overview for cherrykraken

CAPTCHAs are 'a tracking cookie farm for profit that made us spend 819 billion hours clicking to generate nearly $1 trillion for Google by cherrykraken in c/technology@beehaw.org

[-] cherrykraken@lemmy.ca 8 points 2 weeks ago

The code basically tracks mouse movements, or the lack thereof. If a bot is using a cursor, it might move in a straight line at constant speed to the "I'm not a robot" checkbox. Most bots though just check the HTML and jump directly to the checkbox. There are other checks it might do as well, e.g. the user-agent of the browser, whether the user came from a search engine, etc.

That being said it's that not difficult to break, e.g. Puppeteer has a plugin specifically for getting around Captchas and Cloudflare's offerings.

All this is to say: automatic captchas are better at allowing legitimate users than they are at blocking bots entirely.

Work == leisure == pain by cherrykraken in c/programmer_humor@programming.dev

[-] cherrykraken@lemmy.ca 24 points 3 weeks ago* (last edited 3 weeks ago)

Carmy: "Cooking is not fun for me."

Richie: "Yeah, but you love it."

Carmy: "That doesn't mean it's fun."

Richie: "If this shit is not fun for you, Cousin,what the fuck is fun for you?"

-- The Bear, S2 E1

Little frustrated with Github, gpg keys, access tokens and correct setup by cherrykraken in c/programming@programming.dev

[-] cherrykraken@lemmy.ca 3 points 1 month ago

Regarding access tokens, there's a third party credential helper for Linux that uses OAuth. I recently found it and started using it a month ago. Works pretty much the same as Git + Windows Credential Manager. In case you are running headless, there is a device mode flag that will allow you to login with the GitHub app on your phone.

https://github.com/hickford/git-credential-oauth

(And if you layer a timed cache helper before the OAuth helper... well you shouldn't have to reauthenticate every time!)

Otherwise, the Git manual lists some other credential helpers that interface with some password managers.

https://git-scm.com/doc/credential-helpers

Help using NginxProxyManager to route multiple non-tailscale devices to multiple services. by cherrykraken in c/selfhosted@lemmy.world

[-] cherrykraken@lemmy.ca 2 points 3 months ago

In NPM I set a proxy host 192.168.box.IP to forward to 100.jellyfin.tailscale.IP:8096. I tested it by going to box.IP and jellyfin works.

I'm not surprised this worked, numbers are allowed in FQDNs, but an IP address is not entirely equivalent.

I tried "box.IP:8096" as a domain name and NPM rejected it. I tried "box.IP/jellyfin" and NPM rejected that too (I'll try Locations in a bit)

I would strongly suggest you to read up on the OSI model.

Nginx only understands HTTP and HTTPS requests at Layer 7 (implicitly and strictly ports :80 and :443), and forwards or redirects them to Layer 4 destinations. (Nginx can technically handle other protocol requests via plugins, but that isn't what you are looking for.)

In NPM, the proxy host name should at least contain the Raspberry Pi's hostname, e.g. jellyfin.your-rpi-name. Or you could use the path location option, e.g. your-rpi-name with location /jellyfin. (I think the second option might work with network hostname auto-discovery, in which case pihole as a DNS may not be strictly necessary.)