Sorry for the off-topic, but I was curious about Affectable so I opened the website. I saw it's very thin and light and comfortable, but I struggled to find out what "it" is and what it does for me. It's kinda buried.

I was interested enough to click through the different links in the footer. And just as I reached the purchase page, I see that it requires "an iPhone running iOS". Unsure why it requires an iPhone; and no info on a timeline for iPhone-less customers. But that immediately rules me out as a customer.

I feel like the landing page would be a lot better if it started out focusing on what it is & how it can help me.

Apologies again for the unsolicited advice. Just wanted to share my impressions in case it's helpful.

Just for what it's worth, I just pushed an eBPF-based workaround for people who are running kernels in which AF_ALG is linked directly into the kernel and not as a module: https://github.com/Dabbleam/CVE-2026-31431-mitigation

I am running this in production right now and it mitigates the attack, with no unexpected side-effects as far as I can see.

I don't think RustDesk was hit by this. If you weren't able to access it two weeks ago, it was due to an outage on their end: https://github.com/rustdesk/uptime/issues/53

Thanks for the heads up! I'm using it self-hosted on a Hetzner VPS.

Apparently they also block certain ports. As soon as I route the traffic through Tailscale through the same VPS I can connect without issues (My phone was affected as well)

No? WSL is Linux on Windows — so W9xSL is Linux on Windows 9x. I think… :)

WSL is "Windows Subsystem for Linux", so this should be "Linux Subsystem for Windows 9x"

By Microsoft’s convention, that would be a way to run Windows 9x on Linux. It’s a bit confusing. Another example is “Windows Subsystem for Android”, which is what they use for running Android apps on Windows. I think the idea is that it’s not a “Windows Subsystem” for X, but rather a Windows “Subsystem for X”.

(Edited: mixed it up on the last sentence.)

> that would be a way to run Windows 9x on Linux

Which is exactly what the post says this is. It's running Windows 9x on Linux kernel. It's strangely worded, but from the follow up comment, and the readme in the repo it seems clear that it's running on the Linux kernel.

> WSL9x runs a modern Linux kernel (6.19 at time of writing) cooperatively inside the Windows 9x kernel

Pretty sure it's the other way around. But I haven't had my coffee yet ;)

Microsoft's naming scheme confuses me every single time though: "Windows Subsystem for Linux" actually runs Linux on Windows...

You're correct: "WSL9x runs a modern Linux kernel (6.19 at time of writing) cooperatively inside the Windows 9x kernel"

I missed the part that it runs on the bloody Windows 9x kernel, I was to busy thinking about modern Windows.

Yeah it makes more sense if you consider the word Windows' to be in possessive form.

I think this is it: https://reg.redsara.es/#login

Well, in that case, if they want full control and attestation yadda yadda, I'm fine with them shipping me a device they fully control exclusively for use of this stuff. But if we're talking about my smartphone that I paid for with my money that I worked for, I will do whatever I damn please with it. So I guess that means eIDAS will be inaccessible to me.

That device is a personal ID card with a chip. Many EU countries issue them.

Why not just have the Secure Enclave in the ID card and use NFC to communicate with it? Think about it, you literally have dozens of computers between you and the provider. Routers, middleboxes, load balancers, servers etc, all insecure or untrusted, but somehow my device needs to have their special rootkit and hardware DRM. A separate device that can be provisioned with ID is the least to ask. If the government doesn’t trust me with my device, fine, but then return the favor - I don’t trust them either. Both governments and corporations that are gonna use this have long track records of invasive, often illegal spying - whereas my track record is letting people mind their own business.

This is exactly what the ID cards I'm talking about are. You tap them to the phone or a desktop reader and it works. You just invented something that already exists.

eIDAS just takes this one step further and gives you an option to not have to carry your card with you. But if you refuse to have an attested phone, then you pay those 20EUR to get the ID card (which you probably need for other uses as well) and move on with your life.

> This is exactly what the ID cards I'm talking about are. You tap them to the phone or a desktop reader and it works. You just invented something that already exists.

Great, thanks for clarifying. Please be mindful not everyone are domain experts and we’re all (hopefully) trying to learn.

Now, do you know whether ID cards will work with the proposed German system for e2e online ID verification? My understanding from comments was that it doesn’t, and providers are free to require the app-based version.

In Sweden we have an app-based system now (BankID), and afaik there are no alternatives that work reliably. You have to buy an American phone every few years to participate in basic societal functions. However, the government is ”looking into” decoupling digital identity from (1) banks and (2) mandatory hardware manufacturers (iOS/Android).

I didn’t know that, thanks for letting me know. I don’t think I logged out, unless maybe I accidentally triggered that in my pocket.

I figured it was worth posting because I get relatively uneasy when unexpected things happen, and if others were also affected then I could just justify it to myself as a server side thing. In fact, what you just told me about logout being global is already very helpful, so I guess it wasn’t for naught. :)

I hadn’t checked how long the cookie is set for yet. But since I got logged out from both devices on the same day, I figured it can’t be that. I haven’t had this tablet for too long, and I think I must have signed in just 2-3 months ago. Thanks for your response!

I think they meant employees from the hosting company. But that's a funny interpretation!

> The efficiency is a red herring - you will still use every CPU core for IO threads in ffmpeg, if you don't configure that away, which you do not. And it requires really annoying setup and premium features on stuff like Plex. It just makes no sense!

I would love to learn more about this! What can I do to fully optimize ffmpeg hardware encoding?

My use case is transcoding a massive media library to AV1 for the space gains. I am aware this comes with a slight drop in quality (which I would also be keen to learn about how to minimize), but so far, in my testing, GPU encoding has been the fastest/most efficient, especially with Nvidia cards.

GPU encoding is fast, but usually it produces poorer quality results because it avoids trying paths that are hard to do quickly on the GPU.

If you want to optimise, try different encoders (sounds like you've already done some of this) and lots of different settings - it'll involve a lot of tuning if you want to figure out the right balance for your particular media between quality/speed/size, while also making sure that your machine hurts as much as possible.

Driveby 2c as a video industry person: don't retranscode your media unless you've got them in a really space inefficient codec and you're seriously hurting for space. You'll burn a lot of power retranscoding, are you actually saving useful $$$ of storage in exchange for that spend? Storage is cheap, and there's always a better codec coming along you could retranscode into and save some more space. It's a vicious cycle: each generation has to encode the artifacts from the previous generations.

You would use your full system, saturating the CPU and GPU, including unlocking the number of simultaneous video sessions for consumer NVIDIA GPUs. That said, software AV1 looks a lot better than hardware AV1 per bit.