It's not surprising per se, but it's something that people should be more aware of. And a lot of this consumption is not providing global services (like the Google search or workspace suite) but the whole AI hype.

I didn't find numbers for Google or Microsoft specifically, but training ChatGPT 4 consumed 50 GWh on its own. The daily estimates for queries are estimated between 1-5 GWh.

Given that the extrapolation is an overestimate and calculating the actual consumption is pretty much impossible, it's still probably a lot of energy wasted for a product that people do not want (e.g. Google AI "search", Bing and Copilot being stuffed into everything).

Please don't take personal offense, but you have merely a project scaffold with an unrealistic goal that will be blocked and C&D'd into the ground, without any other projects created.

It doesn't matter how hard you're working on your anonymity, this project will be ripped apart by a horde of lawyers in seconds. You're not only doing something questionable or against ToS, you're directly attacking and sabotaging their monetization. This will not be taken lightly by the legal team of reddit.

You want to provide a better, cooler, more robust and other random buzzwords API than the own of reddit. So, you alone, want to provide a better API than the whole team of reddit does for their absolute core product, all by scraping. This is simply not realistic.

While we're at the topic of monetization, scraping, ETL into your own model and providing the API - for the amount of content that reddit has (quantity, not quality) this will be a highly resource intensive task. How do you plan to fund that, since your API will be better than the official one, I can expect at least the same performance as well, right?

And also, most importantly, even if you magically achieve working around all that and get that working - why? Who is your expected user group? Pretty much every software using reddit moved away from reddit or simply has died. AI gen content is rampant, and most discussions seem like bots talking to bots. There is literally nothing to gain from an API to reddit - so why would anyone bother using it?

The third option is to use the native secret vault. MacOS has its Keychain, Windows has DPAPI, Linux has has non-standardized options available depending on your distro and setup.

Full disk encryption does not help you against data exfil, it only helps if an attacker gains physical access to your drive without your decryption key (e.g. stolen device or attempt to access it without your presence).

Even assuming that your device is compromised by an attacker, using safer storage mechanisms at least gives you time to react to the attack.

How in the fuck are people actually defending signal for this, and with stupid arguments such as windows is compromised out of the box?

You. Don't. Store. Secrets. In. Plaintext.

There is no circumstance where an app should store its secrets in plaintext, and there is no secret which should be stored in plaintext. Especially since this is not some random dudes random project, but a messenger claiming to be secure.

Edit: "If you got malware then this is a problem anyway and not only for signal" - no, because if secure means to store secrets are used, than they are encrypted or not easily accessible to the malware, and require way more resources to obtain. In this case, someone would only need to start a process on your machine. No further exploits, no malicious signatures, no privilege escalations.

"you need device access to exploit this" - There is no exploiting, just reading a file.

Man, the disclaimer at the bottom that Business Insider is partnered with OpenAI to allow them to train on their articles is really the cherry on top.

Einige Dinge stehen noch nicht fest, wie: [...]

• technische Betreuung (deren Admins und unsere?), [...] Lasst euch von den 1200€ Kosten pro Monat, die von der Foundation angegeben werden, nicht erschrecken, wir erwarten Kosten im niedrigen 3-stelligen Bereich, zumal ihre Technik die Größe eines kleinen Rechenzentrums hat. Sie lassen ihre Instanzen auf Kubernetes-Clustern laufen, die nicht proportional zum Traffic kosten, dafür aber nicht ausgelastet sind und so höhere Kosten als nötig haben. [...] Was haltet ihr von alldem?

Disclaimer: Ich habe keine Ahnung wie eure Absprachen konkret aussehen, und wer konkret mit welchem Skillset beteiligt ist. Ich arbeite selbst seit ~10 Jahren in der IT, und habe auch diverse Erfahrungen mit Kubernetes. Seht folgendes daher bitte nicht als Angriff, "Akchually" oder Klugscheißerei, sondern nur als food for thought. Wenn ihr diese Dinge bedacht habt, ist alles super.

Die technische Betreuung solltet ihr auf jeden Fall klären, bevor ihr dort startet. Was ich so mitbekommen habe ist lemmy zu hosten nicht gerade trivial, mit der potentiellen Komplexität von Kubernetes könnt ihr euch schnell noch zusätzliche Probleme einhandeln - hier sollte auf jeden Fall jemand parat sein der zumindest den Cluster voll im Griff hat - gerade wenn man im Plural von mehreren Clustern und einem eigenen Rechenzentrum spricht.

Auch beim Thema Kosten und eure Erwartung dazu, würde ich stark zur Vorsicht raten. Ressource Management ist eine der Komplexitäten von Kubernetes, und ist schon sehr vielen anderen zur Kostenfalle geworden. Hier wurde ich auch vor allem hellhörig das man 1.2k für nicht ausgelastete Cluster bezahlt, da hier auch die Stärke davon liegt, und ein pay-as-you-go Modell gut möglich und oft genutzt wird. Klar, das das auf einem eigenen Rechenzentrum nicht geht - klingt für mich aber dennoch ziemlich wild.

Falls euch das bewusst ist, und ihr diese Risiken tragen könnt - coole Sache.

Ansonsten Glückwunsch das es hier zu einer Kooperation und scheinbar einer deutlichen "Professionalisierung" kommt, und ich ziehe meinen Hut vor den Beteiligten die das alles aufgebaut haben.

"We listened to our accounting, and the massive wave of refunds and unbought mtx is hurting our numbers. PR isn't happy about the reviews either. We'll keep you updated on future plans for fucking you over!

Do you really think that Sony will actually back down? They are calming down the shitstorm that is going over all media, socials and steam. They'll reorganize and will move on with their plans. Arrowhead and Helldivers is just one of many assets.

The Hamas-led murderous rampage into southern Israel was the deadliest terror attack in Israel’s history, killing at least 1,200 people and abducting more than 250 others. Israeli attacks on Gaza have since killed at least 33,634 Palestinians and injured another 76,214 people, according to the Ministry of Health there.

Jesus fuck, Germany is paying symbolic money to roughly as many genocide survivors in Israel as people have been murdered and injured by Israel committing genocide.

The current German government is an absolute fucking joke, and they are doing everything to actually show it.

It doesn't matter how hard you want to call it FOSS, but with this licensing terms you describe it is not FOSS, period. And to be honest, you calling out various people for not getting what FOSS is, while you fully ignore the agreed on definition by people who are actually doing FOSS is you discrediting yourself.

You haven't found a license like this, because your model is flawed: A licensing like this will disqualify you from any kind of usage in an actual FOSS licensed environment. Personal users, which will not be providing revenue, will not be really affected by this, and are irrelevant for your point. Corporate users, which you will mostly target by this new license probably won't be able to use your funky new license because they will need to check with legal, and your software will need to have a lot of USPs for someone to bother with that. A 1% corpo-richness-tax will not be approved by any kind of bigger company, because it's a ridiculous amount from the perspective of your potential customers.

You're taking yourself way to important. Open source software is not replaceable as a whole, but individual projects are. If you want to earn money with your project, that's good on you, license it accordingly, but do not try to upsell it as FOSS.

And I fully get your point, and I'm currently working on the same problem in my in-development project, and I'm not sure yet whether to dual-license it, for similar reasons you stated, and live with the consequences of providing OSS, but non-FOSS software, or do FOSS and provide it for actually free.

Edit: Also, the xz backdoor has nothing to do with funding. Any long time maintainer (as in not just a random person contributing pull requests) going rogue can happen in funded scenarios as well.

Das ist der normale Modus Operandi der BSI. Solange die technische Richtlinie erfüllt ist, ist alles tiptop, egal was passiert.

https://github.com/LemmyNet/lemmy/issues/2977

According to the lemmy devs, deleting your account also overwrites and purges your comments and posts. This deletion is being federated - but other servers may choose to ignore it, be buggy, down or whatever, and therefore not fully deleting your content there.

Since lemmy is decentralized, that's as close to a full deletion as you'll get, and to quote your rationale, that'll be the only bridge you'll be able to burn.

Side note: Why are several of you so aggressive on a simple question? If they want to leave the platform and delete their content, why shouldn't they, especially since that is absolutely non-trivial on a decentralized platform?

And who's gonna maintain the fork? Even less developers from a split community? You have absolutely no idea what you're talking about.