Worse or better on policy, I think the next speaker won’t publicly fellate Trump nearly as much, which is notable.

But, in that case there’s a crime, there’s a body. I don’t think there’s any underlying assertion of illegality here. If this becomes standard legal practice, that it’s illegal to destroy data in general, all paper shredders would have to be thrown out.

I don’t agree. The issue linked in the post and also this one have shown the new maintainer to be antagonistic and evasive.

Yes. The relevant points are that Catfriend’s repo was fully reset, no git history, multiple times this year, supposedly because of sensitive data that was mistakenly checked in. If that’s the case, it might explain why shortly before Catfriend deleted his repo, he created an issue saying something along the lines of ‘stop messing with my desktop’, which could be read as a plea to hackers. The repo went dark, and someone else published it, with Catfriend’s private signing key, which triggered automatic updates for some users, without them knowing the maintainer changed. They also claim to have Catfriend’s github credentials. After staying quiet for a month, Catfriend recently posted on the syncthing forum saying that everything is dandy with the new maintainer, without addressing major concerns. Meanwhile, the new maintainer has made large changes to the codebase without public comments. The last two updates from the new maintainer have been reviewed independently, and reproducible builds are enabled to ensure the apk matches the sources. However, that is assuming that Catfriend’s repo was safe to begin with. In the case of ongoing blackmail, malicious code could have been added during one of the repository resets, or in a large refactor commit.

The sad part is that Catfriend picked up this repo after Syncthing deprecated it, just for his friends and family. I don’t think he is a professional developer, and he very obviously was overwhelmed by the project. Syncthing is a very juicy target for malicious state actors, and trust is crucial. I feel awful to say that I no longer trust Catfriend or his replacement, but the circumstances don’t inspire confidence.

I suggest framing the blog post this way. The way it reads now is like you’re actually suggesting this to other small instance admins. I think it’s OK to play around with new tools, but the article is not self aware in this respect.

EDIT: it’s also comes off like, oh no one silly keystroke nuked my setup, but from an outside perspective, of course it did, it was a house of cards. I think a better framing would be that you dug a large hole for yourself by trying to force enterprise level complexity into a one-person project, and through sheer perseverance it somehow is still alive, but maybe some different architectural decisions early on could have avoided this.

Welcome to Monday Night SMASHBALL!!!

Don’t donate cash to anyone, simple as. Make deliberate choices about who you donate to, do research, budget it, keep receipts, regardless of which organisation shows up at your grocery store. You should always give money to beggars, just not to predatory charities.

Noooo this is possibly the worst case I’ve seen of why the fuck did you complicate things this much?? I blame Claude/Cursor mostly for this one, it seems they steered a lot of the design decisions. Seriously though, if you think you need a bare bones kubernetes setup on 3 small hetzner vpses, only two of which being worker nodes, with a grand total 16gb of RAM, to support fedi instances with around about a single user… Stop. Just stop it already. I obviously feel bad that everything crashed down on them, but if they had taken the time to actually talk to other small instance maintainers, they could’ve spent more time doing proper backup and recovery than messing around with, and I shit you not, I counted 11 unique tools. Nobody needs 11 monitoring, containerization, volume management, dns tools, fucking cloudflare?? To run a single user instance.

Wtf are you talking about? They are carrying guns, they shot back. What they were doing was illegal, and it doesn’t justify murder but let’s not pretend these are morally upstanding people, walking around DC with guns loaded. They are there to instill fear.

The top is where you interrupted it, and the bottom is the last interactive command you entered, dired-find-file.

I’m curious what the output and return value of the command ssh hostname 'test -d /home/username/Documentos/PFCs' is. That is what you interrupted when you sent the signal, it was waiting for a response.

You’ll have to brew your own run conditions I think. For me, it’s not a big deal, just a bunch of documents and pictures and not much gets added every day. But termux does have access to network state, and I’m pretty sure syncthing accepts stop and continue execution signals, so a shell script shouldn’t be too difficult. Another possible option is to use termux:tasker.

I said this in another thread, but apparently it’s not widely known: syncthing works fine on termux, there is no need to install any third party code. You do need to run termux-setup-storage to get access to the shared storage that other apps can access, and I found it worth it to set up the termux:boot app to run syncthing on phone boot. This way only uses the official syncthing repo.

The Toledo Strip is in the picture, but the reason this got fucked up in the first place is actually Indiana just demanding Congress give them access to Lake Michigan, a couple decades before the war. If Indiana didn’t have access to the lake federally recognized, the Toledo Strip dispute would have extended all the way across Michigan’s border, because it was based on competing surveys.

EDIT: I should clarify for everyone who isn’t in the picture, Indiana is the lower left state that touches the lake in its northwest corner. Ohio, bottom right, actually ‘won’ the war and contains the Toledo Strip, and that actually made the jagged edge less fucked up, but Michigan got a giant mountain full of iron as a compromise, which is why all of America’s early car manufacturers ended up in Detroit, making it a city.

I have no idea what you mean. I just had to set this up once on my parents’ phones and now it works all the time, even when they change networks, no port forwarding or any interaction required on their part. Rsync is a cli that requires an existing network connection between two devices, both online, and doesn’t watch files or create a file version history. It is an entirely different tool.

Yeah, it’s odd to me that the syncthing repo makes a point of not officially supporting android, and not making any promises about its continued maintenance. It’s a large part of their user base, but it seems, for some reason, this developer that went dark never spent time to coordinate with or join the core team.

Not as much as the syncthing apps.

Aristotle thought bugs and fish and birds are all animals. I literally don’t know any classification system, or definition, that doesn’t.

The android development always just seemed… off, idk, I just got weird feelings about it and the fork. So I switched my family to use termux and termux:boot to run syncthing instead, it works fine.

I don’t think this is accurate. For one thing, whether a law prohibits or allows something is just a matter of perspective: a law allowing abortion nationally is also a law that prohibits state restrictions on abortion. Another key missing fact is the supremacy clause of the constitution, which says that federal laws are presumed to overrule state laws when they conflict. This is why a lot of ‘blue’ states had terrible abortion laws still on the books when Dobbs happened, because they were nullified by the Roe v Wade ruling in the 70s and they never got around to actually removing the defunct laws.

The supremacy clause is not absolute: the tenth amendment and others restricts how much the federal government can tell states what to do, but I think there are a number of legal arguments against that being the case for a federal abortion law.

This looks like a design decision to avoid running elevated programs. I would like to see the experiment done with another admin ability that doesn’t directly ‘threaten’ the llm, like uninstalling or installing random software, toggling network or vpn connections, restarting services etc. What the researchers call ‘sabotage’, it is literally the llm echoing “the computer would shut down here if this was for real, but you didn’t specifically tell me I might shutdown so I’ll avoid actually doing it.” And when a user tells it “it’s OK to shutdown if told to”, it mostly seems to comply, except for Grok. It seems that this restriction on the models overrides any system prompt though, which makes sense because sometimes the user and the author of the system prompt are not the same person.