People like me keep buying more F-91Ws when the old ones break or get lost
What's the deal with the Google ad that shows a legit URL but takes users to another? That seems like the biggest issue here and the article just rolls past it like that's totally normal.
The following summary from Debian's security list:
> The Qualys Threat Research Unit (TRU) discovered that OpenSSH, an implementation of the SSH protocol suite, is prone to a signal handler race condition. If a client does not authenticate within LoginGraceTime seconds (120 by default), then sshd's SIGALRM handler is called asynchronously and calls various functions that are not async-signal-safe. A remote unauthenticated attacker can take advantage of this flaw to execute arbitrary code with root privileges. This flaw affects sshd in its default configuration.
Martin Kleppmann sets out a vision: "In local-first software, the availability of another computer should never prevent you from working."
He describes the evolution of how to classify local-first software, how it differs from offline-first, and proposes a bold future where data sync servers are a commodity working in tandem with peer-to-peer sync, freeing both developers and users from lock-in concerns.
It's convenient until you want to upgrade the distro.
JetBrains warned customers to patch a critical vulnerability that impacts users of its IntelliJ integrated development environment (IDE) apps and exposes GitHub access tokens.
Bringing the great successes of financial engineering to Rust.
A new microarchitectural side-channel attack exploiting data memory-dependent prefetchers in Apple silicons.
On Wednesday, the KDE team warned Linux users to exercise "extreme caution" when installing global themes, even from the official KDE Store, because these themes run arbitrary code on devices to customize the desktop's appearance.
If you can write correct C++ you'll be able to write Rust code that compiles first time. Don't stress, you're learning the good stuff.
I probably wouldn't bother. I can think of two scenarios you might get spied on.
- Through your browser you've granted a website access to your webcam (Zoom etc.) and left a tab open. Maybe it could activate it when you weren't expecting?
- Someone has used a vulnerability to take control of your computer to the degree it can access your webcam directly. Desktop linux software doesn't usually have meaningful isolation between software running as the same user, so at this point they can grab all your data, passwords, take screenshots, etc. and the webcam is just the cherry on top.
I expect most people don't do (1) very often, let alone for sketchy websites, so IMO it doesn't make much difference either way.
The odd numbered versions of PLAN have always been buggy and unpopular and I think Bell Labs is using their monopoly to push everybody to update to PLAN 9 even if they need a new computer with a third mouse button. What is your favourite PLAN?
This is one scenario I proposed when we were last having this discussion: https://thomask.sdf.org/blog/2023/07/07/if-i-was-meta-and-wanted-to-make-fedi-implode.html
N=1 but outbound federation just worked for me in a post. It seems some work was done just recently including an upgrade to -rc.8.
My goal in this article is to inform technical communities of the research presented at the LIMITS conference, and to invite those who work at the intersection of sustainable technology and climate justice to join RIPE and the IETF.
It's best not to think of SDF admins in binary terms like "present" or "absent". They are an undulating force which makes changes here and there and we're all along for the ride.
*A formerly chill laid back community up until someone posted it on Lemmy 😀
I was comparing frozen diced veggies a couple of years back (in Australia) and noticed that the store-brand version was approximately 1/3 broccoli stems by volume, which certainly explained the cost difference.
That is the discussion. Microsoft is pretending by making it the upgrade path for two products which actually are local, and hoping users won't notice.
Honestly I'm glad they highlighted the telemetry. I went through the local report about what's included and while it's not an upsetting level of detail, it's more comprehensive than I would have opted in to if asked.
Still, as sibling points out it's in a completely different league from slurping up your IMAP creds, something which has always been local-only data. This is the second time I know of recently where MS has trampled on this kind of local-only expectation - the other was Edge defaulting to sending the contents of textboxes you're filling out on webpages to the MS cloud for spelling and grammar checks. Thunderbird is still a sound recommendation, and unlike Microsoft, I trust that if I uncheck the telemetry box they're not going to try to get me some other way.
Nothing in tech stands still. If you want a glimpse of a possible alternative future check out Pijul. And I don't know an example off-hand but the idea of doing version control on ASTs of program code rather than flat text is an interesting concept that hasn't taken off yet.
I’d rather go to the local library and ask the clerk for a search term
Sounds kind of relaxing tbh
You're putting yourself in a tough position by asking for both E2EE and the ability to use from a browser. You have to trust the web app each time you open the page, and hope that they haven't altered the deal to simply grab your data after it's been decrypted by your password. I have no idea how likely it is that Standard Notes would do that but I'd reconsider the browser requirement specifically if E2EE is non-negotiable for you - an offline open source client program would be a much stronger position.
For my money, I use local text files and SyncThing but it's probably not spiffy enough for many people/purposes.