Presently trying out an account over at @[email protected] due to scraping bots bogging down lemmy.today to the point of near-unusability.

  • 39 Posts
  • 2.36K Comments
Joined 2 years ago
Cake day: October 4th, 2023
  • tal@lemmy.todaytoSelfhosted@lemmy.worldLemmy 0.19.4 HTTP server not binding to port - federation broken ?English
    1·
    3 days ago

    I found that while the lemmy_server process starts successfully and shows “Starting HTTP server at 0.0.0.0:8536” in logs, nothing is actually listening on port 8536.

    Does:

    # netstat -ntap|grep 8536

    …show anything bound to the port?

    I’m not sure how you determined that it’s not binding to the port, but that’s how I’d check.

    There isn’t much that should stop a process from listening on a port over 1024 unless another process is already listening on it.

  • tal@lemmy.todaytoYou Should Know@lemmy.worldYSK Lemvotes.org will show you votes on any post, comment, or by user, for anything on the fediverseEnglish
    101·
    5 days ago

    identity is reviled [I assume revealed]

    The fact that most instances permit external image hosting permits obtaining user IP addresses by posting inline images hosted on a server created by an attacker, then harvesting IPs there. I noticed when going through the code that Lemmy, as of 0.19.4, has an option to protect users of a home instance by proxying images viewed there. However, it requires bandwidth and disk space, and I don’t think that many home instances have it on. It is definitely not on on my own home instance, lemmy.today.

    0.19.4 release announcement:

    Image Proxying

    There is a new config option called image_mode which provides a way to proxy external image links through the local instance. This prevents deanonymization attacks where an attacker uploads an image to his own server, embeds it in a Lemmy post and watches the IPs which load the image.

    Instead if image_mode is set to ProxyAllImages, image urls are rewritten to be proxied through /api/v3/image_proxy. This can also improve performance and avoid overloading other websites. The setting works by rewriting links in new posts, comments and other places when they are inserted in the database. This means the setting has no effect on posts created before the setting was activated. And after disabling the setting, existing images will continue to be proxied. It should also be considered experimental.

    Many thanks to @asonix for adding this functionality to pict-rs v0.5.

    I don’t know whether PieFed and Mbin presently have comparable functionality.

    One major issue is that proxying the images will create more bandwidth usage on a home node, since they’re serving up all the images viewed by users of that home node, as well as disk space to store the proxied images — it’s more-expensive to run a node in that mode.

    Unless your home instance has this option enabled, you should probably consider your IP address to be globally-visible. Note that using a VPN will mean that only the VPN’s exit node IP will be visible.

  • tal@lemmy.todaytolinuxmemes@lemmy.world*The penguin inches closer...*English
    4·
    5 days ago

    It does sort of suggest that from a UI standpoint, a chunk of users doesn’t really deal well with the traditional paradigm of “opening a document in an application consumes resources, and part of the job of the user is to manage those resources”. Like, maybe Chrome should just do the equivalent of, at least by default, converting a tab that hasn’t been viewed for some time into something akin to a bookmark, just reload it when it’s viewed. Or at least push the data into on-disk storage.

    I don’t use Chrome, but Firefox does something vaguely-analogous to that for session storage — like, if Firefox dies unexpectedly, restored tabs won’t reload content until actually viewed, I assume to avoid the thundering herd problem.

    I remember when I first encountered mobile OSes auto-killing programs and stuff to try to manage memory for users. I thought that it was pretty insane. But…clearly some users have trouble with it, and maybe it’s a reasonable UI change for them. I know people who had difficulty, on various desktop OSes, understanding the significance of starting a program and the idea that a running program would consume memory and perhaps CPU time.

  • tal@lemmy.todaytoTechnology@lemmy.worldBig Tech: Convenience is a TrapEnglish
    1·
    6 days ago

    Well, there’s certainly that. But even then, I’d think that a lot of videos could be made to be more concise. I was actually wondering whether YouTube creators get paid based on the amount of time they have people watch, since that’d explain drawing things out. My impression, from what I could dig up in a brief skim, is that they’re indirectly linked — apparently, YouTube shows ads periodically, and the more ads shown, the more revenue the creator gets. So there would be some level of incentive to stretch videos out.

  • tal@lemmy.todaytoSelfhosted@lemmy.worldFrustratingly bad at self hosting. Can someone help me access LLMs on my rig from my phoneEnglish
    1·
    6 days ago

    -the opening the port process makes sense. It seems like if I have a backend on my rig, I’m going to need to open a port to access that backend from a front end of a phone device.

    Yes. Or even if you run a Web-accessible front-end on the LLM PC — the Web browser on the phone needs to reach the Web frontend on the PC.

    Or possibly even access that same backend on the phone device via a mirror?

    Well, the term wouldn’t be a mirror. In your shoes, it’s not what I would do, because introducing some third host not on your network to the equation is another thing to break. But, okay, hypothetically, I guess that doing that would be an option. thinks. There might be some service out there that permits two devices to connect to each other, though I’m not personally aware of one. And, say you got a virtual private server for $10 a month or whatever the going rate is, yeah, that could be set up to do this – you could use it as an intermediate host, do SSH tunneling from both the PC and the phone of the sort that another user in this thread mentioned. I guess that that’d let you reach the PC from other places, if that’s something that you want to do, though it’s not the only way to accomplish that. But…I think that that’s most-likely going to add more complexity. The only scenario where that would truly be necessary is if the wireless access point — which I assume your ISP has provided — absolutely does not permit the LLM PC and the phone to communicate at all on the WiFi network, which I think is very unlikely, and even then, I’d probably just get a second wireless access point in that scenario, put the PC and the phone on it.

    In general, I don’t think that trying to connect the two machines on your home network via a machine out on the Internet somewhere is a great idea. More moving parts, more things to break, and if you lose Internet connectivity, you lose the ability to have them talk to each other.

    -it seems like it would be easier if I could connect to the rig via an android phone instead of an iPhone. My end goal is to use Linux but I’m not ready for that step. Seems like android would be an adequate stepping stone to move to, especially if we have to go thru all this trouble with iPhone. Shall we try on the android instead? If not I’ll follow the directions you put above and report back on Saturday.

    If you have an Android phone available, that would probably be easier from my standpoint, because I can replicate the environment; I have an Android phone available here. But it’s not really the phone where setup is the issue. Like, it’s going to be the LLM PC and potentially wireless access point that require any configuration changes to make ollama reachable from the phone; the phone doesn’t need anything other than Reins installed and having an endpoint set or just using a Web browser and using the correct URL there. I’m just mostly-interested in that the phone has to be able to talk to the PC, has to be able to open a TCP connection to the PC, and so having diagnostic tools on a phone is helpful. I don’t have to guess how the diagnostic tools work in Termux on an Android, because I can use them myself locally.

    I wouldn’t suggest going out and buying an Android phone to do just that, though. I mean…this is a one-off diagnostic task, just trying to understand why the phone isn’t able to reach the LLM PC. If you can open a connection from the Android phone to the LLM PC, then you should also be able to open a connection from the iOS phone to the LLM PC. If you do have one already available, though, then yeah, my preference would be if you could install Termux on it for the diagnostic tools rather than install iSH on the iOS device. It should still be possible to get the LLM PC reachable on the iOS device either way.

    I don’t mind trying to diagnose connectivity on the iOS device. Just keep in mind that I may have to guess a bit as to what the behavior is, because I can’t actually try the device here, so we may potentially have a few extra rounds of back-and-forth.

    If you do want to use an Android phone, then just put the phone on the WiFi network, install Termux, open Termux, run the apk command to install telnet (apk install telnet) and then try the telnet command I mentioned and just report back what error, if anything, you get when trying to open a connection to the LLM PC — hopefully it’ll be one of the above three outcomes.

  • tal@lemmy.todaytoTechnology@lemmy.worldExclusive: Kratsios details White House AI plansEnglish
    8·
    7 days ago

    Deregulation might give some amount of an edge, but I really don’t think that in 2025, the major limitation on deployment of AI systems is overbearing regulation. Rather, it’s lack of sufficient R&D work on the systems, and them needing further technical development.

    I doubt that the government can do a whole lot to try to improve the rate of R&D. Maybe research grants, but I think that industry already has plenty of capital available in the US. Maybe work visas for people doing R&D work on AI.

  • tal@lemmy.todaytoSelfhosted@lemmy.worldFrustratingly bad at self hosting. Can someone help me access LLMs on my rig from my phoneEnglish
    1·
    7 days ago

    I choose Ollama because it was supposed to be one of the easier loca AIs to set up.

    Well, the ollama bit is up, which is why you can use it on the PC. The problem is network connectivity between the Windows PC and the phone.

    Opening a port between two things on the local network is going to be pretty much the same for anything. Some software packages — I dunno about LLM chat stuff — make use of a third, outside system as a point to coordinate, so that software only has to open outbound TCP connections to the Internet. But for local communication, it’s gonna look pretty similar. If you put koboldcpp or llama.cpp or whatever on your machine, you need the same connectivity, though it might default to using a different port number.

    I’m happy to keep banging away if you’re also willing, though. I mean, this does kinda narrow it down. If you don’t want to do so though, remove that firewall rule that we added earlier from the Windows PC. If you do:

    considers

    The next step is seeing where the break in connectivity is.

    I’m not familiar with iOS, but let me see if there’s a software package for it that will let it open a TCP connection and preferably ping (and ideally show the ARP cache to see whether Ethernet packets are getting from the phone to the Windows machine at all, though that may not be viable).

    Basically, would be nice to see whether packets can currently get from the phone to the PC and back.

    kagis

    Looks like Windows Firewall blocks ICMP by default, which is traditionally used by ping, the simple protocol to see if one host can reach another on the network. Mmmmf.

    And it sounds like ARP isn’t available on a non-jailbroken iPhone, which would be the simplest way to see whether a packet is making it from the iPhone to the PC. I was worried would be the case.

    Hmm. This is a little less convenient in that I don’t have tools that I normally would when trying to troubleshoot network problems on a Linux system.

    thinks

    I guess the simplest thing available, cuts things down as far as possible in terms of connectivity between the two that should be able to reach from the iPhone to the PC should be a TCP connection.

    I don’t know the iOS software library well, but lemme search for a telnet client. I’m sure that it’ll have one; every platform does.

    searches

    Oh, this is even better. It looks like there’s some iOS app, “iSH”, with a tiny Alpine Linux environment for iOS, kinda like Termux on Android. That’ll have telnet and probably other network diagnostic tools, and those I am familiar with, so I don’t have to guess from screenshots how things work. You should be able to try to open a TCP connection from the phone to the PC with the Linux telnet client in that.

    goes looking around

    Okay. If you’re willing to give this a shot, it sounds like the way this works is:

    https://apps.apple.com/us/app/ish-shell/id1436902243

    Install that from the iOS store.

    When opened, it should show a Linux terminal. If it works like Termux, it’ll have basically nothing from Alpine Linux installed, no telnet client, just a few simple commands. You’ll be looking at a prompt that probably looks something like iPhone:~#.

    Then if you run (don’t type the pound sign — it’s just a convention to include it, to show that it’s something to type at a prompt):

    # apk install telnet

    That should install the Linux telnet client inside the iSH app using the Alpine Linux package manager.

    Then to try to open a TCP connection from the phone to the Windows PC, you want the private IP of the Windows PC, the thing you see in ipconfig (which I’ll type as 10.1.1.2 here, but replace with yours):

    # telnet 10.1.1.2 11434

    That’ll try to open a TCP connection from the phone to port 11434 on the PC.

    Now, what would happen if everything were working correctly, is that the phone would send an ARP request saying “what is the MAC address — the Ethernet address — of the machine with IP address 10.1.1.2 on the local network?” The wireless access point would hand this to the PC. The PC would respond. The phone would then send a series of packets to that IP address to open a TCP connection on port 11434.

    My guess is that you’ll see one of several things at this point.

    First, it might be that the wireless access point is refusing to let packets from the phone reach the PC at all — they only let the phone talk to the Internet, not to the PC. Some wireless access points can be configured to do this or have a “guest” wireless network that impose this constraint. Then the phone won’t get an ARP response, since the PC will never see the ARP query. That’ll look like this (using a network I’m on at the moment to demonstrate):

    $ telnet 192.168.1.35
Trying 192.168.1.35...
telnet: Unable to connect to remote host: No route to host
$

    Second, it might fail because I dicked up in some way and Windows Firewall is still blocking the phone from connecting to the PC. The ARP request is going out, the response comes back from the PC, the phone tries to open a TCP connection to the IP address on the host with the specified MAC address, and never gets a response. If that’s the case, it’ll probably look like this:

    $ telnet 192.168.1.126 7500
Trying 192.168.1.126...
telnet: Unable to connect to remote host: Connection timed out
$

    If that’s what you get, the problem is likely the Windows Firewall configuration (well or theoretically the wireless access point could be configured to do that, but I doubt it).

    Third, it might succeed. That’ll look like this:

    $ telnet 192.168.1.126 6000
Trying 192.168.1.126...
Connected to 192.168.1.126.
Escape character is '^]'.

    If you see that, you can open a TCP connection from the phone to the PC, and whatever issue you’re hitting with Reins isn’t a network problem. Maybe I gave the endpoint syntax wrong, for example. But the issue will be at the application level, not the network level.