Fedora

This… exists? This is horrible.

There is nothing more permanent than a temporary solution.

Your IP address is not worth their storage costs.

This is a huge win for piracy. You can’t image how many kids these days don’t know about piracy. They share account passwords, and split the costs to stream legally, up until the password sharing crackdown. Now, imagine what would happen if you inform them that these evil pirates get everything for free, without geo-blocking, without multiple services to get everything you want, and even pre-release. And inform them to be careful about malware. Man, they gonna research piracy and how to avoid malware in their free time and enjoy piracy to the fullest. Rights Alliance trains the new generation of pirates in Denmark.

Meh, I prefer to call it trash. What’s the point of a backlog nobody works on, and so hopelessly irrelevant that the issues themselves may no longer exist or are otherwise outdated?

Yet the solution is so simple. Let the them spend 20 – 35 % of their paid time on backlog. Let them refactor the architecture. Let them improve the code base. You know, that thing the Lean book talks about, the part that everyone overlooks, the part so critical yet so often overlooked that others wrote books that ride that one aspect home. Oh, unless you want them to spend overtime on a production problem whose root cause a scrum master added to the backlog 5 years prior to the incident, of course. Oh, unless you want them to give you one year estimates for changes as simple as translation changes 'cause the architecture is so ass-backwards and never improved upon that everything depends on everything and everything breaks with one simple change. And who needs tests, right? Waste of time and money! Just live in fear that one change can break the entire software, like a real man.

That seems rather unreasonable.

I’m not too familiar with Spring, so excuse my ignorance, but could you sell Spring Cloud ✨ to management? If I understood the docs correctly, Spring Cloud requires Springboot 3, so you can migrate to Springboot 3 while management can claim that your monolith is very cloud. Or is this a “dump it in ec2 and claim it’s cloud” situation?

I know, I know. But nobody made a news reader for BIOS/UEFI yet, so…

Built-in Emacs news reader Gnus for desktop, obviously. I don’t use Usenet on mobile, so idk.

alt.religion.emacs

Join us 👀

Lemmy is lawless. Anarchy ⚔️

Self-Host Gang. Instances with whitelist mode suck tho.

They use discord to announce these changes? Wtf?

The publishers have called the Archive’s program a front for mass copyright infringement.

Digital libraries are a front for mass copyright infringement, according to the publishers :)

But for real, what’s the difference between a digital library that artificially limits the amount of books they lend out to the amount of books they scan and a traditional library? I can go to my local library right now, take a book home, photocopy the book at home, and return the book to the library. Not as high quality as a digital copy, but still.

Armchair activism

You’re SOL if you’re a spear phishing target. But otherwise?

Also looking bad… Frankly, AVs must fulfill an impossible purpose, and they’re horrible at it. If you ask any AV dev how to bypass their AV at a conference, they can give you a magic file size above which their AV gives up. Don’t wanna tank the performance of your computer, let’s pray that that chunky file is safe. Guess why malware devs deliver their malware in a compressed archive with a suspiciously good compression rate.

Many AV vendors spend a disproportionate amount of time on detection of public toolkits, such as Metasploit. But they suck at detecting everything else, literally. If it’s private, they don’t detect it for a long time. Malware devs have been using the same techniques to evade AVs over and over again, yet they can’t figure out a way to block it. Even if I rig the odds in AVs favor by uploading shit to VirusTotal, only one thinks that my malware with Metasploit payload is malicious, months after the upload.

Now in fairness, VirusTotal only does static analysis. Sucks for AVs that you can call arbitrary, legit functions between malicious ones to confuse the behavioral analysis. Or wait a minute or two for the analysis to give up. Or embed malicious code into legit applications. Or hell, go wild with Java or other more exotic interpreter languages as most AVs don’t check for them at all. Or… hear me out… abuse legit apps for illegitimate purposes! If you’ve got AnyDesk, force it to give the attackers unattended access to your computer.

Thank you for your time, and I hope your trust in AVs is forever shaken. As it should be.

A few streaming services like the long gone kino.to pretend to upload videos on 3rd-party websites, but they host everything themselves to earn the entire ad revenue instead of only a portion of it.

The accounting department loves you. I’m sure the government will bow down to your demands, respect your security concerns, and adopt a more secure approach swiftly.

If you must deal with an organization that doesn’t give a shit about security, then you’re SOL. We live in the real world. If you don’t submit the government forms how they want you to, they shrug and fine the shit out of you. They couldn’t care less about the security risks their workflow poses on you.

You can mitigate the risks, but you never have absolute control. While Acrobat poses a security risk, not having Acrobat poses a business risk.

Basically https://github.com/zloirock/core-js runs the majority of the web, yet no one gives a shit about the single person that maintains the library for free, and is also stuck in Russia. Guy is perhaps the most experienced JavaScript developer alive, ensuring that you can use new features consistently across all browsers. The library requires constant maintenance, so dependents such as babel.js, who rely on core-js for core functionality, are dead when he decides to drop it. TC39 ignores him, even though people from babel get a say, even though babel is essentially a fancy wrapper around core-js. Being a maintainer truly is a thankless job.