@SecurityWriter @johnzajac Funny how that doesn't include the infosec 🤡s at hacker summer camp... 🙃
Notices by Rich Felker (dalias@hachyderm.io)
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Tuesday, 14-May-2024 06:38:53 JST Rich Felker -
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Tuesday, 14-May-2024 06:35:49 JST Rich Felker @robux4 @harrysintonen @mmu_man Usually it's not the code that's broken but the autoconf tests. They probe for existence of functions with snippets that are invalid C.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Sunday, 12-May-2024 21:31:37 JST Rich Felker @ariadne Real technical problems affecting a server handling 100k clients at once, not a web browser or chat client or word processor.
The "only use POSIX APIs" position is don't use gratuitously nonportable shit like epoll or io_uring when you have 5 file descriptors. Use it when you're IO-multiplexing-bound and writing different IO backends (including a portable one) is a worthwhile investment of development & maintenance effort.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Sunday, 12-May-2024 21:30:35 JST Rich Felker @ariadne @ska Funny, it works really well for ppl doing it right, and we've made gigantic progress in the past 13 years getting people to understand doing it right. I don't see any reason to surrender when you're moving forward steadily towards your goal.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Sunday, 12-May-2024 21:29:47 JST Rich Felker @ariadne The problem is that as soon as you have customer tickets, the issues behind the customer tickets suddenly look a lot more important than all the issues ordinary non-customer users face stemming out of the YAGNI violations from making customers happy...
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Sunday, 12-May-2024 21:28:08 JST Rich Felker @erincandescent @ariadne Yes. The big problem with the status quo is that, even if you only call dlclose on your own "module like" libs designed to be unloadable safely, they usually have deps on "normal" libs that aren't. But there are also issues with violating dtor order invariants, etc.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Sunday, 12-May-2024 21:28:07 JST Rich Felker @erincandescent @ariadne There are basically two reasons folks want dlclose to unload:
1 is always wrong: they're trying to make it act like a module instance and reset state, rather than having explicit state.
2 may be reasonable but it's rarely why they care: wanting to repeatedly load new versions of some code without leaking memory.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Tuesday, 07-May-2024 04:22:06 JST Rich Felker @Qyriad #!/bin/rm
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Monday, 06-May-2024 05:27:07 JST Rich Felker Somehow I got on a Biden mailing list that's spamming like 5 mails a day and... this suggests something 😈...
Purposefully get as many addresses as you can on it, and after random times, unsubscribe with angry messages about supporting genocide.
Completely independent of any actual plan you have for voting, but to fill their unsub metrics with "oh shit this is hurting us" data.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Monday, 06-May-2024 00:52:59 JST Rich Felker @markwaypoint @quixoticgeek Now add e-velomobile. Should be something like one 18650 per 2km of range needed, not even factoring in regenerative braking. Unlike garbage car-scale EVs, completely negligible battery mass.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Monday, 06-May-2024 00:52:57 JST Rich Felker @quixoticgeek @markwaypoint Yes, my post is about what our policy should be, not what will happen to you if you do it independently of that. But if you stick to speeds that are legal for ebikes, it should be okay already, no? You can always regen brake to avoid exceeding speed limit.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Monday, 06-May-2024 00:52:53 JST Rich Felker @quixoticgeek @markwaypoint If you're not physically capable of doing that, or if terrain makes it difficult, or ...
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Friday, 03-May-2024 08:03:44 JST Rich Felker @evan @neptune22222 @tomcoates But that identity is controlled by a third party (the instance). How do you intend to be able to use it in e2ee?
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Thursday, 02-May-2024 05:56:08 JST Rich Felker @gsuberland @djsundog @outie @mcc Yes! Even more important, ban them from vehicle headlights, including retroactively. No grandfathered exception for the monstrosities sold with them.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Monday, 29-Apr-2024 07:25:30 JST Rich Felker "Do you or anyone who will be using this PC need keyboard accessibility accommodations? Which ones? Would you like to activate them with hotkeys or only explicitly via Settings?" during system setup is how you do this right. Not silently turning these things on for everyone.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Monday, 29-Apr-2024 07:20:28 JST Rich Felker TIL holding shift for 8 seconds on Windows breaks your keyboard. 🤦
Putting shortcuts to enter obscure accessibility modes on random key actions is NOT how you make your system accessible. It makes it inaccessible to anyone who can't figure out how to exit wacky modes.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Sunday, 28-Apr-2024 23:06:43 JST Rich Felker Small drop-in JS someone should write folks can add to their sites: replace Amazon (or other) links with your affiliate links only if it detects browser side tracking features (referer, 3p js, etc.) are left enabled.
Not only does this respect the privacy of your readers; it keeps you from getting banned from affiliate program. I found out from someone using the program: If Amazon gets affiliate visits from visitors they can't track, they count them as shared-in-private and ban you.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Sunday, 28-Apr-2024 23:06:42 JST Rich Felker Conversely, if you want to help someone who has affiliate links and you use a decently privacy configured browser, don't click their links, or use an extension to strip affiliate info. Clicking won't make them money, it'll get them banned.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Thursday, 25-Apr-2024 20:44:01 JST Rich Felker @bagder @thejpster @unlambda I would assume it's just about not wanting to trust that a non malicious admin doesn't accidentally reconfigure the server, put it behind some.misconfigured CDN or DDoS protection service, etc.
-
Embed this notice
Rich Felker (dalias@hachyderm.io)'s status on Thursday, 25-Apr-2024 20:44:00 JST Rich Felker @bagder @thejpster @unlambda Lots of "trust" people disregard is trusting well-meaning ppl not to slip up and expose you to bad actors. It's not just a matter of whether you trust them not to be evil themselves. I usually frame things this way when explaining to someone why I can't just trust their service because it avoids questioning their integrity.