The amount of confidently incorrect responses is exactly what one could expect from Lemmy.

First: TCP and UDP can listen on the same port, DNS is a great example of such. You’d generally need it to be part of the same process as ports are generally bound to the same process, but more on this later.

Second: Minecraft and website are both using TCP. TCP is part of layer 4, transport; whereas HTTP(S) / Minecraft are part of layer 7, application. If you really want to, you could cram HTTP(S) over UDP (technically, QUIC/HTTP3 does this), and if you absolutely want to, with updates to the protocol itself, and some server client edits you can cram Minecraft over UDP, too. People need to brush up on their OSI layers before making bold claims.

Third: The web server and the Minecraft server are not running on the same machine. For something that scale, both services are served from a cluster focused only on what they’re serving.

Finally: Hypixel use reverse proxy to sit between the user and their actual server. Specifically, they are most likely using Cloudflare Spectrum to proxy their traffic. User request reaches a point of presence, a reverse proxy service is listening on the applicable ports (443/25565) + protocol (HTTPS/Minecraft), and then depending on traffic type, and rules, the request gets routed to the actual server behind the scenes. There are speculations of them no longer using Cloudflare, but I don’t believe this is the case. If you dig their mc.hypixel.net domain, you get a bunch of direct assigned IP addresses, but if you tried to trace it from multiple locations, you’d all end up going through Cloudflare infrastructure. It is highly likely that they’re still leaning on Cloudflare for this service, with a BYOIP arrangement to reduce risk of DDOS addressed towards them overflow to other customers.

In no uncertain terms:

1. Hypixel.net has Cloudflare DNS for their domain.
2. For their website, it has orange cloud enabled to proxy traffic through CF’s global CDN and DDOS protection service.
3. For their Minecraft server, they advertise mc.hypixel.net, but also have a SRV record for _minecraft._tcp.hypixel.net set for 25565 on mc.hypixel.net
4. The mc.hypixel.net domain has CNAME record for mt.mc.production.hypixel.io. which is flattened to a bunch of their own direct assigned IP addresses.
5. Traceroute towards those direct assigned IP addresses goes through Cloudflare infrastructure but final destination is obscured, just like their website, to protect them from DDOS attacks.

Plenty of tools to Sideloadly on iOS; https://sideloadly.io/ pops to mind as one example of such.

What kind of sad existence feels compelled to double down on spewing misinformation when being called out? Here, have a pity upvote.

iOS supports VPN out of the gate. Apps just make it easier to configure. Please don’t spew divisive misinformation, regardless if this is ignorant to the facts or otherwise.

This is Apple; they value different things than most people… sometimes warranted, results in offering a much better experience, and pushes everything forward (see MagSafe -> Qi2 for recent example), other times they’re just regarded as late adopters. The detraction of visual aesthetics from folding crease is apparently one of such things that they care about.

Amazing stuff. Thank you so much!

The models are not wrong. The models are nothing but a statistical model that’s really good at predicting the next word that is likely to follow base on prior information given. It doesn’t have understanding of the context of the words, just that statistically they’re likely to follow. As such, all LLM outputs are correct to their design.

The users’ assumption/expectation of the output being factual is what is wrong. Hallucination is a fancy word in attempt make the users not feel as upset when the output passage doesn’t match their assumption/expectation.

The network effect is too strong. The minority that are whining here isn’t going to make a dent. Next time you’re out, look at how many people are using ads ridden apps instead of paying $0.99 or whatever to remove them. The users have already decided their time and privacy is worthless and would rather getting the service for “free”.

4o does perform web searches, give summaries from a couple of pages, and include the link to those pages when prompted properly.

However, as most people know, first couple results doesn’t always tell the full picture and further actual researches are required… but, most “AI assistant” (also including things like those voice assistants in speakers) users tends to take the first response as fact…

¯\_(ツ)_/¯

Reducing ad spend on one platform, albeit often the elephant in the room for most companies’ online marketing department, isn’t going to reduce prices at the till. Companies will either reallocate the ad spend elsewhere, there by spamming more ads in front of everyone, or pocket the difference to pad their profit margin.

Google did not make RCS; RCS is made by GSM consortium as succession of SMS, Google extended it to add some extra features such as end to end encryption (but only when messages are routed through their servers).

China mandated 5G sold in China must support RCS, hence why Apple added support for this. Since Google is basically banned in China, you can pretty much bet RCS going into/out of China is going to be unencrypted.

So you’re basically stuck between getting inferior unencrypted messages, or routing everything through Google.

Avoid RCS like the plague.

It is easier to think of the SSL termination in legs.

1. Client to Cloudflare; if you’re behind orange cloud, you get this for free, don’t turn orange cloud off unless you want to have direct exposure.
2. Cloudflare to your sever; use their origin cert, this is easiest and secure. You can even get one made specific so your subdomains, or wildcard of your subdomain. Unless you have specific compliance needs, you shouldn’t need to turn this off, and you don’t need to roll your own cert.
3. Your reverse proxy to your apps; honestly, it’s already on your machine, you can do self signed cert if it really bothers you, but at the end of the day, probably not worth the hassle.

If, however, you want to directly expose your service without orange cloud (running a game server on the same subdomain for example), then you’d disable the orange cloud and do Let’s Encrypt or deploy your own certificate on your reverse proxy.

Looking great! I think it would be amazing if there are filters for processor generations as well as form factor. Thanks for sharing this tool!

You’ll be very hard pressed to find anything else that’d out last the day when all three of AWS, Azure and GCP shutdown and take their data offline.

I get it though, Lemmy doesn’t want to admit these services exist other than to dunk on them in the most anti-corporate fashion… so continue to pretend such is the case!

Upload it to the cloud and make it someone else’s problem to deal with keeping up with the physical medium changes. Then your descendants only have to worry about figuring out how to deal with an outdated file format they can no longer open… and even when they can finally open it, it’d be super low quality… just like how we have to squint really hard at videos from VCDs now days.

API are secure only if you can secure the authentication details. A modified app (be it as something modified and distributed on a unsanctioned channel, or custom injected by another malicious actor/app) can easily siphon out your authentication tokens to a third party unbeknownst to you the user. However, if the app verifies it came from the approved source and have not been tempered with, then it is much easier to lean on ASLR and other OS level security to make it harder to extract the authentication info.

Multiplayer game operators have obligation to curb modified clients so their actual paying clients have a levelled playing field. By ensuring their apps are only distributed via approved channels and unmodified by malicious players, this improves their odds at warding off cheaters creating a bad time for those that actually pay them to play fairly.

These are just simple cases where this kind of security is beneficial. I am glad Android is finally catching up in this regard.

This is Lemmy. If you’re not advocating for FOSS, or piracy to spite the corporations, you’re gonna get downvoted. I don’t care. We need better security standards whether these kids like it or not.

App developers need ways to know the app has not been modified in unsanctioned manner, glad to see Android finally catching up on security with integrity checks.

It was not an EU thing, it was a China thing.

It’s quite obvious as well looking back at it; if course China will mandate one of the weakest protocol with no end to end encryption.

Avoid RCS like the plague and use something more secure!

No, they’re mostly correct; basically no one except Android users in the USA cares. Everywhere else has it figured out with third party messaging platforms that’s geographically favored, and Apple users in USA will continue to use the superior iMessage protocol with each other. Only the Android users in USA are left out from sending/receiving messaging, so they’re salivating over the update like it’s the best thing since sliced bread.

RCS is janky, inconsistent, and carrier dependent. Can’t wait for Android users in the USA to join the better rest of the world. Until GSM consortium mandates end to end encryption and force all carriers to adopt certain version of consistent minimum, RCS is and will continue to be a garbage inferior protocol that should be avoided like the plague.

Not entirely true… the American Android users care about it; Apple users will still default to the superior iMessage as opposed to the inconsistent carrier dependant RCS; rest of the world will use geo-preferred third party messaging app that also offer consistent experience between carriers.

“Buy your mom an iPhone” people.