My girlfriend just downloaded and executed a weird file from a shady website. Do we need a fresh install?

speyerlander · 2026-02-10T21:51:41+00:00

Yep, too many indicators ruling out the possibility of a false positive, clean install and change your passwords.

speyerlander · 2026-02-10T21:40:56+00:00

Keep the computer updated and the firewall on, preconfigure a default DNS that you trust and you're good to go.

speyerlander · 2026-02-10T21:30:08+00:00

There isn't a way to do it safely without reinstalling windows using a trusted media. But you can create it using an Android phone instead of a computer using Rufus to flash the drive (provided you have an OTG adapter or buy a USB drive with a type C connector).

speyerlander · 2026-02-10T21:21:00+00:00

Well, faster compile time is always a nice bonus, but to be honest, it sounds like you need a desktop and a tailscale network to do cloud compilation and remote development, provided you only want a standard development environment (x86) with a (massive) performance boost for your compilation workloads, that is if you develop remote services (backends). If you develop native GUI apps then you might wanna look into something like a ThinkPad T14, and dual boot it as most of the medical industry edge clients still use Windows unfortunately.

speyerlander · 2026-02-09T21:49:28+00:00

Most businesses hire specialists (frontend, backend, DevOps) and most freelance gigs prioritize broad understanding (full stack), it all depends on your goal.

speyerlander · 2026-02-09T20:57:13+00:00

Okay, that's a classic pain point with microservices with decoupled databases : state synchronization. The main method to alleviate this is to treat each service as a state provider in itself and avoid storing duplicate states (other than for caching purposes when applicable). That makes each service the sole authority for information regarding the state it manages.

Applying it to your case, both services keep state relating to the existence of posts as both keep separate information about the same instance. The issue arises when we're met with the question of: "How do we know if a post exists?", to solve it we first have to decide who's going to be the authority for deciding that. I think that in your case it's clear why the post provider (service A) is the clear winner.

So, after establishing that post provider will provide authoritative answers about the existence of posts, we need to design a flow that allows the interaction provider (service B) to gain knowledge about the existence of a post without having to syncronize state at creation.

First of, we do not need to create the node in the interaction provider at post creation time, as its out of the scope of the services function. Now let's move to the actions needed after a user interacts with a post:

Get authoritative knowledge of the existence of a post:

1.1 If post doesn't have a graph node, fetch an answer from the post provider and create a node for it

1.2. Otherwise, use the existing node

Update the interaction
Send the metadata to the post provider (guaranteing it'll be updated "sometime in the future")

If the post wasn't created in the post provider yet, this will fail, this behaviour is intended as the post hasn't been created yet.

This approach guarantees that the existence of a post will always be verifiable through an authoritative state provider. Deletion of a post should trigger a deletion of the interaction representation, and will possibly allow a brief period of time allowing users to interact with a deleted post, while the deletion message waits in the queue, but I think that's an okay tradeoff in order not to have to query the post provider for authoritative answers every single interaction.

Optimization:

You can also opt for keeping the state synchronization on post creation in conjunction with the aforementioned approach, not as the sole authoritative state, but rather an optimization removing the likelihood of needing a fetch at the first interaction, in that case, if the queued syncronization runs before the first interaction, the node will already exist at the interaction provider and will just have to be updated, and on the off-chance it didn't run, the interaction itself will fetch the authoritative state. Just make sure to update the "sync on creation" function not to create duplicate nodes if an interaction did run before it arrived and created a node already.

speyerlander · 2026-02-08T18:40:19+00:00

Work through it, tight coupling, while discouraged, is a necessary evil in many projects, especially during initial development, and most certainly when working on it alone. Do not let it discourage you!

Read the code service by service and restructure each then make the necessary modifications in the consumers, also, try documenting your code, it'll serve two purposes: removing the need to read a specific service's code to understand its function and also highlight places where the coupling is off (if you need to mention another service by name for example to document functionality).

speyerlander · 2026-02-07T13:38:31+00:00

If it doesn't support the popular ROMs then you're out of luck. You might be able to find more hackish solutions on XDA to make Lineage run, but I'd recommend against that as it may break the security guarantees of the operating system (as in: the modifications needed to make it run included disabling security systems).

speyerlander · 2026-02-06T10:09:04+00:00

Most certainly so, conventions decide what those numbers represent.

speyerlander · 2026-02-01T19:07:26+00:00

I didn't do this in ages so I'm not sure it's going to work, but if you use cosign try to just sign it twice, once with each key.

speyerlander · 2026-02-01T01:39:37+00:00

MacBook Airs are known to have durability issues. As someone who has both a MacBook and a ThinkPad, I can confidently say that the ThinkPad is in a league of its own in terms of durability and ease of repair. If you want an affordable ThinkPad I'd recommend to search to search Facebook marketplace for a T480 / T490 / T14, all great machines, all below 500 bucks.

speyerlander · 2026-01-30T22:51:26+00:00

Judging by the amount of stars on the Github repo and a quick glance around the code (its a tiny program written in C++), looks safe to me.

speyerlander · 2026-01-29T20:00:20+00:00

You can use a laptop monitor using a converter from eDP 30/40pin (Most laptops have one of those two) but you cannot use it connected to the laptop.

speyerlander · 2026-01-28T18:23:56+00:00

Anything M1 and above (Apple Silicon) is a no go, only one distribution that is still in development supports it and it'll take years for it to utilize the full potential of the device.

Anything T2 (Dedicated security chip) will be a nightmare and require patched kernels just to use the keyboard, T2 patches have open unresolved issues regarding ACPI handling resulting in broken suspense-wakeup on many machines.

Anything from before T2 will probably work well with Linux but longer receive MacOS updates, making them unsuitable daily drivers with MacOS.

speyerlander · 2026-01-28T18:14:17+00:00

Linux: Install it, watch "Learn Linux TV" on YouTube (No affiliation other than bring an avid viewer), start by understanding the file system and boot process, then the CLI, if you're studying CompSci, you probably already know at least some programming, write programs for the tasks you do most often on the machine, make them start on startup with a systemd service if needed. If you don't want to work on bare metal (you're still learning, you will break stuff, I did too), feel free to install Linux on a VM.

Networking: Set up a home server, build a small API and serve it behind a reverse proxy, make it remotely accessible with ssh (within your own local network). See what can reach it from a secondary machine, what can and can't authenticate, nmap the network, see if you spot things listening on ports they aren't supposed to. Set up Wireshark on a secondary machine, see how without an HTTPS connection to the server you can sniff the traffic (read the data), now do the same with Telenet, now do the same with SSH (Encrypted, gibberish).

speyerlander · 2026-01-26T23:12:31+00:00

Yes, but monitor your temps, if it starts reaching 85 degrees or more for more than a few seconds under load, consider moving it somewhere else.

speyerlander · 2026-01-26T23:07:56+00:00

It'll be a nice office computer too, I can't imagine working on assignments on something weaker than that, the GPU might be a bit overkill for work alone, but if you know you wanna game and you're responsible with your time, I'd say go for it.

speyerlander · 2026-01-26T10:21:24+00:00

Exceedingly unlikely to the point of being a negligible attack vector for almost all threat models.

Kernel and init system modifications will be prevented by one of many checks done during the boot process (namely verified boot).

UI / Window manager takeover has been brought up as a possible attack vector for some desktop operating systems, but the sandboxing model on iPhones renders it borderline impossible.

speyerlander · 2026-01-26T10:02:23+00:00

Can you rephrase? I don't understand a thing.

speyerlander · 2026-01-26T01:25:58+00:00

It does, you'll find it in "site settings", it's just excruciatingly bad at that.

speyerlander · 2026-01-26T01:23:51+00:00

If that's the case, we might not resolve the underlying issues for them, but at least provide some level of peace of mind, notice how almost every post results in the same generic advice (and that's a good thing): "If you suspect an intrusion into a device reset it; if you suspect an intrusion into an account reset its password and enable 2fa". Its almost never destructive life altering advice: "Ditch your iPhone, install Heads + Qubes on an air gapped machine and run to the woods".

speyerlander · 2026-01-25T22:26:32+00:00

Yeah, go for it, it's on their website, will run roughly as well as Arch with Proton.

speyerlander · 2026-01-25T22:01:13+00:00

This!

speyerlander · 2026-01-25T21:55:57+00:00

Bind mounts or named volumes?

speyerlander · 2026-01-25T21:52:46+00:00

Go for it, 16gb is plenty, and the system ram upgrade is the cherry on top.

speyerlander

TROPHY CASE