Seems like the fn key is intercepted by the firmware then, that sucks. I’m repeating the same question differently just to ensure we’re on the same page:

If I understood correctly, your fn key is constantly “active”, making any key with an fn-modifier act as a different key, and that is why forexample the enter-button won’t be… well, enter? but if it enter acts as a different key, i.e. pressing enter gives a totally different keycode, can’t you rebind whatever keycode that turns into, into enter?

I did a super surface-level quick search, it seems like the older macbooks have had some firmware reverse engineering done. Might be some options there. Also, your issue may be a common case of a specific board trace needing new solder, which might not be too hard. Maybe that guy who does apple repairs/right to repair has something on this, or a community who may know. Louis Rossman something? can’t recall.

Also, you may’ve mentioned in your original post, but are there other keys that could work? doesn’t mac have that extra “option” key? i think i read that ctrl+fn key could be switched on a firmware level, if that means the ctrl key is then intercepted by the firmware I guess it won’t add much, but if all else fails, could be worth checking if it acts differently.

good luck, I don’t have any more ideas but I’m rooting for you, would be interesting to hear if you find a solution.

The firmware might be hijacking the fn key. If you use one of the keycode-reporting tools, does it report the fn key? and what is fn+enter or fn+backspace being reported as? if you’re not seeing the fn key, or if say fn+enter is reported as a singular key instead of two keys, maybe you could bind that “key” to enter?

If the Mac settings panel has an option to lock the F-keys to either F1-F12 or the keybinds, that option may be stored in the firmware, so for those keys simply reversing it in firmware may be enough.

If you are on HDD then looking at what else is using the same disk, and reducing that usage, may yield some results. Forexample, if /var/log is on the same disk and can’t be avoided, then reducing log volume or batching writes may reduce the “context switches” your HDD has to do. There should be options for I/O limits/throttling/priority in systemd. If you have only postgres on the HDD, I’d consider giving it 90% of the max bandwidth – maybe that’d be more effective than going full throttle and hitting the wall. If you have postgres and some other service fighting for the HDD’s time, these limits could help. Make sure access time tracking is off (or set to relatime).

Well it’s both possible, and has been done. both with mp3s and FLAC, not too long ago. It’s not the format itself, but rather the applications parsing the files that are the target.

CVE-2023-37327: A remote code execution vulnerability in GStreamer’s FLAC file parser caused by an integer overflow. Carefully crafted FLAC files could exploit this flaw to run arbitrary code on the target system

https://nvd.nist.gov/vuln/detail/CVE-2023-37327#%3A~%3Atext=GStreamer+FLAC%2Ccode+on

In general I agree with you, especially on the image part, but I found the opensuse page to be a decent variation of this.

Did you (or I?) miss something here? In the 3rd paragraph it’s “revealed”:

In a story of “what’s old is new again”, the solution dates back to ancient keyboards with physical keys for Copy and Paste.

Neo seems like a cool layout, reminds me of “unexpected keyboard” for android, but I fail to see the relevance since it doesn’t have the copy/paste buttons (like the keyboard in the picture in the article) as far as I can see

Some of these you’re already doing, but writing a complete* list. *almost garuanteed not to be complete, suggestions welcome

1. Have everything behind the same reverse proxy, so that you have only one endpoint to worry about. Run it through ssllabs or similar to check your config.
2. On your reverse proxy, add one or more layers of authentication if possible. Many possibilities here: If one app supports client certificates, while another has limited capabilities, you could probably tie together something where IPs are whitelisted to the ither services based on that certificate auth.
3. Geoblock all countries you won’t be accessing from
4. crowdsec is pretty nice, this detects/blocks threats. kinda like fail2ban but on steroids.
5. if you use one of those 5$/month VPSes, with a VPN tunnel to your backend services, that adds one layer of “if it’s compromised, they’re not in your house”.

lastly consider if these things need to be publically avilable at all. I’m happy with 95% of my services only being available through Tailscale (mesh VPN, paid service with good enough free tier, open source+free alternatives available), and I’ve got tailscale on all my devices

I don’t understand what you mean with the content disappearing when you mount the virtiofs on the guest - isn’t the mount empty when bound, untill the guest populates it?

Can you share what sync client+guest os you are using? if the client does “advanced” features like files on demand, then it might clash with virtiofs - this is where the details of which client/OS could be relevant, does it require local storage or support remote?

If guest os is windows, samba share it to the host. if guest os is linux, nfs will probably do. In both cases I would host the share on the client, unless the client specifically supports remote storage.

podman/docker seems to be the proper tool for you here, but a VM with the samba/nfs approach could be less hassle and less complicated, but somewhat bloaty. containers require some more tailoring but in theory is the right way to go.

Keep in mind that a screwup could be interpreted by the sync client as mass-deletes, so backups are important (as a rule of thumb, it always is, but especially for cloud hosted storage)

Agreed! I think a part of the “problem” is that with Nix, there’s now at least 3 sides: application specific knowledge, system knowledge, and you have to use the nix language, architecture and tools to interface with it. so for a seasoned linux user, there’s maybe just a new programming language, but if you’re new to Linux, it’s quickly gonna overwhelm you. which in a way is a bit ironic because I’d argue that it’s easier to manage a NixOS system, and getting help is so much easier when your problems can be replicated by just aharing your config.

that is one way to do it, and it’s a very common one - it’s robust and simple. So I can’t correct you, but thought I would add to it. In NixOS, they’ve improved it by making sure all your apps are symlinked, and when updating, these symlinks are updated. That way you can start using your newly updated system straight away, without a reboot. When rebooting, you are prompted to which generation you want to boot into, (defaulting to “latest” after a few seconds of no input) making rollbacks a breeze.

can I ask what level of experience/knowledge you have in this field? for fairness sake, I’m a sysadmin-ish role at work, having worked with remote terminal solutions, (optimizing remote desktop for use over satelitte and borderline dialup-speeds, if I ever again need to deep dive into the ICA-protocol it’ll be too soon, lol) have tinkered with building keyboards, hobby involves arduinos & going deep down linux confing rabbit holes. Also done some gamejams, without ever really finishing any prototyoes.

Also - I think the way I brought up the OS implementation bit was too poorly phrased and we’re too out of sync context wise for that to be a worth discussing at this point, but to answer your point, yes I am very versed in the subject, but I’m very curious ti see if there’s something I;ve missed:

If you have one of these keyboards, please hook it up to your favorite key-input listening tool, and share what you see. I’m especially curious to if the priority you mentioned is something you see sent along with the keypress-signals, or if it is handled by the firmware of the device.

And for the record, I really do likewhat these keyboards are doing, I think it’s about time we see some actuall progress in the field, and i sure as heck want those features in my next keyboard, but not seeing how this is unwelcome in competetive games at this point seems delusional to me. You’re very welcome to challenge me om that, but the only argument I can see having an impact now is if you got some raw techical proof that challenges the models I’ve mentioned.

they do in a way move the character on their own though, through emulating extra input events on behalf of the user.

without, these inputs are sent, one per human action: KEYDOWN=A, KEYDOWN=D with the same two keypresses: KEYDOWN=A, KEYDOWN=D+KEYUP=A

The problem is that these create input events on behalf of the user. forexample: When pressing A while still having D pressed, the keyboard sends a KEY_UP=D event even as the user is still pressing D.

As for your comparisom, lowering latency is something different, if anything it’s attempting to make the users actions registered more accurately.

Do note that without this kind of processing, the games already knows that D is still pressed while A is presses, and they decide how to act on it. Games handle this differently, a common one being both keys as “stand still”.

So we’re:

1. creating new input eventson behalf of the user
2. tricking the game to to avoid a state the devs have intended
3. resulting in a huge advantage for the player.

In my opinion this should be implemeted on a OS level for all to use, but I don’t struggle one bit to see how this is disruptive and a no-go in competitive games.