Skip Navigation

dan

@ dan @upvote.au

Posts
10
Comments
3804
Joined
3 yr. ago

Aussie living in the San Francisco Bay Area.Coding since 1998..NET Foundation member. C# fan https://d.sb/Mastodon: @dan@d.sb

  • ‘We need to do our due diligence’: Harlingen [Texas] approves 120-day data center moratorium

    Jump

  • The companies actually buy a lot of equipment and supplies locally, and use local construction crews where possible (if there's enough of them available in the area).

    One of the things that people are annoyed about with data centers is that even if the company does buy things locally, they often get exempted from sales tax. For example, Texas and Ohio exempt data center equipment purchases from sales tax, and Meta negotiated a 20-year exemption from sales tax for their big Hyperion campus in Louisiana.

  • Paperless-ngx and seeking suggestions for getting into a decent workflow

    Jump

  • That's true, but the stickers weren't much work so I figured I'd try them out.

  • You can no longer Google the word 'disregard'

    Jump

  • Kagi is great, but not everyone wants to pay for a search engine (even though it's the best way to get a product where the developers care about you and your privacy).

  • Paperless-ngx and seeking suggestions for getting into a decent workflow

    Jump

  • paperless treats it as a single ASN number row and reports the highest used.

    This is OK as long as you consistently use the QR codes to assign ASNs.

  • Paperless-ngx and seeking suggestions for getting into a decent workflow

    Jump

  • If your scanner supports scanning to a network share, install Samba on your Pi and share the paperless-ngx incoming directory. My ScanSnap iX1600 supports this, but I'm not familiar with other models. I had to configure the scanner using the Windows app to add the SMB details, but once it's configured, it works without a computer attached.

    Paperless-ngx also supports email. You can set up a separate email account for it, then forward it any documents you want to keep to it.

    For documents you need to keep a physical copy of, use ASNs (archive serial numbers) to correlate the physical and virtual copy. You can use QR code stickers to automatically set the ASN in paperless-ngx. I posted a nested comment with more details about this.

    Consider using paperless-ai to use an LLM to tag and title your scanned documents automatically. It needs a webhook to be configured. Consider a local model if possible, and if you want to use a hosted model, review the provider's privacy policy to ensure they do NOT train the AI on user content.

  • Paperless-ngx and seeking suggestions for getting into a decent workflow

    Jump

  • And file away your scanned papers separately,

    I'd recommend using ASN (archive serial numbers) for documents you store a physical copy of, following the recommended flow

    I printed ASN QR code stickers, using the smallest Avery labels I could find (Avery 5267 in the USA, L4731REV-25 in Europe) along with their free online design app.

    For documents I want to keep, I stick a QR code sticker on them before scanning. Paperless-ngx automatically detects the QR code and sets the ASN. I then file it away in a folder that's sorted by ASN. When I need to find the physical copy again, I first look in Paperless to find the ASN, then find the document in the folder (pretty quick since all documents are sorted).

    You'll need to set the following settings:

     
        
PAPERLESS_CONSUMER_ENABLE_BARCODES=true
PAPERLESS_CONSUMER_ENABLE_ASN_BARCODE=true
PAPERLESS_CONSUMER_BARCODE_SCANNER=zxing

  • You can no longer Google the word 'disregard'

    Jump

  • You're just injecting yourself though 🤔

  • You can no longer Google the word 'disregard'

    Jump

  • use &udm=14

    Most users aren't going to know what that means. It's the "Web" tab at the top of the search results.

  • You can no longer Google the word 'disregard'

    Jump

  • I was going to suggest this too. The "Web" tab is very useful.

  • How it feels to Torrent something with one seed:

    Jump

  • It's also worth checking debrid services like Real Debrid, Premiumize, TorBox, AllDebrid, etc to see if they have the torrent cached, if you have an account at any of these services. Sometimes there's torrents with 0 or 1 seeds that are still cached, especially if it's a movie or TV show.

    If it's cached then you could just download it at full speed from the cache then use those files to seed.

  • YouTube really showing top quality in recent update

    Jump

  • I've been meaning to try this. It's backed by Louis Rossman, so I'm sure it's great.

  • Even my own code sometimes.

    Jump

  • These days I see so much AI slop that my reaction when I see code I hand-wrote myself is "hey, that's pretty good".

    My team's code is great, but we use a lot of shared code written by other teams, with varying levels of quality.

  • Waymo Fleet More Than Triples In Size Year-over-Year, According to NHTSA Recall Data

    Jump

  • Even with gratuity, Waymo is usually more expensive. Their operating expenses are far higher since they own their vehicles.

  • Are there any FOSS NAS servers for a Marvell arm SOC?

    Jump

  • Do you know exactly which SoC it uses?

    It's probably a 32-bit ARM processor. Most NAS-focused operating systems have removed support for these, if they even supported them at all. OpenMediaVault recently removed support for 32-bit ARM and only support 64-bit now: https://www.openmediavault.org/?p=4002.

    Having said that, some OSes still support them. You should be able to get Debian running if it's an ARMv7 CPU or newer. Debian did support older ones, but they're being phased out and no longer build an installer for them.

  • Virginia becomes first Southern state to mandate paid family and medical leave for workers

    Jump

  • It's not universal health care at all though. It just means you still get paid some portion of your regular salary when you take sick leave. The health care costs are still there.

  • Virginia becomes first Southern state to mandate paid family and medical leave for workers

    Jump

  • California has had paid medical leave since 1946 and paid family leave since 2002, so there's already precedents.

  • PSA: open source security considerations in the era of LLMs

    Jump

  • Open source projects are particularly vulnerable here since anybody can just grab the source and throw an LLM at it to see if it can find exploits.

    On the other hand, this means that they should end up more secure. Open-source projects get far, far more vulnerability testing than closed-source projects. Security holes in closed-source systems can exist for years at a time, which is how things like the Pegasus malware work (undisclosed security holes).

  • Waymo Fleet More Than Triples In Size Year-over-Year, According to NHTSA Recall Data

    Jump

  • Seemed expensive, $20-25 to go 1-1.5 miles, but I only needed two rides while there and used it both times so maybe that’s competitive or even a good deal compared to uber.

    As someone that lives in the Bay Area - Waymo are always more expensive than Uber and Lyft. Lyft is usually a bit cheaper than Uber. Waymo's R&D costs are very high so they're likely trying to recover some of that money. People are still willing to pay, at least at the moment, because it's still a somewhat unique experience.

    You see them even in small suburban streets now, as they extended their service area quite a bit a few months ago. They're available from San Francisco all the way to San Jose.

  • ‘No Way To Prevent This,’ Says Only Package Manager Where This Regularly Happens

    Jump

  • This is how all language package managers work, unfortunately

    npm does actually support signing and provenance (tracking how the package was built), so in some ways it can be more secure than other package managers. https://docs.npmjs.com/generating-provenance-statements

    If you use one of the CI/CD systems they support (currently Github Actions and Gitlab CI), it can attach a signed attestation to the package stating the commit hash that was used to build the package, along with the steps taken to build it. This is combined with trusted packaging using OpenID Connect with short-lived tokens that are only obtainable in the correct CI environment, rather than using access tokens or username and password.

    It only supports some CI systems because they have to guarantee that the connection between the CI system and npm is secure.

    Some of the recent issues have been attacks on the CI system, rather than npm itself. For example, a Github Action that's only supposed to run for commits to the main branch, but unintentionally runs for some subset of pull requests too.

    Of course, all this stuff is optional, and pushing to npm directly from a developer's computer still works and is still not verifiable at all.

    I think the best approach is what Flathub/Flatpak, F-Droid (Android) and Composer/Packagist (PHP) do. You provide your repository URL, and they build the code on their end. Packages are always guaranteed to be built from code in the repo.

    Debian Linux is also moving towards requiring repeatable builds, meaning that a package built from source should be byte-for-byte identical to the package in the repo.

  • Firefox forks

    Jump

  • What's performance like? I found it to be very slow the last time I tried it.