That’s the bare minimum requirements needed to live in Toronto as a human, lol

Tinc has weird limitations and Wireguard completely obsoletes it. There’s zero reasons to ever consider using Tinc when Wireguard exists.

How are the alternatives any better? Download a DEB that executes arbitrary code, signed with some .asc that’s sitting in the same webserver? Download an EXE?

Your comment is so rambley that I can’t understand whether you’re criticizing the distribution method or the packaging. Both of those are very different in terms of attack surface, if you’re talking about supply chain attacks.

Ford, Stellantis, GM, Honda, Toyota: source (click “Made in Canada”). Both countries assemble many cars where parts are made in the US/Canada/Mexico (see: NAFTA/CUSMA aka USMCA)

edit: also for context, auto manufacturing is a big political football here in Ontario, with politicians always announcing funding and looking for photo ops around it because they’re big employers in manufacturing

Come to Toronto lol

Same thing happens when you put on spandex apparently

This has nothing to do with protecting Canadians and everything to do with protecting big business

I think what no politician wants to admit is that car industry is a strategically important industry and has to be protected for geopolitical reasons alone. We need the manufacturing capability to maintain our industrial base as a hedge against any future conflict. (I lump it in with why you need domestic milk and food production, vaccine production, etc. When the going gets tough, you need that.)

That said, I do feel the bailouts from 2009/2010 were total horseshit and these companies got off scot-free. They’ve had ages to prepare to make EVs and squandered it, and now have to be protected by moves like this. We just end up paying for it, either through subsidies (eg. battery plants) or through the inflated prices of EVs.

Can… can we change that so it does have a curated feed? 57 options isn’t exactly user friendly and it’s not really a solution to OP’s complaint (echoed by others in this thread). Anyone know if the Lemmy devs would accept a patch for something like that?

What a fantastic video, good explainer.

It order to fix that, .ca would need to limit what kinds of communities can be made on this instance

Why not just curate the frontpage feed? I don’t think you can avoid having to do this.

I haven’t tried it personally, but Mox looks like a nice modern mailserver. It might do what you want.

broad, sensationalist strokes

Can you clarify what you perceive as sensationalist about what I wrote? Based on the number of upvotes this thread has, I’m not the only one that thinks this way. (My tax dollars are currently going to fighting cybercrime sponsored by Russia, fighting Russian disinformation campaigns, and providing materiel to fight the Russian military.)

I take great pride and responsibility in my critical thinking skills

Me too, but as I mentioned in another thread, the issue is that not everybody is gifted with those same critical thinking skills, and the impact on those less equipped can be catastrophic. (see: pizzagate shooting)

range of ideas acceptable to post on Lemmy were restricted to those acceptable to our mainstream media

I do think we disagree on this here - For me, mainstream media is primarily good journalism where information is fact-checked and vetted. (Don’t forget there’s libel laws that keep journalists in check too in most countries.) Opinions and editorials represent the views of the writers or newspaper. Every organization has a slant in what they choose to cover and find newsworthy, you just need to be aware of it. With this in mind, I don’t see mainstream media as a bad thing at all or something that needs to be rebelled against. It serves a different purpose from Lemmy.

Where I see Lemmy being useful and interesting is as a news aggregator with insightful discourse in the comments that’s not dominated by inauthentic behaviour. Reddit is completely flooded and driven by marketers and bots, where the content and discourse quality have become low and repetitive, which seems to be the end state of 2000-2010 era social media platform.

I can respect this take. I do worry that burying problematic content isn’t enough these days though. Even if only 2% of the visitors on this site see the content, all it takes is one person to believe there’s a demonic child trafficking ring and then you have someone shooting up a pizza joint. Not everyone who uses the internet has all their faculties and I think that’s an argument for going further than just burying the content. (I suspect we’ll start seeing more pressure on YouTube and Facebook to go further than they have too with regards to problematic content like this.)

Edit: I also think that as platforms have become more strict about their community guidelines, the effectiveness of grand, overt disinformation campaigns has diminished, so bad actors’ strategies are switching to more subtle, softer disinformation campaigns.

And I remember when Reddit, Facebook, and Twitter turned a blind eye to blatant astroturfing and widespread manipulation from around 2015-2020, pretending their sites weren’t overrun with inauthentic behaviour. The lesson from that is that you need to take disinformation and coordinated manipulation seriously if you want to have a viable community on the internet. Lemmy.ca has to get in front of this stuff. (who am I kidding - Reddit and Twitter are still at least 50% bots.)

You don’t have to be a professional to parrot Russian propaganda. How it works is they find a sympathetic ear, and then spoon feed this garbage content with them with the knowledge that someone will post it. Sometimes the content is targeted, other times it’s just pushed through these low quality / fake news sites and then gets picked up on social media and spreads. Sometimes the content starts out neutral-ish, then they build up this pro-Russian slant over time, slowly mixing in all this nonsense. No propaganda feed (for any nation) is 100% propaganda - it’s going to be 20% real news, 20% opinion, 20% opinions parroting Russian state media, etc. etc. It’s similar to the magic mix Facebook gives you in your feed.

Beyond the main issue that this thinly-veiled propaganda community is going to attract the wrong audience and expose the existing/future audience here to utter bullshit, I take specific issue that the end goal is to undermine the security of our fucking country. Russia has been fighting a cyber and information war against us for over a decade and we can’t just look away and pretend it’s harmless. Between allowing state sanctioned cybercriminals to flourish and attack our hospitals with ransomware, to trying to undermine democracy across the globe, we need to step up our game and put our foot down against this shit because it’s going to get a lot worse, and the sooner we nip it in the bud, the better.

Like, what beyond being pro-Russian and having low-quality information do you find problematic with the community?

All I’m going to say is: Does having this community/content around, on Lemmy.CA (the defacto Canadian instance), make this a better community? Is this going to attract the audience we want on the site? Is this the type of content we want to expose that audience to?

Every time I look at this, the value proposition makes no sense to me. The DIY V1 and V2 only have instructions for adding a single HDMI input port (??), and the V3 and V4 are like $350 CAD, which is way more expensive than buying a used KVM on eBay. What am I missing?

I have no experience with portainer, but some apps have an option to disable new user registration, and that’s what I would recommend first. (I do use Keycloak myself too)

I don’t see anyone else actually telling you how to figure out if you’re being DoSed, so I’ll start:

Check your logs. Look at what process is eating your CPU in htop and then look at the logs for that process. If it’s a web application, that means the error and access logs for it. If you see a flood of requests to a single URL, or some other suspicious pattern in the log, then you can try blocking the IPs associated with them temporarily and see if it alleviates the load. Repeat until the load goes down.

If your application uses a database, check your database logs too. IIRC postgres logs queries that take longer than 5 seconds by default, which can make it easy to spot a slow query especially during a time of high load.

I don’t think DNS amplification attacks over UDP are likely to be a problem as I think most cloud providers filter traffic with forged src addresses (correct me if I’m wrong). You can also try blocking all inbound UDP traffic if you suspect a UDP flood but this will likely break DNS lookups for you temporarily. (your machine should not have any open UDP ports in any case though if you’re just running Lemmy).

If you want to go next level, you can use “perf” to generate a system-wide profile and flamegraph which will show you where you’re burning CPU cycles. This can be extremely useful for troubleshooting performance or optimizing applications. (you’ll find that even ipfilters takes CPU power, which is why most DDoS protection happens on dedicated hardware upstream)

I’m not OP but Keycloak is pretty usable for SSO. I’ve configured about 8 different web apps to be integrated with it via OAuth2.