1. 3

    This is the classic text which gets updated every year. Inspired by the other thread, but here, we actually get bug references, so it’s a bit more concrete.

    1. 4

      Unfortunately there doesn’t seem to be an actual release page, so I linked directly to the front page (which has the information on the right).

      1. 4

        It’s not much, but there was this announcement in the dev maillist.

        The one thing they clearly aren’t good at is PR. This project would be much more well-known if they improved on that.

        1. 14

          Yes, PR is definitely not our thing. Our time and effort are mostly concentrated on the code. In the past when news sites have mentioned the project we have had a great number of very vocal people with definite opinions on how we should spend our free time to implement NetSurf the way they want it.

          So generally I think personally, I have certainly become less likely to mention the project in a “loud” way and just keep on keeping on. Hope it gives you some happiness anyhow, thank for your kind comments.

          1. 2

            Yeah, comments like:

            This project is perfect, but if only it had done xyz, used foo and was written in bar!

            Always amaze me.

            Another favourite of mine that is common:

            I was just thinking of doing something like this last week, but didn’t have time.

        2. 4

          I had to go to Downloads > Linux > Change Log to get this.

          1. 1

            Wow. This is much better. I do wonder why their front page announcement doesn’t link this.

        1. 1

          Never used one of these MacBooks but I’m honestly surprised that isn’t a baked in preset

          1. 1

            Yep, using it as a dock is a pretty logical extension for Apple…

          1. 1

            Just downloaded, this tool looks really cool. I have been looking for a way to make the touchbar usable on my work machine for a while now and this does everything that I would want it to.

            1. 2

              It makes it so much more useful for me. Turns it from more of a gimmick to a practical tool.

            1. 1

              Does this need you to disable kernel security or anything like that? It smells like that sort of thing.

              1. 2

                Nope as @cadey said. I avoid anything like that, not really comfortable with it, and makes me wonder if it’ll break something during an update.

                1. 2

                  Nope

                1. 1

                  I think I may need to look into running doas on Linux.

                  1. 1

                    I’ve been similarly tempted for a while. Would live if @tedu could comment on this port: https://github.com/multiplexd/doas and whether it’s worth starting from.

                  1. 1

                    It’s worth reporting bugs to Apple’s Feedback Assistant (even if the complaints do fall on deaf ears).

                    I found an interesting project where you can share reports so other people can test/report too if it affects them.

                    1. 1

                      you can’t run an IPv6-only Tor node.

                      The production HardenedBSD Tor Onion Service v3 nodes disagree with that statement. HardenedBSD’s Tor integration uses an IPv6-only network stack. I believe it’s not possible to run an IPv6-only relay, but it’s absolutely possible to run an IPv6-only client.

                      1. 1

                        You are of course right, but I think the author uses “node” for relay, e.g.

                        Every tor daemon downloads the list of known public nodes and stores it locally while it is running.

                        Re IPv6:

                        but it’s absolutely possible to run an IPv6-only client.

                        Tangentially, I suppose announcing that you are IPv6 only has consequences for your anonymity because it restricts your possible guard nodes.

                        1. 2

                          It’s important to note that Tor includes more use cases than anonymity. The network these HardenedBSD Onion Service nodes is publicly known with static IP (V4+V6) addresses. It’d be somewhat foolish to attack Tor in this case, when the real juicy stuff (our build servers, for example) already has a publicly-routable IPv6 address. :)

                          1. 2

                            I agree, I was just pointing out that in general this might be something people want to avoid. The same is true for e.g. Tor’s own onion services for their website.

                            I’m glad that HardenedBSD is providing packages via a HS though, it’s much less wasteful for people who want the assurances of an onion service but without using up valuable exit bandwidth. I think it’s a shame more ‘distributions’ don’t do it.

                            1. 2

                              Yeah. In our case, our entire infrastructure is exposed via onion services. Not just packages, but builds, updates to the OS, and source code: effectively, the entire dev->prod pipeline and OS ecosystem. :)

                      1. 2

                        I found the other articles in this series fascinating too.

                        Dr Neal has performed interesting research here - dealing with attacks, mainly DDoS, in an unusual context (Tor HSes). He has addressed quite a few possible countermeasures and possible improvements to Tor’s implementation (and sometimes the protocol).

                        Well worth the read and gives some thought on handling the deficit in the controls that Tor provides to HS operators to prevent spam and DDoS.

                        I’ve long thought that hidden services weren’t particularly a priority for the Tor developers. I’m glad that the v3 addressing has finally rolled out, but there isn’t much tooling (or knobs to tweak in the daemon) to help operators.

                        1. 10

                          I tried something like this with my RPi3 (non-plus) and I found it simply unbearably slow. Just saving a file in vim, or switching dirs, and don’t get me started on Postgres. It’s a shame, really, but I couldn’t get it to work for my use case, neither on the SD nor on a USB stick.

                          1. 2

                            Interesting, I wondered about using Postgres/MariaDB on it and how that might affect performance. As of now all the code pushing/building I describe in the article works lightning fast, and the web pages run very smoothly, but all of my rest calls go elsewhere. I haven’t put any databases on it. It’s something to look into.

                            Realistically 4gig of RAM and the CPU power of the Pi should be pretty similar to most low-end Linux VMs you can spin up, but maybe running Postgres with an ARM processor is what makes the difference.

                            1. 2

                              Back in the day it was a thing to rent a supercheap 64mb- or 128mb-ram VPS and set it up with a heavily tweaked myslql config. The difference between the default (won’t even start) and the end result (quite performant for something like a wordpress host) was amazing.

                              1. 2

                                Yeah, I was on the fence whether I should order an RPi or just reuse my i5. I spent the same amount (60€ for case and PSU) and now I have an i5 with 16GB + SSD from spare parts.. Otherwise I would’ve tried the RPi4 for sure :)

                                I think the 4 has USB3, so unless you take a bad usb stick it should really work with a DB for non-production workloads.

                              2. 1

                                This wouldn’t necessarily fix your problem, but you could try overclocking the SD card reader - as well as using RAM disks (and using things like e.g. anything-sync-daemon), or try using a USB stick for your workdirs.

                                1. 1

                                  Same here. For just north of 100 Euro/dollar, you can get an Intel NUC, pop in an SSD and a reasonable amount of RAM, and you have a low-power headless machine that is actually bearable.

                                  Having bought RPis from the first to the third generation, I have concluded that in many cases (YMMV), they are not great as a development machine, poor man’s NAS, or media center. If you spend a bit more on a e.g. a NUC you have a much better experience. RPi are great for tasks like flight tracking (e.g. PiAware), reading out power meters (which have a standardized interface in some countries), creating smart speakers, etc. For some of these applications you could also use a Wifi capable microcontroller (e.g. ESPs), but the RPi is just more convenient because you can run a real OS.

                                1. 1

                                  I found this thread pretty useful with encouraging me to finally see if I could disable a lot of my bugbears with Code, in particular preview.

                                  A useful setting if you’re on a retina / high-DPI screen:

                                  "workbench.fontAliasing": "auto"

                                  or indeed:

                                  "workbench.fontAliasing": "antialiased"