AboutSuccessfully recovered from the rm -rf $account! Thank you so much everyone for helping me get back on track ♥️
SkillsSystem administration: 4 years Information security: 3 years Electronics (actively learning): 1.5 years Procrastination: 22 years Feel free to contact me at hello a.t nixmagic.com. Humans only, of course. Bots get redirected straight to /dev/null.
Joined devRant on 7/6/2018
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Making electronics more difficult to repair with security fasteners and ultrasonically welded plastic nightmares and what have you.. what's the point? The argument from manufacturers is that "users don't want to get in there anyway". But, it's not like even if they could, they'd want to, right? Which type of person that doesn't know electronics very well and has an interest in repairing it would go and look at a board, and say "this is how it works, this and that is broken and this is how it should be repaired"? Not many users can repair their own devices regardless. So why? To preserve IP? Not like the Chinese bootleggers care about that. To preserve sales? Users can't repair their stuff anyway. To keep those who want to peek inside out, just for the hell of it? Anyone determined enough will be willing to break it in the process anyway.7
> be me
> spend 0.02 Ether (about €5) on one of those old-school MUD-style games
> send to the same Ethereum wallet from a previous purchase
> realize that the destination wallet changes for each purchase (probably to mitigate the fact that transaction history and contents in Ethereum wallets is entirely public)
> send an email to the game dev asking to return the transaction or pass it on to my player account
> *cricket noises*
About a week later, i.e. now:
*checks that Ethereum account that I accidentally sent that transaction to*
> $0 on it, transaction has been withdrawn
Now I couldn't care less about the €5 - it's only 2 beers worth - but what I do care about is honesty. Dear Chat Wars admin, that money wasn't yours. Also, I am one of those players that plays very few games but tends to commit to those I do play. The last one I played, I spent several hundreds of euros on over the couple of years I played it. I could've probably paid for your servers, spare time development and then some. But obviously not anymore. Choosing a quick grab of €5 over a relatively steady source of income from someone that tends to financially support what he likes... Re-evaluate your life choices.
Just like that incident with the stolen flash drive that was worth only €10... I couldn't care less about the raw value of them, but I do feel very disappointed in humanity when people go for a quick grab of such worthless things.2
I've just revived an old desktop computer today. Turns out that it was running Windows XP, Avast free antivirus, and had Bearshare as a default search engine (in other words, that thing is NOT going to be connected to my network).
But, it also had Chrome installed. So I thought to myself, with 1.25GB of RAM, there's no way that it could run Chrome smoothly. Opened it, and....
It consumed 80MB of RAM. 80 MEGABYTES. And that's not even a clean installation of it, it's a (likely) malware-infested one from a user! Compare that to the Chrome of today.23
.. for the first time I permanently lost access to one of my GPG keys that were actually in use. No revocation certificates, nothing in the keychains on any of my hosts... Keychain flash drive that got stolen had a copy of both, my fileserver used to have a copy of that flash drive until I deleted it to make room for a filesystem migration, and my laptop used to have one.. until I decommisioned it and shredded its hard drive to be deployed somewhere else...
I can't sign my git commits anymore, and I can't revoke the key either.
Long rant ahead.. 5k characters pretty much completely used. So feel free to have another cup of coffee and have a seat 🙂
So.. a while back this flash drive was stolen from me, right. Well it turns out that other than me, the other guy in that incident also got to the police 😃
Now, let me explain the smiley face. At the time of the incident I was completely at fault. I had no real reason to throw a punch at this guy and my only "excuse" would be that I was drunk as fuck - I've never drank so much as I did that day. Needless to say, not a very good excuse and I don't treat it as such.
But that guy and whoever else it was that he was with, that was the guy (or at least part of the group that did) that stole that flash drive from me.
Context: https://devrant.com/rants/2049733 and https://devrant.com/rants/2088970
So that's great! I thought that I'd lost this flash drive and most importantly the data on it forever. But just this Friday evening as I was meeting with my friend to buy some illicit electronics (high voltage, low frequency arc generators if you catch my drift), a policeman came along and told me about that other guy filing a report as well, with apparently much of the blame now lying on his side due to him having punched me right into the hospital.
So I told the cop, well most of the blame is on me really, I shouldn't have started that fight to begin with, and for that matter not have drunk that much, yada yada yada.. anyway he walked away (good grief, as I was having that friend on visit to purchase those electronics at that exact time!) and he said that this case could just be classified then. Maybe just come along next week to the police office to file a proper explanation but maybe even that won't be needed.
So yeah, great. But for me there's more in it of course - that other guy knows more about that flash drive and the data on it that I care about. So I figured, let's go to the police office and arrange an appointment with this guy. And I got thinking about the technicalities for if I see that drive back and want to recover its data.
So I've got 2 phones, 1 rooted but reliant on the other one that's unrooted for a data connection to my home (because Android Q, and no bootable TWRP available for it yet). And theoretically a laptop that I can put Arch on it no problem but its display backlight is cooked. So if I want to bring that one I'd have to rely on a display from them. Good luck getting that done. No option. And then there's a flash drive that I can bake up with a portable Arch install that I can sideload from one of their machines but on that.. even more so - good luck getting that done. So my phones are my only option.
Just to be clear, the technical challenge is to read that flash drive and get as much data off of it as possible. The drive is 32GB large and has about 16GB used. So I'll need at least that much on whatever I decide to store a copy on, assuming unchanged contents (unlikely). My Nexus 6P with a VPN profile to connect to my home network has 32GB of storage. So theoretically I could use dd and pipe it to gzip to compress the zeroes. That'd give me a resulting file that's close to the actual usage on the flash drive in size. But just in case.. my OnePlus 6T has 256GB of storage but it's got no root access.. so I don't have block access to an attached flash drive from it. Worst case I'd have to open a WiFi hotspot to it and get an sshd going for the Nexus to connect to.
And there we have it! A large storage device, no root access, that nonetheless can make use of something else that doesn't have the storage but satisfies the other requirements.
And then we have things like parted to read out the partition table (and if unchanged, cryptsetup to read out LUKS). Now, I don't know if Termux has these and frankly I don't care. What I need for that is a chroot. But I can't just install Arch x86_64 on a flash drive and plug it into my phone. Linux Deploy to the rescue! 😁
It can make chrooted installations of common distributions on arm64, and it comes extremely close to actual Linux. With some Linux magic I could make that able to read the block device from Android and do all the required sorcery with it. Just a USB-C to 3x USB-A hub required (which I have), with the target flash drive and one to store my chroot on, connected to my Nexus. And fixed!
Let's see if I can get that flash drive back!
P.S.: if you're into electronics and worried about getting stuff like this stolen, customize it. I happen to know one particular property of that flash drive that I can use for verification, although it wasn't explicitly customized. But for instance in that flash drive there was a decorative LED. Those are current limited by a resistor. Factory default can be say 200 ohm - replace it with one with a higher value. That way you can without any doubt verify it to be yours. Along with other extra security additions, this is one of the things I'll be adding to my "keychain v2".13
Bit of an odd question maybe, but when sending out your CV to a company over email, what would you expect to be written / write in the email itself?
I've got a sysadmin position that I'd really like to apply to, and it seems like I'm ticking all the boxes, however some of the things like SSH authentication (I mean it's fairly basic, isn't it) I haven't mentioned on the CV at all because I feel it's to be assumed. But I'd like to mention it in the email itself along with motivation. Apparently there's this thing called a "motivation letter"? How does that work?
Point is, I could go on all day about these services they ask about and how they already exist in my home lab, but I'm not entirely sure whether I should just keep it brief and just say "here's my CV and there's my number", or go a bit in-depth about it in the mail. Perhaps something in between?10
I've finally found a goldmine of accurate job listings that don't include Windows shit-administration... So I'm thinking of sending out applications to all of them. Problem is, as you might recall from my previous rants, I had a flash drive with my GPG keypair on it stolen from me. I still haven't fully replaced the key (I made another one and published it but I'm not using it yet), and because I'm fairly confident that this flash drive's data has never been used (so likely just plugged into Windows and formatted), it's unlikely that I'm gonna bother rotating all of the contents that were on that flash drive.
That said however, my emails now all have signatures underneath them as follows:
Met vriendelijke groet / Best regards,
- My outbound email is usually signed with my private key. If not, please don't hesitate to ask me about it through a different communication platform.
IMPORTANT: My keys have possibly been compromised. An encrypted flash drive on which this GPG keypair was stored has been stolen from me. I'm in the process of phasing out and replacing this key. Please do not use it to encrypt any emails to me anymore.
Not entirely sure whether I should remove or keep that last bit. As a potential employer, would you see this as a red flag (he's got encrypted data stolen from him, wtf that's incompetent), or as a nice thing to know that it was properly disclosed (so no secrecy around potential data breaches)? Both seem equally likely so I'm a bit confused about what I should do.10
Just the other day I got back from getting an extra monitor.. and just when I came back home, some older lady that also lives in this residence came to me, all panicked because her left car lights wouldn't turn off. So she asked me whether I could fix it, because I'm a man and therefore technical... Yeah.
Told her I don't know anything about cars (I don't even have a driver's license), and she should ask someone else.. but she kept clinging on to me and eventually I figured.. screw it, how hard can it be?
Got to her car, yada yada yada.. lady opens the door, and it's full of fucking buttons everywhere! No fucking way that I'm gonna dabble with those. So, do the easiest thing first.
"Ma'm, could you please turn on the car?"
*Turns car on, all lights light up*
🤔 Fair enough...
"Hmm.. and what happens if you turn it off now?"
*Turns car off, all lights go off*
Lady: "I've got no idea how you've done it but thank you so much, you're an angel!! 😊"
Me: "Well.. 😅 let's just say that turning it on, off and back on again works at least 90% of the time..."14
Added a bond interface in my Proxmox installation for added cromulence, works, reboot again, works, reboot once more just to be sure, network down.. systemctl restart networking, successfully put the host's network back up.. lxc-attach 100, network in containers is still down apparently.. exit container, pct shutdown 100, pct start 100, lxc-attach again... Network now works fine in containers too.
Systemd's aggressive parallelization that likely tried to put the shit up too early is so amazing!
I'm literally almost crying in despair at how much shit this shitstaind is giving me lately.
Thank you Poettering for this great init, in which I have to manually restart shit on reboot because the "system manager" apparently can't really manage. Or be a proper init for that matter.
And yes I know that you've never had any issues with it. If you've got nothing better to say than that then please STFU. "Works for me" is also a rant I wrote a while back.12
Every time a distro defaults my editor to nano, I lose a brain cell. Why, why this crappy abomination of an editor? Distro maintainers, default to proper vim for an editor like real men! Fucking hell!19
Android Q is actually pretty cool, instabilities here and there and I can't seem to get TWRP to boot on it to get it rooted, but overall it looks pretty usable already, especially for a developer preview.. go go OnePlus 😁18
Le Discord login:
Welcome back! Would you please authenticate after your first and successful login, so that we're sure that you're not a bot?
*15 (I shit you not) craptchas later*
New login location detected! Please check your email too!
FOR FUCKING REAL DISCORD!? How about you please just let me fucking log in already? Or are your audience - gamers - really *that* prone to infections that logins from bots are that big of a problem? Because guess what motherfuckers, then you've got *WAY* bigger problems to fix already. FUCKING LET ME IN!21
Systemd, I fucking love you. When a service crashes, let's just keep it turned off, don't restart it on your own, no need for that. That's what statefulness means, right Poettering? Such an amazing init, well worth the quarter GB of code or however much it is now. And yes I know that the unit files can be edited to achieve that. But seriously, should I really have to do that for each individual service on each individual box, because systemd can't do it on its own?
That feeling when an init system is (relatively) decent at doing everything else it absorbed into itself, yet fucking sucks at being.. a goddamn init. Good game Poettering. Such an amazing init system you wrote there. God fucking dammit man.. how hard can it be? There's OpenRC and BSD's /etc/rc.conf which are literally mere kilobytes of scripts and they do both statefulness and parallelization (in case of OpenRC anyway) *excellently*. Yet systemd can't even do that much? Awesome. Great init. I love it.
Come fucking on man...26
(Follow-up to https://devrant.com/rants/2049733)
Went back to that bar today that I had a fight at about a month ago. Asked about that flash drive I lost there, yada yada.. bar owner gave me her part of the story. Apparently she didn't find that flash drive. So that still leaves me to refresh the keys it stored I guess.
"So you got pretty drunk here, had a ton of Duvels, went to the toilet, and barged out all of a sudden, followed by that incident. But you sat for so long in there.. it was suspicious."
Meanwhile I'm here like "yeah yeah that's what happened, that how I recall it too.. but suspicious? Did she think that I was hacking shit from there?"
"I thought you were taking drugs in there."
".. Oh. ... Not to worry, I don't take drugs."2
Long rant ahead.. so feel free to refill your cup of coffee and have a seat 🙂
It's completely useless. At least in the school I went to, the teachers were worse than useless. It's a bit of an old story that I've told quite a few times already, but I had a dispute with said teachers at some point after which I wasn't able nor willing to fully do the classes anymore.
So, just to set the stage.. le me, die-hard Linux user, and reasonably initiated in networking and security already, to the point that I really only needed half an ear to follow along with the classes, while most of the time I was just working on my own servers to pass the time instead. I noticed that the Moodle website that the school was using to do a big chunk of the course material with, wasn't TLS-secured. So whenever the class begins and everyone logs in to the Moodle website..? Yeah.. it wouldn't be hard for anyone in that class to steal everyone else's credentials, including the teacher's (as they were using the same network).
So I brought it up a few times in the first year, teacher was like "yeah yeah we'll do it at some point". Shortly before summer break I took the security teacher aside after class and mentioned it another time - please please take the opportunity to do it during summer break.
Coming back in September.. nothing happened. Maybe I needed to bring in more evidence that this is a serious issue, so I asked the security teacher: can I make a proper PoC using my machines in my home network to steal the credentials of my own Moodle account and mail a screencast to you as a private disclosure? She said "yeah sure, that's fine".
Pro tip: make the people involved sign a written contract for this!!! It'll cover your ass when they decide to be dicks.. which spoiler alert, these teachers decided they wanted to be.
So I made the PoC, mailed it to them, yada yada yada... Soon after, next class, and I noticed that my VPN server was blocked. Now I used my personal VPN server at the time mostly to access a file server at home to securely fetch documents I needed in class, without having to carry an external hard drive with me all the time. However it was also used for gateway redirection (i.e. the main purpose of commercial VPN's, le new IP for "le onenumity"). I mean for example, if some douche in that class would've decided to ARP poison the network and steal credentials, my VPN connection would've prevented that.. it was a decent workaround. But now it's for some reason causing Moodle to throw some type of 403.
Asked the teacher for routers and switches I had a class from at the time.. why is my VPN server blocked? He replied with the statement that "yeah we blocked it because you can bypass the firewall with that and watch porn in class".
Alright, fair enough. I can indeed bypass the firewall with that. But watch porn.. in class? I mean I'm a bit of an exhibitionist too, but in a fucking class!? And why right after that PoC, while I've been using that VPN connection for over a year?
Not too long after that, I prematurely left that class out of sheer frustration (I remember browsing devRant with the intent to write about it while the teacher was watching 😂), and left while looking that teacher dead in the eyes.. and never have I been that cold to someone while calling them a fucking idiot.
Shortly after I've also received an email from them in which they stated that they wanted compensation for "the disruption of good service". They actually thought that I had hacked into their servers. Security teachers, ostensibly technical people, if I may add. Never seen anyone more incompetent than those 3 motherfuckers that plotted against me to save their own asses for making such a shitty infrastructure. Regarding that mail, I not so friendly replied to them that they could settle it in court if they wanted to.. but that I already knew who would win that case. Haven't heard of them since.
So yeah. That's why I regard those expensive shitty pieces of paper as such. The only thing they prove is that someone somewhere with some unknown degree of competence confirms that you know something. I think there's far too many unknowns in there.
Nowadays I'm putting my bets on a certification from the Linux Professional Institute - a renowned and well-regarded certification body in sysadmin. Last February at FOSDEM I did half of the LPIC-1 certification exam, next year I'll do the other half. With the amount of reputation the LPI has behind it, I believe that's a far better route to go with than some random school somewhere.32
!dev && rant
Temperature causing temper!!!
Me: Dad, can me and sis go swim in the pool?
Dad: No son, you can only swim if it's 25°C or higher.
Which in practice meant that we could only swim a few days each summer. Average in Belgium used to be about 21°C.
Spring 2019, my younger siblings...
Little sis: Mom, can we go swim in the pool?
Mom: Lol sure, it's only April but it's already way hot enough.. and during summer it'll be too hot to do the work on setting up the pool anyway.
Winter 2029, in Antarctica...
Me, to my children: During my old days my children, we had this thing called snow!! And we lived in the wasteland that used to be the glorious Europe, back when it was still habitable.. you should've seen it, now it's a desert, but back then it was awesome!
My children: Mum!! He's acting senile again, and talking about things that don't exist!!!
Coming to the crux of the problem right now, fuck me.. I'm tired as fuck but can't sleep because already in the fucking spring, my house is too fucking hot to be able to sleep without sweating like a pig!!!
!dev && rant
There's one thing that you really shouldn't say to someone who's in crutches, no matter how much your reflexes tell you to. "Are you okay?"
Especially when they're going somewhere, and you can't or don't want to help them do so.
Imagine for a second, you yourself are in crutches and have been limping on one leg for a couple 100 meters to go to where you have to, shopping for food so you don't starve. And then, after those couple hundreds of meters, of course that leg that's been doing double duty for that whole period and took unusually big impacts from jumping up and down onto the ground compared to just walking, you can imagine that it is screaming in agony.
Now imagine someone who comes your way, makes the leg that more than anything wants to sit down somewhere and rest, pause the act of going the way to the beloved place to sit and rest and instead make it take even longer, that person asks you "are you okay?"
OF COURSE I'M OKAY, THAT'S WHY I'M IN FUCKING CRUTCHES!! OF COURSE I'M OKAY, GREAT OBSERVATION SHERLOCK!!!
It's like saying to someone who's so introvert that they haven't opened their mouth even once at a party - likely there because their friends forced them to - "gee, you are silent, aren't you?"
Yes I'm silent, yes I'm introvert!! Why do you point that out? If anything, pretend that I'm not here to begin with!!! Stating that only makes for embarrassment!
Or going back to the leg thing.. this ground my gears more than anything. Every few dozen meters I went and rested on my crutches for a bit, and every hundred or so meters I sat down at whatever I could sit on. And people fucking look judgmentally at you for that apparently. "Look at this guy in crutches, he's sitting down!"
Yeah mate, try limping on one leg for a couple hundred meters and I'll run after you with a whip, looking at you judgmentally every time you even want to *think* about sitting down to rest. Let's see how that goes?
Or rather you fucking judgmental twat, I bet you fat fucking cunt can't even run on 2 legs for a couple hundred meters straight. But let's judge others who are doing such a running exercise for every step they take for wanting to sit and rest, shall we?
No wonder that there's mass shootings every now and then. Such people can make anyone feel fucking murderous!!!7
Looks like Matrix just got educated on hiding administrative stuff behind a VPN, by the guy (or gal, but those don't exist on the internet) that hacked their production infrastructure. Coincidentally, it reminded me of that time when a dev wanted to educate me, a sysadmin, about VPN's 😄
What I've learned from this incident are 2 things.. well mainly 2 things.
1. Never *ever* entrust developers with production access. Let DevOps take care of the glue that sticks dev and prod together.
2. Trust nobody's competence but your own. Matrix was advertised as "highly secure", and then they do a fuckup like this. Only trust yourself, and ensure that you're in control.4
Oh Christ.. just been looking for hosting companies here in Belgium to look for sysadmin positions.. one of the fucking companies posted this: "we provide Uptime-as-a-Service"
The fucking cringe!!! Uptime as a service! Everything including the only fucking job a hoster has, keeping shit up and running.. as a service.. fuck!6
*wants to download some YouTube videos in youtube-dl*
$ youtube-dl --a-bunch-of-options
> Can't download this, sorry.
*realizes that Ubuntu probably has an outdated version like usual*
# apt remove youtube-dl
*Realizes that this steaming pile of shit pulled in some icons and Wayland on a headless server*
# apt autoremove
> 300-something MB cleared
For a command-line tool...
# pip install youtube-dl
# apt install ffmpeg
$ youtube-dl --audio-format mp3 -o "%(title)s.%(ext)s" https://youtube.com/playlist/...
> Sorry mate, a video was removed from this playlist! Let me go ahead and shit the bed on this issue that's been reported several times since 6 years ago.
*finds an issue on GitHub reporting this, add -i option to continue on error*
$ youtube-dl --audio-format mp3 -o "%(title)s.%(ext)s" https://youtube.com/playlist/... -i
> There you go, your .webm files as requested!
But.. I requested .mp3 output? --audio-format mp3, don't you see?
> Oh no you need to add in another option to tell me to actually do that first. --extract-audio, you see?
But why.. why do you need to be told that twice? Oh ffs, fuck it.
Reminds me of robocopy. That shit required me to tell it 25 times what to do and it'd still not do it right as well. And you know what, compared to rsync where -avz works 99% of the time, I hate it.10
Namecheap: *cricket noises for over a year*
Today: "hEy ThErE cOnDoR, yOuR dOmAiN WiL eXPirE iN 24 hOuRs!1! rEnEw NoW, yOU rEadY?"
Me: "No you motherfucking bastards, a bank transfer takes 3 days at least. Oh wait you don't even accept bank transfer, how convenient!"
And what if I didn't see that email right after your fucking craptacular automated notification system sent it to me, hmm? Don't you Namecheap of all companies know how fucking *vile* domain squatting on the .com is?!!
MOTHERFUCKING CUNTS!!! Jeopardize my domains like that *one more fucking time*, and guess who will be taking his assets to the sexist bastards that I tried avoiding for so long, GoDaddy! FUCKERS!!!23
Tried deploying a new nginx server today, wrote the site config manually.
"Alright, done! Let's restart the service and look in the browser how it looks"
# systemctl restart nginx
> Process exited with error code.
> Unexpected } on line 13.
# vim /etc/nginx/sites-enabled/thatconfig.conf
"Wait wtf.. there's nothing wrong with the curly braces.. they're all opening and closing as they should..."
*takes another closer look*
Line 12, missed a fucking semicolon 😑
Append semicolon, :wq, # systemctl restart nginx
Works like a charm 🙄 all because of a stupid semicolon.
Until now I thought that the semicolon jokes were just lame.. but damn you semicolon, you are indeed the superior hide and seek player 😅13
Just earlier today I was looking at the hosting packages for a local hosting provider in my country (who shall remain unnamed as I want to work there and criticizing them might not be a very good idea right now) and they start at €250/month apparently. I thought - that's fucking ridiculous!
Like for real, I could literally buy a server for.. I dunno, €600 from the likes of bargainhardware.co.uk with some pretty darn good specs, put it in my home, get a business contract with my ISP for say around €100/month (and use it for my own purposes as well instead of my consumer contract, win-win!), and the server would pay for itself in no more than half a year, probably even less! And you're even getting the actual hardware with it!! And that is for the price of that hosting provider's starting option!!!
Now I know what you're thinking, sure there's more to servers than just the server itself, like redundant power, generators, SLA, multiple routers and switches, and all sorts of failover measures. And you are absolutely right. But does that really justify a rental cost of a server of €250/month?
Not only that, even their shared hosting.. shared hosting, the dreaded, shitty shared hosting! solution is starting at around €10/month. I'm paying about €5/month for 3 light-duty servers and a domain for Christ's sake!
So.. is this hosting provider just expensive as fuck or is this really the industry standard, particularly for the dedicated hosting part? And maybe that's why some services like.. say devRant which apparently gets around €600/month from 299 supporters at the time of writing, yet still has @dfox and @trogus pay from their own wallets for it (if at all possible, please let me know if that's still the case).. I wonder if those costs are all really justifiable?
It just strikes me as odd.. you can get *a lot* of server for a couple hundred bucks if you do it well.. no?21
I think I finally found a reason to have a phone with 8GB of RAM.
So that when TWRP craps out on data decryption and decides not even to ask for a password, at least I can push a whole fucking ROM into RAM to unfuck the phone. Because why not?! Why on Earth would software work properly when you can just throw more hardware at it?
Long live FBE, TWRP what craps out on it, and you remember those things.. SD cards for data storage? I could've used an unencrypted SD card so fucking badly right now, you know... Long live soldered in storage that's encrypted, "for security". Except for when the person who owns said data actually wants to use the bloody data.
I've just noticed something when reading the EU copyright reform. It actually all sounds pretty reasonable. Now, hear me out, I swear that this will make sense in the end.
Article 17p4 states the following:
If no authorisation [by rightholders] is granted, online content-sharing service providers shall be liable for unauthorised acts of communication to the public, including making available to the public, of copyright-protected works and other subject matter, unless the service providers demonstrate that they have:
(a) made best efforts to obtain an authorisation, and
(b) made, in accordance with high industry standards of professional diligence, best efforts to ensure the unavailability of specific works and other subject matter for which the rightholders have provided the service providers with the relevant and necessary information; and in any event
(c) acted expeditiously, upon receiving a sufficiently substantiated notice from the rightholders, to disable access to, or to remove from, their websites the
notified works or other subject matter, and made best efforts to prevent their future uploads in accordance with point (b).
Article 17p5 states the following:
In determining whether the service provider has complied with its obligations under paragraph 4, and in light of the principle of proportionality, the following elements, among others, shall be taken into account:
(a) the type, the audience and the size of the service and the type of works or other subject matter uploaded by the users of the service; and
(b) the availability of suitable and effective means and their cost for service providers.
That actually does leave a lot of room for interpretation, and not on the lawmakers' part.. rather, on the implementer's part. Say for example devRant, there's no way in hell that dfox and trogus are going to want to be tasked with upload filters. But they don't have to.
See, the law takes into account due diligence (i.e. they must give a damn), industry standards (so.. don't half-ass it), and cost considerations (so no need to spend a fortune on it). Additionally, asking for permission doesn't need to be much more than coming to an agreement with the rightsholder when they make a claim to their content. It's pretty common on YouTube mixes already, often in the description there's a disclaimer stating something like "I don't own this content. If you want part of it to be removed, get in touch at $email." Which actually seems to work really well.
So say for example, I've had this issue with someone here on devRant who copypasted a work of mine into the cancer pit called joke/meme. I mentioned it to dfox, didn't get removed. So what this law essentially states is that when I made a notice of "this here is my content, I'd like you to remove this", they're obligated to remove it. And due diligence to keep it unavailable.. maybe make a hash of it or whatever to compare against.
It also mentions that there needs to be a source to compare against, which invalidates e.g. GitHub's iBoot argument (there's no source to compare against!). If there's no source to compare against, there's no issue. That includes my work as freebooted by that devRant user. I can't prove my ownership due to me removing the original I posted on Facebook as part of a yearly cleanup.
But yeah.. content providers are responsible as they should be, it's been a huge issue on the likes of Facebook, and really needs to be fixed. Is this a doomsday scenario? After reading the law paper, honestly I don't think it is.
Have a read, I highly recommend it.
Crap.. got myself into a fight with someone in a bar.
Hospitalized, turns out that my knee is bruised and my nose is broken. For some reason the knee hurts much more than the nose though.. very weird.
Just noticed that some fucker there stole my keychain USB stick too. Couldn't care less about the USB stick itself, got tons of those at home and hard drive storage even more so (10TB) but the data on it was invaluable. It held on a LUKS-encrypted partition, my GPG keys, revocation certificates, server backups and everything. My entire digital identity pretty much.
I'm afraid that the thief might try to crack it. On the flip side, if it's just a common Windows user, plugging it in will prompt him to format it.. hopefully he'll do that.
What do you think.. take a leap with fate and see how strong LUKS really is or revoke all my keys and assume my servers' filesystems to be in the hands of some random person that I don't know?
Seriously though.. stealing a fucking flash drive, of what size.. 32GB? What the fuck is wrong with people?50
Regarding Article 13 (or 17 or wherever it moved to now)… Let's say that the UK politicians decide to be dicks and approve the law. After that, we need to get it engineered in, right? Let's talk a bit about how.. well, I'd maybe go over it. Been thinking about it a bit in the shower earlier, so.. yeah.
So, fancy image recognition or text recognition from articles scattered all over the internet, I think we can all agree.. that's infeasible. Even more so, during this lobby with GitHub and OpenForum Europe, guy from GitHub actually made a very valid point. Now for starters, copyright infringement isn't an issue on the platform GitHub that pretty much breathes collaboration. But in the case of I-Boot for example, that thing from Apple that got leaked earlier. If that would get preemptively blocked.. well there's no public source code for it to get compared against to begin with, right? So it's not just "scattered all over the internet, good luck crawling it", it's nowhere to be found *at all*.
So content filtering.. yeah. Nope, ain't gonna happen. Keep trying with that, EU politicians.
But let's say that I am a content creator who hates the cancer of joke/meme because more often than not it manifests itself as a clone of r/programmerhumor.. someone decides to freeboot my content. So I go out, look for it, find it. Facebook and the likes, make it easier to find it in the first place, you dicks. It's extremely hard to find your content there.
So Facebook implements a way to find that content a bit easier maybe. Me being the content creator finds it.. oh blimey! It can't be.. it's the king of freebooting on Facebook, SoFlo! Who would've thought?! So at that point.. I'd like to get it removed of course. Report it as copyright infringement? Of course. Again Facebook you dicks, don't make it so tedious to fill in that bloody report. And look into it quickly! The videos those SoFlo dicks post is only relevant in the first 48h or so. That's where they make the most money. So act more quickly.
So the report is filled, video's taken down.. what else? Maybe temporarily make them unable to post as a bit of a punishment so that they won't do it again? And put in a limit to the amount of reports they can receive. Finally, maybe reroute the revenue stream to the original content creator instead. That way stolen content suddenly becomes free exposure! Awesome!
*suddenly realizes that I've been talking about the YouTube copyright strike system all along*
… Well.. maybe something like that then? That shouldn't be too hard to implement, and on YouTube at least it seems to be quite effective. Just imagine SoFlo and the likes that are repeat offenders, every 3 posts they get their account and page shut down. Good luck growing an audience that way. And good luck making new accounts all the time to start with.. account verification technology is pretty good these days. Speaking of experience here, tried bypassing Facebook's signup hoops a fair bit and learned a bit about some of the things they have red flags on, hehe.
But yeah, something like that maybe for social media in general. And.. let's face it, the biggest one that would get hurt by something like this would be Facebook. And personally I think it's about time for that bastard company to get a couple of blows already.
What are your thoughts on this?8
That's it. I fucking quit.
Over a month of unpaid work, developing your stupid course, only to get a high-quality outline rejected because "it's not what we wanted" again.
First outline, fuckers ask to do something with a Raspberry Pi and Yocto. Fine, but no Yocto as I don't know anything about it and the coworker doesn't even have a Raspberry Pi to flash the images on. Micromanagement guy (god I hate that word) agrees, fine no Yocto then. So no Yocto it is.
2 weeks later... Course outline is finished. Review stage.. rejected. Needs moar Yocto.
Fine... I'll include Yocto. Coworker was put off the course, I'm exclusively on it now. Time to do it well and get my feet wet with Yocto.
2 weeks later... Course outline is finished and looks pretty good. Review stage.. rejected. Needs less Raspberry Pi. Do it without the Raspberry Pi.
An embedded systems course whose core component is that fucking Raspberry Pi. Omit it they said. WHAT?!!
"Oh yeah but there's this other course that's selling like hot pockets, we can just redo that in videos. Make it more like that course."
You.. you can't be for real, can you? If students want to take that course... What makes you think that they wouldn't just pick.. *that damn course* then?
"But hey" micromanager said, "don't loose hope and confidence, I'm here🤪"
🤪. That describes your level of competence pretty well, you stinking piece of apeshit.
Go back to your micromanaging, at least you don't completely fucking suck at that.
2 times rejected because YOU fucking company's board can't describe your desires in a course properly. You know what, I think I'm starting to understand why web devs keep on complaining about indecisive clients now. Because you know company's board, you seem a lot like those clients from hell. Eat shit.
Me: hey dev, my in-app purchase isn't reflected on other phones with your app
Dev: *cricket noises*
About a week later...
Google Play: an update for this app is available
20 minutes later...
Dev: nope, that isn't an issue.
You updated the app minutes ago after being silent for so long. No mention of it being fixed in the changelog, no mention of it being fixed in the reply.. nothing. But I'll eat my hat if you didn't silently add it in and shoved it under the rug. Dickhead.
At least the issue doesn't exist.. anymore.
Please don't be like that...8