migratory

migratory, 13 days ago to random Spanish

@halide what's the private-use area unicode codepoint in your bio mean? U+F8FF

pootriarch, 14 days ago to random

i was feeling mh- and found myself listening to les misérables, which doesn't help. so i switched to donna summer. but macarthur park is next and i may need a new plan

pootriarch, 16 days ago to random

left field, any recommendations for spanish pop singers? i have a lot of spanish-language singers, but they're almost all mexican (many telenovela stars but i digress). planning to go to spain in the fall and would like to have a little material for osmosis. only actual spanish artist i have is soraya. for reference, mexican singers in library include belinda, maite perroni, danna paola, alicia villarreal, dulce maría, sofía reyes. (i never claimed to be anything but basic)

whitequark, 18 days ago to random

next time we rent a place i should just ask my headmate to deal with the landlord. she doesn't get panic attacks triggered by "email"

migratory, 25 days ago to linux Spanish

filesystem defenders act like it's natural for a computer to have a filesystem. meanwhile filesystem implementors are hard at work convincing me that not only is a filesystem a bad idea, it's also virtually impossible to implement any nontrivial optimizations in one without catastrophic data loss bugs

#zfs #btrfs #linux

migratory, 27 days ago to bluesky Spanish

I clicked a #bluesky toot or whatever they're called and it turns out they've implemented the most critical twitter feature: in-page loading spinners that make you wait several seconds for no fucking reason before you can read less than a kilobyte of text

bugaevc, 1 month ago to random

New display name, let's see how long this one lasts :D

pervognsen, 1 month ago to random

For du-style recursive disk usage reporting, is there an accepted way that programs (and people) assign "blame" when you have aliasing through multiple hardlinks, bind mounts, the same device mounted multiple times, etc.

migratory, 1 month ago to random Spanish

every time I see a flipper zero I'm surprised that it doesn't have a meat thermometer probe even though that would be an unambiguously gross feature to have. my subconscious just thinks all objects shaped like that are meat thermometers

migratory, 1 month ago to random Spanish

every time I post I feel like "masto is not ready for this toot but it will grow by seeing it"

tef, 2 months ago to random

having trouble coming up with a good name for a rpc/remote filesystem that hasn't already been used a hundred times over

again

whitequark, 2 months ago (edited 2 months ago) to random

what does "woem" mean

... oh, "meow"

migratory, 2 months ago to random Spanish

neti pot espresso. is this anything

gfxstrand, 3 months ago to random

Ugh... dnf system-upgrade destroyed yet another @fedora Arm install...

When are we going to get this working to the point where Arm boards actually work? 😩

(In particular, I have a raspberry pi 4 which I was trying to update from f38 to f39.)

gedeonm, 4 months ago to random

In retrospect, this is where things all started to go to crap.

kernellogger, 5 months ago to linux

Annoyed by having to put #sudo in front on #dmesg[1]?

Then use this instead[2]:

$ journalctl -k

It should work if the user executing this is a member of the groups "systemd-journal", "adm", or "wheel".

[1] which is the case if CONFIG_SECURITY_DMESG_RESTRICT is turned on in your #Linux #kernel's .config – which #Fedora recently switched on, something many other distros did already a while ago.

[2] works for the common case, for some fancier stuff you might still need dmesg #LinuxKernel

dangoodin, 6 months ago to random

Despite more than a decade of reminding, prodding, and downright nagging, a surprising number of developers still can’t bring themselves to keep their code free of credentials that provide the keys to their kingdoms to anyone who takes the time to look for them.

The lapse stems from immature coding practices in which developers embed cryptographic keys, security tokens, passwords, and other forms of credentials directly into the source code they write. The credentials make it easy for the underlying program to access databases or cloud services necessary for it to work as intended. I published one such PSA in 2013 after discovering simple searches that turned up dozens of accounts that appeared to expose credentials securing computer-to-server SSH accounts. One of the credentials appeared to grant access to an account on Chromium.org, the repository that stores the source code for Google's open source browser.

In 2015, Uber learned the hard way just how damaging the practice can be. One or more developers for the ride service had embedded a unique security key into code and then shared that code on a public GitHub page. Hackers then copied the key and used it to access an internal Uber database and, from there, steal sensitive data belonging to 50,000 Uber drivers.

Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000 projects submitted to PyPI, the official code repository for the Python programming language. Nearly 3,000 projects contained at least one unique secret. Many secrets were leaked more than once, bringing the total number of exposed secrets to almost 57,000.

The credentials exposed provided access to a range of resources, including Microsoft Active Directory servers that provision and manage accounts in enterprise networks, OAuth servers allowing single sign-on, SSH servers, and third-party services for customer communications and cryptocurrencies.

There are no good reasons to expose credentials in code. The report said the most common cause is by accident.

“In the course of outreach for this project, we discovered at least 15 incidents where the publisher was unaware they had made their project public,” the authors wrote. “Without naming any names, we did want to mention some of these were from very large companies that have robust security teams. Accidents can happen to anyone.”

https://arstechnica.com/security/2023/11/developers-cant-seem-to-stop-exposing-credentials-in-publicly-accessible-code/

migratory, 7 months ago to random

society if Firefox moved their "adding new crap to the toolbar" budget to making the browser run faster and use less RAM

migratory, 7 months ago to random

migratory, 7 months ago to random

@vriska

foone, 7 months ago to random

Imagine an alternate universe where USB instead used NEMA L21 twist lock plugs

ryanc, 8 months ago to random

It would be nice if we could get this to £69k. Less than £500 needed!

https://www.crowdjustice.com/case/non-binary-recognition/

SecureOwl, 8 months ago to random

September 24th, 2023: a group of engineers troubleshoot Kubernetes