A random person on lemmy. Banner art from Deemo switch version
Alt lemmy @Deemo@lemmy.world
Alt kbin: @Deemo@fedia.io
FMHY (archive): @Deemo@lemmy.fmhy.ml
remote UI connection passes through the Home Assistant Central servers, the Central servers could maintain that safety database and off switch
I think this is how home assistant handles it. When they put out a cve they can update the insecure version list which makes nabucasa refuse remote forwarding (until you update).
Initially I was just thinking if a open-source project is on github and uses the security disclosure feature if it would be possible to pull data from it and disable remote acess (either by auto shutting down the service or simply disabling routing on a reverse proxy).
Having a system that does without a security disclosure list from a project maintainer would be far mor difficult like having the proxy disable one of your services if it detects a vulnerability in a dependency.
data source for these vulnerabilities
Are you refering locations for vulnerability disclosure or are you more referring to bug bounty?
Personally, I’d just put everything behind a VPN. The attack surface is much smaller.
Fair enough
Beeper did mention the DMCA protection on reverse engineering.
That being said regardles if beeper wins or looses. If apple sues and at the same time breaks beeper mini they could run into financial trouble very quickly.
Silly question if you don’t mind me asking, when you got the pop up:
I never saw these popups just curious.
Also my setups using a web browser (no issues):
Setups with third part clients (no issues):
I just restarted my computer and relized it was a macos bug. Now I have no issues
I found using Librera’s Record TTS feature with aitts wavenet plugin you can make decent sounding audio books
Aitts plugin apk: https://web.archive.org/web/20230419204608/https://www.milmike.com/aitts-google-wavenet-voices-for-android-tts
I also use Smart AudioBook Player alongside Librera to listen to the generated audiobook (since librera ends up generating 1-2 min mp3 files). Smart audio book allows clustering of these mp3 files (merging total listening time).
Your kinda right. It’s more the back to back nature of Elon posts that’s annoying.
I kinda found out changing Lemmy’s sorting algorithm from Active/Hot to New posts helps spread out the news (and even helps unearth lesser covered issues).
Found a handy script to minimize this:
https://greasyfork.org/en/scripts/471718-lemmy-post-keyword-filter
Agreed whats more annoying is getting double X posts back to back
On Firefox Nightly looks like they have v3 enabled
I kinda wonder how this will play out with ads. While apple is dipping their toes in advertising I suspect their main target appstore/ios apps not the general web (where content blockers exist and can block ads).
As per restricting legacy devices I doubt websites need to implement web integrity or private acess since they can just block acess via user agent (if some one tries to spoof anyway site won’t load due to outdated webkit not being able to render).
Good point.
This might sound silly but assuming you are using firefox or even safari how will this proposal affect these browsers. Only thing I can currently think of is banking sites (on android) would force you to use chrome and check play integrity (safteynet) to block acess.
At the end of the day won’t this only affect people using Google chrome? (Forks of chrome, firefox, safari could by pass the issue)?
Sorry if I seem a bit ignorant
Reminds of the 15 million merits episdoe in black mirror
The only thing reddit can do is improve the first party app and mod tools. The rest is lost.
That being said I doubt the protests are reddits biggest priority. Even if reddit ipo’s perfectly and gets a injection of capitol (which might itself be difficult since investors don’t seem to care about userbase growth anymore) they are going to need to find ways to increase profits each year (like every other publicly traded tech company).
Advertising revenue is also limited given trend to cut “unnecessary expenses”.
Depends on the community. I do comment more than I post.
I see it as pointless and potential risks tarnishing the image that third party apps helped improve reddit (especially to normies/non techies who only use the official app and website).
What I don’t get is what will damaging the ipo achieve now that a lot of 3rd party apps are toast (Apollo, rif, reddit sync). Even if spez or reddit as a whole did a full 180 nothing would change on the prospect of 3rdparty apps.
Only thing reddit can change is improving the first party app and mod tools (given their stance was the api was never meant for 3rdparty apps after flip flopping).
As a user you have more or less 5 options:
completely switch to Lemmy (or similar alternative).
use the official reddit app and deal with it
use social media less (pull the plug overall per say)
Use a paid subscription 3rd party app (example infinity for reddit
use a modded version of 3rdparty apps with custom api or the official reddit app modded (ex vanced)
I hope this comment doesn’t come of too corporate or shill like
Kinda a weird question regarding DoH on android. Is there a way to have DoH bypass certain local domains without implementing it router level.
For example at home devices use a prefix like router.example.com or homeassistant.example.com (on internal lan). Some services on the domain are portforwarded while others are only available via internal net this causes issues when trying to acess internal devices.
On ios (in NextDNS specifically) there is an excluded domains feature which allows this. Unfortunatley android doesn’t seem to have a similar option
Sorry about that (didn’t think that far when making the post 🫠 ).
I updated the title