Ken Livingston (back when he was mayor) famously referred to the US Ambassador as a “chiselling little crook” for the continued nonpayment of fines (I think it was in the millions even then).
Once the water companies were privatised, they took out massive loans and performed no maintenance. The loans were purely to pay shareholder dividends. Now they’re loaded down with debt.
Atop this, that crumbling infrastructure can’t handle the increased water flow that’s due to rainfall increases. So there’s been a general trend of dumping raw sewage into rivers (the fines are cheaper op ex than the capex needed to fix the situation).
Not to throw shade, just wishing that somebody here can understand. Whenever an input is reasonably long, an analyzing function will crash, and this PR aims to fix that with a mechanism that contradicts the maintainer's understanding while a similar C implementation does not need this fix. Clearly, the maintainer has not heard a...
Incidentally, this kind of passive-aggressive pressure is the kind of thing that might be considered a legitimate security threat, post xz. If you need to vent, vent in private. If “it works for you” but the maintainer is asking legitimate questions about the implementation, consider engaging with that in good faith and evaluating their questions with an open mind.
After listening to this highly informative talk, I switched my message alert sound to Adam’s exasperated sigh, adeptly showcased throughout the talk. 🤌🏽
This is some appalling pedagogy, possibly summarised during the questions: “I haven’t used this enough to have a concrete opinion on whether you should use it.”
All examples were presented too fast, beginning with a solution, but without introducing the problem they were intended to solve. It wasn’t even clear after they were presented what they solved.
IdentityT is a terrible choice because it adds absolutely nothing; that it can be defined is theoretically interesting, but doesn’t answer the novice’s question: since it does nothing, why would I care about it?
Using terminology like “lift” as though the audience were familiar with it, before eventually saying “ah-ha! This is lift!” doesn’t supply any motivation.
The whole thing seemed self-congratulatory; if there’s a reason people seem “easily confused” the fault lies with the presentation of the material.
The issue with this is the same as with the mayoral system. The next tine the Tories get a turn, they replace it with FPTP and claim it’s “more democratic”.
The test case purported to be bad data, which you presumably want to test the correct behaviour of your dearchiver against.
Nothing this did looks to involve memory safety. It uses features like ifunc to hook behaviour.
The notion of reproducible CI is interesting, but there’s nothing preventing this setup from repeatedly producing the same output in (say) a debian package build environment.
There are many signatures here that look “obvious” with hindsight, but ultimately this comes down to establishing trust. Technical sophistication aside, this was a very successful attack against that teust foundation.
It’s definitely the case that the stack of C tooling for builds (CMakeLists.txt, autotools) makes obfuscating content easier. You might point at modern build tooling like cargo as an alternative - however, build.rs and proc macros are not typically sandboxed at present. I think it’d be possible to replicate the effects of this attack using that tooling.
Title. Long,short story: creating or editing files with nano as my non-root user gives (the file) elevated privileges, like I have ran it w/ sudo or as root. And the (only) “security hole” that I can think of is a nextdns docker container running as root. That aside, its very “overkill” security-wise (cap_drop=ALL,...
What are the permissions on the directory? What is command are you running to edit the file? What command are you running to delete it? (Have you got selinux turned on? What filesystem is this directory on?)
Came here to say the same thing. The git book is an afternoon’s reading. It’s well worth the time - even if you think you know git.
People complain about the UX of the cli tool (perhaps rightly) but it’s honestly little different from the rest of the unix cli experience: ad hoc, arbitrary, inconsistent.
What’s important is a solid mental model and the vocabulary of primitive and compound operations built with it. How you spell it in the cli is just a thing you learn as you go.
It’s all the files. Content-addreasable storage means that they might not take up any more space. Smart checkout means they might not require disk operations. But it’s the whole tree.
London: Diplomats owe more than £143m in congestion charges - BBC News (www.bbc.co.uk)
One rule for them and all that
Thames Water makes bid to lift bills by up to 44% - BBC News (www.bbc.co.uk)
Pretty critical PR for rust-msi is getting held up because the maintainer understands the intent but not why this works (github.com)
Not to throw shade, just wishing that somebody here can understand. Whenever an input is reasonably long, an analyzing function will crash, and this PR aims to fix that with a mechanism that contradicts the maintainer's understanding while a similar C implementation does not need this fix. Clearly, the maintainer has not heard a...
Adam McCullough - Monad Transformers for the Easily Confused - LambdaConf ‘18 (youtu.be)
After listening to this highly informative talk, I switched my message alert sound to Adam’s exasperated sigh, adeptly showcased throughout the talk. 🤌🏽
"Clean" Code, Horrible Performance in Rust (chrs.dev)
To those with 2+ monitors on your machine: What's your use case, and how much does it actually boost your productivity? (lemmy.world)
I’m mainly curious about software developers here, or anyone else whose computer is somewhat central to their life, be it professional or hobbyist....
Labour could axe all hereditary peers from House of Lords, reports suggest (www.standard.co.uk)
Labour plans to axe all hereditary peers from the House of Lords, reports have suggested....
The Xz Backdoor Highlights the Vulnerability of Open Source Software—and Its Strengths (www.404media.co)
xz backdoor...
jendrikseipp/vulture: Find dead Python code (github.com)
The repo also links to some similar tools, like coveragepy, uncalled, and dead.
Have you ever been to a movie so terrible that you saw people leaving the theater? Which one was it? (lemmy.world)
Non-root user that (suddenly) has elevated privileges in a specific command (only). [Have I been hacked?]
Title. Long,short story: creating or editing files with nano as my non-root user gives (the file) elevated privileges, like I have ran it w/ sudo or as root. And the (only) “security hole” that I can think of is a nextdns docker container running as root. That aside, its very “overkill” security-wise (cap_drop=ALL,...
Why Git is hard (roadrunnertwice.dreamwidth.org)
Probably a stupid question, but will we ever have something like a microwave to make things cold? Is there a reason this can't exist? (lemmy.dbzer0.com)