Email or username:

Password:

Forgot your password?
20 posts total
Show previous comments
least hated techsis
@cadey i've read this and have an edit suggestion

> This post contains massive spoilers for Neon Genesis Evangelion, The End of Evangelion, and the four part revival Evangelion movies.

i don't think there are spoilers for the revival/rebuild movies in the overall text, could edit that for the readers that haven't finished the movies yet lol
@cadey i've read this and have an edit suggestion

> This post contains massive spoilers for Neon Genesis Evangelion, The End of Evangelion, and the four part revival Evangelion movies.
Litchi Pi

@cadey Is there a TL;DR of the drama somewhere ?
I'm a heavy NixOS user, and didn't understand what the drama is (and so why the post from Eelco is problematic)

Thanks for your articles, your dedication, I silently follow your blog with pleasure 😊

Noodlez :nixos: :neovim:

@cadey I feel like there's not enough context on what the "drama" is. Is it that people feel that Determinate Systems is singlehandedly moderating and controlling Nix? Is it that the moderation is inadequate? Is it that moderation isn't done by a central commitee or team? Is it all of the above?

Xe :verified:

liblzma and xz version 5.6.0 and 5.6.1 are vulnerable to arbitrary code execution compromise

xeiaso.net/notes/2024/xz-vuln/

rugk [7845]

Kinda important side-fact on the #xz story:

The #xz fiasco could have been prevented if #openssh just included/implemented systemd-notify as a simple protocol, which apparently would have been easy…

Instead, distros all implemented the patch to include a dependency which eventually included xz…

See github.com/openssh/openssh-por

That said, *of course*, the attacker could have found other packages/ways/deps to include the malicious package/code, but still sad to read…

@cadey @AndresFreundTec

Kinda important side-fact on the #xz story:

The #xz fiasco could have been prevented if #openssh just included/implemented systemd-notify as a simple protocol, which apparently would have been easy…

Instead, distros all implemented the patch to include a dependency which eventually included xz…

See github.com/openssh/openssh-por

Xe :verified:

"No way to prevent this" say users of only language where this regularly happens

xeiaso.net/shitposts/no-way-to

Xe :verified:

I'm considering making this randomly pick a new stock photo, but I feel like that would defeat the point

Julien AvΓ©rous

@cadey @comex It seems a bit biased when we consider how widely C is used all around…

Xe :verified:

>

"Slack hates the idea that anybody who uses it might ever develop any level of comfort with the program. I love their dedication to keeping me on my toes and slightly confused. It’s exactly what I want from an app that’s central to all my workflows."

Show previous comments
groxx

@cadey they're SalesForcing so hard lately. Their parent company must be so proud.

tricia

@cadey I miss the `Mentions & Reactions` sidebar basically every single day.

Xe :verified:

I tried using Email but the onboarding was very confusing. I have to choose a server? And I'm at the whims of server admins having petty disputes for if my posts are delivered to my friends?

Show previous comments
CaveDave

@cadey yeah, it's this negative reaction to "Mastodon is just like email" which made me realise that most people don't know how email works. Sure, they use it but they don't understand the fundamental technology underneath it. To them it might as well be more formal Instant Messaging.

KewlCat

@cadey and _they_ get to decide which email goes to the 'spam' folder!?

Frank Verhoeven

@cadey ...and don’t even think of moving to another server. You will be disappeared forever for all your contacts.

Xe :verified:

>

Becoming incredibly deranged watching people jump between a half dozen mobile-only centralized algorithmic troughs because the equivalent of an email address is too hard

Show previous comments
Bytewave :verifiedbi:

@cadey FWIW, the onboarding experience (instance choice blindness and the "wait, why can't I like this post I was sent a link to? (because it's a link to a different instance than your account is on, and Mastodon doesn't handle this super gracefully)" are still some technical barriers to entry.

There are unfortunately a lot of people who don't understand technology, and gravitate to the centralized platforms because they "just work." Perhaps this is a problem deeper rooted in our lack of technology education, but still, it exists.

@cadey FWIW, the onboarding experience (instance choice blindness and the "wait, why can't I like this post I was sent a link to? (because it's a link to a different instance than your account is on, and Mastodon doesn't handle this super gracefully)" are still some technical barriers to entry.

There are unfortunately a lot of people who don't understand technology, and gravitate to the centralized platforms because they "just work." Perhaps this is a problem deeper rooted in our lack of technology...

TΓ³th GΓ‘bor BaltazΓ‘r

@cadey what's an email address? is it like gmail but federated? sounds hard

Xe :verified:

the old internet is dying, the new internet struggles to be born, now is the time of monsters

Xe :verified:

Dear Hacker News readers,

I'm sorry you haven't realized you're not the intended target audience of my blog. Please reconsider your hateful comments accordingly.

Love,

Xe

Xe :verified:

PS: I wrote that fucking post at fuck-o-clock in the morning while unable to sleep on a red-eye flight. All the stuff you're complaining about is BECAUSE I AM SLEEP DEPRIVED.

PPS: Please just comment on the substance of the article or shut up.

Xe :verified:

vocaloid producers will make the happiest songs about the saddest shit ever

DocRekd

@cadey It says something that I am currently hyperfixated on vocaloid songs.

Xe :verified:

If you use KeePass 2.x (NOT KeePassXC or KeePass 1.x) then your master password has been leaked into your RAM in cleartext - the fix won't be released until June, but you can get an unstable experimental build with a fix right now, or you can uninstall keepass and move to KeePassXC: pcworld.com/article/1923963/an

Show previous comments
James Tucker

@cadey if you use 1Password or about half the other password managers, it won’t be fixed at all, ever

Kazii The Avali

@cadey wait theres something other then keypass xc. thats news to me. also best go experimental or to a more safer keypass and then change your master password if you use keypass.

iRaven

@cadey oh god i actually use this, an incident that actually targets me for once LOL

Xe :verified:

hey uhhhhhhh, you should update your apple devices: support.apple.com/en-us/HT2137

>

An app may be able to execute arbitrary code with kernel privileges

Processing an image may lead to arbitrary code execution

An app may be able to leak sensitive kernel state

An app may be able to gain root privileges

An app may be able to execute arbitrary code with kernel privileges

An app may be able to modify protected parts of the file system

A remote attacker may be able to cause unexpected app termination or arbitrary code execution

Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.

Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

hey uhhhhhhh, you should update your apple devices: support.apple.com/en-us/HT2137

>

An app may be able to execute arbitrary code with kernel privileges

Processing an image may lead to arbitrary code execution

An app may be able to leak sensitive kernel state

An app may be able to gain root privileges

Show previous comments
(((Jann Gobble)))πŸ³οΈβ€πŸŒˆ

@cadey Are you sure this link is the one you meant to send? 16.5 is the iOS update version being distributed by the app store and this is talking about 15.7.6...

:blobcatlaptop: gravitos :blobcatcomfsip:​

@cadey

>

An app may be able to execute arbitrary code with kernel privileges

isn't that a good thing? in theory, if i had an apple device, this would mean i can run android on it

Show previous comments
sylvia

@cadey I don't know about you guys but Pooh is starting to make a disturbing amount of sense

L11

@cadey as an embedded architect it gives me shudders.

Rin

@cadey We've definitely had an interview or two like this.
Though, none yet since embracing being plural. Wonder if that'll get brought up the next time we do an interview.

Go Up