• 0 Posts
  • 335 Comments
Joined 2 years ago
cake
Cake day: October 4th, 2023

help-circle

  • I’m not familiar enough with Cloudflare’s error messages — or deployment with Cloudflare — to know what exact behavior that corresponds to, but I’d guess that most likely it can open a TCP connection to port 443 on what it thinks is your server, but it’s not getting HTTPS on that port or your server isn’t configured to serve up the right certificate for that hostname or the web server software running on it is otherwise broken. Might be some sort of intervening firewall.

    I don’t know where your actual server is, may not even be accessible to me. But if you have a Linux machine that can talk to it directly – including, perhaps, the server itself – you should be able to see what certificate it’s handing back via:

    $ openssl s_client -showcerts -servername akaris.space IP-address-of-actual-server:443
    

    That’ll try to establish a TLS connection, will send the specified server name so that if you’re using vhosting on the server, it knows which site to return, and then will tell you what certificate the web server used. Would probably be my first diagnostic step if I thought that there was a problem with the TLS handshake on a machine I was running.

    That might provide enough information to you to let you resolve the issue yourself.

    Beyond that, trying to provide much more information probably isn’t possible without more information about how your server is set up and what actually is working. You can censor IP addresses if you want to keep that private.




  • I’m sorry, you are correct. The syntax and interface mirrors docker, and one can run ollama in Docker, so I’d thought that it was a thin wrapper around Docker, but I just went to check, and you are right — it’s not running in Docker by default. Sorry, folks! Guess now I’ve got one more thing to look into getting inside a container myself.


  • tal@lemmy.todaytoSelfhosted@lemmy.worldI've just created c/Ollama!
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    13 days ago

    While I don’t think that llama.cpp is specifically a special risk, I think that running generative AI software in a container is probably a good idea. It’s a rapidly-moving field with a lot of people contributing a lot of code that very quickly gets run on a lot of systems by a lot of people. There’s been malware that’s shown up in extensions for (for example) ComfyUI. And the software really doesn’t need to poke around at outside data.

    Also, because the software has to touch the GPU, it needs a certain amount of outside access. Containerizing that takes some extra effort.

    https://old.reddit.com/r/comfyui/comments/1hjnf8s/psa_please_secure_your_comfyui_instance/

    ComfyUI users has been hit time and time again with malware from custom nodes or their dependencies. If you’re just using the vanilla nodes, or nodes you’ve personally developed yourself or vet yourself every update, then you’re fine. But you’re probably using custom nodes. They’re the great thing about ComfyUI, but also its great security weakness.

    Half a year ago the LLMVISION node was found to contain an info stealer. Just this month the ultralytics library, used in custom nodes like the Impact nodes, was compromised, and a cryptominer was shipped to thousands of users.

    Granted, the developers have been doing their best to try to help all involved by spreading awareness of the malware and by setting up an automated scanner to inform users if they’ve been affected, but what’s better than knowing how to get rid of the malware is not getting the malware at all. ’

    Why Containerization is a solution

    So what can you do to secure ComfyUI, which has a main selling point of being able to use nodes with arbitrary code in them? I propose a band-aid solution that, I think, isn’t horribly difficult to implement that significantly reduces your attack surface for malicious nodes or their dependencies: containerization.

    Ollama means sticking llama.cpp in a Docker container, and that is, I think, a positive thing.

    If there were a close analog to ollama, like some software package that could take a given LLM model and run in podman or Docker or something, I think that that’d be great. But I think that putting the software in a container is probably a good move relative to running it uncontainerized.



  • I like self checkout. I struggle with talking to people and it can really drain on me so it’s a godsend to have if I only need to run in for a few things.

    Valid take.

    That being said, I’d probably prefer human checkout unless we can get a more-automated form of self checkout. Self checkouts have gotten a lot better since the early days, but human checkers are still faster than I am at the self-checkout and if a human is doing the checkout, I can dick around on my phone or whatever.

    Cost savings are nice, but cost savings on my groceries just aren’t a massive concern for me. There just isn’t that much human time being expended on checking my back out. I don’t have strong feelings about the human interaction one way or another.

    Maybe one day, we can get some sort of robotic arm setup that can do checkouts as well as a human checker, and then I’d quite happily be in the “machine” camp.


  • If you had the wedding photos in question professionally taken, it might be that the photographer, if they’re still around, might have copies. I don’t know whether they retain copies, but I suppose asking can’t hurt.

    This place says up to a year:

    https://www.wanderlustportraits.com/how-long-photographers-keep-photos/

    Photographers typically keep photos of their clients for a minimum of 90 days and up to a full year as part of standard practice; however, if this is important to you, review the contract and ask your professional.

    This guy says forever:

    https://old.reddit.com/r/WeddingPhotography/comments/96ckow/how_long_do_you_hold_on_past_wedding_photos/

    I keep ALL files on two 16tb drives drives. Those drives never get wiped and I will always keep two copies even when they fill up. One internal on sata for reference and one off site. When I first started shouting, I was cheap and deleted RAWs and just kept high res jpegs. I have clients coming back for albums and I am stuck re-editing the jpegs to match in the albums. Lesson learned. If you do want to consolidate, then keep the RAWs of the editor we jpegs and delete the unused. But that’s more hassle than the cost to store unused raws. You can also rely on cloud source but you never know if you’ll ever switch cloud servers or move onto another business on want to stop paying cloud fees. For the high volume photographers it becomes wise to invest in tape drives. HDD have lives of 10 years. So eventually all those old drives will need to be transferred to newer drives. Budget this into your bottom line


  • I was consolidating data from multiple old drives before a major move—drives I had to discard due to space and relocation constraints. The plan was simple: upload to OneDrive, then transfer to a new drive later.

    I’m assuming that the reason that he didn’t just do the transfer to a new drive instead of to OneDrive (which seems like it’d be more-straightforward) is because the new drive was going to also be a system disk, not just hold his data.

    I think that it would have been a good idea to get a second new drive and have done that transfer just so that there’s a backup. I mean, it doesn’t really sound like the user was planning to wind up with a backup of his data, or for that matter, that he had a backup to start with.

    Maybe OneDrive locking the account was unexpected, but drives can fail or be inadvertently erased or whatever. If you’ve got thirty years of irreplaceable data that you really badly want to keep, I’d want to have more than one copy of it. The cost of a drive to store it is not large compared to the cost involved in producing said data.


  • tal@lemmy.todaytoSelfhosted@lemmy.worldOpen Source Paid Remote Desktop
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    4
    ·
    edit-2
    27 days ago

    The last time I used a commercial VPS, I’m pretty sure it used VNC to provide console access.

    The VNC software I linked to above appears to support TLS. If TLS isn’t sufficient transport security, then most Internet-using software is going to be in trouble.

    I’m not sure what you mean by subjective.

    I haven’t looked at the VNC protocol for a while, but I don’t think that it imposes any terrible inefficiencies. A couple of decades back, I needed to implement something quick-and-dirty similar to VNC, and went with rendering window contents and handling dragging of windows locally, which I don’t believe that VNC can do (or didn’t then) but IIRC VNC has a tile cache, which, if intelligently used, should avoid most traffic. Dunno if it can deal well with efficiently rendering visual effects.




  • I mean, they kind of drive the point home further in the article:

    So far, we’ve observed six devices total that we believe were targeted for exploitation by this threat actor, four of which demonstrated clear signatures associated with NICKNAME, and two which demonstrated clear signs of successful exploitation. Interestingly, all of the victims had either previously been targeted by the Chinese Communist Party (CCP) e.g., they were confirmed to have also been targeted by Salt Typhoon; they were engaging in business pursuits counter to or of particular interest to the CCP; or they had engaged in some sort of activism against the CCP.


  • I mean, at least tell them what the correct usage is.

    OP, you probably want “software package” or “a piece of software”.

    “Software” is a mass noun, like “butter”. You can’t have “a butter”. You can have “a pound of butter”.

    In English, mass nouns are characterized by the impossibility of being directly modified by a numeral without specifying a unit of measurement and by the impossibility of being combined with an indefinite article (a or an). Thus, the mass noun “water” is quantified as “20 litres of water” while the count noun “chair” is quantified as “20 chairs”. However, both mass and count nouns can be quantified in relative terms without unit specification (e.g., “so much water”, “so many chairs”, though note the different quantifiers “much” and “many”).

    https://en.wiktionary.org/wiki/software

    Usage notes

    Software is a mass noun (some software, a piece of software). By non-native speakers it is sometimes erroneously treated as a countable noun (a software, some softwares).

    A something” is only correct if the noun is a countable noun.


  • I have a ~400 Wh powerbank in my car. It charges off the cigarette lighter when it needs charging and the engine is running. That greatly increases my ability to run higher loads on a short term basis, and gives me wall power. I can also haul it to a power plug and charge it if need be. It also lets me power a laptop if I’m parked.

    I use my phone for navigation, and a mount for when I’m on longer trips.

    I think that a Pi might make sense if you need something that a phone can’t do, more-intensive compute, but if a phone can handle it, it might be preferable, since you’re probably going to sporadically upgrade your phone anyway and probably have it with you.

    The phone crashing is going to be a problem even for non-satnav use, so it might be worth replacing.

    One thing I noticed was that my phone could overheat—at least in its case, haven’t tried removing it—if it continuously ran OSMAnd for navigation. That’d make it reboot. A quick and easy way to avoid the problem is just to toggle off the OSMAnd display. The satnav still works, and you get verbal prompts, just need a double-tap on the hamburger button or whatever to bring it back. Probably it’d be better to have a feature to throttle OSMAnd screen updates (reduce battery usage too) since I don’t need super-rapid redraw on a screen that I’m rarely looking at. Dunno if that might be what affects you.


  • tal@lemmy.todaytoSelfhosted@lemmy.worldStorage options help
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    1 month ago

    I have a JBOD SATA USB-C enclosure that can do eight drives and has a fan. I’ll follow up with the name in twenty minutes or so; not by it at the moment.

    It took me a while to find it when I got it, because my previous JBOD USB-C enclosure — as with, apparently, most enclosures — didn’t have the ability to power back up on power loss without the power-on button being pushed. This has a mechanical button that locks in and doesn’t have that issue. If that’s something that would matter to you, I’d look for that when making a purchase.

    It’s not a hardware RAID enclosure, but if you’re using it on a Linux system, you can set up RAID in software on that.

    EDIT:

    https://www.amazon.com/Syba-Swappable-Drive-External-Enclosure/dp/B0DCDDGHMJ

    Also, follow-up point, but if you don’t have a backup already, I’d do that and then if you still want a RAID setup for data redundancy on top of that to reduce downtime in the event of a failure, do that then. RAID won’t guard against some issues that a backup will.


  • VR will never become mass market until it no longer means wearing a big silly looking thing on your head.

    There are various types of HMDs that look more or less like glasses, though those aren’t really VR-oriented.

    For myself, I don’t care what it looks like to other people.

    But what I want is a monitor replacement. Something that is at least as good as a monitor. Comfort, resolution, clarity, ability to be worn all day, etc. Give me a better monitor, and I will buy that.

    Existing headsets aren’t there.

    They can provide a wider field of view than a monitor, which is good for filling peripheral view in some games. But they aren’t something that people would use as a general monitor replacement. You don’t want to code or web-browse all day on them.

    If it’s not a monitor replacement, then it’s a toy, a specialized accessory for a small number of games. I’m not saying that that isn’t worthwhile to some people. If I were a hardcore flight-simmer, a genre that is a good match for the technology, that might be worth it to me. But it’s definitely not a no-brainer, and it’s something that I’d just pull out on specific occasions to enhance a game.

    I have a flightstick, throttle, and pedals, and those are, frankly, probably larger wins for flight-simming, and I rarely wind up pulling those out. They mostly gather dust.



  • But the the requirements for a server that “does it all” remains a mystery to me.

    “All” can include anything. I mean, you can include a home parallel compute render farm that will cost millions of dollars.

    You’re going to have to narrow it a bit down. You can have people maybe suggest some of the things that they use their systems for. Maybe it’s hosting services for a cell phone that some people use cloud-based services for. Maybe it’s home automation. Maybe it’s a webserver. Maybe it’s AI image generation.

    EDIT: To put it another way, a self-hosted server is just a computer, often without a monitor and keyboard directly attached, that you have in your physical possession. The range of things that that might be used for and capabilities it might have is really broad. It’s like saying “I want a vehicle. What is a vehicle that can do everything?” I mean, that might be a bicycle or a three-trailer road train, depending upon what you’re going for.