There was a thread about this coincidentally exactly one year ago, give or take three hours. Ah, to be back in January 2020

I've been poking around on the fediverse again and I figured I'll never start using it unless I'm following some people. So, who here is on it? Please share some other people you follow, if you like.

I made an account a while back, and it was on the default instance since I didn't know any others to choose. I feel like it's a deliberate choice though (if nothing else it will give me a more curated timeline to scroll through) so I'd like to be deliberate about it at some point.

(I don't personally have any interest in trying much of anything if anyone interprets this post as such. And yes, 'drugs' is a general/vague and loaded term and I might be asking too much in a single topic)

My opinion on drug legalization was generally summed up as pro-legalization, but really because just banning everything doesn't work and generally just understood drugs as bad.

However, I often hear people talking about drugs as giving them new experiences, enhancing sensations and generally being fun.

However, being Brazilian/Latin American, drugs here are often associated with illegal traffic, gangs, poverty, crime, among other bad things and, unlike in the US and Europe, this is generally something that is exterior to us, nor a position held overwhelmingly by social conservatives who rant about "the devil's lettuce", because it affects poor people (although, yes, that's also true in the US).

So back to the title question:

What separates people that have positive and negative experiences with drugs?

The 3 obvious differences are:

The drugs used. Drug gangs traffic stuff like cocaine and areas like [the] Cracolândia are populated by people dependent on crack, while people advocate for legalization of weed or psychedelics which are very different and "weed is no worse than alcohol" is confirmed to be truth and has been for a while. A question I have concerning this is what separates 'good' drugs from 'bad' drugs?

Preparation, since obviously you don't want to be high at work (or asking for help on a Tildes thread, that happened.) A question I have in that area is what preparations do people take before taking weed or DMT and other drugs.

Their motivations for taking drugs, since a lot of the bad examples come from people taking drugs to fill holes in their lives, while good examples are the vast majority of the time recreational (aka, for fun.)

Are there any other differences anyone wants to delineate?

This thread is inspired by an off-topic discussion in another thread that was so interesting that I wanted to make a whole post about it. I've often seen people on the net express surprise that others have different modes of thought, typically with statements like "It was surprising to learn that others do/don't have an internal monologue!", where the do/don't choice depends on the person. I've thought for a while that a lot of this confusion might arise from people interpreting "Internal monologue" differently, and that people might actually think more similarly that it appears at first glance. My attempt to explain this in that thread was:

For example, I certainly do not vocalize all of my thoughts and it seems like my speed of thought goes much faster than the amount of time it would take to vocalize every single thing going through my head. That being said, once I concentrate on what I am thinking about, there is definitely a vocal component. If I think about going downstairs to get a snack, my thoughts are non-vocal, but once I think about the fact I am thinking about going to get a snack, I impose a narrative that has some type of vocal quality to it - I will think, I believe in words, that my thought was "I am going to go get a snack". I suspect in discussions like this a lot of people perhaps conflate the thought with the thought about the thought, since the latter is necessary to convey what one is thinking about and (at least in my case) has some type of narrative element.

So I am curious, Tildes - can you explain how you think, preferably both in moments where you are not actively thinking about thinking and those where you are?

(Only took me 2 months /s). Also this map is by no means a complete list.

Santa-pocalypse: What if santa was (a tiny bit more) realistic?

A timeline where Santa delivers his presents via quantum tunneling and due to a failure in this device, he causes a nuclear explosion when he accelerates to relativistic speeds in order to gift Children worldwide. Given nuclear fusion doesn't work like that and the Shockwave travels westward counterclockwise, I disagree with the notion this is realistic, but that's pedantry.

What the fuck: The Timeline

Someone mashed dozens of fictitious worlds and the real world at different times to make a very weird and high-effiry map.

Industrialized, colonial, imperial China

A timeline where the Ming is an expansionist empire and puppets nearly half of the world's population. Given China has been as large and populous as entire continents at times, the fact that China had so much the leadership felt they could be self-sufficient and refuse to try to expand until like, 10 years ago, I find this scenario something that could totally have happened but didn't due to disinterested leadership.

What if the new world didn't exist?

A world where columbus is right about Geography and the Americas don't exist. While I don't think it's particularly realistic, I find this scenario underrated.

A grim, dark rainbow: What if the current rightwards shift of politics doesn't stop?

What it says on the title. Not particularly realistic given the CCP and NATO apparently collapse, but I like to use this map as a stand-in for the worst-case scenario of the near-future.

The dragon in shackles: Qing China and Japan in 1932

A timeline where Qing China re-unifies China, but at large costs to their economy, independence, infrastructure and territory.

Flavo et purpura: A world in which Islam never leaves Arabia Ca 800 AD

A very detailed map with quite a few differences from what happened IRL. Far more romanized.

Spain if the re*conquista continued into North Africa

A timeline where the Spanish conquer the Western half of the Maghreb. The justificarion is that Pre-columbian empires ally themselves to other European nations to not be colonized by Spain, so the Spanish focus their imperialist efforts into neighboring Morocco. Obviously not very realistic, but the maps are cool.

Fictitious maps based on real data:

The world divided into 200 areas of equal population

What it says in the title.

This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!

I started reading Liz Plank's For the Love of Men: A New Vision for Mindful Masculinity, and it opens with the author's experiences asking men this question (emphasis mine):

The more I read about men’s relationship to directions and maps, the more it explained the absence of a substantive and open conversation about masculinity. While women are encouraged to ask questions, men are expected to pretend like they know everything even when they don’t, even when it comes to large and existential questions about their gender and their lives. As I traveled across the world, from Iceland to Zambia, I asked men the same question over and over again: What’s hard about being a man? Every single time I asked that question it was like I had just asked them if unicorns can swim.

It was met with a pause, a smile, and then followed by another long pause followed by the words: “I’ve never actually thought of that.” When I asked women that same question about their gender—in other words, when I asked women what was hard about being a woman—it was like I had asked them to name every single thing they loved about puppies. I got nearly the same response from every woman I spoke to: “How much time do you have?” Judging from the conversations I would strike up with (half-)willing strangers, women had spent a lot of time thinking about how their gender impacts their lives, but men visibly hadn’t. While that conversation had been blossoming with women for decades, for men, accepting directions was proof that the system was broken, which goes against the natural impulses of what being a man means: not to admit confusion or ask questions.

I thought it was a worthwhile question to consider, and I'm interested to hear how people here on Tildes would answer it.

Also, while I'm confident in our community's ability to apply the principle of charity, I do know that discussions about gender online can often become contentious. I would very much like this to be a place for people to be able to share open and honest truths about themselves, even if those are difficult or revealing. If you are replying to someone, especially someone who has just opened up about their own personal experiences or beliefs, please make sure you are being thoughtful and considerate when doing so.

Finally, while the question is specifically about men, I don't want to limit responses to men only. I think women and non-binary people definitely have valuable insights into masculinity as well and I welcome your voices should you choose to answer.

What have you been listening to this week? You don't need to do a 6000 word review if you don't want to, but please write something! If you've just picked up some music, please update on that as well, we'd love to see your hauls :)

Feel free to give recs or discuss anything about each others' listening habits.

You can make a chart if you use last.fm:

http://www.tapmusic.net/lastfm/

Remember that linking directly to your image will update with your future listening, make sure to reupload to somewhere like imgur if you'd like it to remain what you have at the time of posting.

I know we have talked about it to death, and even run experiments on the mechanism, but I think it's worth re-evaluating the idea of voting on comments.

I know that voting provides value to Tildes as a social platform; it acts almost like a social currency; you know that if you have a lot of votes, people appreciate what you have to say. That provides incentive for people to write more comments and participate with the community.

What I and others have come to realize is that votes also have negative effects on our community. Here's a short list of negative effects:

1. Voting is addictive. I'm sure most of us are familiar with the process of clicking on our usernames to see how many votes our last few comments have gathered. We do this because it's a dopamine hit; they act like tiny digital love letters telling us how awesome we are.

2. Voting is a measurement of popularity. Those love letters aren't actually how good you are, they measure how popular your ideas are. In other words, votes encourage group-think and creates an echo chamber that will prevent you from taking competing ideas seriously.

3. Because of number 2, we alienate people with other ideas and reduce the richness and quality of discussion on this platform.

4. Also as a result of number 2, the information that gets put into those popular threads becomes the de facto truth - weather or not it's actually true. This can prevent us from seeing the "bigger picture" or from understanding problems others might have with how we think.

5. The end result of all of these effects is that we will slowly become more and more extreme and insular as time progresses. We essentially become the same as the people stuck in conservative media prisons that we tend to look down on.

Personally speaking, I think that we would be a much more robust community if we had more conservative voices speaking up. After all, the left does not have a monopoly on the objective truth. I know we probably have a few conservatives that are lurking around, but I think that they are largely disincentivized to contribute because they don't get the same kind of votes left-leaning comments do.

With that being said, I would like to hear back from everyone what they think we should do about voting. Should we go back to hiding vote totals again? Should we get rid of them entirely? Or maybe you think things are good as they are? Please let us know your reasoning.

I recently played through 2013's Tomb Raider and it was a delight -- a wonderful reboot that modernized a series whose originals I loved but that are quite dated by today's standards.

In the game, Lara, the main character, is in peril constantly, and she is driven into worse and worse situations in an effort to save her crewmates and friend. The narrative of the game demands immediate action -- any dawdling risks all of the characters' lives.

Of course, we know that games' timelines aren't necessarily time-driven but character-driven, so it is trivial for Lara to stop at any point in the game and not advance the story. The killers who are prepared to murder your friends will patiently wait around as long as necessary. Furthermore, the game gives you plenty of reason to do so! There are collectibles to find and story and lore bits scattered about the levels that you have to go out of your way to encounter. Finding these gets you more XP and resources which unlock skills and weapons that make the game easier. The game lets you fast travel back and forth to different areas as needed, and I spent a good amount of time at the story's height of tension not resolving that tension by advancing to the climax but by ignoring it and scouring the island for all the things I missed instead.

I use Tomb Raider as an example here, but I'm sure you can think of plenty of other examples where the game directly incentivize actions that outright subvert its story. What I find interesting is that, on paper, I should care about this discrepancy, but in practice I really don't. In fact it's customary for me to do this in nearly every game I play, as I find that I like "checklisting" and cleaning things up rather than advancing the plot (of course -- do I actually like that, or do I merely like that I get rewards for doing so?).

I don't have a singular question to ask but instead have some jumping off points for discussion:

• Is this undermining of narrative tension an actual issue, or is it just part of the suspension of disbelief embedded into the medium of gaming?
• Have you felt that particular games were made worse due to this issue? If so, why? If not, why not?
• What games are counterexamples -- games whose narrative tension is not undercut by their gameplay? What makes them work? Does that aspect benefit the game, or would the game be roughly the same (or better) without it?
• If you consider this an issue, does the "responsibility" for it lie with the developer of the game for incentivizing gameplay counter to narrative, or does the "responsibility" lie with the player for ruining their enjoyment of the narrative by pursuing other goals?

Also, don't feel limited by these questions or my choice of game and feel free to address anything else relevant to this idea that you feel is important or relevant.

This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!

I still mainly use Windows, although I've dual-booted Linux a few times and I have Linux Mint on an old laptop right now. One thing I've never understood about Linux is all the different distributions - their different reputations and why they have them. What is the mechanical difference between using one distribution of Linux and another? Or are the differences usually not mechanical?

For example, Ubuntu and Debian seem to be large families, meaning that a lot of other distributions are based on them (using packages built for them in their package managers at least) as well as being popular distros on their own. But what's different between the two of them, and between each and the other distros based on them? (and what's similar? I gather they all use the Linux kernel at least!)

I also know that people are quite opinionated on their choice of distro, I wondered what reasons people had for their choice. What things are easier or harder for you in your distro of choice? Is it mainly day-to-day tasks that are important or more how the OS works underneath? How much difference does your preferred distro make?

For myself, I've only used Kubuntu (though not much) and Linux Mint, which was mainly for UI reasons, and particularly for the latter, ease of use for someone used to Windows (at least that was what I found years ago when I first looked into it).

Though I doubt I'll ever fully move away from Windows I would like / need to have access to a Linux OS, so maybe this will help me to know what is important to look for. But I also hope it'll be a useful and interesting discussion topic. Also, there are some previous discussions on the latter question so I'd be more interested in learning about the main topic.

also, please do add more tags

What have you been listening to this week? You don't need to do a 6000 word review if you don't want to, but please write something! If you've just picked up some music, please update on that as well, we'd love to see your hauls :)

Feel free to give recs or discuss anything about each others' listening habits.

You can make a chart if you use last.fm:

http://www.tapmusic.net/lastfm/

Remember that linking directly to your image will update with your future listening, make sure to reupload to somewhere like imgur if you'd like it to remain what you have at the time of posting.

I'm having a "server" (very cheap, very old office pc) in my house I use together with dynamic dns. But it's not really stable, (needs regular restarts and dyndns is not really gold either) and as I want to offer family acces to nextcloud and myabe plex? any other ideas? and all the other nice stuff the free software world has to offer, this is not working well enough to not make them flee back to google + apple and stay there till eternity!

the other thing is, i got used to ssh and stuff over the last years and want to improve my skills and learn.

I know these two dont really go well hand in hand :-(

I actually have a decent up and down speed at my home so an upgrade for my existing system is thinkable but dyndns is just a PITA and i'd like having my own domain. do these work with changing ips? because with the prices they ask here for staric ips I can just rent a server in a center somewhere.

what do you do to self host, how do you do it and what would be your advise for me?

I was curious how many people on here enjoy listening to game soundtracks outside of the game. I personally love when a game has a great soundtrack as it really adds to the atmosphere and overall immersion in the game. I also like collecting physical copies of them as well.

If you do, which ones are your favorite? Personally I love Shin Megami Tensei, Final Fantasy, and Blazblue soundtracks the most.

Hi,

Where I am living we are going back into a month long lockdown, I would like to find some vegetarian recipes to cook.

I am not a Chef but I cook everyday so more advanced recipes are fine, though I also like quick wins when I don't feel like spending much time cooking.

What do you people eat when you don't want to eat meat? What are your favorite recipes?

Thanks!

The question is open to anything that anyone wants to share about changing one’s name (e.g. social, familial, or legal proceedings), but in particular I’m most interested in what the personal process of deciding on a particular name was like for you. Was there one that just “clicked”? Did you try out different names until you found one that fit? Did you choose the name based on meaning, aesthetics, association, or something else entirely? How did it feel to change your own name in your own head? How did it feel when others started using it to refer to you? What do you like most about the name you chose?

Also, I don’t want to pressure anyone to share their name since that is very identifying information, so feel free to share details of your experience without sharing your name itself — unless that’s something you’re comfortable with putting online here.

A common current narrative is that tech monopolists are suddenly acting of their own initiative and in concert to deplatform the burgeoning fascist insurgent movement within the US. I approve the deplatforming strongly, though I suspect an alternative significant motivating and coordfinating factor.

An example of the "tech monopoly abuse" narrative is Glenn Greenwald's more than slightly unhinged "How Silicon Valley, in a Show of Monopolistic Force, Destroyed Parler"

Greenwald's argument hinges on emotion, insinuation, invective, a completely unfounded premise, an absolute absence of evidence, and no consideration of alternative explanations: an overwhelmingly plausible ongoing law enforcement and national security operation, likely under sealed or classified indictments or warrants, in the face of ongoing deadly sedition lead by the President of the United States himself, including against the person of his own vice president and credible threats against the President-Elect and Inauguration.

Such an legal action is, of course, extraordinarily difficult to prove, and I cannot prove it. A critical clue for me, however, is the defection not just of Apple, Google, Amazon, Facebook, Stripe, and other tech firms, but of Parler's legal counsel, who would have to be an exceptionally stealth-mode startup to fit Greenwald's, or other's, "it's the tech monopolists" narrative. I've tempered my degree of assurance and language ("plausible" rather than "probable"). Time will tell. But a keen and critical mind such as Grenwald's should at least be weighing the possibility. He instead seems bent only on piking old sworn enemies, with less evidence or coherence than I offer.

This is the crux of Greenwald's argument. It's all he's got:

On Thursday, Parler was the most popular app in the United States. By Monday, three of the four Silicon Valley monopolies united to destroy it.

I'm no friend of the tech monopolists myself. The power demonstrated here does concern me, greatly. I've long railed against Google, Facebook, Amazon, Microsoft, and Apple, among other tech monopolists. Largely because as monopolies they are power loci acting through their occupation of a common resource, outside common control, and not serving the common weal. Hell: Facebook, Google (YouTube), Reddit, and Twitter played a massive role in creating the current fascist insurrection in the US, along with even more enthusiastic aid and comfort from traditional media, across the spectrum. Damage that will take decades to repair, if ever.

But, if my hypothesis is correct, the alternative explanation would be the opposite of this: the state asserting power over and through monopolies in the common interest, in support of democratic principles, for the common weal. And that I can support.

I don't know that this is the case. I find it curious that I seem to be the only voice suggesting it. Time should tell.

And after this is over, yes, Silicon Valley, in its metonymic sense standing for the US and global tech industry, has to face its monopoly problem, its free speech problem (in both sincere and insincere senses), its surveillance problem (capitalist, state, criminal, rogue actor), its censorship problem, its propaganda problem (mass and computational), its targeted manipulation adtech problem, its trust problem, its identity problem, its truth and disinformation problems, its tax avoidance problem, its political influence problem.

Virtually all of which are inherent aspects of monopoly: "Propaganda, censorship, and surveillance are all attributes of monopoly" https://joindiaspora.com/posts/7bfcf170eefc013863fa002590d8e506
HN discussion: https://news.ycombinator.com/item?id=24771470

But, speaking as a space alien cat myself, Greenwald is so far off base here he's exited the Galaxy.

Update: 2h30m after posting, NPR have mentioned sealed indictments and speculated on whether the President might be charged, in special coverage.

Late edits: 2022-1-23 Typos: s/inconcert/in concert/; s/would bet he/would be the/;

The first roundup thread is right here.

This is the last thread before I make the playlists. If you've got any 2020 albums to share that didn't end up in the last roundup, please share them here in the new thread. Any album you like enough to spin repeatedly or buy released in 2020 should make this list. We're not collecting enough votes to matter on the albums, so don't worry about sharing multiple albums in a single comment this time. Plug as many as you like.

Since we're past Jan 1st, all the other music publications have their bestofs out there, and many forums and websites have long threads with people sharing their favorite records. I'd also appreciate links to any of those lists or threads you've found where people are sharing their favorite albums. Just leave them in the comments and don't worry if it gets messy, I'm quite used to it. :)

I'll let this float for a week to collect any late submissions and then build the final list with links for easy listening.

The final set will look something like this.

I recently got an Ethernet cable in the hopes of making my online gaming more responsive, but to my dismay it made little difference in latency measure on the Xbox Series S. It merely dropped from 146ms to 143ms.

I use the modem+router provided by the ISP, a Sagemcom Fast 5655v2. According to preliminary research, the ISP blocks any alterations so I would have to jailbreak the device to explore other solutions. I’m open for suggestions in that regard too! I’d like to know if I can determine if the problem is on the router or the ISP.

On your suggestions please consider that my country’s currency is worth less than one fifth of the US dollar, so I’m not looking for anything even remotely close to the best setup possible, but merely a significant improvement. Anything above 50 US dollars is already too much for me.

So, with that in mind, what do you recommend?

This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!

p.s the difference between this post and this post is that I want to ask questions and get people's opinions and answers in this one more.

Here's a few examples, last one being an argument between a few people where most people, including Deimos agreed with this idea.

Personally, I find this idea almost terrifying because it implies social media in it's current form cannot be fixed by changing or expanding human or automoderation, nor fact checking, because moderation can't reasonably occur at scale at all.

However, I have 2 questions:

1: If large social media platforms can't really be moderated what should we do to them? The implied solution is balkanizing social media until the 'platforms' are extended social circles which can be moderated and have good discussion (or more practically, integrate them to a federated service like mastodon which is made to be split like this or something like discord.) An alternative I've heard is to redo the early 2000s and have fanforums for everything to avoid context collapse and have something gluing the site's users together (something I am far more supportive of) or a reason for invite systems and stricter control of who enters your site but doesn't explain the idea that once your site hits a certain usercount, it will inevitably worsen and that is something that stems from human nature (Dunbar's number aka the max amount of friends you could theoretically have) and so is inevitable, almost natural.

2: Why is moderation impossible to do well at large scales? While I think moderation, which I think is analogous to law enforcement or legal systems (though the many reddit mods here can definitely give their opinions on that) definitely likely isn't the kind of thing that can be done at a profit, I'm not entirely sure why would it be wholly impossible. A reason I've heard is that moderators need to understand the communities they're moderating, but I'm not sure why wouldn't that be a requirement, or why would adding more mods make that worse (mods disagreeing with eachother while moderating seems quite likely but unrelated to this.)

I just signed back up for the Netflix dvd subscription and am looking for some sci-fi movie recommendations. I tend to not like the horror themes but am open to just about anything else (even "bad" movies that are so bad they are good). Looking for movies that have come out in the last decade or so. May also be open to television series that can be had on dvd that were not on Netflix streaming.

What have you been listening to this week? You don't need to do a 6000 word review if you don't want to, but please write something! If you've just picked up some music, please update on that as well, we'd love to see your hauls :)

Feel free to give recs or discuss anything about each others' listening habits.

You can make a chart if you use last.fm:

http://www.tapmusic.net/lastfm/

Remember that linking directly to your image will update with your future listening, make sure to reupload to somewhere like imgur if you'd like it to remain what you have at the time of posting.

I've got a crappy Chromebook running GalliumOS (Xubuntu) and Chromium is slow as molasses. I tried a few other browsers like Otter and Falkon. They're alright for most sites -- not Tildes, but this seems consistent with QT5 browsers.

Anyway, outside of text browsers, anybody have any light weight browser suggestions?

It's something I've struggled for a long time to do in text conversations. People will often think I'm mad when talking in a way that I think is perfectly normal or that I'm a brick wall while discussing disagreements and well, that can't be fun. I often have to reassure certain people that it's not the case.

Sometimes I try to show how I'm feeling through emotions or more "fluffy" language but I feel like that's too excessive and feels kinda fake to me?

It's also something I've more recently struggled with because I'm trying to write personally on my blog and I'm not exactly sure how to convey my feelings other than stating it like a robot like "This makes me mad" or "That's depressing" or "It makes me feel great".

It feels off to me and maybe it's just a me problem but I think that's also because I write the same way I speak and so, it just sounds strange.

I don't know, this post is rambly and I've been wanting to write something like this in the last few days but I just have to push enter at some point.

Text post because the big news companies are cowards playing it safe and not calling Ossof yet, though it's basically over

Warnock makes history with Senate win as Dems near majority (AP News)

My takes below:

What does this mean?

This gives Democrats a thin majority in the senate. Does it mean they have free reign? No, the party is not that unified. In particular, as you probably have heard his name many many times now, Manchin, the "conservative Democrat" from WV is likely to be the kingmaker in votes. So it's not like just anything can get passed, and Manchin will not eliminate the filibuster easily.

So is it pointless?

ABSOLUTELY NOT

It's a huge victory nonetheless for Democrats. Remember, with control of the Senate, Chuck Schumer will be Senate Majority Leader, who controls what legislation the senate votes on. Even bipartisan bills were consistently torpedoed by McConnell who would refuse to even have a vote on it. Now, there is politics that can be done - deals, compromise, whatever. If you can't vote on something, nothing can be done. Things that are overall popular like increased stimulus are also going to pass.

Additionally, perhaps an even bigger deal, Biden can get his nominations through for cabinet and judges. There's an insane amount of unfilled heads of state departments right now, and the rest are filled with people absolutely unfit for the job. Having a real human being be the head of the EPA, or Department of Education, or the Department of Energy, and so forth is a big deal.

It also means that Justice Breyer can safely retire and have another "liberal" Justice take his place.

It's not sweeping control over the government, but it's a immensely superior political situation to McConnell stone walling anything he doesn't want, and Biden having to haggle with McConnell over how incompetent his cabinet needs to be.

Hey guys,

I have been flip-flopping back and forth on this idea for a while, and would love some feedback on whether peeps would find this valuable.

Although I still call my self a "software developer" (and try to code daily), for the last 8 years I have ran a small 5-person agency that I started from the ground up, so my role was really CEO/CTO/CFO/Everything-O. My company focused on delivering high-quality custom software. Not brochure websites, and not Wordpress - our niche was internal business software (or as I like to call it "boring software for boring businesses") - and for a client service company we got very high margins of return.

Last year my business was acquired by a larger company which was an amazing result after the time and effort I had poured into it. I have realised I now want to help other developers who want to start their own software agency, or maybe they already have and are looking for hints or advice on certain topics.

So I have started Dev to Agency - a part blog part guidebook for how a full-stack developer can start and successfully run a software development agency, the things to pay attention too (and the things to ignore), and the key-values that I feel helped my business go from nothing, to 7 figures per year, and then to being acquired (if that is a path people would want to take).

I have just published my first couple of posts, About Dev To Agency that is a rundown of what I hope to achieve with this, then a post about My small custom software development agency - which gives an overview of what I built and where I think my articles will add value, and lastly You are the gold standard which covers how I feel an owner/maker should set the businesses standards and practises based of their personal values.

I have never written a blog before (or really done any writing before), so it would be fantastic to get some feedback from the community, and if there are any developers that this could interest then please subscribe on the website.

Cheers,

Chris.

In light of the seemingly increasing rate of data breaches and privacy violations in general, I've decided to take some steps further regarding my online presence.

Among other things, I decided to switch all my online accounts to custom domain email addresses, so I grabbed two domain names (with WhoisGuard enabled): one for use with stuff related to my real identity (think @firstlast.com), and the other for all else (think @randomword.com). Then, I changed the email address of each one of my existing online accounts, taking advantage of the catch-all feature. To make things short, it goes like this:

Accounts not related to my real identity:

• tildes.net.187462@randomword.com -> tildes.net
• reddit.com.178334@randomword.com -> reddit.com
• ...

Accounts related to my real identity:

• amazon.com.113908@firstlast.com -> amazon.com
• bankofamerica.com.175512@firstlast.com -> bankofamerica.com
• ...

As you might have guessed, the 6 digits ending the local part of email addresses are meant to be randomly generated, in order to mitigate easy guesses by spammers due to catch-all (though I've also created a specific sieve filter to mark incoming emails with "unknown" recipient as spam).

Before you ask, I don't intend to start a discussion about threat modelling here. I just want—as anyone who is not a complete tech-illiterate—to have a reasonable weapon against spam caused by recurrent data breaches, so that if an email address is leaked, I can toss it and replace it with a new one without much effort.

Also, I value owning my email addresses, in the sense that if I decide to change email provider in the future, I won't have to change my addresses too as a consequence. For communicating with real humans (e.g., my doctor), I could use a non catch-all address like first@firstlast.com.

I wonder what do you think of this approach... Is it overkill? Do you see any major concern from a privacy or security standpoint? Are you doing something similar and are happy with it? I would very much like to hear your experiences with email, especially about the approach you settled with.

Since I took so long to reply to Tips to use NixOS on a server? by @simao, I decided to create a new topic to share my configs. Hopefully this is informative for anyone looking to do similar things - I'll also gladly take critiques, since my setup is probably not perfect.

First, I will share the output of 'lsblk' on my VPS:

NAME      MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
vda       253:0    0   180G  0 disk  
├─vda1    253:1    0   512M  0 part  /boot
└─vda2    253:2    0 179.5G  0 part  
  └─crypt 254:0    0 179.5G  0 crypt 

That is, I use an unencrypted /boot partition, vda1, with GRUB 2 to prompt for a passphrase during boot, to unlock the LUKS encrypted vda2. I prefer to use ZFS as my file system for the encrypted drive, and LUKS rather than ZFS encryption. This is an MBR drive, since that's what my VPS provider uses, though UEFI would look the same. The particular way I do this also requires access through the provider's tools, and not ssh or similar. The hardware-configuration.nix file reflects this:

# Do not modify this file!  It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations.  Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:

{
  imports =
    [ (modulesPath + "/profiles/qemu-guest.nix")
    ];

  boot.initrd.availableKernelModules = [ "aes_x86_64" "ata_piix" "cryptd" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ ];
  boot.extraModulePackages = [ ];

  fileSystems."/" =
    { device = "rpool/root/nixos";
      fsType = "zfs";
    };

  fileSystems."/home" =
    { device = "rpool/home";
      fsType = "zfs";
    };

  fileSystems."/boot" =
    { device = "/dev/disk/by-uuid/294de4f1-72e2-4377-b565-b3d4eaaa37b6";
      fsType = "ext4";
    };

  swapDevices = [ ];

}

# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ config, lib, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
    ];

  # Hardware stuff
  # add the following to hardware-configuration.nix - speeds up encryption
  #boot.initrd.availableKernelModules ++ [ "aes_x86_64" "cryptd" ];
  boot.initrd.luks.devices.crypt = {
    # Change this if moving to another machine!
    device = "/dev/disk/by-uuid/86090289-1c1f-4935-abce-a1aeee1b6125";
  };
  boot.kernelParams = [ "zfs.zfs_arc_max=536870912" ]; # sets zfs arc cache max target in bytes
  boot.supportedFilesystems = [ "zfs" ];
  nix.maxJobs = lib.mkDefault 6; # number of cpu cores

  # Use the GRUB 2 boot loader.
  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  # boot.loader.grub.efiSupport = true;
  # boot.loader.grub.efiInstallAsRemovable = true;
  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
  # Define on which hard drive you want to install Grub.
  boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only
  boot.loader.grub.enableCryptodisk = true;
  boot.loader.grub.zfsSupport = true;

  networking.hostName = "m"; # Define your hostname.
  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.

  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
  # Per-interface useDHCP will be mandatory in the future, so this generated config
  # replicates the default behaviour.
  networking.useDHCP = false;
  networking.interfaces.ens3.useDHCP = true;
  networking.hostId = "aoeu"; # set this to the first eight characters of /etc/machine-id for zfs
  networking.nat = {
    enable = true;
    externalInterface = "ens3"; # this may not be the interface name
    internalInterfaces = [ "wg0" ];
  };
  networking.firewall = {
    enable = true;
    allowedTCPPorts = [ 53 25565 ]; # open 53 for DNS and 25565 for Minecraft
    allowedUDPPorts = [ 53 51820 ]; # open 53 for DNS and 51820 for Wireguard - change the Wireguard port
  };
  networking.wg-quick.interfaces = {
    wg0 = {
      address = [ "10.0.0.1/24" "fdc9:281f:04d7:9ee9::1/64" ];
      listenPort = 51820;
      privateKeyFile = "/root/wireguard-keys/privatekey"; # fill this file with the server's private key and make it so only root has read/write access

      postUp = ''
        ${pkgs.iptables}/bin/iptables -A FORWARD -i wg0 -j ACCEPT
        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.0.0.1/24 -o ens3 -j MASQUERADE
        ${pkgs.iptables}/bin/ip6tables -A FORWARD -i wg0 -j ACCEPT
        ${pkgs.iptables}/bin/ip6tables -t nat -A POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o ens3 -j MASQUERADE
      '';

      preDown = ''
        ${pkgs.iptables}/bin/iptables -D FORWARD -i wg0 -j ACCEPT
        ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.0.0.1/24 -o ens3 -j MASQUERADE
        ${pkgs.iptables}/bin/ip6tables -D FORWARD -i wg0 -j ACCEPT
        ${pkgs.iptables}/bin/ip6tables -t nat -D POSTROUTING -s fdc9:281f:04d7:9ee9::1/64 -o ens3 -j MASQUERADE
      '';

      peers = [
        { # peer0
          publicKey = "{client public key}"; # replace this with the client's public key
          presharedKeyFile = "/root/wireguard-keys/preshared_from_peer0_key"; # fill this file with the preshared key and make it so only root has read/write access
          allowedIPs = [ "10.0.0.2/32" "fdc9:281f:04d7:9ee9::2/128" ];
        }
      ];
    };
  };

  # Configure network proxy if necessary
  # networking.proxy.default = "http://user:password@proxy:port/";
  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";

  nixpkgs.config = {
    allowUnfree = true; # don't set this if you want to ensure only free software
  };

  # Select internationalisation properties.
  i18n.defaultLocale = "en_US.UTF-8";
  console = {
    font = "Lat2-Terminus16";
    keyMap = "us";
  };

  # Set your time zone.
  time.timeZone = "America/New_York"; # set this to the same timezone your server is located in

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment = {
    systemPackages = with pkgs; let
      nvimcust = neovim.override { # lazy minimal neovim config
        viAlias = true;
        vimAlias = true;
        withPython = true;
        configure = {
          packages.myPlugins = with pkgs.vimPlugins; {
            start = [ deoplete-nvim ];
            opt = [];
          };
          customRC = ''
            if filereadable($HOME . "/.config/nvim/init.vim")
              source ~/.config/nvim/init.vim
            endif

            set number

            set expandtab

            filetype plugin on
            syntax on

            let g:deoplete#enable_at_startup = 1
          '';
        };
      };
    in
    [
      jdk8
      nvimcust
      p7zip
      wget
      wireguard
    ];
  };

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;
  # programs.gnupg.agent = {
  #   enable = true;
  #   enableSSHSupport = true;
  #   pinentryFlavor = "gnome3";
  # };

  # List services that you want to enable:

  # Enable the OpenSSH daemon.
  services = {
    dnsmasq = {
      enable = true;
      # this allows DNS requests from wg0 to be forwarded to the DNS server on this machine
      extraConfig = ''
        interface=wg0
      '';
    };
    fail2ban = {
      enable = true;
    };
    openssh = {
      enable = true;
      permitRootLogin = "no";
    };
    zfs = {
      autoScrub = {
        enable = true;
        interval = "monthly";
      };
    };
  };

  # Set sudo to request root password for all users
  # this should be changed for a multi-user server
  security.sudo.extraConfig = ''
    Defaults rootpw
  '';

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users = {
    vpsadmin = { # admin account that has a password
      isNormalUser = true;
      home = "/home/vpsadmin";
      extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
      shell = pkgs.zsh;
    };
    mcserver = { # passwordless user to run a service - in this instance minecraft
      isNormalUser = true;
      home = "/home/mcserver";
      extraGroups = [];
      shell = pkgs.zsh;
    };
  };

  systemd = {
    services = {
      mcserverrun = { # this service runs a systemd sandboxed modded minecraft server as user mcserver
        enable = true;
        description = "Start and keep minecraft server running";
        wants = [ "network.target" ];
        after = [ "network.target" ];
        serviceConfig = {
          User = "mcserver";
          NoNewPrivileges = true;
          PrivateTmp = true;
          ProtectSystem = "strict";
          PrivateDevices = true;
          ReadWritePaths = "/home/mcserver/Eternal_current";
          WorkingDirectory = "/home/mcserver/Eternal_current";
          ExecStart = "${pkgs.jdk8}/bin/java -Xms11520M -Xmx11520M -server -XX:+AggressiveOpts -XX:ParallelGCThreads=3 -XX:+UseConcMarkSweepGC -XX:+UnlockExperimentalVMOptions -XX:+UseParNewGC -XX:+ExplicitGCInvokesConcurrent -XX:MaxGCPauseMillis=10 -XX:GCPauseIntervalMillis=50 -XX:+UseFastAccessorMethods -XX:+OptimizeStringConcat -XX:NewSize=84m -XX:+UseAdaptiveGCBoundary -XX:NewRatio=3 -jar forge-1.12.2-14.23.5.2847-universal.jar nogui";
          Restart = "always";
          RestartSec = 12;
        };
        wantedBy = [ "multi-user.target" ];
      };
      mcserverscheduledrestart = { # this service restarts the minecraft server on a schedule
        enable = true;
        description = "restart mcserverrun service";
        serviceConfig = {
          Type = "oneshot";
          ExecStart = "${pkgs.systemd}/bin/systemctl try-restart mcserverrun.service";
        };
      };
    };
    timers = {
      mcserverscheduledrestart = { # this timer triggers the service of the same name
        enable = true;
        description = "restart mcserverrun service daily";
        timerConfig = {
          OnCalendar = "*-*-* 6:00:00";
        };
        wantedBy = [ "timers.target" ];
      };
    };
  };

  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "20.09"; # Did you read the comment?

}

Edit: Also, the provider I use is ExtraVM, who has been excellent.

This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!

Sunday Security Brief

This brief covered a unique attack vector, information on a broad campaign using DNS attacks, a case relating to technology law, and a few advisories that either stuck me as important or curious.

What happened last night can happen again ~ fortune

Topics:

• IDN Homograph Attack
• A Deep Dive on DNS Hijacking Attacks
• Law enforcement has seized the domains and infrastructure of three VPN services being used for cybercrime
• Advisories

IDN Homograph Attack

This particular exploit is interesting. It takes advantage of the fact that many different characters look alike to mislead people from their desired domain to a malicious one. I wonder what practices could help avoid this issue. The obvious step is to be concious of limiting the links that you click on from websites like Tildes, Hacker News, Reddit, or where anywhere can share a link with you via text. For example, if you see a Reddit thread about PayPal where someone includes a link to the PayPal Customer Service Center... Don't click it, just Google "PayPal Customer Service". This will be far safer in ensuring that you're going to the domain that you meant to!

Another thing to note is the importance of realizing how your trust online and how that changes your behavior. I know that I have a general sense of trust for people here that removes a lot of doubt when it comes to clicking random stuff you all share here. That trust could potentially work against you.

"The internationalized domain name (IDN) homograph attack is a way a malicious party may deceive computer users about what remote system they are communicating with, by exploiting the fact that many different characters look alike"

"The registration of homographic domain names is akin to typosquatting ~ Wikipedia, in that both forms of attacks use a similar-looking name to a more established domain to fool a user. The major difference is that in typosquatting the perpetrator attracts victims by relying on natural typographical errors commonly made when manually entering a URL, while in homograph spoofing the perpetrator deceives the victims by presenting visually indistinguishable hyperlinks."

IDN homograph attack ~ Wikipedia

A Deep Dive on DNS Hijacking Attacks

The article covered is a few months old, but still relavant as ever. The U.S. government alongside private security personnel issued information of a complex system that allowed suspected Iranian hackers to obtain a huge amount of email credentials, sensitive government and corporate information. The specifics of how this attack occured are not publicly available but Cisco's Talos research has a write up of how DNS Attacks work, the relavant snippets are below.

"Talos said the perpetrators of DNSpionage were able to steal email and other login credentials from a number of government and private sector entities in Lebanon and the United Arab Emirates by hijacking the DNS servers for these targets, so that all email and virtual private networking (VPN) traffic was redirected to an Internet address controlled by the attackers."

"Talos reported that these DNS hijacks also paved the way for the attackers to obtain SSL encryption certificates for the targeted domains (e.g. webmail.finance.gov.lb), which allowed them to decrypt the intercepted email and VPN credentials and view them in plain text."

"A Deep Dive on the Recent Widespread DNS Hijacking Attacks" ~ Krebs on Security

Law enforcement has seized the domains and infrastructure of three VPN services being used for cybercrime

The balance between allowing autonomy and protecting our collective interests comes to my mind. This seems like a worthy example of when stopping people from victimizing others overshadows the benefits of free action.

"Law enforcement agencies from the US, Germany, France, Switzerland, and the Netherlands have seized this week the web domains and server infrastructure of three VPN services that provided a safe haven for cybercriminals to attack their victims."

"... described the three as "bulletproof hosting services," a term typically used to describe web companies that don't take down criminal content, despite repeated requests."

"According to the US Department of Justice and Europol, the three companies' servers were often used to mask the real identities of ransomware gangs, web skimmer (Magecart) groups, online phishers, and hackers involved in account takeovers, allowing them to operate from behind a proxy network up to five layers deep."

Law enforcement take down three bulletproof VPN providers ~ Zdnet

Advisories

• Debian, DSA-4824-1 chromium security update. Source

• Arch, CVE-2020-25637 libvirt. Source

• CentOS, CESA-2020-5437, Important CentOS 7 kernel. Source

• RedHat, RHSA-2020:5665, Important: mariadb:10.3 security, bug fix, and enhancement update. Source

• Windows, If you know of a good tracker for Windows securities advisories, please let me know. I was considering just drawing from the Microsoft Security Response Center Blog.

I see some people using NixOs on their servers. I would like to try it out to self host some services and learn about NixOs.

I use hetzner and they have an NixOs iso available so I can just use that to install NixOs. But how do people manage remote instances of NixOs? They would just use ansible or something like it, to run nix on the host, or is there a better way?

Thanks

Saturday Security Brief

Topics: Attack Surface Management, Active iMessage exploit targetting journalists, Academic research on unique EM attack vectors for air-gapped systems.

Any feedback or thoughts on the experience of receiving and discussing news through this brief or in general are welcome. I'm curious about this form of staying informed so I want to experiment. (Thanks again for the suggestion to post the topics as comments.)

Attack Surface Management

This concept is about ensuring that your network is equipped to handle the many issues that arise from accommodating various "Servers, IoT devices, old VPSs, forgotten environments, misconfigured services and unknown exposed assets" with an enterprise environment. Some of the wisdom here can be applied better think about protecting our personal networks as well. Outdated phones, computers, wifi extenders, and more can be a foothold for outside attackers to retain persistant access. Consider taking steps to migigate and avoid potential harm from untamed devices.

Consider putting certain devices on the guest network if your router supports doing so and has extra rules for devices on that network so they can't cause damage to your other devices directly.

"A report from 2016 predicted that 30% of all data breaches by 2020 will be the result of shadow IT resources: systems, devices, software, apps and services that aren’t approved, and in use without the organization’s security team’s knowledge. But shadow IT isn’t the only area where security and IT teams face issues with tracking and visibility."

Attack Surface Management: You Can’t Secure What You Can’t See ~ Security Trails

Multiple Journalists Hacked with ‘Zero-Click’ iMessage Exploit

Mobile spyware is continuing to evolve and tend towards professional solutions. Recently this technology has been abused to conduct espionage on journalists of major networks. Where once these exploits typically required some mistaken click from the user, new developments are allowing their activities without any trace or requiring interaction from the target.

"NSO Group’s Pegasus spyware is a mobile phone surveillance solution that enables customers to remotely exploit and monitor devices. The company is a prolific seller of surveillance technology to governments around the world, and its products have been regularly linked to surveillance abuses."

"In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The personal phone of a journalist at London-based Al Araby TV was also hacked."

"The journalists were hacked by four Pegasus operators, including one operator MONARCHY that we attribute to Saudi Arabia, and one operator SNEAKY KESTREL that we attribute to the United Arab Emirates."

"More recently, NSO Group is shifting towards zero-click exploits and network-based attacks that allow its government clients to break into phones without any interaction from the target, and without leaving any visible traces."

The Great iPwn Journalists Hacked with Suspected NSO Group iMessage ‘Zero-Click’ Exploit ~ Citizen Lab

Security researchers exfiltrate data from air-gapped systems by measuring the vibrations made by PC fans.

Besides this potential exploit the article mentions past research done by Guri and his team which is worth checking out, like:

• LED-it-Go - exfiltrate data from air-gapped systems via an HDD's activity LED

• AirHopper - use the local GPU card to emit electromagnetic signals to a nearby mobile phone, also used to steal data

• MAGNETO & ODINI - steal data from Faraday cage-protected systems

• PowerHammer - steal data from air-gapped systems using power lines

• BRIGHTNESS - steal data from air-gapped systems using screen brightness variations

"Academics from an Israeli university have proven the feasibility of using fans installed inside a computer to create controlled vibrations that can be used to steal data from air-gapped systems."

Academics steal data from air-gapped systems using PC fan vibrations ~ Zdnet

Good Practices

"Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident."

Turn on MFA Before Crooks Do It For You ~ Krebs on Security

What have you been listening to this week? You don't need to do a 6000 word review if you don't want to, but please write something! If you've just picked up some music, please update on that as well, we'd love to see your hauls :)

Feel free to give recs or discuss anything about each others' listening habits.

You can make a chart if you use last.fm:

http://www.tapmusic.net/lastfm/

Remember that linking directly to your image will update with your future listening, make sure to reupload to somewhere like imgur if you'd like it to remain what you have at the time of posting.

Flash is gonna die for good in a few days (dec 31st) so I felt this is a good time to ask this question. (Although obviously, there have been large efforts to preserve these when the developers did not. And even then, HTML5 means browser games will continue to exist, even though mobile games have mostly replaced browser games anyway.)

Mine personally were (taking away some of the more well-known ones):

Gravitee 2

Basically a game of celestial golfball. Had a level editor, which was quite fun.

Bonk.io (although this one has a sequel that's not in flash)

Pretty popular for a flash game made in 2016. Basically a game where balls need to "bonk" eachother out of the playing field.

Effing meteors (Definitely one of the games that I probably remember being better than it is.)

Basically a game where you clump up small meteors into bigger meteors to destroy stuff.

Ribbit

A game where a rabbit and frog are fused together and need to bounce like a pogo to the end.

Frost bite

A mountain climbing platforming game.

Sushi cat

A game where you need to eat sushis quickly. Also has cutscenes.

Flash cat

An aesthetic racing game? Not entirely sure.

Chisel

A game where you drill through the planet enough times to move to the next level (man, I had some weird gameplay preferences.)

Dillo hills

A game where you need to time your descents to pick up speed in the hills and fly.

Dino run

An 8 bit game where you as a dinosaur need to outrun extinction.

Raccoon racing

A power-up racing game I remember playing quite a bit. Definitely designed for children, even if that's not very surprising.

When I click on the "x comments" in the upper right to see responses to my previous posts, it lists out any unread comments to my posts. If I click on the "Parent" link to see my original comment and the reply, I can collapse the reply, but not the parent. This seems like a bug. I can collapse the grandparent, and it all goes away, but I'd expect to be able to collapse the parent as well.

I do, and my personal go-to is the SOG Key Knife. Small, fits perfectly on my keychain, usable for most daily tasks, and not made in China, despite being inexpensive. I also tend to keep an old folding Buck my dad gave me in my bag for heavier duties.

Edit: added a photo of the SOG.

Second edit: Don’t get a knife for self-defense, they require significant training to properly use without getting hurt, and put you closer to your assailant. Learn situational awareness first and foremost, then if you still would like, pick up some pepper spray or a firearm.

This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!

I built a link sharing website where you connect to users that share your interests. When you upvote a link - you connect to other users who upvoted that link and LinkLonk shows you what else these users upvoted.

The more in common you have with another user the more prominently their other recommendations appear on your list.

The intuition is that the more useful your past recommendations have been for me, the more I can trust your future recommendations.

This is how trust works in meatspace - we keep track of how positive our experiences have been with other people and use that track record to decide who we can trust in the future.

Except that mechanism does not work online. It just does not scale to the numbers of users we interact with. We can remember around 150 other people (the Dunbar number). Beyond that our builtin trust mechanism breaks down. We revert to more coarse and primitive trust mechanisms such as tribalism and mistrust in everyone.

While we cannot personally keep track of every user on a platform - that is what computers are good at.

That is the idea behind LinkLonk. You don't need to remember the names of users who you can trust (in fact there are no usernames on LinkLonk). You simply upvote content that was useful to you and LinkLonk constantly keeps track of how useful every other user has been and ranks new content accordingly.

Another important part of trust is that if you misplace your trust in someone and they let you down then you need a mechanism to stop trusting them.

This is what the downvote button is used for: when you downvote an item, LinkLonk reduces your “trust” in other users that upvoted it. As a result, you will see less content from those users.

The above describes the basic idea. There are a couple more concepts:

• You start off weakly connected to all users, which means that at first you see content sorted by popularity. Rate something and refresh the page - the ranking will change.
• You are not limited to a single persona/interest. If you have multiple interests then you can create a separate collection for each of your interests. When you upvote a link you can choose what collection it belongs to. For example, if you are interested in woodworking and music then you can create two collections and put woodworking links into one and music links into the other. Then other people who liked your woodworking recommendations will only see your other recommendations from the same collection and will not get your music. This is mostly a way for you to help other users find relevant content. It’s optional. You can put everything into the “default” collection if you don’t feel like organizing.
• LinkLonk has another source of recommendations - RSS feeds. When you upvote a blog post LinkLonk connects to the RSS feed of that blog - as if it was another user. LinkLonk pulls updates from the feed and shows you the new entries using the same ranking algorithm: the more you upvote items from the feed the higher the other items from the feed are ranked. You can submit any RSS url and LinkLonk will connect (subscribe) you to it. My hope is that in the early days when we don't have many users you would find LinkLonk useful as a sort of an RSS reader.
• Moderation. When you downvote an item then you get connected to other users who also downvoted that same item. In other words, you will trust their other downvotes. If they downvote something then that item will rank lower for you.

Give it a try at: https://linklonk.com/register with 'tildes' as the invitation code. The invitation code can be used multiple times and I will keep it active for a few days. After that please DM me to get a fresh code.

I’m posting this on Tildes in part because I like the group of people that Tildes has attracted. And I also feel the topics of trust systems, content curation and moderation are relevant to Tildes and to its users (see: https://docs.tildes.net/future-plans#trustreputation-system-for-moderation).

What do you think?

End of the year, good time as ever for a review.

I started tracking my shows and movies with trakt in 2019, so i actually have a year of data to showcase. Keeping in mind that a lot of replays in this are me leaving the tv on in the background / while I sleep, here is my year:

https://trakt.tv/users/jleclanche/year/2020

Some highlights for me... I discovered Only Connect, what became by far my favourite game show. In general I've been enjoying game shows quite a lot and, since Trebek's diagnosis, have been going through some of Jeopardy when bored.

New seasons: I loved the latest season of Westworld, it's sweet seeing Nolan going back to his Person of Interest roots. Archer also went back to its roots and it's been great. Sabrina got even darker, loved it. Watched the last season of stranger things and got a lot less excited about it (i do remember it getting better but this is a show that should have ended after 1, maybe two seasons).

Reboots: Ducktales... What a revelation! And I just started the revived Animaniacs, also looking great. Finally watched the new Aladdin, very much enjoyed it! Lion King was ok, nothing special. Also, Sonic I thought was kinda funny; watched it for shits and giggles but honestly enjoyed it.

Watched and rewatched Hamilton. Already liked it as just a playlist but as a show it truly is phenomenal.

Some other discoveries... The Good Place. Good Girls. Ozark. All of them excellent. Started After Life but didn't get past episode 1 even though I quite want to. I finally started King of the Hill (in my watchlist for years) but I frankly can't get into it, i dislike the animation, the voices and the characters; it is witty and i can definitely see Judge's writing seeping out, but it's not smart enough to make up for the rest. And Swedish Dicks; haven't finished it as I'm watching it with a friend but loving it so far.

How was your tv year?

What have you been listening to this week? You don't need to do a 6000 word review if you don't want to, but please write something! If you've just picked up some music, please update on that as well, we'd love to see your hauls :)

Feel free to give recs or discuss anything about each others' listening habits.

You can make a chart if you use last.fm:

http://www.tapmusic.net/lastfm/

Remember that linking directly to your image will update with your future listening, make sure to reupload to somewhere like imgur if you'd like it to remain what you have at the time of posting.

It started a day or two ago. Three threads (I think?) jump from nearly 0% to 100% and go back as soon as I open task manager to try figure out what's causing it. My first thought was a virus or bitcoin mining trying to hide itself (though isn't that done on GPU's?), but Windows' Defender came up empty handed.

I know certain OS apps, like automatic VIRUS scans behave similarly, stopping when you click or type, but this culprit seems to only react to opening the task manager. It also doesn't start again until task manager has been closed for a while.

This thread is posted weekly, and is intended as a place for more-casual discussion of the coronavirus and questions/updates that may not warrant their own dedicated topics. Tell us about what the situation is like where you live!

What have you been listening to this week? You don't need to do a 6000 word review if you don't want to, but please write something! If you've just picked up some music, please update on that as well, we'd love to see your hauls :)

Feel free to give recs or discuss anything about each others' listening habits.

You can make a chart if you use last.fm:

http://www.tapmusic.net/lastfm/

Remember that linking directly to your image will update with your future listening, make sure to reupload to somewhere like imgur if you'd like it to remain what you have at the time of posting.