Oh this is fun! @jgamblin (i think that's the 🐘 handle) just pushed a repo that calculates the cost of managing and maintaining the CVE based on the latest MITRE contract:
!Friendica Support Has anyone experienced "MySQL server has gone away" ? Out of nowhere, with the mariadb still running and nothing more Friendica logs ?
2025-04-12T14:46:52Z app [ERROR]: DB Error {"code":2006,"error":"MySQL server has gone away","params":"SELECT id, baseurl FROM contact WHERE (uid = 0 AND nurl = 'http: //programming.dev/c/programmer_humor') LIMIT 1"} - {"file":"Database.php","line":675,"function":"p","request-id":"67fa7af930636","stack":"Database::p (1494), Database::select (1 379), Database::selectFirst (420), DBA::selectFirst (552), Contact::getBasepath (591), Contact::isLocal (368), Contact::getByURL (1316), Contact::getIdForURL (185), Tag::getTarg etType (1409), Processor::storeReceivers (961), Processor::processContent (485), Processor::createItem (726), Processor::createActivity (846), Receiver::routeActivities (750), R eceiver::processActivity (156)","uid":"4ee643","process_id":2984}
@Ⓜ3️⃣3️⃣ 🌌 this usually means your CPU load is too high or the network latency is spiking (if it's a remote DB). In theory it can be that all your cores have a thread for too long and the sql server can't perform the task for friendica before the timeout.
Thanks for the hint, maybe, but I didn't get any high cpu load warning from monitoring. The database seems responsive during this error messages but the website went error 500.
I restarted Friendica and MariaDB containers because I don't know better (same host).
I will watch for cpu load and how actually mariadb respond to some hand made queries next time. Until now this happened only 1 time since 3 or 4 month running my instance anyway.
@Ⓜ3️⃣3️⃣ 🌌 yeah, correlating it is hard. I find thread saturation is the more common issue a lot. Your CPU has the speed, but too many things are competing for the the thread.
I used to get this a lot and discovered that the OOM Killer killed MariaDB often to protect the O/S when all memory was consumed. And I had 12 GB free memory after rebooting. Search syslog for "OOM" to see if the culprit is the OOM killer.
The cause was that I was using the standard memory manager in MariaDB which is very bad at preventing memory fragmentation. Although I had a lot of memory left, it was too fragmented to use. Given my instance has 330 active users, the DB is extremely busy, and it would be just a few days before I'd lose the database, constantly.
The solution was to change the memory manager to jamalloc. Now I no longer have this issue.
deploy: resources: limits: memory: 6G # Hard limit (container will be killed if it exceeds this) reservations: memory: 4G # Soft limit (Docker tries to ensure at least this much)
At least now it will be killed at specific limits.
I tried adding that too but mariadb doesn't start (endless restart loop):
DISCLAIMER: I do not own any of the shown footage or music. The footage is edited, It is slower, scenes in between are missing and the original audio has bee...
Is anyone having fédération issues with lemmy ? This particular instance jlai.lu stopped working from my friendica instance a month ago. I can subscribe, unsubscribe, reply to old posts but no new updates…?
Cloudflare wrestling AI scrapers, not that I disagree, but how Cloudflare comes to decide who or what can access a website? They have a nearly monopolistic, man-in-the-middle position (like in CDN)
@Waterfox has provided build instruction for the Waterfox internet browser 🤩
Prebuilt binaries and packages are great already, including auto-updates, but sometimes when one need to poke at source code or tailor a custom build : Thanks, much appreciated.
For you guys using NUC sized mini PCs, if you model has poor airflow management for RAM or storage sticks : this 12x12cm fan, USB powered with on-off switch fits perfectly under a NUC.
Perfect for silently pushing air in the NUC. It is silent, has rubber grommets to dampen vibration and sound. Everything runs 5 degrees cooler, that's almost 15%.
@Waterfox has provided build instruction for the Waterfox internet browser 🤩
Prebuilt binaries and packages are great already, including auto-updates, but sometimes when one need to poke at source code or tailor a custom build : Thanks, much appreciated.
Unexpected benefit of Linux Mint relative slowness following Ubuntu releases, as they like to keep a safe pace and make things working right before releasing new versions : it aligns with enterprise software surprisingly well.
Enterprise software are even slower to update, meaning the network shared printer drivers, corporate Zero trust client, email server connector, antivirus (as in paid, licenced av agent) does works perfectly.
Mint sits right in a sweet spot about both corporate bloatware and OSS.
It's not wrong. Not quite as much info as following the average person on socials, but it can be a lot of info at a glance.
Once had a cop show up one day, just asking about something going on in the area, and noticed an empty TV box by my trash can outside. Suggested I uh, don't do that. Basically a big sign pointing to my house "brand new TV inside!". Not done that since.
My solution for the tv box is unfolding the box inside out and tying it into a bundle if it doesn’t fit in a recycling box. Also maybe don’t put out your boxes right after Black Friday or holidays.
I cut up the cardboard and use it for various things around the house, like putting it under the car when I do an oil change, or as liners for the wire rack shelving in my cold storage.
Honestly though you got me there, I think being on Lemmy is a much stronger predictor of someone working in IT than whether or not they watched Homestar Runner, haha.
Like shot in the dark accusations of IT work here you'll hit someone 9 times out of 10.
If they know what email and reddit it are, Lemmy should be pretty easy to understand, at least from a user-perspective. Replace reddit with Twitter/Bluesky for mastodon, Instagram for pixelfed, etc, etc. I don't think understanding how email works at a tech level is important for being able to use it. Ditto for fediverse.
They don’t know what Reddit is in the least. Using email can occasionally be a challenge. They’re hippy artist types. Mostly they only know Facebook so they can sell their art. It’s a different life.
The amount of "OREGUNIAN" and Sig Sauer decals on people trucks, cars and the occasional Jeep Liberty in my area is tragically comical. Just drive through any neighborhood where garages aren't common and you could pick out ten houses to rob later.
You couldn't ask for a bigger target to paint on yourself.
Seriously though, I haven't messed with any stickers since the last time I had a chrome bumper (my first car). I've never (that I remember) stuck anything on the windows at all. I think stickers on paint just looks fucking stupid as shit, but nothing (besides trucks and work vans) has anything but fiberglass bumpers anymore.
I've always had decision paralysis about them ever since. I don't really wanna say "come rob me", (not that I own even 1 valuable thing worth stealing besides the car itself- and I don't even own that yet).
I live in a pretty extremely red area (blue state, but very red region), so I'm not trying to give "please hit me" to probably 70% of drivers.
I don't want the satanic stuff because I hate religious stuff in all forms, even when mocking Christianity, and I have to park in my parents' driveway sometimes and while they wouldn't do anything, I feel like it would be uncomfortable. They know I vote blue, but they still have no idea about the atheism. Yet.
I could do a band sticker I guess. Not t
... show more
I wonder what my "none of that" says.
Seriously though, I haven't messed with any stickers since the last time I had a chrome bumper (my first car). I've never (that I remember) stuck anything on the windows at all. I think stickers on paint just looks fucking stupid as shit, but nothing (besides trucks and work vans) has anything but fiberglass bumpers anymore.
I've always had decision paralysis about them ever since. I don't really wanna say "come rob me", (not that I own even 1 valuable thing worth stealing besides the car itself- and I don't even own that yet).
I live in a pretty extremely red area (blue state, but very red region), so I'm not trying to give "please hit me" to probably 70% of drivers.
I don't want the satanic stuff because I hate religious stuff in all forms, even when mocking Christianity, and I have to park in my parents' driveway sometimes and while they wouldn't do anything, I feel like it would be uncomfortable. They know I vote blue, but they still have no idea about the atheism. Yet.
I could do a band sticker I guess. Not that a big chunk of people have heard of it, so who am I metaphorically high fiving?
Right now the car is basically blank. No stickers, no bumper stickers, no decoration, and even the inside is almost completely empty. If you looked in my window you might see the cable that I use to make my android auto wireless instead of wired. But it just looks like a regular charging cord from what you can see easily.
Car is even still (relatively) new, so there isn't even a "personalized mess". It's just empty unless I've just recently left a quick grocery trip, which might see me with groceries in the interior floor instead of trunk.
Even has a standard generic state license plate that isn't customized.
The absolute most you would know about me from coming across my car in a random parking lot is just the kind of car itself being a hybrid, so you could maybe deduce that I hate the entire oil industry's entire existence.
If I lived somewhere that had a decent amount of chargers, I would have an EV (definitely not a Tesla though, and that would be another thing you would learn about me I guess). I know I could get a home charger too but that doesn't work in my current situation, so hybrid is about the best I can do for right now.
Hopefully this car lasts me until either chargers are way more common, or EVs themselves are cheaper. And since it's by far the youngest car I've ever owned, and I put a whopping 1k (yes, one k) miles on it in the almost year I've owned it, I imagine it will last that long. If the US isn't a crater before that anyway.
i mean, here you can just type the plate number into an open government website and it shows your home address. not really seeing a lot of consequences of that.
Yeah, this is more on the 'paranoid' end of the spectrum without being very effective. If you're being surveiled or targeted, there's plenty to dig up already.
No need to shrink away from expressing yourself. and this breeds a mistrust against your neighbors or community.
It kind of vibes more with the MAGAsphere's whole the world is full of scary criminals and terrorists around every corner ready to hurt you mindset, so you'd better gun up, stay tuned into Newsmax, and not leave your house. When I think of privacy, I'm thinking of things at a societal level, corporations, governments, etc. Not oh god the guy down the street is out to get me.
I dunno, I like going slow- that is to say near the limit- and will have people ride me the entire time in a passing zone or blaze past me in a double yellow.
Edit: It's the best because I get to watch these same cars pull into the parking lot 500 yards down the road. Really saved them the extra fraction of a second.
This looks more like paranoia than tips about privacy. Everyone has a fucking giant TV inside their home. Everyone has hobbies.
Unless you are actively targeted by some psycho... or the police. This just makes everyone thinks everyone else around them is out to rob and steal from them. But being from the US and from the police, it's not very surprising. You also need a gun to protect yourself and your family from potential home invaders, you never know because the country is full of robbers and violent people! Don't trust anyone! Just get your kids from school in your giant bulletproof SUV and drive straight to your McMansion where you can barricade yourself with all your precious stuff. In fact you should also take care to hide your McMansion behind a fake facade of poor people's houses to avoid having less fortunate people target it as a potential place to rob.
Every poor person is plotting to rob you! So if you show clues and get robbed, it's gonna be your fault and the police will let you know you were stupid for putting a dirt bike sticker on your expensive SUV.
... show more
This looks more like paranoia than tips about privacy. Everyone has a fucking giant TV inside their home. Everyone has hobbies.
Unless you are actively targeted by some psycho... or the police. This just makes everyone thinks everyone else around them is out to rob and steal from them. But being from the US and from the police, it's not very surprising. You also need a gun to protect yourself and your family from potential home invaders, you never know because the country is full of robbers and violent people! Don't trust anyone! Just get your kids from school in your giant bulletproof SUV and drive straight to your McMansion where you can barricade yourself with all your precious stuff. In fact you should also take care to hide your McMansion behind a fake facade of poor people's houses to avoid having less fortunate people target it as a potential place to rob.
Every poor person is plotting to rob you! So if you show clues and get robbed, it's gonna be your fault and the police will let you know you were stupid for putting a dirt bike sticker on your expensive SUV.
Anyway, this is all just ridiculous in the first place. If someone wants to know you're not home and steal crap from you, stickers or not, you're already sitting in your fucking car, while not being home. It's already a pretty big clue. Otherwise, are home invaders that diligent in the first place? Are they going to stalk people before robbing their home? Really, the stickers on my expensive SUV parked in front of my big house and the big garage is indicating that there might be expensive crap in my house and in my garage? I'm shocked to see how revealing those stickers can be!
In fact, this being from the police just shows how much they profile and judge the shit out of people before even speaking to them.
This is why I have no bumper stickers on my car at all. I’m tempted to get rid of my veteran license plate, but the normal one costs quite a bit more and says “in god we trust”.
I go "Gray Man Theory" with my car and try to blend in as much as absolutely possible. I drive a popular reliable car in a popular color with a standard license plate and no stickers. I figure there is no reason to stand out and cars are some of the easiest ways to waste a ton of money.
I've genuinely considered putting a 'Thin Blue Line' flag or MAGA sticker on it just because it'd make cops in the area think of me as a friendly but I don't think I could live with myself.
In high school, I used to look for the most offensive bumper stickers possible. My favorite was from a band I liked that said "Genitorturers sodomized my honor student". Let's just say that parents of other kids did not like it.
I think many people underestimate the level of impulsivity associated with crime.
The average criminal who breaks and enters is not doing research based off your bumper stickers to determine your weekend routine so the house is empty.
They usually are just walking down the neighbourhood and spot an open door, run in and grab valuables then leave.
I remember for a while back in the late 90's maybe, a lot of kids would have one of those custom airbrushed shirts youd get at a flea market or county fair with their name in BIG BOLD and colorful lettering all the way across the front.
Little kids playing at their local park could easily be approached by a stranger saying, "hey joey! Your mom told be to pick you up. She's in the hospital and we have to leave right now!" The panicked child follows the man who is seemingly confirmed sent by his mom because he knows his first name, forgetting anyone who's not legally blind within a block of him also knows his name.
Luckily we don't see much of that these days. Creeps are now limited to accessing merely every single detail of a child's life because mom runs a Facebook or Instagram for their child.
AI’s latest escapade into software piracy has left Microsoft scrambling, but let’s be honest; why even go through the hassle? If people are looking at not pa...
It doesn't even mention when Brave silently installed their VPN as a service on your system. Which doesn't get removed when you uninstall Brave. And if you do manually remove it, gets reinstalled on Brave silent automatic update, because that's also a background running service.
It's a panel of tests for browsers. It isn't the clearest what each mean (without doing a little research) and not all categories and subcategories have equal importance. I still like this website though just for the listed information.
I think he sould have included Chromite. Regularly updated and a fork of the abandoned Bromite, which was a privacy-centric project. I still use Firefox, but also use Chromite.
@m33@theprancingpony.in I've been liking floorp and zen. used floorp for a while but i'm giving zen a real try for the first time in a while rn and I think it's my favorite implementation of vertical tabs.
more Blink-based browsers could have been included, there are some even there that are pretty good in privacy and security: top pick is Cromite (can be ran as portable, no install required, inbuilt adblocker based on editable blocklists, very agressive on tls certificate validation (more than anything, including librewolf), native userscript support, datetime and viewport size randomization on each website (i don't know any other browser that can do this), changing http referrer policy and more). Other recommendation ks Thorium (it is made by furries, has some google stuff in it, but it is open-source and constantly updated, though not as fast as cromite, that updates weekly),and Iridium, Falkon
Good article. I use Brave on desktop and android. I like that the adblocking is baked in. I still have to add my favourite addons but that's the beauty of personalization.
Quick question: is the Tor browsing functionality in Brave adequate or should I just stick to the official Tor browser in that regard?
Chrome: Ads infused in browsers core is a leap in the wrong direction.
Firefox: helpless to find a stable income, goes into turmoil for looking forward to AI goldmine.
Browsers are so bloated they are not simple applications, more like a full stack, an operating system for the internet, controled by forces beyond a mere user power and often understanding.
We need trimed down forks of both open source chromium and Firefox. And for a sustainable development, actual donations to those projects.
Yes to be free, safe for privacy, one have to pay a little of the hard earned money.
Gov backdoor in encrypted services, UK, France, Sweden...
What a world to live in because 1. we may (?) actually need that because of bad guys 2. good guys goes bad breaking privacy and service integrity with backdoors 3. bad guys will be bad guys and use backdoors too
It's not just that backdoors are intrinsically targets for bad actors, it's that they don't help. Encryption isn't some magic that only big companies can produce. With off the shelf libraries, it takes a really small amount of code to write something that encrypts and decrypts messages. If Signal has a back door, then a bad person can still use it as a transport for messages that they're encrypting with keys that they're distributing via some other mechanism.
If you do this, then the messages seen via the backdoor will be gibberish. At that point, law enforcement can say 'aha, you're using additional encryption, you're either a criminal or paranoid', but that doesn't really help them much.
Yes of course, thanks for this complement. Anything above the transport will add another layer of obfuscation, and essentially give you more time before a breach.
With that said, it may be such an inconvenience regarding the primary use of instant messaging that I doubt actual bad guys would still use it like that.
Plus symmetrical encryption is good enough for a proof of concept, managing a key infrastructure is out of reach from many.
Anyway that’s a good point you’ve made on your GitHub publication 👍
An amendment to the “Nacrotrafic” law is moving to the French National Assembly. Remind your legislators that a backdoor for the good guys only is not possible.
here is my contribution to the Fediverse: a guide to install a Friendica instance using Docker and Caddy.
That should help new administrators and beginners to go online easily.
Friendica deserves a try, this instance variant is neither mastodon nor pleroma, yet after testing many including Misskey forks I tend to lean on Friendica's side for my instance... will you ?
Like this, it is really good for selfhosting or single user instance on a cheap VPS. And it may scale to many users.
!Friendica Admins Just a note about an odd behavior on my instance (2024.12), I used to browse the Lemmy group programming.dev/c/programmer_h…. Then out of nowhere it provoke error 500, even after a full instance restart.
app [ALERT]: Fatal Error (E_ERROR): Allowed memory size of 536870912 bytes exhausted (tried to allocate 8192 bytes) {"code":1,"message":"Allowed memory size of 536870912 bytes exhausted (tried to allocate 8192 bytes)","file":"/var/www/html/src/Content/Conversation.php","line":976,"trace":null} - {"file":null,"line":null,"function": null,"request-id":"67b9a0b78b4fb","stack":"ErrorHandler::handleFatalError","uid":"b72782","process_id":45}
I unsubscribed and subscribed to the group: error is gone 🤷♂️
That looks to me like the system wanted to display a discussion that contained too many entries. There is an admin setting where you can set the maximum number of posts per page. When you geht that message the next time, go to the settings, half the value and try again.
!Selfhosted For Raspberry Pi4 continuous selfhosted server operations: with and without case fan. This graph show a 20°C decrease, with a slow rpm fan. The metal case has thermal stickers to reach for main components on both sides, and the fan is what I have in scrap parts, totally not for that case but pushes a lot of air with low noise compared to screaming mini cpu fans.
0 F is defined as the lowest temperature a guy was able to reach with some random mixture which is arbitrary.
But 0 C is commonly defined as the point at which water turns from solid to liquid and the other way round. Scientifically it's ever so slightly off but still it's defined via Kelvin.
Celsius is defined at the arbitrary standard pressure, different pressure values change how water acts (this is very noticeable at 100C - boiling). Kelvin steps are defined from Celsius. Even the speed of light which is constant is still defined in terms of an arbitrary time unit.
Seconds are clearly defined by one specific caesium-133 transition
The second [...] is defined by taking the fixed numerical value of the caesium frequency, ΔνCs, the unperturbed ground-statehyperfine transition frequency of the caesium 133 atom, to be 9192631770 when expressed in the unit Hz, which is equal to s−1
Usually you'd measure it relative to room temperature. Probably harder in this scenario (I don't have a thermometer laying around, but 20°C is probably a good starting point.
The fan is just sitting on top of the case, mostly centered as the turbine opening is slightly smaller than the case itself. The duct shoots air horizontally in the general direction of a LibreComputer Lepotate. I take that as a bonus.
I had multiple fan failures which brought down my system, so instead I picked up one of these heatsink cases and it's been running mostly uninterrupted for years.
Your Raspberry Pi 4, as small and powerful as it is, still requires passive cooling and case protection to function efficiently and maintain its computing power.
I've got the same Geekworm cases for all my Raspberries. Added some extra thermal pads in some strategic places and have them all without any active cooling at room temperature (20-21℃). They barely go over 55℃:
The 3B+ has soft-throttling (can be disabled) starting at 60℃, full throttling at 70°C. The 4 starts throttling at 80℃ and the 5 at 85℃. So, with that completely passive cooling I'm still far away from these margins. No need for any moving parts that will make noise at some point in the future.
Also, since the cases have ribs on both sides, I have my Pis standing upright to hopefully make use of the stack effect - which might contribute to the slightly lower than OP's values.
The CPU is perfectly happy sitting at 50°C. It is slightly happier at 30, but it doesn't actually help in any way unless you run into throttling, or run (much) hotter for longer. It's fine.
Some might state that the CPU is probably gonna live longer, but seriously have you ever had a CPU die on you cause it was old (or even die at all, even)? Again, it's fine.
Having something that mostly agitates the air (not even really moving it) like a low-hundreds-rpm fan would also work. As would using one of those passive heat pipe coolers that are also overkill (especially with a fan, but just leave that off), but have the same "number looks better" effect.
When I said I had one Pi lifetime that was shortened it was a way of saying yes, it died from 24/7 high load no fan overheating. Now it just boot and freezes after a couple of minutes. Then, yes, back in the days when overclocking and over powering was a thing, CPU actually died from all that, I changed a few for customers that didn’t know better. How ironic I did that to myself years later with little arm boards, isn’t it?
That's what I said with "much hotter for longer". If it's constantly thermal throttling, that's gonna be an issue. Of course OC'ing also will. 50°C just isn't an issue. Also older models have CPUs that either don't throttle at all, or do it less well/effectively.
ID: 3515115A man’s plan to clean his computer has gone up in flames – literally! Nicole Gerrard, 19, from Liverpool, UK, received a video from her boyfriend,...
silverwizard
in reply to Ⓜ3️⃣3️⃣ 🌌 • • •Ⓜ3️⃣3️⃣ 🌌
in reply to silverwizard • •Thanks for the hint, maybe, but I didn't get any high cpu load warning from monitoring. The database seems responsive during this error messages but the website went error 500.
I restarted Friendica and MariaDB containers because I don't know better (same host).
I will watch for cpu load and how actually mariadb respond to some hand made queries next time. Until now this happened only 1 time since 3 or 4 month running my instance anyway.
Fitik likes this.
Friendica Support reshared this.
silverwizard
in reply to Ⓜ3️⃣3️⃣ 🌌 • • •Jerry on Friendica
in reply to Ⓜ3️⃣3️⃣ 🌌 • • •I used to get this a lot and discovered that the OOM Killer killed MariaDB often to protect the O/S when all memory was consumed. And I had 12 GB free memory after rebooting. Search syslog for "OOM" to see if the culprit is the OOM killer.
The cause was that I was using the standard memory manager in MariaDB which is very bad at preventing memory fragmentation. Although I had a lot of memory left, it was too fragmented to use. Given my instance has 330 active users, the DB is extremely busy, and it would be just a few days before I'd lose the database, constantly.
The solution was to change the memory manager to jamalloc. Now I no longer have this issue.
Ⓜ3️⃣3️⃣ 🌌 likes this.
Ⓜ3️⃣3️⃣ 🌌
in reply to Jerry on Friendica • •Good call 🤔 ! I seel OOM killing MariaDB's container at every point of time I got a downtime alert from web monitoring.
Well, 12Gb of RAM is not enough for a single user instance ? That's surprising, I will put a memory limit on MariaDB's container.
Friendica Support reshared this.
TekNo ⚝ aEvl
in reply to Jerry on Friendica • • •Ⓜ3️⃣3️⃣ 🌌
in reply to TekNo ⚝ aEvl • •Like that in the db container section:
At least now it will be killed at specific limits.
I tried adding that too but mariadb doesn't start (endless restart loop):
Friendica Support reshared this.