zmaile's recent activity
-
Comment on Funcom enters into exclusive six-year partnership to release at least three PC/console titles in Frank Herbert's Dune universe in ~games
-
Comment on Vote box should be on the left-hand side in ~tildes
zmaile Link ParentIt seems a lot of suggestions aim to make this more like reddit. I for one am here because I /don't/ like reddit's system. I want less meme-y posts, and circlejerks, and more discussions that make...It seems a lot of suggestions aim to make this more like reddit. I for one am here because I /don't/ like reddit's system. I want less meme-y posts, and circlejerks, and more discussions that make me think, or make me challenge my existing views. The number is purely telling us how popular a post is (because lets face it, that's what causes people vote), not it's quality. And I get this by reading the comment, not by knowing it's popularity. Hell, I wonder if having the number displayed is even necessary for my what I (and others by the looks of it) want from this site.
-
Comment on Do you guys run a home server? If so what do you self host? in ~comp
zmaile Link ParentYou may have me there; I don't know enough about it to be able to give an answer sorry. I could make some guesses, but without installing it I can't give experience-based knowledge.You may have me there; I don't know enough about it to be able to give an answer sorry. I could make some guesses, but without installing it I can't give experience-based knowledge.
-
Comment on Do you guys run a home server? If so what do you self host? in ~comp
zmaile Link ParentWell, a federated system is pretty much a bunch of servers running in conjunction with each other, but without any hierarchy in which to judge trust. There is no central database of who owns which...Well, a federated system is pretty much a bunch of servers running in conjunction with each other, but without any hierarchy in which to judge trust. There is no central database of who owns which domain, unless you resort to hacking around with a separate service (putting TXT and MX entries in a DNS service). It has a usable workaround, but it isn't as 'neat' as something like discord for example, where one entity can specify who is/isn't trusted on their service, without requiring DNS records to be changed.
-
Comment on Do you guys run a home server? If so what do you self host? in ~comp
zmaile (edited )Link ParentEmail was the hardest by far. So a bit of context for why email is difficult before I tell you how it is difficult, which doesn't occur to some people. Email is a federated system, so in theory,...- Exemplary
Email was the hardest by far.
So a bit of context for why email is difficult before I tell you how it is difficult, which doesn't occur to some people.
Email is a federated system, so in theory, anyone can host their own server with their own users, and then the servers talk to each other, passing the messages from their users to other servers, who then pass it to their users. It's why a outlook user can send email to a gmail user. But such a system can be exploited, because a user that is on an arbitrary external server doesn't really have a way to be verified. So we need checks to make sure that emails cannot be forged (otherwise I could set up a server, and send an email with my address being "president@whitehouse.gov"). Ideally, to prevent MITM, we need messages to be encrypted too. But we also have spam, which can follow all protocols to the letter, but where the message itself is the issue. How do we automatically differentiate these messages from messages that we do want, without creating a whitelist that prevents new email servers from jumping through hoops for literally every other email server? There are many opening in such a federated system that can be exploited, and is partly the reason why federated systems in general aren't terribly popular.So to start off with setting up an email server, you require an IMAP service that is set up for the email accounts you want. In my case, I wildcard all addresses into a single account (e.g. ebay@example.net, amazon@example.net for ebay and amazon logins respectively). Because most IMAP services are design to be flexible, there are often many configuration setups and options to specify how to store incoming emails. Multiple users? Multiple accounts forwarding to one user? Storage restrictions? virus scanning? All highly configurable to support use cases from 1-10 users, up to thousands users with redundancies from network layers 1 thru 7, multiple domains, etc. And to combat SPAM, the IMAP service will look at like a dozen different things such as certificates, domain names, white/blacklists that are constantly updated, if the relay is authorised to send on behalf of that domain (according to DNS records), reverse DNS lookup, message & header content, and more. So receiving email is quite complex.
Sending emails requires the other side of the coin - getting other server's trust. Setting up certificates, setting up the domain such that it specifies which IP address can be trusted to represent the domain, having a good history from the specified IP/domain, and a few more. But security is an issue, because SMTP is simply a relay, and if misconfigured (often the default config), it can relay messages from less reputable domains (user@spam.net might want to send a message to user@gmail.com, but rather than sending directly to gmail, they try to use your relay, thereby potentially using your good credentials for their nefarious purposes). If the SMTP is misconfigured, it is also possible to forge mail from that domain (e.g. change the 'from address' from user@spam.net to admin@yourdomain.net). Each of these misconfigs that gets abused by an attacker reflects poorly on your domain's history, eventually getting you on blacklists, and unable to send email.
Another facet is reliability. If your server goes offline for whatever reason when someone sends you an email, then you may never get that message. In theory there a bunch of retransmit attempts that should happen (up to a month later or something by memory), but not all servers abide by the protocol.
So yes, it can be complex, but that is exactly why I did it. My homelab is for learning, and email is a very interesting set of protocols, especially considering how important it is to the world. I now use my email server for all non-essential emails, and am reasonably confident I could fix it in a timely manner if something went tits up. I did specify many problems above, but they are all mostly solved for people that want to host their own. The only one i have trouble with is a reverse DNS entry, which my ISP doesn't provide me with.
Oh, you need to set up DNS, and as i'm sure you've heard when there's a problem - "It's always DNS" (though it is another quite interesting protocol itself).
As for the power usage, I just run 2x 24 port GbE switches that dont require fans, and the cpu/mobo are fairly lightweight DDR4-era consumer hardware. Pretty much cpu/ram/mobo/network card, and a cheap SSD to run the proxmox OS only (network storage over GbE for the virtual servers). Commercial servers have many more 'enterprisey bits and pieces' on them that all suck a little bit of power, which is not much concern to a large business, but made them a bad fit for my efficiency goals. SoC is probably good also, but I dont have any experience with them. But the main thing to remember is that most CPUs will draw almost no power if they can reach idle states, so a fast CPU that works fast, and gets to idle quicker will use less power than a slower one that constantly sits in a higher state. And if your servers are mostly idling, then the power will come from the mobo/expansion cards etc rather than the CPU. I also have a xeon that has no support for iGPUs, and there is no dedicated GPU (unless i'm working on it), so that thing idles like a laptop.
Basically, buy things that aren't noisy, because noisy means it has fast fans, which is probably due to lots of heat generated. Switches and routers are an example of passive cooled devices being lower power. But obviously check that your performance requirements are met too.
-
Comment on I've taken the leap from reddit in ~talk
zmaile Link ParentBut what has one got to do with the other? Capitalising letters and providing detailed answers in a response are two separate things. It's like reading a resume and saying the candidate isn't a...But what has one got to do with the other? Capitalising letters and providing detailed answers in a response are two separate things. It's like reading a resume and saying the candidate isn't a good electrician because they list a hobby of "camping". Sure camping doesn't use electricity, but there is such a thing as reading to far into something.
Sometimes a comment might be providing or requesting advice, or discussing technical concepts, or giving some insight into a philosophical matter, but none of these topics directly require correct capitalisation to provide their meanings. In fact, it would be quite rare that a fully uncapitalised post would provide any additional ambiguity to a correctly formatted one.
You can read into a reddit post to the same level as you would a thesis on a great classic, and probably find many different levels of message and meaning, but that doesn't make them true or valid to the conversation at hand. For example, you can probably read between the lines and figure out I don't capitalise all my i's in every post I write. Does that make this message less valid? Where do you draw the line? How many salient points are you willing to ignore because you want to read messages that were never intended?
Supposes it is acceptable behavior in the writer's social circles? Does your assumption of "look like they don't care about what they're saying" still hold? Now you've missed out on a valid post for no valid reason. Yes they can still be right or wrong, but that isn't because of their grammar.
HAVING said all that however, I still agree with you in principle (though to a lesser degree). Someone should make their message easy to read as to show respect to their readers' time. Occasional spelling/autocorrect mistakes I can accept, as long as I can figure out the intended word. However if they have spelling that distorts the meaning of sentences, or the user doesn't fix autocorrect mistakes multiple times every sentence, then I can't be sure the words I'm correcting to are the actual intended words, and more importantly, it'll take me longer to read (wasting my time).
-
Comment on Do you guys run a home server? If so what do you self host? in ~comp
zmaile Link ParentLaptops make great homelab servers - built in UPS, low power usage, and quiet. As long as they are cleaned every few years of dust, so that noise/temps stay down. My old homelab setup actually had...Laptops make great homelab servers - built in UPS, low power usage, and quiet. As long as they are cleaned every few years of dust, so that noise/temps stay down.
My old homelab setup actually had 3x 'consumer hardware' servers in a rack, with a laptop hooked up inside it (but not visible through the glass door). I forgot it was there after a couple years, until my email went down and I was like "Huh? where is this server? What is this server?" Took me a while to remember because it was so unobtrusive.
-
Comment on Do you guys run a home server? If so what do you self host? in ~comp
zmaile LinkI've got a homelab that runs 1x freeNAS for storage, and 3x custom built servers (for low power usage) that run a proxmox cluster with failover. The actual services are (all running Debian):...I've got a homelab that runs 1x freeNAS for storage, and 3x custom built servers (for low power usage) that run a proxmox cluster with failover.
The actual services are (all running Debian):
- Nextcloud - one main use is to keep track of people's DnD character sheets, as well as where i keep campaign-related material so i can work on it wherever i am
- couple of minecraft servers
- torrent client - this has some scripts to move torrents to the correct location when done
- offsite backup on a VPN - runs a backup each night during offpeak quota time
- mumble server
- XMPP server
- email server
- zabbix server to monitor all the services, network devices, and links. Sends alerts whenever something goes down.
My most recent project on my homelab was to add redundancy to everything possible. I have redundant servers, switches, and disc drives, but lack redundancy on the power (one UPS only), NAS server (one server, but it runs 6x4Tb in RAID 10), and internet connection. I just couldn't justify the costs to duplicate those tasks, when failure only means going offline, but no actual loss of information (configs are all backed up).
It's a fun little setup that has filled my 24U rack, but only uses <200W, and is fairly quiet. Always gives me something new to learn though. And no matter where I am, I can work on until I break the remote connection (which happens way too often).
-
Comment on Office Space at twenty: How the comedy spoke to an anxious workplace in ~movies
zmaile Link ParentInteresting. I haven't watched that move for quite a few years, and i've only now just realised i'm actually doing the exact same thing now. I left my Project engineering career because there was...Interesting. I haven't watched that move for quite a few years, and i've only now just realised i'm actually doing the exact same thing now. I left my Project engineering career because there was nothing interesting to look forward to in my work. Just documentation, and relaying problems from the workers on-site to the drafties, and organising subcontractors. Eventually I just snapped and left the job (twice actually) without any preperation of getting another one.
Luckily I had enough in savings to do this (because long hours meant I didn't have time to spend it), but I'm most likely going to end up working with my hands in my next career. All for that satisfaction at the end of the day, when I can look at something that I did myself, rather than something I simply told someone else to build.
Guess I'll have to watch that movie again tonight.
-
Comment on OpenAI researchers, scared by their own work, hold back “deepfakes for text” AI in ~tech
zmaile Link ParentHaving thought about it, I think i might be overestimating the difference between my hypothetical world, and the one we live in. The tech and resources already exists to do the things I've written...Having thought about it, I think i might be overestimating the difference between my hypothetical world, and the one we live in.
The tech and resources already exists to do the things I've written about. It may indeed make it worse, I think my ideas require an almost openly hostile government or media, because it'd be hard to hide those kind of actions. Sure many people would fall for it, accept it, or whatever, but those that wouldn't accept it would make their voices heard to those that listen. I don't think it could be hidden at such a large scale. -
Comment on 3D Printed Dungeon Tile Recommendations in ~games.tabletop
zmaile Link ParentYou may be offtopic, but that is indeed something I was looking at doing in the future. I'm still setting up my CNC router, and want to do a few more upgrades and prints on my printer, but it's...You may be offtopic, but that is indeed something I was looking at doing in the future. I'm still setting up my CNC router, and want to do a few more upgrades and prints on my printer, but it's going to happen in my future.
On the topic of online tabletop, how does it 'feel' compared to being there in person? I imagine it isn't as good, but I've never actually tried it. I assume the standard setup is a microphone+webcam, with the map+dice done using the software?
-
3D Printed Dungeon Tile Recommendations
So I'm running a D&D 5e campaign, and so far have been doing "theatre of the mind". But it has it's limitations when I want the players to use actual combat strategy in some areas. I have...
So I'm running a D&D 5e campaign, and so far have been doing "theatre of the mind". But it has it's limitations when I want the players to use actual combat strategy in some areas. I have experience a few years ago with using a 25mm paper grid for 3.5e and Pathfinder, which worked well because it was quick to draw a map with whiteboard marker.
Now I have a 3D printer, and I'm wondering if anyone has any dungeon tile recommendations, considering the following:
Firstly, are there any systems that are quick to assemble/disassemble as the players discover new rooms, or we need to clear table space?
Second, stability of the map is important. If a player knocks the map with their hand, will everything collapse, simply shift slightly, or is it rigidly held together?
Third, community: A larger community that contributes (and takes contributions) would be better than a propriety system that doesn't allow homebrew designs.
I've seen a few systems (openlock, openforge, and almost any keyword combination that I can think of is on kickstarter), but I'm finding it hard to get a feel for how popular the systems are, and how well they actually work when on the table.
Does anyone have any recommendations on a good system? I guess i'm most interested in the game flowing smoothly, but I'm not opposed to going to a blank paper grid if that's really the better solution.
8 votes -
Comment on Two-factor authentication for home VNC via Signal in ~comp
zmaile (edited )LinkAn attacker would be able to see if you've started the login process because VNC's open port will become connectable to anyone once the service starts. From there, one only has to guess the...An attacker would be able to see if you've started the login process because VNC's open port will become connectable to anyone once the service starts.
From there, one only has to guess the username, and try the
100k900k possible password combinations. If this was a targeted attack, then they probably know some likely usernames to try too. So now the only thing stopping them from connecting is them being able to try all 100k passwords before you log in.So my first advice would be to set up fail2ban for the VNC service, and use a better password than a 6 digit number. But better again would be a secure connection (VPN, SSH tunnel, whatever) that requires a key (e.g. openssl can be used). Of course, then you need a way to carry the key around with you in a secure way.
-
Comment on OpenAI researchers, scared by their own work, hold back “deepfakes for text” AI in ~tech
zmaile Link ParentI think this may be the first time I've actually worried about AIs. The potential to generate such a large amount of fake news based on fake evidence may be hard to counteract. We have fake faces...I think this may be the first time I've actually worried about AIs. The potential to generate such a large amount of fake news based on fake evidence may be hard to counteract. We have fake faces being generated, I dont imagine it being too long before the subject of photos can become much more arbitrary, then moving that into video form, and audio too. So then we see news stories, citing 'first hand evidence' videos as their source. No one will be able to first-hand verify every story they read, so what will be be able to trust?
Hmm; I'm being very alarmist here. I'm still going to click post, but I will think about it some more and figure out why i'm wrong. It just isn't coming to me yet.
-
Comment on r/Apple is legit? in ~talk
zmaile Link ParentI see apple as having one of the biggest "reality distortion fields" of almost any company that I know of, but I can't figure out why. To be upfront, i'm not a fan of apple's products for myself...I see apple as having one of the biggest "reality distortion fields" of almost any company that I know of, but I can't figure out why.
To be upfront, i'm not a fan of apple's products for myself (for example, I run linux because i want maximum customisability), but I think they make a product that is well suited to people that want a set-and-forget, simple machine (though this isn't the only use case). Basically, I see apple as providing a product that is aimed at a specific market; no more, no less. This obviously creates two camps of people - proponents and opponents. But what I can't figure out is why this fighting seems to be so much more heated with Apple than most other companies.
Perhaps it's just that people without strong opinions one way or the other don't participate much, or are downvoted because their views don't align with either 'side', and that one side eventually 'won'.
-
Comment on AlphaStar: Mastering the Real-Time Strategy Game StarCraft II in ~comp
zmaile Link ParentInteresting read. I might have to look at some starcraft communities to see what their thoughts are. One problem I've seen so far is people that don't know much about AI are humanising the AI too...Interesting read. I might have to look at some starcraft communities to see what their thoughts are.
One problem I've seen so far is people that don't know much about AI are humanising the AI too much, assuming that it 'thinks and feels' and learns like a human, where in reality it is based purely on statistical information (win/loss), which funnily enough tends to be one of the weakest traits in humans. The article you linked seems to be quite fluent in that area, which is unfortunately quite rare in this topic.
-
Comment on I just discovered Steam in ~games
zmaile LinkWell, yes you're late to the party, but that just means you have a lot of awesome stuff to discover. I'm just going to go ahead and suggest Factorio, because it's the kind of game you can't really...Well, yes you're late to the party, but that just means you have a lot of awesome stuff to discover.
I'm just going to go ahead and suggest Factorio, because it's the kind of game you can't really get on a console due to the controls. Beware that it has an unofficial name of 'cracktorio' due to addictive it can be (because it's so fun, not because the devs add exploitative 'features' like daily timers etc). It also has one of the best communities that I know of.
Other than that, i'd suggest you try an RTS or two just to see if you like the genre, again, because they are much better with kb/mouse controls.
City builders can be fun, like cities: skylines or Tropico.
Creeper world is also quite fun to play a quick game or two, and has a great soundtrack.
I dont have a console, so i'm not sure how many of these are actually exclusive to PC, and I also dont really know your favourite genres. But hopefully this helps.
Also, there are plenty of games that aren't on steam too, but not sure if you want them or not.
-
Comment on AlphaStar: Mastering the Real-Time Strategy Game StarCraft II in ~comp
zmaile LinkI'd be interested if the AI's limitations were made to be closer to a human in a physical sense, rather than a statistical sense. What I mean is that a human has two arms that must move both...I'd be interested if the AI's limitations were made to be closer to a human in a physical sense, rather than a statistical sense. What I mean is that a human has two arms that must move both quickly and accurately.
Some strategies of the AI seem to require super-human accuracy in clicking, which isn't reflected in the APM counter. The example is microing the damaged units to flash to the back of the group. It seems like this would require mouse accuracy that is beyond what a human could do repeatedly. Compare this to keyboard hotkeys where a human can pretty reliably press the required key.
I'd be curious is the AI uses less keyboard shortcuts than a human because the mouse accuracy is so high that there is no penalty to using the mouse.
-
Comment on Podcasts in ~tildes
zmaile Link ParentThe same issue exists on reddit though - not all videos are posted to r/videos. For example r/sysadmin will have videos posted that many people outside that sub would find entertaining ("The...The same issue exists on reddit though - not all videos are posted to r/videos. For example r/sysadmin will have videos posted that many people outside that sub would find entertaining ("The system is down" for example).
-
Comment on <deleted topic> in ~games
zmaile Link ParentI know how - They don't focus on ROI, but on making the game better. After they add a new feature, they iterate on it a few times after testing. And speaking of testing, they do that themselves,...I know how - They don't focus on ROI, but on making the game better. After they add a new feature, they iterate on it a few times after testing. And speaking of testing, they do that themselves, and fix problems before releasing to the public so that they aren't sending out a buggy mess. And they do the same for performance - testing and optimising is done not because it's a checkbox, but because it makes the game better.
As for why this happens, I can only assume they started with a good idea, and implemented it well enough that they got the money to do it properly. I have no doubt it costs a lot of money to do things properly.
And it all shows. I find it hard to think of a more polished game (even including fully-released games)
I gotta say, I feel like dune is an underutilised universe. I've always enjoyed it (with what limited reading/viewing I've done), and there aren't many people that dislike it. I guess I'm just surprised it isn't more popular.
Perhaps the owners don't want to share it too much, or it's hard to write stories to fit the existing universe and style.