Notices by LisPi (lispi314@udongein.xyz), page 3
-
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 20-Sep-2024 08:09:16 JST 
LisPi
One unpleasant aspect with homomorphic encryption is that it's certain it will be used by proprietary malware when practical. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 20-Sep-2024 05:31:02 JST
LisPi
@lewdthewides @freon I have no idea what Nintendo could have *patented* for a game that was reused/replicated by Palworld that will not be found trivial and obvious to any game programmer. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Tuesday, 17-Sep-2024 18:15:49 JST
LisPi
@lanodan @sc_griffith No, it's a good stance.
Spurrious dependencies are not desirable and everything should accommodate a build-from-scratch manually with manually-managed depedencies approach.
Not only because it avoids a lot of bullshit, but it is also very helpful when packaging the resulting software for some distro or another. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Tuesday, 17-Sep-2024 09:17:15 JST
LisPi
@ami_angelwings @yassie_j @mmasnick Some of the most prolific media, namly Touhou doujin & fan content, is so prolific because of lax or no copyright enforcement.
One wonders why⸮ -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Monday, 16-Sep-2024 11:18:35 JST
LisPi
@allison @lewdthewides Guix doesn't do bad for documentation.
The code is also a lot more readable. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 13-Sep-2024 18:12:37 JST
LisPi
KEYGEN CHURCH 💜 -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Wednesday, 11-Sep-2024 18:18:15 JST
LisPi
@a1ba Probably should at some point.
Doesn't Fate/Extra require an expensive magical box to play though? -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Sunday, 08-Sep-2024 15:33:21 JST
LisPi
@Suiseiseki @j No, VMs still make sense for on-site hosting.
Current OSes are garbage at privilege separation & isolation, so VMs are necessary for that at minimum. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Sunday, 08-Sep-2024 12:22:40 JST
LisPi
@allison @ezio I'd never even heard of those before, neat. Will have to look that up. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Sunday, 08-Sep-2024 12:11:31 JST
LisPi
@allison @ezio In this particular case, not dangerous to expose to the network, with useful authentication and with non-broken encryption.
For NFS those two last parts require Kerberos and the first remains broken, afaik. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Sunday, 08-Sep-2024 07:39:53 JST
LisPi
@ezio There is basically no safe networked filesystem and it's ridiculous.
(I don't know if 9p is fine, actually.) -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Saturday, 07-Sep-2024 11:37:22 JST
LisPi
@allison Yeah. It's easier not to eat much. And then one wonders about the unexpected tiredness caffeine can't shake.
Last meal? Most of a day ago? Oops. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Monday, 02-Sep-2024 10:08:57 JST
LisPi
@mekkaokereke > It exists because voters elect people that put ticket and arrest quotas on cops.
What kind of idiot doesn't immediately realize that's a perverse incentive and a metric to be instantly gamed?
Why are the voters so incapable of considering even just the direct consequences of what they ask for? -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Monday, 02-Sep-2024 08:11:29 JST
LisPi
The game. We have lost the game. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 30-Aug-2024 21:37:14 JST
LisPi
@iska Literally why? Even if you implemented the decoder in Bash it would still be the storage that ends up as the bottleneck unless you're rich and buying enterprise SSDs for mass storage (ridiculous).
A few of Common Lisp implementations are essentially interpreted, too.
Python is notable in this case because it's "common-enough it's basically litter lying discarded on the ground".
Pure CL implementations of common compressed archive formats actually seem to be lagging behind. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 30-Aug-2024 19:46:40 JST
LisPi
Seeing discussions worrying about maliciouss zip files is just sad.
Why do users even tolerate that?
It's not as if there aren't implementations of the majority of common compression formats in other safer languages (notably in pure Python). Oh sure, slower than C, but realistically the storage is going to be the bottleneck anwyay so it doesn't matter. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 30-Aug-2024 05:00:22 JST
LisPi
@lanodan @mia @phnt > Also I think you're thinking about human users, very different kind of concern, personally only very few people could ever get shell access to my machines, even a "restricted" kind.
By user I meant a self-aware entity using a computer system.
I did not mean the flawed abstraction that is presented by abstracted multiuser systems.
That should just be done away with, since abstracted multiuser systems are designed for the case of multiple self-aware users (with all the security tradeoffs inherent in this).
> Linux doesn't have proper capabilities, well except the ones that nearly made it into POSIX and are so deeply flawed it's not even funny as like half of them trivially allow to gain root privileges.
Indeed, Linux is a mess. -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 30-Aug-2024 04:33:29 JST
LisPi
@lanodan @mia @phnt If your setup requires you not to trust the user, you shouldn't give the user access to things to start with.
They should be assumed to have control over their endpoints (and truly should have it too).
Possession of the hardware breaks essentially all the security guarantees you might otherwise have, anyway.
(Yes, multi-user systems are fundamentally problematic as far as security goes. Hardware vulnerabilities mean no amount of formal proofing & verification of the system suffices.)
Programs should be limited by capabilities (so should their addressing, they should have no access to raw memory), and users should be able to grant them as necessary. Due to the hardware vulnerability problem still existing, this whitelist approach /still/ means the user has to make sure the programs they use are not malicious because otherwise all the other security properties of the system may be defeated by the first convenient hardware vulnerability to be found & exploited (yes, this is antithetical to blackboxes, proprietary or otherwise). -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 30-Aug-2024 04:09:13 JST
LisPi
@lanodan @mia @phnt They allow/support user-level/per-user packages? -
Embed this notice
LisPi (lispi314@udongein.xyz)'s status on Friday, 30-Aug-2024 04:03:39 JST
LisPi
@lanodan @mia @phnt Ah, I've used usersite to handle dependencies I want in some qubes but not in the template (which removes the global installation option).
The other option would be Guix/Nix.
All GNU social JP content and data are available under the