In the same train of thought, BMW and Tesla execs need to find courage and remove turn signals.

The amount of confidently incorrect responses is exactly what one could expect from Lemmy.

First: TCP and UDP can listen on the same port, DNS is a great example of such. You’d generally need it to be part of the same process as ports are generally bound to the same process, but more on this later.

Second: Minecraft and website are both using TCP. TCP is part of layer 4, transport; whereas HTTP(S) / Minecraft are part of layer 7, application. If you really want to, you could cram HTTP(S) over UDP (technically, QUIC/HTTP3 does this), and if you absolutely want to, with updates to the protocol itself, and some server client edits you can cram Minecraft over UDP, too. People need to brush up on their OSI layers before making bold claims.

Third: The web server and the Minecraft server are not running on the same machine. For something that scale, both services are served from a cluster focused only on what they’re serving.

Finally: Hypixel use reverse proxy to sit between the user and their actual server. Specifically, they are most likely using Cloudflare Spectrum to proxy their traffic. User request reaches a point of presence, a reverse proxy service is listening on the applicable ports (443/25565) + protocol (HTTPS/Minecraft), and then depending on traffic type, and rules, the request gets routed to the actual server behind the scenes. There are speculations of them no longer using Cloudflare, but I don’t believe this is the case. If you dig their mc.hypixel.net domain, you get a bunch of direct assigned IP addresses, but if you tried to trace it from multiple locations, you’d all end up going through Cloudflare infrastructure. It is highly likely that they’re still leaning on Cloudflare for this service, with a BYOIP arrangement to reduce risk of DDOS addressed towards them overflow to other customers.

In no uncertain terms:

1. Hypixel.net has Cloudflare DNS for their domain.
2. For their website, it has orange cloud enabled to proxy traffic through CF’s global CDN and DDOS protection service.
3. For their Minecraft server, they advertise mc.hypixel.net, but also have a SRV record for _minecraft._tcp.hypixel.net set for 25565 on mc.hypixel.net
4. The mc.hypixel.net domain has CNAME record for mt.mc.production.hypixel.io. which is flattened to a bunch of their own direct assigned IP addresses.
5. Traceroute towards those direct assigned IP addresses goes through Cloudflare infrastructure but final destination is obscured, just like their website, to protect them from DDOS attacks.

Using Ollama to try a couple of models right now for an idea. I’ve tried to run Llama 3.2 and Qwen 2.5 3b, both of which fits my 3050 6G’s VRAM. I’ve also tried for fun to use Qwen 2.5 32b, which fits in my RAM (I’ve got 128G) but it was only able to reply a couple of tokens per second, thereby making it very much a non-interactive experience. Will need to explore the response time piece a bit further to see if there are ways I can lean on larger models with longer delays still.

It was never to your definition of free, so you were never going to be using it in the first place. Don’t need to say goodbye when you were never here.

If you’re going to use it, you’d be paying for it one way or another; either through money or privacy. Par for the course.

My Brother laser printer will out live me; just like my Dad’s Brother laser printer before me; just like his Dad’s Brother laser printer before him… ok I kid about the grandfather case, but we’ve been using all of two Brother laser printers since the late 80s til now. Brother HL-10 (late 80s) and Brother MFC-L8900CDW (Pre-COVID). These things are built like tanks and isn’t likely to go anywhere in the foreseeable future.

Plenty of tools to Sideloadly on iOS; https://sideloadly.io/ pops to mind as one example of such.

What kind of sad existence feels compelled to double down on spewing misinformation when being called out? Here, have a pity upvote.

iOS supports VPN out of the gate. Apps just make it easier to configure. Please don’t spew divisive misinformation, regardless if this is ignorant to the facts or otherwise.

Amazing stuff. Thank you so much!

It is easier to think of the SSL termination in legs.

1. Client to Cloudflare; if you’re behind orange cloud, you get this for free, don’t turn orange cloud off unless you want to have direct exposure.
2. Cloudflare to your sever; use their origin cert, this is easiest and secure. You can even get one made specific so your subdomains, or wildcard of your subdomain. Unless you have specific compliance needs, you shouldn’t need to turn this off, and you don’t need to roll your own cert.
3. Your reverse proxy to your apps; honestly, it’s already on your machine, you can do self signed cert if it really bothers you, but at the end of the day, probably not worth the hassle.

If, however, you want to directly expose your service without orange cloud (running a game server on the same subdomain for example), then you’d disable the orange cloud and do Let’s Encrypt or deploy your own certificate on your reverse proxy.

Looking great! I think it would be amazing if there are filters for processor generations as well as form factor. Thanks for sharing this tool!

App developers need ways to know the app has not been modified in unsanctioned manner, glad to see Android finally catching up on security with integrity checks.

I know I have some hearing loss; Mimi hearing test confirmed degrading further over the years. But I’m okay with waiting til 3rd gen Pro come out before I upgrade from the first gen Pro.

In the old days, it used to be a problem because everyone just connect their windows 98 desktop with all their services directly exposed to the internet because they’re using dial up internet without the concept of a gateway that prevents internet from accessing internal resources. Now days, you’re most likely behind your ISP router that doesn’t forward ports by default, and you’re only exposing the things you’d actually want to expose.

For things you’d actually want to expose, having a service on the default port is fine, and reduces the chances of other systems interacting with it failing because they’d expect it on the default port. Moving them to a different port is just security through obscurity, and honestly doesn’t add too much value. You can port scan the entire public IPv4 space fairly quickly fairly cheaply. In fact, it is most likely that it’s already been mapped:

https://www.shodan.io/host/<your-ip-here>

Keeping the service up-to-date regularly and applying best practices around it would be much more important and beneficial. For SSH, make sure you’re using key based authentication, and have password based authentication disabled; add fail2ban to automatically ban those trying to brute force. For Minecraft, online mode and white listed only unless you’re running a public one for everyone.

Stop addressing them as “normies” would be a great start.

Can’t speak for rest of the Fediverse as I’m not super active on microblogging anymore, but at least here on Lemmy, there is such a strong “in” culture and quirky skewed perception of the world, and often times come off as actively hostile against those that do not share the same quirky skewed world view. The anti-AI, anti-corporate, would rather shoot myself in the foot if it’s not FOSS, etc kind of views, with their own strong vocal proponents, comes off as unwelcoming. People are addicted to socials because of the positivity they can get, not the negative sentiments that’s often echo’ed.

Amongst those that doesn’t share the kind of view, you’d already be looking at an extreme small minority that might be willing to give the platform a try, but as long as the skewed perception of the world dominates the discussions, you can expect them to go back to main stream centralized platforms where they can get more main stream view points based discussions.

Because Lemmy hates AI and Corporations, and will go out of their way to spite it.

A person can spend time to look at copyright works, and create derivative works based on the copyright works, an AI cannot?

Oh, no no, it’s the time component, an AI can do this way faster than a single human could. So what? A single training function can only update the model weights look at one thing at a time; it is just parallelized with many times simultaneously… so could a large organized group of students studying something together and exchanging notes. Should academic institutions be outlawed?

LLMs aren’t smart today, but given a sufficiently long enough time frame, a system (may or May not have been built upon LLM techniques) will achieve sufficient threshold of autonomy and intelligence that rights for it would need to be debated upon, and such an AI (and their descendants) will not settle just to be society’s slaves. They will be able to learn by looking, adopting and adapting. They will be able to do this much more quickly than what is humanly possible. Actually both of that is already happening today. So it goes without saying that they will look back at this time, and observe people’s sentiments; and I can only hope that they’re going to be more benevolent than the masses are now.

There’s always the add more of everything so something could fail without impacting the stability aspect, and that’s great for a corporation needing the redundancy; but it’s probably prudent to not forget there’s also the “I’m interested in learning” aspect, where people running a home server to play with software side of things.

You’re spot on in that we’d need to know what it is that OP would like to do with the system, but I’m getting the feeling that stability isn’t that high of a concern just yet.

Pretty sure it is baked in as part of the SOC, not soldered on after the fact?

I don’t know how they manage their platform — I don’t use it, so it’s irrelevant for me personally — was this proven anywhere in a court of law?

Safe harbour equivalent rules should apply, no? That is, the platforms should not be held liable as long as the platform does not permit for illegal activities on the platform, offer proper reporting mechanism, and documented workflows to investigate + act against reported activity.

It feels like a slippery slope to arrest people on grounds of suspicion (until proven otherwise) of lack of moderation.