It's quite useful! I can give someone access to my server by grabbing their public key and creating an account for them, no need figure out how to send them the password to my server.
> You can make a search for all users, which will tell you there are 97,616,627 users at the time of this writing, but you can only fetch at most 1000 results from a search, and they don’t come in any clear order, so you can’t just make the next search start where the previous one left off (or I didn’t figure out how).
> What you can do though is request accounts created in a certain time range. If you get the time range right, so that it has less than 1000 entries, you can paginate through it, and then request the next time range.
This reminds me of when I tried to add a google drive storage backend to camlistore/perkeep (because I had nearly-unlimited free quota at the time). One of the things a perkeep blobserver needs to be able to do enumerate all the blobs it has, in order. You can send millions of blobs to google drive without issue, but you can't directly paginate a search for them in sorted order.
You could just issue a search for all blobs under your perkeep drive folder, keep paginating the result until you run out of pages, and then sort in memory, but there's really no way of knowing how many blobs you're going to end up with and you might blow out your blobserver's memory.
Perkeep blobs are identified by blobrefs, SHA sums of the contents of the blob, so they look like sha-[0-9a-f]{64}. Google drive lets you search for files with a name prefix, so you can search for like /perkeep/sha-* and see if the result has a pagination token (indicating that there are more than 1000 results), and if so then you search for each of /perkeep/sha-0*, /perkeep/sha-1*, ... , /perkeep/sha-f*, each time checking to see whether there are too many matches. When there's not too many matches, you've found the prefix length that will let you fetch a bounded number of blobrefs, emit them to the perkeep client, and then release the memory before fetching more.
/pk/sha-\* 1000+ results (non-empty pagination token)
/pk/sha-0\* 1000+ results (non-empty pagination token)
/pk/sha-00\* 1000+ results (non-empty pagination token)
/pk/sha-000\* 193 results,
sort these in memory and emit to client
/pk/sha-001\* 179 results,
sort these in memory and emit to client
...
/pk/sha-fff\* 223 results,
sort these in memory and emit to client
I didn't end up landing the patch before I lost interest, partly because it was pretty much the first golang I had tried writing. It was fun working out the above details, though.
+ making you empty your water bottle, and then on some airports there is no option to fill it afterwards (e.g. only hot water available in the toilets and no drinking fountain)
Besides an open military invasion (hopefully improbable), I'm afraid of slowly tilting and influencing border states (Slovakia, Hungary) to lean towards Russia, with maybe some future economic extortion, or in the very extreme case, staging an election/referendum to leave EU/NATO.
Some window managers, such as Fluxbox, support "tabbed windows". You can group windows into one "superwindow" and then switch these in a titlebar. Maybe this is what the GP meant?
> The lack of hibernation with an encrypted system is an annoying problem, though.
I don't understand. Hibernation to an encrypted swap partition (and even to a swap file on an encrypted rootfs) works normally.
> Not buying hardware from certain vendors (Nvidia) helps improve your chances.
nVidia just works if you accept the proprietary driver. On the other hand, with AMD, you get fun like this: https://www.wezm.net/v2/posts/2020/linux-amdgpu-pixel-format.... Of course, if you don't need high GPU power, use Intel integrated GPU, which works the best.
Last time I checked (three months ago?) you needed to patch the kernel to enable hibernation in kernel lockdown mode. I think OpenSUSE enabled these kernel patches by default, but that caused issues with secure boot.
Nvidia "just working" is a matter of luck and patience. I'm on kernel 6.7 on my laptop with the latest Nvidia driver and I'm booting with special Nvidia command line flags and running with carious Nvidia specific tweaks to make the thing not drain my battery the moment it boots up. Wayland support remains spotty on multiple compositors.
It'll probably Just Work with a whole bunch of extra power consumption on desktop, as it does on mine, assuming you don't particularly care about Wayland support. Wayland support works in that there is content rendered to the screen, but hardware acceleration is spotty and has weird performance issues that aren't present on Intel iGPUs.
You can make all of this work, but out of the box it doesn't.
Lockdown mode is a feature of Linux that's automatically enabled if it detects some circumstances. IIRC, it's a requirement for getting your stuff signed to allow you to do secure boot (without loading a manual secure boot key, of course). I would say it's enabled on most first-time Linux users' computers.
As for Wayland, I learned the hard way that modern distributions have removed the Wayland block on Nvidia drivers, and many will go Wayland-first after install. It's easy to switch back, but only if you know what X11 and Wayland even are in the first place. Of course distros have to try to push people to Wayland, because Red Hat and desktop environments are moving towards Wayland-only for new releases in a couple of years, but that's not without its unfortunate consequences.
In a few years, Wayland has gone from "doesn't even start" to "usable with a whole bunch of quirks and issues", I'm sure it'll work fine when the time comes to abandon X.org. But for now, the defaults are a bit weird. In practice, distros can pick between "some weird issues on Nvidia hardware" and "extremely limited touchpad gesture support" and it's tough to make a choice there.
I don't know anything about this case, but "561 deaths have been reported in connection to" does not mean they were all indeed "caused by". They may have reports of anyone who died while using the device, from whatever cause like old age. Now they will investigate and hopefully conclude something.
> But in czech language word for Bohemia region is "Czechia" (there is no Bohemia).
No. Bohemia is Čechy, Czechia is Česko.
Yes, they are sometimes confused, and maybe people are unhappy with Česko because it's just too similar to Čechy. People from Moravia and Silesia feel underrepresented when someone mistakenly uses "Čechy" (Bohemia) for the entire Česko (Czechia; Bohemia+Moravia+Silesia).
"habanero eardrum" is actually less than 4 bytes -- let's say 12 bits for a common word (eardrum) + 16 bits for an uncommon word (habanero).
If it were 16 bytes, the other options from the same 16-bytes space would be, for example, "\xa3\x80W%\xa3\x82\xa1\xea\x10\xf9\x8b\x07'\xf93J" or "\xf0\xef\x9b\x8f[0\xe5\xb9,\x0b\xd4^\xb00\xed\x00" (chosen by a fair /dev/urandom roll).
If you want to convey 16 bytes using similar encoding, you need to use about 10 to 12 human words -- see for example Bitcoin wallet 12-word seed phrases or https://xkcd.com/936/ (xkcd correct horse battery staple).
For IPv6, if your addresses are not SLAAC, but DHCP or manually assigned, you can go with half of it - the "random" part is the 64bit network prefix.
