They also weren’t doing any kind of SSL verification for the download request, nor were they doing any kind of hash verification or signing. The former would have prevented a redirect attack in the first place, and the latter would have prevented downloaded files from being modified or swapped out.

It can be, yes. One of the largest complaints with Docker is that you often end up running the same dependencies a dozen times, because each of your dozen containers uses them. But the trade-off is that you can run a dozen different versions of those dependencies, because each image shipped with the specific version they needed.

Of course, the big issue with running a dozen different versions of dependencies is that it makes security a nightmare. You’re not just tracking exploits for the most recent version of what you have installed. Many images end up shipping with out-of-date dependencies, which can absolutely be a security risk under certain circumstances. In most cases the risk is mitigated by the fact that the services are isolated and don’t really interact with the rest of the computer. But it’s at least something to keep in mind.

Designing foot-operated things tends to fly in the face of modern accessibility standards. Wheelchair users already have enough problems using public toilets.

Yeah, there’s also the “debugging is just as hard as writing elegant code” side of things. Vibe coding is largely just putting yourself in a permanent debugging role.

The big issue I see with vibe coding is that you need to know best practices to build secure code. Even if you don’t adhere to them all the time, best practices exist for a reason. And a programmer who doesn’t even know them is a dangerous thing, because they won’t even be able to see what is insecure (until it’s far too late).

Studies have found that vibe coders tend to produce less secure code, but have higher confidence in their code being secure; It’s essentially Dunning-Kruger in practice. I’d have no issue with someone using AI to get the broad strokes down. But then they need to be able to back it up with actual debugging. Not just “I didn’t even bother looking at it. If it compiles, push it to prod.”

If you already have a Plex instance running, Prologue is an app that turns it into an audiobook host as well. Plex doesn’t natively support audiobook metadata like chapters, but Prologue simply uses Plex’s remote access to reach the files.

All you do is throw the .m4b audiobook files into a music library on Plex, sign into your Plex account on Prologue, and Prologue handles all of the metadata for the audiobooks instead of using Plex’s built-in music player.

I mention this because I had massive issues trying to get ABS to work on my setup. It simply refused to read or write any data from my NAS. After a day or two of throwing myself at it to no avail, I found Prologue and haven’t looked back. I already had Plex running for some friends and family, so setting up the music library was as easy as dropping the audiobooks into a folder.

It’s not something Lemmy natively supports, but (a lot like Reddit Enhancement Suite) the various apps should allow you to do so. For instance, on Voyager, you can do it via the options menu on the user’s profile.

I got my badge of honor during the API purge, when I mass edited all of my old comments before deleting them. It’s a little more quiet here, but it honestly reminds me of the early Reddit days. If you tag users, you’ll start to see just how small of a community it actually is; I see my tags all over the place in nearly every comment section.

If you haven’t done so, consider looking into the various apps. Voyager (sometimes called Wefwef by the older users) is a sort of spiritual successor to Apollo. So if you’re an old Apollo user, you’ll likely feel right at home.

Voyager is basically a spiritual successor to Apollo. So if you miss that from the API purge, then give it a try.

Honestly, Lemmy reminds me more of old Reddit. Back when /r/AskReddit had daily “my house is on fire, should I evacuate or just stay here at my computer” types of posts.

He explained that IRQ suspension enhances network performance, while maintaining low latency during low-traffic conditions. It accomplishes this by reducing unnecessary CPU interruptions during high-traffic periods.

Maybe that makes more sense? The original was definitely a run-on sentence, and needed some punctuation.

It always is. That’s how their entire business model functions.

I once had a problem that wasn’t caused by caching. It was caused by Accounts Payable forgetting to pay the internet bill, and the ISP cutting our service halfway through a network test. So the beginning of the test cached that the network had internet access, but then the end of the- wait fuck it was caused by caching

I can’t believe this is relevant…

Lemmy has a lot of really outspoken FOSS enthusiasts. It sort of goes hand in hand with the whole “anyone can spin up their own instance” idea that Lemmy is built upon. Same reason there are so many Linux users here. But that also means you need to take any sort of “just switch to the FOSS version it’s basically the same thing” posts with a grain of salt.

Downloads definitely haven’t been removed. I use it virtually every day to watch stuff on my iPad at work.

I run both Plex and Jellyfin. Jellyfin is ready for everyone who doesn’t have to deal with the Mother-in-Law Factor. Plex has an easy setup process, and I could walk my MIL through it on my phone. In 5 minutes, her TV was connected to my server.

Jellyfin isn’t to that point yet, and likely never will be. Since there’s no centralized server for an app to phone home to, there’s no way to create a unified account creation/login experience. Jellyfin is nice as a “just for me” server. But as soon as I have to help others use it, it becomes a nightmare. Walking my MIL through setting up Jellyfin on her TV was the reason I re-installed Plex in the first place.

I had finally converted my wife away from using paid streaming apps, and dealt with all of the “Why do I have to use three different apps to access it on my three different devices? They all look different and are harder to use” complaints. By the time it got around to my MIL, I was tired of dealing with it and just reinstalled Plex so people could have a consistent experience.

I still use Jellyfin for my personal viewing because I prefer it. But saying “just ditch Plex, Jellyfin is ready now” is a little disingenuous. Jellyfin is ready for the people who want to use it. But if you’re trying to convince people to ditch their streaming apps, you’re fighting a lot of social inertia. You need to be able to provide a consistent experience across their different devices, with a decent login experience. And Jellyfin definitely isn’t there yet.

It’s because they don’t have PlexPass. I tend to forget that the restriction even exists, because I bought my lifetime pass like a decade ago.

just not so easy to setup or comparability for my shared users.

Yeah, the biggest reason I use Plex is because of the wife/mother-in-law factor. Basically, how easy is it to get the people around you to use it? If it’s more difficult to use than Netflix or Hulu, many will immediately throw up their hands in learned helplessness, claim it’s too confusing, and refuse to try any more. Plex is the only self-hosting option that actually provides an elegant user setup experience. With Plex, adding a new user is as simple as having them make an account and then sending them the server invite.

MS Word when you try to move an in-document image three pixels to the left.

Yeah, Reddit hasn’t been safe in a long time. If people are only just now realizing that, it’s because they’ve been extremely sheltered from… Well… Gestures vaguely at everything