Notices by LisPi (lispi314@udongein.xyz)
-
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Sunday, 29-Jun-2025 08:03:35 JST 
LisPi
@dalias @libreleah @ariadne There are issues with X's model of ambient client authority that I dislike, though.
Even without proprietary malware on one's machine, faulty software could enable some malicious actions that ought to require explicit user permission or request.
It leads to this awkward situation where there are some window managers with features I really like but lacking some important properties I'd want. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 27-Jun-2025 07:14:56 JST
LisPi
Why do multipler games still persist on the rootkit nonsense instead of enabling community servers & community moderation?
The rootkit nonsense doesn't even work against entire classes of cheats anyway.
It should be up to a particular community whether they care or not, and whether they do anything about it. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 26-Jun-2025 20:53:45 JST
LisPi
@N33R @kaia I recall reading that Japan started mandating those because many people suffered from dehydration & heatstroke in public transportation as they avoided hydrating prior to heading to work for lack of such amenities (relatable, I do not miss that part of commute).
(It was deemed a public health problem.) -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 26-Jun-2025 19:15:18 JST
LisPi
@sun @anemone What's an mcp?
I presume some tool for non-technical people or attachment for vehicles that aren't technicals. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 26-Jun-2025 10:16:00 JST
LisPi
@GrapheneOS @BryanGreyson @kkarhan @maumau @fluffery > They consider it best if that firmware can't be updated...
Firmware that is fixed in an object is effectively part of it. It becomes a concern of a malware (user-abusing) object, rather than malicious non-Free Software.
If it is modifiable/updatable, then it is a concern of non-Free Software.
It's a way of delimiting scope, rather than saying it is best. It is not best for the user to ever have to cope with malware regardless of its nature. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 26-Jun-2025 10:15:56 JST
LisPi
@GrapheneOS @BryanGreyson @kkarhan @fluffery @maumau It does create a problem, and it is a problem that would be greatly aided by manufacturers providing Free/Libre firmware (and/or full documentation necessary to create it).
That way better Free firmware could be made by its users that is formally verified and that is kept up to date with mitigating hardware flaws, regardless of the state and interest of the origianl manufacturer.
I do have to wonder why it is so very common to ship broken hardware though, since that is what the overwhelming majority of hardware side-channels exploit.
Broken firmware (or purposely broken malicious firmware (malware)) is also common. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 26-Jun-2025 10:15:52 JST
LisPi
@GrapheneOS @BryanGreyson @kkarhan @fluffery @maumau > If you take a look at the Pixel firmware, you'll find it's not obfuscated and that you can read the code when disassembled.
That is a fortuitous find, albeit one I find myself surprised by.
Although for some devices this provides insufficient information to improve the firmware, should additional specification of the hardware be held back behind NDAs or other malicious/censorship constructs. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 26-Jun-2025 10:15:49 JST
LisPi
@GrapheneOS @BryanGreyson @kkarhan @fluffery @maumau That is somewhat sub-ideal. It leaves users to rot should the manufacturer drop support or otherwise cease to exist.
I would hope that facilitating the use of custom keys would be normalized. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 26-Jun-2025 08:54:57 JST
LisPi
@dalias @me This makes me curious just what contractual terms Github operates under. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 26-Jun-2025 06:00:00 JST
LisPi
@dalias That is not the kind of research I regard as legitimate or fundamental to the domain.
"Let's take neural nets and make them bigger" without any meaningful modification is not a category I care for. I do have some interest in "let's take this thing that usually/once has/had ridiculous requirements and make it run on an old i3 CPU without impacting system performance overmuch", though.
Fundamental research should indeed very much concern itself with semantic correctness of the information and its processing. That is pretty much the antithesis of the currently popular nonsense. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 26-Jun-2025 05:37:37 JST
LisPi
@dalias I don't think this should apply to legitimate fundamental research (that doesn't just throw more compute at it and call it a day) or implementation of proper expert systems.
Of course that's a minority, scammers have always outnumbered researchers by orders of magnitude. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Tuesday, 24-Jun-2025 11:32:52 JST
LisPi
@dalias @b_rain @larsmb @foolishowl Social engineering (including propaganda and manipulation) wouldn't be an active field of research & effort if it didn't work.
Many people prefer to avert their attention rather than understand to mitigate what risk they can (unfortunately, some things work /even/ if one knows how they work and that they're being used). -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 20-Jun-2025 05:33:17 JST
LisPi
@anemone @mischievoustomato One would hope to put egg on the face of whatever administrator decided that was an acceptable state of affairs by publicly lambasting them with support from the microbiology or health department. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 19-Jun-2025 17:47:58 JST
LisPi
@nerthos @sun @Leyonhjelm @luckytran Assuming that's accurate, that is a much lesser likelihood than I expected on either account.
Blood transfusion one is a scary one. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 19-Jun-2025 16:54:47 JST
LisPi
@Leyonhjelm For one, my statement applies for *all* health matters. Not solely AIDS.
For second, there's nothing magical about "sodomites" that make them uniquely infectable by AIDS. So long as one is made of human meat, one is at risk.
@sun @luckytran -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 19-Jun-2025 15:23:12 JST
LisPi
@sun @luckytran There's quite a few countries already funding their own drug programs differently, and universities'.
Italy's army manufactures drugs for unprofitably rare diseases as well. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Thursday, 19-Jun-2025 15:18:20 JST
LisPi
@sun @luckytran Irrelevant, it is unethical to deprive people of health for the sake of money.
Consequently, it is unethical to fund the research through the sale of product, therefore an alternative means of funding should be sought out. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Wednesday, 18-Jun-2025 19:32:41 JST
LisPi
@soatok @alina There is zero need for PII, therefore it shouldn't ask for PII.
It's really not complicated. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Wednesday, 18-Jun-2025 01:42:42 JST
LisPi
@beyondmachines1 @Natanael_L On the upside it finally gets rid of some of the annoying part of SMS 2FA. The need to use SMS at all when it is plainly insecure.
Now they just need to improve further and remove SMS 2FA entirely. TOTP or nothing. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Tuesday, 17-Jun-2025 06:46:12 JST
LisPi
@dalias @navi @lanodan @rakoo And so if one used it to move an email thread one now has an inconsistent viwe of the thread across directories.
With individual fsync there would be /something/ of an ordered guarantee, but it would still have the issue of inconsistency.
Essentially, any thread-wise interaction requires grouping capability.
All GNU social JP content and data are available under the