Don’t use passwords for public SSH in the first place. Disable password authentication and use pubkeys.

I’m in a similar situation. Before I had to move all was fine, I had a single ethernet port I plugged my router into. It even had a static IPv4 (even though no IPv6 but I could just use tunnelbroker). Literally perfect.

After I moved I’m now stuck in this horribly designed network that has a stupid internet cafe tier login portal even for wired devices, unencrypted wifi, seemingly every single device from every student on the same network (I am getting blasted with other people’s broadcast packets and I’m pretty sure the network congestion from that is where my weird intermittent packet loss comes from). And now I don’t have any public IP address at all.

Whoever they hired to set this up is an absolute moron who has no idea about network security or how to make an efficient network and considering the internet cafe login portal probably likes to cause as much suffering as possible. (Not saying I’m necessarily qualified but the fact alone that I can connect to other people’s AirPlay devices means they failed at both.)

And the reason all of this is a problem is that they also don’t allow putting a router/firewall in front so I can get a sane network. Had to tear down pretty much all the infrastructure I set up in the old place because a lot of it was relying on me having control over the network. Of course, I knew none of this before I moved in, I was explicitly looking for internet shenanigans in the contract.

I now have a janky Wireguard mesh network setup with one of the machines being the IPv6 gateway. Awful but at least I have public addresses and IPv6 (and with that a bit of my own network space) again.

Me too, Intel

Registrars (or DNS providers if you don’t use the one that comes with your registrar) worth using have an API to manage DNS entries. That’s basically all there is to DynDNS.

Just one more lane will fix traffic bro

Recently, I met with a founder who cringed when his colleague used the word “humans” instead of “users.” He wasn’t sure why.

Yeah because it sounds super weird. Who says “humans” instead of “people”.

• “my app has 2000 users” - yes
• “2000 people use my app” - yes
• “2000 humans use my app” - you’re definitely an alien

Either way what a stupid article. The AI angle pretty much makes me dismiss it outright because I refuse to let AI dictate anything I do except for adding AI crawlers to my website’s robots.txt. And then you’ve got the corporate focus which is also really strange since that’s not the only place where there’s “users”. Open-source software also has users (and developers, so if you want to replace “users” with “people”, does that mean developers are not people?) and I would be insulted if someone implied I “depersonalize” the people who use my software by calling them users. It’s just a descriptive word and this article and everyone quoted here seems like they’re trying to pull a bad connotation to the word out of thin air.

The more they get regulated, the better their stuff becomes*. It’s wild that people are on the side of Apple for a lot of this stuff, most prominently probably with third party app stores supposedly “decreasing security”.

Sent from my MacBook :^)

* At least when it comes to consumer rights regulations. I’m still mad about China demanding they remove the option to accept AirDrop from everyone without a time limit on iPhones and Apple then implementing that restriction globally for whatever godforsaken reason.

I’d classify that as under “less usable UI”. There’s two different concepts in interface design: utility (i.e. can it do what you need it to) and usability (i.e. how easy and effective to use is it).

With utility/“less functionality” I was thinking about people saying they have to still open Control Panel because the “new” Settings still can’t do everything Control Panel can do after what, 12 years?

the Settings app, which offers a more modern and streamlined experience.

tl: “modern” means “less usable UI” and “streamlined” means “less functionality”

Sure, it has to be done with user interaction, but that doesn’t mean it has to be through the stock apps, which is what the article says you will be able to replace here.

What I’m saying is, for this to actually work, they do have to expose these APIs to allow developers to write a custom dialer and messages app. I think the only thing remotely related there is right now is CallKit which is kind of the other way around (integrates non-phone calls into the stock dialer).

you’ll also be able to switch to a different default for phone calls, messaging

Whoa, this is interesting tbh. I don’t think calls/messages is something they really expose at the moment for developers, do they?

Personally I don’t really care, the default apps are good and I don’t even know what you would want to replace the dialer for, but it’s nice that you can.

Imagine iOS getting the capability to have third party RCS messengers before (non rooted) Android though. Lmao

They used to have people who knew what they were doing: https://socket3.wordpress.com/2018/02/03/designing-windows-95s-user-interface/

Now their UI team seems to just be two guys shitting in a bucket (shamelessly stealing that expression from KiraTV).

Screw chrome tbh. You can always embed https://github.com/niutech/jxl.js on the page as a fallback decoder for browsers that don’t support it (yet).

JPEG XL is awesome. I got 1/8 of the size converting (very small, like 800kB) PNGs to lossless JXL.

GIMP can open them I think, but can’t save them. ImageMagick supports it obviously and so does KDE’s image library so I get previews there and whatnot.

It really depends on what you want to use them with imo, if you view them in a specific program and that supports it, go for it.

It offers no practical benefit to small networks at the moment.

The internet is not a “small network”, and I assume your small network is connected to it. You need local IPv6 routing to have access to IPv6-only hosts which are becoming more and more because it’s reasonable in terms of price to get an IPv6 block unlike IPv4 blocks which are being auctioned for tens of thousands of dollars at this point (!!!).

Also restoring global addressing is a huge benefit. P2P communications in IPv4 has become an insane mess of workarounds due to lack of addresses and this becomes worse the more layers of NAT you stick behind each other to try to save your ass from the rising tide.

I’m really sick of hearing these idiotic excuses over and over, “it’s hard” this, “it’s unsafe” that, “it’s expensive”, “understanding the eldritch secrets of IPv6 has driven 5 of my colleagues into madness” skill issue. THERE ARE NO MORE IPV4 ADDRESSES. So unless your network is so fucked that you haven’t managed to fix it in 26 years, since IPv6 has been standardized, or it really is just an internal network with no outward facing services where it doesn’t matter when someone who just has IPv6 can’t access it because they wouldn’t be able to access it anyway, and you’re not some kind of ISP, you have no reason not to have support for it at this point and you absolutely never have a reason to tell people it’s not “useful” because that is straight up wrong in the general case even if it might be true for your situation.

ipv6 in home lans is likely to be unsafe due to the defaults in some/many/most routers?

no

and those ipv6 devices can in these szenarios escalate their permissions be spawning new ip adresses

yes and this is not “escalating their permissions”, it is in fact the expected behavior with Privacy Extensions (RFC 4941) where devices will probably have multiple addresses at the same time that are used for outgoing connections

that would overcome lazy output fw rules?

any router that doesn’t have deny as the default rule for WAN->LAN traffic (probably not many) is trash, and if you’re filtering LAN->WAN traffic (not really usual for a home network) then you want default deny there too, but at that point that is not an ipv6 problem

or if i upload a malicious apk to some smartTV and have a it spawn a dhvpv6 server and then spawn a new virtual device that would be given an IP by my fake dhcpv6 to bypass. and we all can use macaddresschanger.

rogue dhcp is not an ipv6 exclusive problem

so you say with macfiltering the router would still prevent unwanted direct connections between my c&c server and some malicious virtual device? that’d be cool, but i dont understand how.

yes, firewall rules can work based on mac addresses, not sure exactly what you mean

World’s first amogus phone

Higher peak data rate, lower latency, more network capacity are basically the main improvements for phone users. Partially because the whole radio protocol (among other things) was redesigned to reduce overhead and also because of the new mmWave bands which have enormous bandwidth.

That’s fair, when I was in the middle of nowhere in Finland a couple of years ago, the map was often very barebones, that’s also probably where I did the most edits to date. That’s kinda the downside of a community project where people usually map the area they live in or visit, when fewer people live somewhere there’s fewer people to improve the map. And yeah, I feel like OSM is more popular in Europe in general.

In terms of map data, as far as I know there’s pretty much only OSM, Google Maps and Apple Maps (which is getting a beta browser version)*.

OSM map data is usually excellent, search can be very hit or miss though. You might want to try some of the apps that use OSM data like Organic Maps to see if you get better search results using that. Personally I use both Apple Maps and Organic Maps.

* I also know of Mapquest but it’s lacking a lot of POIs and even ways from what I can see, at least in the two cities I’ve checked.