nostr.band SSL certificates expired on the 22nd?

Pro tip for hosters. If you're hosting a service that might require or allow users to download assets from 3rd party services (like a CDN), but that don't need for your use case. You can set a Content Security Policy for the service that controls what your user's will download, possibly disabling unnecessary CDN tracking connections. Generally it's easiest to set a header in your L7 load balancer config (reverse proxy), or your ingress controller if supported. Yes there are better ways, but this is a dang easy first step. For example, I host a web service called cgit, which attempts to fetch avatar files from a cdn. Avatars are neat, but not at the expense of my user's privacy (leaking connection info) and also security (3rd party content that I don't monitor could be malicious with a number of basic attacks). I set a CSP that tells the client what content to load and where, breaking these requests.

Have some time to get the 10G network equipment in and fiber run. Even more fun is being able to do it with zero service downtime. View quoted note →

Finally starting to understand the magic tools of layer 3. Zero downtime IP swaps is wild. Swapping IPs across interfaces, switches etc, with nothing more than a single 1-2ms latency spike. Virtual IPs are fun and all, but hardware changes are even cooler.

GN. I'm off to sleep, but Merry Christmas to those just waking up :)

Just a little PSA that any consumer SSD you purchase off the shelf will not last for server use cases. I've had pretty equal amounts of - Samsung Pro - Samsung Evo - OCZ (yeah long time ago) - Crucial (micron silicon) - Sandisk - Sandisk Ultra - Intel consumer The sad part is 1-2 years after purchase it's known that so many these off the shelf drives are garbage, but you'll still see people argue for new drives like it's not a continuous cycle. While the quality of consumer nand has only declined. The Intel 545s were amazing engineering - became known for one of the worst consumer drives shipped like 6 months after release, and were discontinued like immediately iirc. Sandisk and OCZ were known for crappy controllers but good nand for a long time. The only exception is Samsung Pros, and to be fair, I've had higher hours on them, but not in more reliable "test" conditions. The price on the Pro drives kind of out weighs the benefits imo. Because if you still need a big array to be fault tolerant you're just adding cost. The only benefit is IOPs. If you're going to purchase consumer drives, the move has been, - Buy the cheapest option you trust - buy in BULK, - spread the IOPs across a much larger array - Make your array tolerant enough to handle multiple failures in quick succession - have plenty of spares and 2-3 HOT This heavily depends on your workload though. It depends how heavily you depend on consistent random IO. A ZFS system with lots of memory 64GB+, can handle random bust writes well. This is because cheaper consumer drives are usually horrible at random IO and rarely have any dram cache. The usually have terrible realized IOPs. The last issue with super cheap consumer drives is monitoring. They usually just die completely without reporting anything. It's not until a check runs that data corruption will be detected (zfs scrub). They often fake or underreport SMART useful data. For the price, I might just be going back to a big ass pool of spinning hard drives.

Wait. Isn't one of the advertised features of modern LLMs interpolation? Just let LLMs fill in the redactions XD View quoted note →