For me its resolution. The jump from 480p standard box to 720/1080p was night and day revolution. Meanwhile a 4k image looks maybe 10-15%sharper to my eye but takes up 4x the storage space. Whenever I voice this people say that I must be blind if I can’t tell a difference. I’d rather have the disc space and know my software collection is well optimized with reasonable file sizes instead of buying 22tb worth of ssds in a network cluster with a nvidia 80000 to play the latest AAA

Catarangs are devastating

Your gonna need a year in the hyperbolic time chamber to recover from that hit

I stepped up my nerd game to start trying to land an IT job of some kind. I learned computer networking to set up my own website on recycled hardware and began writing about it. I started developing on a game engine making modules and making art assets to maybe one day make a commercial product. I released like a dozen open source projects under open source licenses.

It all kind of culminated with Christmas. The kids in my life have been begging for multiplayer Minecraft server but Microsoft destroyed the he so hard with money grabbing we refused to pay for realms or make a bunch of Microsoft accounts or whatever.

So, I rolled up my sleeves and got to work on creating a mineclonia server built on luanti/minetest engine, patching in all the Minecraft assets like textures, sounds, music that I legally own with python tools I built myself and released,

I really wanted an in game fullscreen map and nobody had ever figured out how to make one on luanti engine so I so spent a few weeks developing one from the ground up. I released the map mod two days ago and people quickly noticed saying I had changed the game forever, congratulating me on my technological achievement or whatever.

Its just a little frustrating because it feels like I’m somewhat competent at the nerd professions but I have no idea how to advertise my talents or if what I’m doing even translates to real Dev work. How Does creating universal map colorizer + generator for proceeduraly generated voxel worlds or designing a full model animation interpolation system for an engine from scratch or hosting public services on my own network built from scratch powered by solar turn into resume stuffs? That’d what I guess new years focus needs to be

Certified Lore Drop moment

Kc-33

I am a kobo user (libra 2). IMO you should get one with more ram (likely boox). My kobo side loaded with koreader software will sometimes crash reset due to out of memory errors especially with high res PDF/cbz graphic novels. Also Kobo lacks proper web browser what it has is super barebones webkit browser(sometimes reading text based webpages on eink is nice)

From what I understand boox is android based so theres less headache installing what you want.

Money, duh. You build up a following, repost some obviously fake CGI crap, at the end of the video plug your donation links like subscribe bell, and they eat it up. Mentally unwell people have a tenuous grasp on reality and more often than not believe whatever they want. Tell them what they already want to hear and your pockets can be easily lined. Also see religious cults and Bigfooters.

For a real example take oldie but goodie secureteam10. The guys been reposting fake footage for a decade. They’ve been in multiple controversies and proven to have created fake evidence for some of their own videos.

Yet despite the channels history and sketchyness, they still get hundreds of thousands of views a week. Because the UFO truther types simply do not care about real authenticity they just want a confirmation bias circle jerk. Read the comments in some of secureteam10s videos and you’ll understand the exact lack of sanity or intelligence in these communities.

Good documentary on them:

https://m.youtube.com/watch?v=GRkwXphhv1E&pp=ygUSc2VjdXJldGVhbTEwIGRyYW1h

Anubis is your friend

I like to think that its a subconscious offshoot of the “why was six afraid of 7? Because 7 8 9” joke for the modern generation showcasing how the current short attention span brain rot humor contrast against previous with all punchline and no buildup.

Was this on nauvis? Ive never seen a meteor fall before

“Dyson Spheres? Look, playing with sunlight and mirrors was a fun side project, but you want to know a much more advanced method of generating power?”

“Please dont…”

“Thats right! By hurling entire water worlds into a star, we then capture the released steam which powers our gravitationally locked dynamo network.”

It explicitly checks for web browser properties to apply challenges and all its challenges require basic web functionality like page refresh. Unless the connection to your server involves handling a user agents string it won’t work, I think this I how it is anyway. Hope this helped.

why? I run it.

Mmm how to say this. i suppose what I’m getting at is like a philosophy of development and known behaviors of corporate products.

So, here’s what I understand about crowdsec. Its essentially like a centralized collection of continuously updated iptable rules and botscanning detectors that clients install locally.

In a way its crowd sourcing is like a centralized mesh network each client is a scanner node which phones home threat data to the corporate home which updates that.

Notice the optimal word, centralized. The company owns that central home and its their proprietary black box to do what they want with. And so you know what for profit companies like to do to their services over time? Enshittify them by

• adding subscription tier price models

• putting once free features behind paywalls,

• change data sharing requirements as a condition for free access

• restricting free api access tighter and tighter to encourage paid tiers,

• making paid tiers cost more to do less.

• Intentionally ruining features in one service to drive power users to use a different.

They can and do use these tactics to drive up profit or reduce overhead once a critical mass has been reached. I do not expect alturism and respect for usersfrom corporations, I expect bean counters using alturism as a vehicle to attract users in the growing phase and then flip the switch in their tos to go full penny pinching once they’re too big to fail.

At the end of the day its not the thousands of anonymous users contributing their logs or Foss voulenteers on git getting a quarterly payout. They’re the product and free compute + live action pen testing ginnea pigs, no matter what PR they spin saying how much they care about the security of the plebs using their network for free.

Its always about maximizing the money with these people your security can get fucked if they dont get some use out of you. Expect at some point the tos will change so that anonymized data sharing is no longer an option for free tier.

What happens if the company goes bankrupt? Does it just stop working when their central servers shut down? Does their open source security have the possibility of being forked and run from local servers?

It doesnt have to be like this. Peer to peer Decentralized mesh networks like YaCy already show its possible for a crowdsourced network of users can all contribute to an open database. Something that can be completely run as a local Node which federates and updates the information in global node. Something like it that updates a global iptables is already a step in the right direction. In that theoretical system there is no central monopoly its like the fediverse everyone contributes to hosting the global network as a mesh which altruistic hobbyist can contribute free compute to on their own terms.

https://github.com/yacy/yacy_search_server

I"I dont see anything wrong with people getting paid" is something I see often on discussions. Theres nothing wrong with people who do work and make contributions getting paid. What’s wrong is it isnt the open source community on github or the users contributing their precious data getting paid, its a for profit centralized monopoly that controls access to the network which the open source community built for free out of alturism.

The pattern is nearly always the same. The thing that once worked well and which you relied on gets slowly worse each ToS update, while their pricing inches just a dollar higher each quarter, and you get less and less control over how you get to use their product. Its pattern recognition.

The only solution is to cut the head off the snake. If I can’t fully host all of the components, see the source code of the mechanisms at all layers, own a local copy of the global database, then its not really mine.

Again, it’s a philosophy thing. Its very easy to look at all that, shrug, and go “whatever not my problem I’ll just switch If it becomes an issue”. But the problem festers the longer its ignored or enabled for convinence. The community needs to truly own the services they run on every level, it has to be open, and for profit bean counters can’t be part of the equation especially for hosting. There are homelab hobbyist out there who will happily eat cents on a electric bill to serve an open service to a community, get 10,000 of them on a truly open source decentralized mesh network and you can accomplish great things without fear of being the product.

I’m smoking weed about you smoking weed about it.

If crowdsec works for you thats great but also its a corporate product whos premium sub tier starts at 900$/month not exactly a pure self hosted solution.

I’m not a hypernerd, still figuring all this out among the myriad of possible solutions with different complexity and setup times. All the self hosters in my internet circle started adopting anubis so I wanted to try it. Anubis was relatively plug and play with prebuilt packages and great install guide documentation.

Allow me to expand on the problem I was having. It wasnt just that I was getting a knock or two, its that I was getting 40 knocks every few seconds scraping every page and searching for a bunch that didnt exist that would allow exploit points in unsecured production vps systems.

On a computational level the constant network activity of bytes from webpage, zip files and images downloaded from scrapers pollutes traffic. Anubis stops this by trapping them in a landing page that transmits very little information from the server side. By traping the bot in an Anubis page which spams that 40 times on a single open connection before it gives up, it reduces overall network activity/ data transfered which is often billed as a metered thing as well as the logs.

And this isnt all or nothing. You don’t have to pester all your visitors, only those with sketchy clients. Anubis uses a weighted priority which grades how legit a browser client is. Most regular connections get through without triggering, weird connections get various grades of checks by how sketchy they are. Some checks dont require proof of work or JavaScript.

On a psychological level it gives me a bit of relief knowing that the bots are getting properly sinkholed and I’m punishing/wasting the compute of some asshole trying to find exploits my system to expand their botnet. And a bit of pride knowing I did this myself on my own hardware without having to cop out to a corporate product.

Its nice that people of different skill levels and philosophies have options to work with. One tool can often complement another too. Anubis worked for what I wanted, filtering out bots from wasting network bandwith and giving me peace of mind where before I had no protection. All while not being noticeable for most people because I have the ability to configure it to not heckle every client every 5 minutes like some sites want to do.

Something that hasn’t been mentioned much in discussions about Anubis is that it has a graded tier system of how sketchy a client is and changing the kind of challenge based on a a weighted priority system.

The default bot policies it comes with has it so squeaky clean regular clients are passed through, then only slightly weighted clients/IPs get the metarefresh, then its when you get to moderate-suspicion level that JavaScript Proof of Work kicks. The bot policy and weight triggers for these levels, challenge action, and duration of clients validity are all configurable.

It seems to me that the sites who heavy hand the proof of work for every client with validity that only last every 5 minutes are the ones who are giving Anubis a bad wrap. The default bot policy settings Anubis comes with dont trigger PoW on the regular Firefox android clients ive tried including hardened ironfox. meanwhile other sites show the finger wag every connection no matter what.

Its understandable why some choose strict policies but they give the impression this is the only way it should be done which Is overkill. I’m glad theres config options to mitigate impact normal user experience.

What use cases does perplexity do that Claude doesn’t for you?

Theres a compute option that doesnt require javascript. The responsibility lays on site owners to properly configure IMO, though you can make the argument its not default I guess.

https://anubis.techaro.lol/docs/admin/configuration/challenges/metarefresh

# Generic catchall rule
- name: generic-browser
  user_agent_regex: >-
    Mozilla|Opera
  action: CHALLENGE
  challenge:
    difficulty: 1 # Number of seconds to wait before refreshing the page
    algorithm: metarefresh # Specify a non-JS challenge method

Security issues are always a concern the question is how much. Looking at it they seem to at most be ways to circumvent the Anubis redirect system to get to your page using very specific exploits. These are marked as m low to moderate priority and I do not see anything that implies like system level access which is the big concern. Obviously do what you feel is best but IMO its not worth sweating about. Nice thing about open source projects is that anyone can look through and fix, if this gets more popular you can expect bug bounties and professional pen testing submissions.