LedgeDrop

I quickly skimmed the title and got:

"What is the first... mind... reading... question?"

answer: "Do these pants make me look fat?"

From the OP

The China-backed intruders, referred to as Storm-0558, broke into Microsoft’s network and stole a digital skeleton key that allowed the hackers unfettered access to U.S. government emails stored in Microsoft’s cloud. According to a government-issued postmortem of the cyberattack, the State Department identified the intrusions because it paid for a higher-tier Microsoft license that granted access to security logs for its cloud products, which many other hacked U.S. government agencies did not have.

Following the China-backed hacks, Microsoft said it would start providing logs to its lower-paid cloud accounts from September 2023.

Oh great! Until this incident, security is considered a "premium feature". I really want off this "up sell to premium" ride.

It's sad, but I think you're right.

I assumed/hoped that Lemmy's architecture was more decoupled.

According to the ChangeLog, it hints that the image reverse proxy is built-in, maybe using Pict-rs.

Which certainly reeks of Not Invented Here Syndrome, as image uploading/storing, reverse proxies, and caching is a well understood problem.

Wow, thanks for the full transparency. You are awesome!

My opinion would be option 2 (proxy requests) , but with a higher cache TTL or simple a LRU (Least Recently Used) Cache.

If you're getting throttled, it could be mitigated by increasing the cache retention period (or improving the cache hits).

Another improvement : Would it be possible to change the proxy, so that if the proxied requests are throttled, it simply sends the user a http-302 to the origin (instead of a broken image)?

Regarding option 1 (full cache) : I greatly appreciate your desire to hide/protect your users ip, but it is outside the scope of what I expect from a Lemmy server. Maybe you could market and upsell this increased privacy as a subscription based feature. However, if I want privacy - I'll use a VPN.

Regarding option 3 (User fetches content from origin) : From a users perspective, I really don't want my Lemmy experience to be based on hitting a bunch of (potentially) unreliable services. When I, as a lemm.ee User, request a post from Lemmy.world (for example), lemm.ee will proxy and cache that post and the comments. This is the distributed nature of Lemmy (as far as I understand). Why restrict this caching to just posts/threads/comments and not include images (which, let's face it, are as meaningful as pure text - especially wrt memes).

Roku is horrible. I bought a Roku Soundbar (speakers) for my TV and for reasons unknown, I had to (temporarily) hook it up to the internet to "activate" and download the firmware.

It's such a horrible glimpse of the consumers future.

In addition, you can force your cellphone to GSM/2G (ie: super slow internet).

Depending on what your TV does when it "activates", if it just needs to "activate/register" - it should be fine. If it needs to "update/upgrade/add a bunch of crapware" - Your internet will be so slow, you can turn it off before it's finished (note: there is a slim chance that, this could also put your TV in a broken state - if it does, simply do a factory reset and try again)

Oh, I absolutely agree. Licensing is where the big difference is at, but that makes sense though, as ARM and RISC-V are both RISC based processors.

It's loosely akin to comparing AMD vs Intel. Of course, you cannot pop-out an RISC-V and replace it with an ARM. However, the PCB's should contain all the same parts, meaning they'll have both have a similar price.

Unlike Intel/AMD, which you'd need extra capacitor, heat sinks, whatever - to help it handle all that extra power those CISC processors need (which results in heat).

Yeah, but RISC-V also costs 1/10th the price of a Pi.

I don't want PCs to be like smartphones. I don't want locked bootloaders.

I'm sorry to burst your bubble, but since Microsoft made TPM mandatory for Windows 11+, locked down bootloader are on their way.

Basically, TPM allows (Windows) software to validate/verify the integrity of the OS and hardware. This also (could) include the bootloader/bios if Microsoft chooses to do so.

TPM is the equivalent of attestation on Android, which is the exact reason why your Banking App won't work on your rooted/custom Android Phone.

That being said, we should embrace ARM. X86/AMD has 30+ years worth of "history" baked into each ( CISC) chip. This complexity is why your PC draws soooo much power and generates soooo much heat.

This is loosely related to "online experience" (as you've covered most of the "tech tips") :

When choosing a movie don't watch the trailers, instead (blindly) watch what's popular. (obviously, if you're into niche genres - this won't work.)

I've found Trackt is a good place to understand recent trends (and it just shows film posters). Then I'll go to IMDB, maybe read the summary, but I always read the first/popular user review and decide if it's worth my time and money.

The first/popular user review usually doesn't contain spoilers.

Since I've actively avoided trailers and spoilers, my enjoyment for films has nearly doubled - even for "bad movies" (I probably wouldn't have watched otherwise). It's such a shame that a 2 minute trailer often shows many/most of the highlights of the film.

Windows Mixed Reality (ie: Windows VR) was deprecated and removed from Windows 11.

So, if you have a WMR VR Set, you're going to be stuck with Windows 10 (or an even lesser supported Version of windows 11 - v 23H2).

It really sucks, given the price point I've throughly enjoying my Odyssey+. I've had it for 4 years, but now I'd need to decide if I dual boot (which sucks) or see if another VR headset reaches my price point (which is also dumb, because I don't find the O+ to be "that bad").

I'd proposed a potential solution.

I'll paraphrase : Currently, every Lemmy instance (ie: Lemm.ee, Lemmy.world, etc) is an island. This is one of the strengths of Lemmy (Federation) as we don't have to worry about information being restricted, censored, manipulated (ie: Reddit).

However, as things are currently, this Federation comes at the expense of splitting the community between instances. [email protected] vs [email protected] is a perfect example. Posts are either duplicated (which creates noise) or it fosters a "Lemmy instance death by starvation". Meaning, more and more conversations will eventually drift towards one of the two asklemmy communities, leaving the other one to "starve out". This defeats the entire purpose of federating.

There has to be something better.

For example, instead of “every instance is an island”. Meaning the current hierarchy is “instance” - > “community” - > “post” - > “threads”. We could instead have “community (ie: asklemmy)” - > “post (ie: this post)” - > “instance (Lemmy.ml, Lemmy.world, etc)” - > “threads (this comment)”.

From a technical perspective, it would mean that each instance (that's interested in hosting this supercommunity) would replicate the community names and posts (Not the threads).

Lemmy already kind of does this, when a user pulls a post from another instance. For example, I'm on lemm.ee but when I view posts from [email protected], lemm.ee will retrieve and cache it on lemm.ee. As long as each instance would share a unique identifier to associate the two communities/posts as “the same thing” (and this could simply be the hash of the community /post name). Everything else would be UI.

Each instance would take ownership of the copy of the community and post, which means they could moderate it according to their standards.

As an end user, you'd view a community and post, but the comments/threads would be grouped by the instance that hosts it. If there's an instance you don't like, you simply unsubscribe from it.

For future iterations, it might be nice if the instance itself would auto-subscribe or suggest other instances that host the same community to the user. Meaning, if I subscribed to [email protected], I'd automatically be subscribed to [email protected]. However, as the user, these are all separate subscriptions, so I can customize it as I see fit.