1. 1

                                                                          Likewise: vertical and horizontal movement keys separated onto different hands rather than all on the one (and interspersed) works much better for me.

                                                                        2. 2

                                                                          I hate vim movement in QWERTY. I think it’s because I’m left handed, and Dvorak puts up/down on my left pointer and middle finger. For me, it’s really hard to manipulate all four directions with my right hand quickly.

                                                                          1. 1

                                                                            Would it make sense to use AOEU for motion then (or HTNS for right handed people)? I guess doing so may open a whole can of remapping worms though?

                                                                            That won’t help with apps that don’t support remapping but which support vi-style motion though (as they’ll expect you to hit HJKL)…

                                                                      1. 6

                                                                        Here’s an idea: use IRC, where there’s no rate limited API and Discord, Inc. can’t tell you what to do

                                                                        1. 4

                                                                          Or the tad more modern Matrix.

                                                                          1. 3

                                                                            I am pretty sure that in 5 years people have moved away from discord to something else, while IRC is still going strong.

                                                                            Apart from mobile usage IRC pretty much has everything you would need from a group chat. (And mobile wasn’t a thing when IRC was invented anyway…)

                                                                            1. 3

                                                                              Apart from mobile usage IRC pretty much has everything you would need from a group chat. (And mobile wasn’t a thing when IRC was invented anyway…)

                                                                              Like… history?

                                                                              1. 2

                                                                                The multi-client experience is poor, all the history solutions are poor, embedded images and links aren’t supported (and the community is hostile to them) which in turn makes good integrations very difficult, authentication isn’t standardised and again the community is hostile to standardizing it. IRC is pretty bad and whenever there’s a proposal to make it better there’s too much “get off my lawn” to get anything done.

                                                                                1. 1

                                                                                  Check out weechat for android, I use it very regularly for mobile IRC.

                                                                              1. 1

                                                                                I’ve tried this kind of thing a few times and it’s never been as much fun as just using a framework. Not worth it.

                                                                                1. 4
                                                                                1. 1

                                                                                  i can’t read the awesome features because of certificate error, anyone else?

                                                                                  1. 4

                                                                                    WORKSFORME

                                                                                    1. 3

                                                                                      Yeah it’s a github cert, only a problem for https anywhere users though as the link is boring http :(

                                                                                      1. 2

                                                                                        thanks, i completely forgot having https anywhere enabled last night.. maybe was a little too late ;)