I’m the Yujiri from yujiri.xyz. https://yujiri.xyz/contact.gmi

  • 11 Posts
  • 155 Comments
Joined duela urte bat
cake
Cake day: eka. 25, 2021

help-circle
rss
Where to get a replacement keyboard for System76 Galago Pro 5
Sorry if this is considered off topic, I couldn't find any more fitting communities. My laptop's keyboard was ruined by a water spill and I'm currently using it via an external USB keyboard. I want to replace the built-in keyboard because it's easier to use that way and because currently the circuitry underneath it is just exposed (I had to remove the ruined keyboard) and I'm worried about it getting damaged if it stays exposed like this. Now here's the problem: I can't figure out where to get the keyboard! I don't see any option on system76's website to buy a replacement keyboard, their customer support is just not responding at all after 4 business days, and I would try to buy it from a third party at this point but I can't even find any information on the internet about what model of keyboard I would need. Here's a picture of it upside down, with all the text showing: ![](https://lemmy.ml/pictrs/image/d6fdf11f-82d8-43f3-9300-b17ecd66649e.png) I thought maybe one of these numbers would be the right thing to search for, but none of them seem to turn up any results.
fedilink

What a terrible article.

Whenever I read the claim that copyleft ideology is hypocritical because it imposes a restriction on acceptable use of the software, I pretty much just stop paying attention. The ideology of copyleft is very clear and consistent: making non-free derivatives isn’t a valid freedom because it takes freedom away from others. No, just because you don’t like something doesn’t make it hypocritical. Compare copyleft to defensive force: everyone agrees that it’s wrong to punch someone, but everyone also agrees that you can punch back against someone who punches first.


The two use cases suggested:

Alice holds a digital wallet that securely manages her identity, data, and authorizations for external apps and connections. Alice uses her wallet to sign in to a new decentralized social media app. Because Alice has connected to the app with her decentralized identity, she does not need to create a profile, and all the connections, relationships, and posts she creates through the app are stored with her, in her decentralized web node. Now Alice can switch apps whenever she wants, taking her social persona with her.

  • Creating a profile takes what, 2 minutes? And you do it only once per app.
  • Connections and relationships: Okay so you want to copy your list of followers? That’s nothing remotely new. Pleroma literally has that (also for blocks and mutes).
  • If you want automatic discovery of existing followers, fine, but note that already exists on some platforms via email addresses or phone numbers. All you’d need to extend it to secure, decentralized identifiers is for those platforms to have a metadata field for users to put such an identifier. Hardly revolutionary.

Bob is a music lover and hates having his personal data locked to a single vendor. It forces him to regurgitate his playlists and songs over and over again across different music apps. Thankfully there’s a way out of this maze of vendor-locked silos: Bob can keep this data in his decentralized web node. This way Bob is able to grant any music app access to his settings and preferences, enabling him to take his personalized music experience wherever he chooses.

So you want to import playlists between music apps? That could only work if each song has a globally unique identifier for the playlists which is known to all the platforms. That isn’t the case, and changing that would require every musician to change their workflow.


True, but I think the intention of the post is to call attention to what is likely another scandal like copilot (it launders open source code, violating the license)


Thanks! That page was exactly what I was looking for.


This is a concern I hadn’t really thought of before.

Stuff I read in the past that I think is important here:

As per Drew’s article, I think the main defense we have is the idea of finite scope. In a free alternative to twitter (or another social media platform), there is not an infinite set of features that are desirable. If we pick our feature set wisely, we can build a platform that feels as though nothing is missing, and if we do this, they won’t be able to do the “extend” part because it would be obvious that anything they could add would be making the experience worse, not better. Some of our solutions may have already achieved this - if that’s so, the strategy becomes convicing enough people of that.

For one example I’d name quote tweets. This is a feature that I think is probably an anti-feature. Compared to replies, it is a “third person” form of engagement, which naturally breeds toxicity rather than understanding in disagreement, and encourages people to engage with the worst people on the platform. It also biases people toward having less realistic and less optimistic views of those who disagree with them by showing them only the worst members of the opposing camp. See Shamus Young’s “This Game is Bad For You” - very insightful on this topic.

If we can identify and avoid all such anti-features, and convince enough people to see them as such, we foil the middle E in EEE.


I think all of these arguments are really bad, and I’m someone who hates universal package managers.

“Fragmentation is not an issue”

t seems, they all agree that all of the different packaging formats and managers are a problem. However, is it really so?

Well, duplication of effort is always a downside.

As a developer, by simply using a free licence, you can just sit back and let all of the distros build binaries and do all of the work for you.

The whole complaint being made is that this doesn’t always happen in a timely fashion, and even when it does, it requires a lot of work to be done by each of those distributions.

“There is no need for universal package managers”

Yet, there is a universal package manager that has been around longer than even traditional package managers. BUILDING FROM SOURCE! Many people forget that all of their software is a git clone, make, and make install away from being installed.

I wish it were that simple. In practice, most projects are much harder to build than that. Many use build systems other than plain make such as CMake or Meson and Ninja or GNU autotools (and every project that uses autotools has different levels of intermediate files committed so different commands are needed to build it), and you’ll need to install whatever bespoke build tools they have. I almost always run into arcane error messages that can give me a lot of trouble even as an experienced Linux user and programmer. This is especially true if you’re on a distribution (like anything Debian-based, in other words most newbie distros) where header files are in separate packages, so trying to build anything will give you errors as if you have nothing installed.

A story I always share when this comes up is of my GTK patch that fixed a GObject Introspection annotation (affects generated bindings for other langauges). I spent twelve fucking hours trying to compile GTK and failed. I gave up and submitted the patch without having seen a successful build (it got accepted).

Again, I am an experienced Linux user and programmer. If even I have so much trouble compiling programs from source, expecting anyone who doesn’t have my skill set to do it is crazy.

“Universal package managers are inefficient”

Flatpak, Snap, and AppImage are just not as fast as conventional package formats. Try using any modern version of Ubuntu, and just see how slow their Snaps are.

I have never noticed them being particularly slow, either to install or to run, though I can’t comment on Snap specifically as I’ve only used Flatpak and AppImage.

But, that isn’t really even the worst part. Because of the nature of universal package managers, they require much more space than traditional packages. Every single app, instead of sharing the dependencies of all other apps on the system, is bundled with all of its dependencies. This can add gigabytes of space to many apps, and slow down older HHD’s.

I mean, sure, reducing space requirements is noble, and universal package managers probably take up a little more space (I haven’t analyzed it myself). But it’s far from a chief concern in a day where even low-end drives have hundred of gigabytes of capacities. And as for " instead of sharing the dependencies of all other apps on the system" - blaming static linking is a serious mistake. The space impact of static linking is not a large cost and it easily makes up for it with its advantages in simplicity and reliability. I would blame dynamic linking for a lot of the headaches we have with packaging and compilation. Dynamic linking introduces the need for complex dependency resolution algorithms, tying each executable to a huge amount of environment it has to carry around in order to work, breaking the portability of programs and crowding your package manager output with obscure libraries you’ve never heard of and shouldn’t have to.

http://harmful.cat-v.org/software/dynamic-linking/


I don’t know very much about this topic, but I think that building a binary yourself can be faster because it can make optimizations involving non-standard CPU features (distro packages have to be compiled without these because the user’s CPU might not support the extension)



Why hide the post button if you're not subscribed?
On a community's page there is no post button if you're not subscribed, only a subscribe button which appears a post button. At first I thought it was a rule you had to be subscribed to post in a community, but after I learned that you can post on any community by going to Create Post instead and selecting the community from the dropdown, it's just a pointless annoyance.
fedilink

What does it mean when a package version has extra parts at the end
I get semver: x.y.z, but in the context of distribution packages (never upstream releases), I often see versions like 5.2.1-1, what does the extra number mean?
fedilink


I for one am super excited about the potential of RISC-V to liberate our computer hardware :)



I just don’t think it’s appropriate for a chat protocol to have built-in video and voice conferencing tbh. I think that’s best left to a separate protocol (like jitsi).



Increasing prices isn’t a one-way street to making more money. The amount of money you make is the price times the number you sell, and you sell less if the price is higher.


That isn’t how inflation works. Inflation is when the value of currency decreases, meaning prices as measured in currency increase to stay equal in value.


Maybe Drew goes completely crazy and decides to destroy anything related to this new language, I don’t know.

There’s no way he’d do that. He and others spent years building this project already. He’s not gonna throw away that much effort and a promising project just because people are seeing it sooner than he intended.


If you want a TLDR of how it compares to other languages, I think this: https://drewdevault.com/2021/03/19/A-new-systems-language.html

First I’ve heard of Odin, I think most of the languages you list can’t be considered true altneratives to C. A key aspect of C is manual memory management; probably any language with garbage collection cannot replace C in its appropriate use cases (kernels, interpreters, device drivers, etc).

My impression is that Hare aims to be drastically simpler than Rust, but borrows at least one major idea from it: pattern matching. I suspect a big reason Drew didn’t consider Zig satisfactory is because of its lack of unicode string support. See this fascinating thread where he argues with the Zig developers about their decision to leave it out: https://github.com/ziglang/zig/issues/234


The Hare programming language
[Why I'm doing this](https://yujiri.xyz/software/hare.gmi)
fedilink

It’s a decent article but I think it could’ve benefitted from more concrete examples, in particular of this claim:

For visually impaired users, this might mean laying out information in a more logical sense than in a spatial sense.


The term “free software” as used in FOSS doesn’t mean software that promotes freedom, but software whose licenses allow certain freedoms. In this definition, Android is free software and FOSS.


Bit of a tangent here, but I think FOSS ideologues have a tendency to overrate the significance of software being FOSS.

We already have a Linux-based mobile OS: Android. It is open source, but it is still in practice a tool for Google to gain more control over us.

Having open source code is necessary, but not sufficient for software freedom. We also need the software to actually be designed to serve the user.


Best way to give away clothes in Charlotte, NC
I have a lot of clothes I wanna give away with as little hassle as possible, just want to drop them off and be done with it, I don't care about getting any money for it, don't own a car so it has to be very close, and I want to avoid charities with bad reputations
fedilink

"100% satisfaction or your money back!"
A lot of food products in the US say this. I'm curious if anyone has ever tried to get a refund for a product that wasn't defective or spoiled or anything, but merely <100% satisfying?
fedilink

How does wf-recorder work without root?
I was told that one of the core benefits of Wayland is that it prevents applications from snooping each other, such as by recording the contents of windows that don't belong to them or logging keystrokes that don't belong to them. But the program [wf-recorder](https://github.com/ammen99/wf-recorder) can record my entire screen without root! Doesn't that mean any rogue application could do the same thing?
fedilink

Am making a P2P messaging protocol and hope for protocol review
cross-posted from: https://lemmy.ml/post/93192 > It's not finished or anything, but I want potential vulnerabilities brought to my attention as soon as possible.
fedilink

Am making a P2P messaging protocol and hope for protocol review
cross-posted from: https://lemmy.ml/post/93192 > It's not finished or anything, but I want potential vulnerabilities brought to my attention as soon as possible.
fedilink

Mouse not working
I have a Logitech wireless USB mouse that I can't get to work on either of two Linux laptops, but previously worked on one of them and currently works on a Windows laptop. The laptop it used to work on is running [Artix](https://artixlinux.org) (systemd-less Arch) with Sway. Current state of affairs is that I see a device created for it: /dev/hidraw1 (the touchpad is hidraw0 here), and `swaymsg -t get_inputs`, with or without the mouse connected, shows: ``` Input device: PS/2 Generic Mouse Type: Mouse Identifier: 2:1:PS/2_Generic_Mouse Product ID: 1 Vendor ID: 2 Libinput Send Events: enabled Input device: PNP0C50:00 2808:0101 Mouse Type: Mouse Identifier: 10248:257:PNP0C50:00_2808:0101_Mouse Product ID: 257 Vendor ID: 10248 Libinput Send Events: enabled ``` and no inputs are received. `wev` also shows nothing. The other laptop is running Manjaro with the default XFCE desktop. Here is dmesg output from it being connected: ``` [24700.621257] usb 1-2: new full-speed USB device number 7 using xhci_hcd [24700.768351] usb 1-2: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice=24.01 [24700.768359] usb 1-2: New USB device strings: Mfr=1, Product=2, SerialNumber=0 [24700.768363] usb 1-2: Product: USB Receiver [24700.768366] usb 1-2: Manufacturer: Logitech [24700.785403] logitech-djreceiver 0003:046D:C52B.000B: hiddev96,hidraw0: USB HID v1.11 Device [Logitech USB Receiver] on usb-0000:00:14.0-2/input2 [24700.912748] logitech-hidpp-device 0003:046D:101B.000C: hidraw1: USB HID v1.11 Device [Logitech Wireless Device PID:101b] on usb-0000:00:14.0-2/input2:1 [24705.438614] audit: type=1101 audit(1637459838.096:311): pid=15583 uid=1000 auid=1000 ses=6 msg='op=PAM:accounting grantors=pam_unix,pam_permit,pam_time acct="raven" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' [24705.438875] audit: type=1110 audit(1637459838.096:312): pid=15583 uid=1000 auid=1000 ses=6 msg='op=PAM:setcred grantors=pam_faillock,pam_permit,pam_env,pam_faillock acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' [24705.441881] audit: type=1105 audit(1637459838.099:313): pid=15583 uid=1000 auid=1000 ses=6 msg='op=PAM:session_open grantors=pam_limits,pam_unix,pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' [24705.462551] audit: type=1106 audit(1637459838.119:314): pid=15583 uid=1000 auid=1000 ses=6 msg='op=PAM:session_close grantors=pam_limits,pam_unix,pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' [24705.462770] audit: type=1104 audit(1637459838.119:315): pid=15583 uid=1000 auid=1000 ses=6 msg='op=PAM:setcred grantors=pam_faillock,pam_permit,pam_env,pam_faillock acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' [24710.941691] audit: type=1101 audit(1637459843.599:316): pid=15611 uid=1000 auid=1000 ses=6 msg='op=PAM:accounting grantors=pam_unix,pam_permit,pam_time acct="raven" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' [24710.942373] audit: type=1110 audit(1637459843.599:317): pid=15611 uid=1000 auid=1000 ses=6 msg='op=PAM:setcred grantors=pam_faillock,pam_permit,pam_env,pam_faillock acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' [24710.949104] audit: type=1105 audit(1637459843.606:318): pid=15611 uid=1000 auid=1000 ses=6 msg='op=PAM:session_open grantors=pam_limits,pam_unix,pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/0 res=success' ``` But the Xorg log and xev show nothing, and no inputs are received.
fedilink

I'm aware that Session has been discussed twice before on this community, but the last thread was 6 months old so excuse my starting a new one. There's one big concern I wanted to bring up, which is the disagreements over whether it has forward secrecy. [The spec](https://arxiv.org/pdf/2002.04609.pdf) says it does, but I've found *two* other sources saying it doesn't: https://restoreprivacy.com/secure-encrypted-messaging-apps/session/ (search for "Perfect Forward Secrecy removed") https://www.securemessagingapps.com Why are they saying this? Is there a critical caveat to Session's forward secrecy (does it not have it in closed groups?), or are both sources just wrong? (I've also heard one source say its closed groups are limited to 10 members which would be a showstopper for me and another source say they're limited to 100 and the spec says 500 so i don't know what to believe.) I'm also concerned about it being built on top of a blockchain and cryptocurrency, not because I'm suspicious of cryptocurrency in general but because I find it difficult to understand, and because that it costs thousands of dollars to run a Session node seems to me like the network is bound to be owned exclusively by a few rich companies and investors. Is it? Is there a place I can see who owns how much of it, particularly how much is owned by the Oxen developers? UPDATE: I believe I've just learned that Sesison DOES NOT have forward secrecy or deniability; the whitepaper linked on their CURRENT website is outdated. https://getsession.org/blog/session-protocol-technical-information
fedilink