Notices by LisPi (lispi314@mastodon.top), page 5

@coolbeans @animeirl @Mondobizarrro @condret I guess I must have had a *lot* more knockoffs than I thought.

@animeirl @condret @Mondobizarrro I'm somewhat skeptical Lego has anywhere near that fussy tolerances.

@a1ba @lanodan I've heard someone suggest CNAME-ing to redirect to feds.

Might not be a good idea but it was a funny read.

@emilygorcenski Not sure I understand. You mean stegography/shorthand?

@kaia Do most people have more than one phone?

But also, LEO had it, device is compromised. Just use the remote-wipeout feature.

@lanodan @chjara Perso, je ne suis pas vraiment fan. Le lien "électronique" et "courrier" est moins qu'évident. Même postélec aurait été mieux.

@Suiseiseki
Eh, that'd be obnoxious but... I could live with that.

I wouldn't be worrying about when finally one exploit will break the chips sufficiently that even without hyperthreading I'm vulnerable.
> attacks seem to only be a problem if you're running proprietary malware on your computer - if you don't do that, you're pretty safe.
That's really only true if no software you use has RCE vulnerabilities (a rather tall order to ensure).

(Malicious Free Software is rare but also exists.)

@Suiseiseki Honestly at this point I think we should seriously consider whether the performance improvement is really worth the constant security & correctness issues.

That latter paragraph sounds interesting but I lack the knowledge to really have any meaningful opinion on it.

Not particularly knowledgeable in #hardware matters, but why are we using the seemingly extremely brittle branch-prediction instead of delay slots which seem not to have those issues?

#computers #computing

@a13cui @chjara @lanodan Yeah, that's the Boost experience.

Funniest shit when the resulting binary is <5MB.

@stevecheckoway @RuthFlaherty @edutooters @cstross That poses some interesting questions about the validity of invitations and consent.

When one starts abusing those mechanics much at all, the validity of any consent given under it is at least as suspect as that given by someone drugged prior.

@clacke @mjg59 @dalias @LunaDragofelis It can work, but it requires explicit consideration of the security & trust boundaries.

Much the same reason why hyperthreading can be considered safe if you've set the hypervisor to only schedule threads from the same VM on shared cores and that you consider individual VMs to be the trust boundaries. Then, even with all known exploitation methods available, no breach of the trust boundary happens.

@clacke @brewsterkahle @spamvictim > digital lending is a potential threat to their business
"That's quite unfortunate but I don't see how your choice of a failed business model is society's problem."

@dalias @LunaDragofelis @mjg59 Eh, used workstations can provide those specs for relatively acceptable prices.

Not impressed by the sheer scale of the inefficiency anyhow though.

@jeffcliff @Suiseiseki I'd think that references the management engines (ayyy minix forks) rather.

And outside of painfully expensive whitebox hardware like the Talos II, it's true that modern workstations & computers generally won't run without proprietary software.

@lanodan @chjara Proprietary, mostly out of what I suspect to be hierarchical compromise.

https://www.gnu.org/proprietary/malware-appliances.html This page makes no requirement of proprietary software (or software at all going by the reprogrammable check and several of the entries having no software per the check) and according to the listing at the top is within a root about /malware .

Presumably Stallman & the rest of GNU find the notion of full permutation generation of such roots into URIs gnarly.

@lanodan @chjara That'd still fit under the malware listings though.

The malware listing root on gnu.org (https://www.gnu.org/proprietary/proprietary.html) does quite plainly state "Software designed to function in a way that mistreats the user is called malware.".

@erincandescent @rysertio @lanodan @tek > only for it to promptly be seized because their counterparty was a fraudster and the funds were a proceed of crime (that they just helped money launder)
Isn't that mainly a problem for those that provide no anonymization whatsoever (which yes is most of them save for like... 3 privacy coins)?

@screwtape @technotramp I'm not particularly fond of web3 as a term as it is largely associated with grifting.

Distributed p2p technologies outright predate widespread adoption of web1.0, so naming a web version for that (while having little to do with the web) seems a bit weird.

As for Javascript, the main issue is that it is typically used to run arbitrary proprietary code in one's browser, and additionally that its presence in the browser makes compartmentalization harder than it should be.

@kaia @mia More money than sense is what it communicates to me, rather than any sense of surprise (nevermind amazement or anything more).

Those trucks are basically worse than vans in most ways that matter.