Tuya's become a nightmare to deal with. They've decided they fear local integrations because they're losing ad revenue when people don't use the Tuya app. They have been going to progressively greater lengths to prevent device buyers from bypassing the Tuya servers and running their stuff locally.

My understanding is you can no longer register for a free Tuya developer account that lets you set it up with the "Local Tuya" integration for HomeAssistant -- you have to have a paid developer account, if it works at all. And their libraries used to flash right onto an ESP32, but now they're encouraging developers to more secure chips, in an attempt to prevent end users from reflashing their own devices with firmware (like Tasmota) that no longer communicates via Tuya services.

I wouldn't buy anything Tuya with the hopes that it will someday integrate with anything else. If you buy them, expect them only to work with the official apps.

PKIs were designed for offline use. There are a couple hundred trusted Certificate Authorities that each issue a "root" certificate. These root certificates are distributed worldwide, in browsers, operating system distros, phones, etc. When you encounter a certificate in the wild, you have to verify the certificate before accepting it, which is done by checking what you can locally: is it expired? Does its DNS name resolve to the name on the cert? Does it have a valid signature? This means checking to see if it was signed by a CA certificate that you already have in your local trust store; if so, you can accept it without going online.

Not to say that the online component of certificate validation isn't important, but it's of varying importance depending on the risk level. When online you should check for certificate revocation, which is to check to see if a previously issued certificate has since been flagged by the CA as compromised and revoked. This can be done by looking for it on a Certificate Revocation List (CRL) published by the signing authority, or by querying the authority's Online Certificate Status Protocol (OCSP) server. But it's an optional step, and can be skipped in low-risk situations (such as being offline.)

IMO the ones they need to worry about are the likes of Amazon. If you’re an AWS customer (and let’s face it — let’s of big orgs are these days) then using Amazon Linux 2 is a no brainer. Binary compatible with RHEL, regularly updated by Amazon, fully supported, and the Yum repos live inside the AWS infrastructure. A fully containerized image is also available.

If you’re already using AWS for your cloud infrastructure, using AL2 is a no brainer. It may not be something your average home user is installing for local use and may not be on the radar in orgs that aren’t AWS customers, but it’s who I would be worrying about if I were RedHat (along with other big cloud providers doing the same).

Yaz

Yeah, /. Seems to have mangled things there. [::shrug::]

Yaz

Prior to this shit-show there is a symbiotic relationship in place. Reddit gave us the tools to create and have a community, and they got all of the revenue. It wasn’t a great deal, but it wasn’t entirely terrible either.

But I stopped giving them my free labour when we shut down. Indeed, even though we knew Reddit would have preferred we step down voluntarily we (my fellow mods and I) weren’t even going to do that much work for them. If they wanted it back, then they had to kick us out, and we would make sure everyone knew about it.

Even if in the end we were just gnats, we got out of a bad relationship in the manner that did Reddit the most damage we could inflict. Even with us gone, the community is still dead — Reddit moved it to Restricted so they could reap the ad impressions from all our historical content, but new posts are still not allowed.

We know we won in the end, even if it was just a small victory.

Yaz

Up until today, I was the top mod of r/Canning. Prior to the blackout, our users voted https://www.reddit.com/r/Canni...”>a whopping 88% in favour of shutting down the sub, with the majority of those voicing that it should be a long-term shutdown.

And so we followed the democratic choice of our members and closed down with everyone else. Not long after, https://www.reddit.com/r/ModCo...”>threatened that if we didn’t revert back to public, we’d be replaced. We continued to push back against their bullying, pointing out that the subreddit had not been abandoned (as we continued to respond to mod mail from users on a daily basis), and that we were doing was in line with our users wishes, and that if they wanted us to re-open, they had to restart negotiations with 3rd party app developers, give them reasonable API pricing, and give them a minimum of 6 months to adopt the new rules (they were given 30 days).

The late last week, Reddit threatened us again. https://www.reddit.com/r/ModCo...”>We were given 3 days to come up with a plan to re-open, and once again told them if they wanted us to reopen, they had to meet our demands, and that we wouldn’t cave to their bullying.

The r/Canning mods were all “canned” by Reddit today. The subreddit has been moved into Restricted mode (people can read, but nobody can post), and it has no moderators.

Great job with that mod outreach effort there, Reddit. We were whipped with the olive branch. They’re nothing but a bunch of hypocrites — fall in line and do free work for them on their terms, or you’re out on your ass.

Yaz

”Cursed” is likely the correct explanation. The best I can surmise (without having taken the whole dash apart) is that they just wired a USB mini-B in as if it were a USB-A port. I had to buy a USB mini-B to USB-A male-to-female adaptor to plug anything in, which makes whatever is plugged in stick way out of the dash.

As I said earlier, probably the worst use of USB-B ever.

In the early days of ownership I use an adaptor to plug a USB stick in, but it was enough of a PITA I stopped using it altogether. In the last number of years I’ve just had an external Bluetooth adaptor wired into the AUX port, and use that instead. I don’t think I’ve plugged anything into the USB (or used the CD drive) in a decade.

Yaz

You misunderstand. I don’t have a problem with USB-B when it is used for its correct purpose.

But in my car stereo is the absolute wrong purpose. The whole idea of having a USB port in a car stereo in the first place is so you can plug USB drives into it — and you can’t do that in my car because nobody makes USB thumbsticks with USB-B connectors. So I wind up needing an adaptor.

Likewise for plugging in a phone — if you wanted to plug-in a phone, you’d need a USB-B micro to USB-B mini cable. That’s not a normal nor common (nor technically to spec) cable. You can’t just take the cable your phone came with to plug it in — again, you wind up needing an adaptor.

USB-A/USB-B made sense when used as designed — but my car stereo (which came with my car FWIW, this isn’t an aftermarket stereo) is absolutely using the wrong connector type. Two seconds of thinking about it by whomever designed the stereo would have revealed why it’s a terrible design. And it’s why every other car stereo with USB input

has a female USB-A port instead of a female USB-B port. They designed it to plug USB sticks into, but you can’t because (AFAIK) nobody ever designed a USB thumb drive with a USB-B male connector (and why would they? What computer could you ever plug that into?).

(I’ll note here that the problem is technically moot these days, as I put an external Bluetooth receiver and plugged it into the AUX port so I can stream directly from my phone instead of using the weird USB-B port only my car stereo apparently came with).

Yaz

The Motorola DynaTAC 8000X was also the smallest phone for its time, and also had a user-replaceable battery.

It weighed 2kg/4.4lbs.

Yaz

Ugh -- I drive a vehicle that came with a stereo system with a USB-B female connection, which works with absolutely zero devices without an adaptor. It's the most asinine use of USB I've ever seen.

Yaz

I’m one of the moderators or r/Canning — we polled our users, and an overwhelming majority (89%) responded they wanted to go private, with the bulk wanting it to be indefinitely.

But that doesn’t mean I haven’t been actively moderating — I get roughly 5 requests for access each day, which I personally respond to.

So I’ll be interested to see if Reddit tries to force us to be public again. Our community voted in favour of this blackout, and we haven’t abandoned moderating (even if the workload is extremely light). If they do so, it will be without the current moderation team in place — and as r/Canning strives to feature scientifically safe and validated canning techniques, they’re not going to be able to just drop-in random new mods and keep up the same high quality. Improper home canning can kill people, and proper moderation requires domain-specific knowledge and experience t keep things safe for everyone.

Yaz

Good luck with that. As a mod of two participating subs (r/canning and r/ipv6), finding new mods is almost an effort in futility. Sure, lots of people want the power, but most don’t want the responsibility. Few people want the day-in, day-out drudgery of curating and building a vibrant community, dealing with abusive users, and dealing with near unending piles of spam and misinformation — and when they see what being a moderator actually entails, they usually disappear (and then complain when you remove their mod access).

Reddit has a https://www.reddit.com/r/reddi... ”>public Wiki page of “orphaned” subreddits that need a moderator — and the list is so big it’s split up into 16 sections. There are way already more openings than volunteersand you think after they show the community how they treat their moderators they’re going to have a line-up of new mod volunteers who will actually do the work?

Good luck with that.

Yaz

I don’t think you’ll find a lot of disagreement that there are likely some areas where Reddit needs to charge for using APIs — tools that are scraping Reddit comments to create AI datasets for example.

But Reddit’s “product” is their user base and their content — and when they’re charging for API use for things that generate content for them, they’re effectively double-dipping. It’s like if your employer suddenly decided to start charging you for coming in to work.

In effect, Reddit already realizes a ton of value when the APIs are used to create content, as is the case with all of the third-party apps they will be forcing to shut down at the end of the month. It doesn’t cost Reddit to host their API when it’s used to create the content that brings users back daily. And that’s where the real problem lies.

Yaz

What embarrassment? The question was asked “ What processor architecture competes with x86/AMD64 in general and not extremely low power applications?”, and by all metrics the M1 Pro/Ultra and the M2 Pro certainly qualify as a) competing with x86/AMD64, and b) not being for extremely low power applications.

You answering with some vague non-sequitor about processor architecture doesn’t embarrass me when that wasn’t a constraint on the original statement.

Yaz