Good for now *

Well no shit, I was just wondering. Damn tho wtf?

Is the owner a tankie? (stalin justifier) I thought they were just communists, many of whom I know actually hate stalin.

It’s actually not that hard. Most of these bots are using a predictable scheme of headless browsers with no js or minimal js rendering to scrape the web page. Fully deployed browser instances are demonstrably harder to scale and basically impossible to detect without behavioral pattern detection or sophisticated captchas that also cause friction to users.

The problem with bots has never rested solely on detectability. It’s about:

A. How much you inconvenience the user to detect them

B. Impacting good or acceptable bots like archival, curl, custom search tools, and loads of other totally benign use cases.

It certainly is not negligble compared to static site delivery which can breezily be cached compared to on-the-fly tarpits. Even traditional static sites are getting their asses kicked sometimes by these bots. And yoy want to make that worse by having the server generate text with markov chains for each request? The point for most is reducing the sheer bandwidth and cpu cycles being eating up by these bots hitting every endpoint.

Many of these bots are designed to stop hitting endpoints when they return codes that signal they’ve flattened it.

Tarpits only make sense from the perspective of someone trying to cause monetary harm to an otherwise uncaring VC funded mob with nigh endless amounts of cache to burn. Chances are your middling attempt at causing them friction isn’t going to, alone, actually get them to leave you.

Meanwhile you burn significant amounts of resources and traffic is still stalled for normal users. This is not the kind of method a server operator actually wanting a dependable service is deploying to try to get up and running gain. You want the bots to hit nothing even slightly expensive (read: preferably something minimal you can cache or mostly cache) and to never come back.

A compromise between these two things is what Anubis is doing. It inflicts maximum pain (on those attempting to bypass it - otheriwse it just fails) for minimal cost by creating a small seed (more trivial than even a markov chain – it’s literally just an sha256) that a client then has to solve a challenge based on. It’s nice, but certainly not my preference: I like go-away because it leverages browser apis these headless agents dont use (and subsequnetly let’s js-less browsers work) in this kind of field of problems. Then, if you have a record of known misbehavers (their ip ranges, etc), or some other scheme to keeo track of failed challeneges, you hit them with fake server down errors.

Markov chains and slow loading sites are costing you material just to cost them more material.

Tarpits suck. Not worth the implementation or overhead. Instead the better strat is to pretend the server is down with a 503 code or that the url is onvalid with a 404 code so the bots stop clinging to your content.

Also we already have non-PoW captchas that dont require javascript. See: go-away for these implemwntations

There is no such thing. Every “generic, terminal-based installer” is in reaity a script that was intentionally made to target many multiple distributions.

And do you know what most of them do…? Use the inbuilt package manager of your distro.

That and set up some systemd services and PATHs, sometimes.

You’re such a fucking goober.

I dont think this is a reasomable counterpoint because the target audience in question would also vastly prefer shit as simple as an mspaint illustration or a dithered irl image.

Also, it is quite feasible to find royalty free images, and I have no idea where you’re getting the impression it is not. There are a host of images that provide licensing metadata. Google image search and co. can find these. It’s simply a matter of verifying the license authenticity.

It’s just fundementally stupid.

Thank god. Now if all goes well people can stop talking about that really buggy and awful fork.

If I had a nickel for every time someone ignored me just to say something I directly address…

You are pretty blatantly referencing X11 Forwarding / Network Transparency.

I can’t reasonably assume you actually read anything I say, but to briefly reiterate:

Checkout Waypipe. Here’s a direct quote from the README:

Waypipe is a proxy for Wayland clients. It forwards Wayland messages and serializes changes to shared memory buffers over a single socket. This makes application forwarding similar to ssh -X feasible.

Have you tried this? What is disatisfactory about it? And if all else fails, is there really ANY problem with simply using VNC/etc? What real-world problem do you have that is uniquely solved with this?

What? I’ve gotten RDP, VNC, and SPICE working fine on Wayland. And if you need app-level displays then waypipe worked fine the last time I used it. I’ve been running Proxmox containers with Wayland just fine, too.

Any particular use case that benefits from what Xorg was uniquely capable of networking-wise (network transparency, afaik?) of is quite niche and development effort twoards that end has always reflected that!

I’ve not been able to find the git or project repo/writeup of “Wayland on Wires”. Though i do vaguely feel like I saw it somewhere.

But I suppose me and my ongoing computer science degree and shared family hobby of IT simply hasn’t reached Real Linux User levels yet. I must sharpen my Bash Blade for another 1000 years…

Since that’s the case, I suppose I must defer to your Infinitely Endless Wisdom as a True Linux User. I beg of thee, answer my Most Piteous Questions…:

1. What do you use Xorg’s networking functionality for?
2. What is ““real”” Linux work?
3. Why can’t you use Wayland for that?
4. Have you heard of Waypipe? Have you used it?

“Linux as a desktop is BAD!”

“Evidence?”

“I failed to make a slideshow in a buggy application. :'(”

In all seriousness, though, wtf? You could have pulled from any of the well-know papercuts and instead you balk about a broken application? Lmao?

My vibeo gaem crashed on Windows once. I guess I should hold Microsoft personally accountable for it…

For the record, I’ve used Linux throughout Highschool, Community College, and College. No issues with basic software functionality, really.

The worst and only issue I’ve had in that regard is self-inflicted because I decided to run LibreOffice via Wayland, which has an ongoing bug that makes scrolling laggy. That’s it.

The larger issues with Linux as a desktop is software compat (Wine) with Windows for nicher use cases (requires debugging and a bunch of setup), certain drivers (cough cough Nvidia cough cough), and general dumbass-proofing.

Can we just let this shit die already? If you’re unsatisfied with Wayland make extensions to the protocol or make a new one.

Why in the fuck are so many people obssessed over a piece of software that contains an entire networking stack and has a security model so bad that it lets literally every application keylog you constantly?

It is self-evident that free software with open licensing and no strings attached is a superior and more beneficial ownership model than closed source paid licensing. That part I don’t think anyone needs to be convinced of.

As someone who has both technical and nontechnical people in their family, I call bs. Even if it is partially self-evident (in the fact that you dont need to sign into an account or pay for it), the details, and more importantly the weight, of FOSS is often lost on people.

I’ve had to watch some of them walk into a rake and bruise their foreheads several times over before really absorbing it.

It’s something people need to really read up on before true comprehension. That, or get burnt really really badly.

Ideology? Politics? Tomato tomatoh in my eyes. At the very least, they’re nearly inseperable (think: DMCA, copyright law, etc.)

Go is a simpler-to-read language that does not involve lifetimes (as you know, it is GC’d). For a lot of smaller projects like this, the boringness of Go is preferred. Less mental bandwidth required.

I’ll admit my definition of “industrial” here was vague, but I think you can get my point. I’m not trying to say that Rust isn’t good in a business setting - my job also has Rust in the code!

However, for these purposes, most of the benefits of Rust in this situation are already provided by Go.

On the one hand, I love Rust, love seeing Rust winning, on the other hand: the cynical part of me observes this as a way for them to say it’s safer to use, somehow. In the sense that people fling Rust around in a kind of showey way.

Already we’ve been seeing projects fuck up with isolation irt MCP servers, so this is the backdrop to observe this kind of change.

I know this is blasphemy, but why not Go? Why Rust? I love writing Rust CLIs, but somehow I feel the personal arguments I make for such things don’t really hold up in industrial settings like this (in particular, a small open-source CLI project that interacts with networking).

There’s nothing wrong with using Rust here (Rust is great for business logic!), but the choice here almost makes me suspicious of the motivations.

Also there’s existing Rust solutions in this area! Namely: https://github.com/sigoden/aichat

I don’t really enjoy using AI when coding, but aspirationally, I’d rather support other projects than OpenAI, who is only a nonprofit in concept and is actively attempting to become a for-profit, whilst behaving like a VC funded startup.

(Not to mention the fact that mainline models are explicitly developed with the intention of destroying labor, in general)

My feelings exactly, stated a lot better than I could have managed.

God I love this publication to death. I’ve actually bought some of the ebook compendiums.

I was merely pointing out that these opinions, whatever they really are, have more publicity from people criticizing the founder.

Why yes, friend, I will just conveniently pretend that you bringing that up is completely outside the context of whether or not to seriously consider the criticism.

And if you are trying to make a point of whether or not the ideology is seriously impacting the project, you need-only take a casual walk through the issue list, and find (among other evidence) that a suggestion to move to codeberg was criticized for… “DEI”. Wow. How technically-focused.

The best from your point of view would be not to speak about it.

You are getting more and more incoherent the more of these replies you churn out. What, precisely from my point of view (which I guess apparently you know very well? the irony…) here implies that “not talking about it” is the best choice? That’s absurd.

I find it very important to understand the motivations, technical and ideological, behind a project.

If it were true, all this hatred against the project would be pointless.

I don’t spend any effort talking about in any other respect than telling people that they should likely disregard if for both technical reasons (it cuts out Xwayland, his commits frequently lead to very blatant regressions that are nontrivial, etc.) and ideological (his terrible, awful politics and motivations for making the project, to begin with!)

The reason I replied to your comment is mostly out of idle curiosity and a deepseated longing for genuineness and critical thinking of other people that I have not yet managed to kill (despite its impracticality in the modern age).

Free software is all about freedom, and diversity means freedom of choice. If you don’t agree with that, you miss the all point.

This is all such a massive and disheartening reduction of what software freedom is. I hope that you eventually manage to think less shallowly about this.

Tell me, do you have any particular, material distinction you are making by making a choice between desktop protocols? The desktop protocol is a purely technical thing, and I have not heard a single peep out of you in regards to specifics.

To elaborate, in Xorg, it is a very monolithic beast. It is very convoluted in its purview and carries a lot of preset implementation of its various facets. It contains an entire networking stack for deciding how to communicate windows over a network.

It is significantly less flexible and modular than Wayland, because in Wayland basically everything of significance is decided by the compositor.

This, ironically to your point, actually gives you more choice and freedom in how things work (this is also why tiling window managers love wayland to death, it’s pretty easy to just build upon the basic wlroots implementation!). So I have to ask you, frankly, what in the fuck do you think you’re actually saying right now?

The issue, in this way, is that you only seem to care about software freedom in the sense of the abstract concept rather than the reality. You seem to think of software freedom in the sense of “I either build and install this package, or I build and install this one”, with an all-consuming disregard for the technical aspects of freedom. Which is impractical, and arguably antithetical to the very process of trying to foster software freedom to begin with. As evident by literally everything to do with this situation. My lord.

Predictable AF, unfortunately