@kritikaPensulo@ieji.de
@kritikaPensulo@ieji.de avatar

kritikaPensulo

@kritikaPensulo@ieji.de

This profile is from a federated server and may be incomplete. Browse more on the original instance.

kritikaPensulo, to ai
@kritikaPensulo@ieji.de avatar

I see a potential new anti- hobby emerging: trick corporate chatbots to generate misinfo customers can profit from, then hold it accountable.

https://arstechnica.com/tech-policy/2024/02/air-canada-must-honor-refund-policy-invented-by-airlines-chatbot/

strypey, to showerthoughts

: A graphical desktop needs to be an app, with updates managed separately from the underlying OS (kernel+userland). It would be a meta-app, inside which other apps run. We have created such apps, they're called web browsers. But they require a desktop to run on, and their security is appalling, regularly giving malicious code access to the underlying OS.

Could we replace both desktop and browser with a graphical meta-app that runs real programs in isolation from the base OS?

kritikaPensulo,
@kritikaPensulo@ieji.de avatar

@strypey The threat is unclear to me. In the 90s I recall a prof expressing enthusiasm about because it was designed specifically to barricade the app from the OS and underlying resources.

An obscure corner-case attack was discovered a few years ago where malicious JS was able to grab arbitrary chunks of memory. But it was an extremely clever exploit leveraging a bizarre hardware phenomenin, not something the language readily accommodates.

kritikaPensulo,
@kritikaPensulo@ieji.de avatar

@strypey Interesting info. I’ll have to look it over closer later, but FWIW I use to run distrusted apps. So that might be worth a look. Firejail includes profiles for Firefox.

kritikaPensulo,
@kritikaPensulo@ieji.de avatar

@strypey I’ve not yet taken the time to study or fiddle with docker. But abstractly I think FireJail’s sandbox is similar. But I’m not sure if docker gives refined control over all the i/o that fj does. If an app should not be accessing the network, you can do “--net=none”. You can constrain the bandwidth as well. I use it to force an app over Tor, which is otherwise impossible AFAIK. E.g. apps can bypass torsocks.

kritikaPensulo,
@kritikaPensulo@ieji.de avatar

@strypey I guess I should also mention forcing apps over tor is not a typical use of FireJail. A complex setup is needed to create a virtual network device. Say you create vn0. You can then use the parameter “--net=vn0” to force all traffic over vn0.

strypey, (edited ) to fediverse

Anyone who was worried about the political views of the Lemmy core devs;

"The Lemmy devs have welcomed many new contributors on GitHub, demonstrating a highly collaborative disposition."

"lemmy.ml, the canonical instance run by the Lemmy core devs, has become more diverse and less extreme on the fringes."

"I'm happy to report that a soft-forking initiative seems completely unwarranted at this time."

@erlend

https://blog.erlend.sh/transitioning-r-rust-to-the-threadiverse

kritikaPensulo,
@kritikaPensulo@ieji.de avatar

@strypey
Their extreme political views were a red flag but that’s not the real problem. It’s their extremely controlling moderation style that’s a problem. Worse than Reddit they way they rampantly delete absolutely civil content by those without extreme views. And then how they delete mod logs to cover up their moderation acts. It’s despicable. It’s not the sort of thing you could reasonably expect them to change.

The good recent change is there are now many nutter-free instances.
@erlend

mikey, to random
@mikey@neovibe.app avatar

The is really going through some growing pains right now. Not only on the social front but in terms of development also.

Out of the 2 major projects, one has horrible mod tools and the other is still in beta with its own set of problems.

It is going to take a while before these 2 projects can really shine.

kritikaPensulo,
@kritikaPensulo@ieji.de avatar

@mikey Indeed the is a bit of an embarrassment (for lack of a better term).

has had yrs to improve & they still have fairly serious bugs like losing a whole msg if you click a button that intuitively should be clickable while composing. Kbin is a disaster out of the gate with copious chronic internal server error 500s that plague the system.

I must say I blame the web-based clients. They are just a shitty foundation relying on crappy .

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • kavyap
  • DreamBathrooms
  • tacticalgear
  • magazineikmin
  • khanakhh
  • everett
  • Youngstown
  • mdbf
  • slotface
  • rosin
  • ethstaker
  • InstantRegret
  • thenastyranch
  • JUstTest
  • ngwrru68w68
  • cisconetworking
  • cubers
  • osvaldo12
  • modclub
  • GTA5RPClips
  • tester
  • Durango
  • provamag3
  • anitta
  • Leos
  • normalnudes
  • lostlight
  • All magazines
    •