Comments

This profile is from a federated server and may be incomplete. Browse more on the original instance.

pkill, to piracy in Alright then 🏴‍☠️
pkill, to lemmyshitpost in Bad coding

LLM is pretty much guessing the next word

pkill, to lemmyshitpost in Bad coding

I mean, correcting a LLM until it spews out something that mostly works is just good old shotgun debugging, prove me wrong

pkill, to programmer_humor in Programming: The Horror Game

non-AMOLED devices spreading misinfo by enabling dark mode by default on low battery and it’s consequences…

pkill, to programmer_humor in This is what being a Redditor does to your life

as soon as you realize you can’t easily contain your commit message within a 50-character conventional message (or slightly more if you wand to be more specific about the scope)

pkill, to privacy in Are there any good privacy friendly keyboards for android?

Sadly the development stopped, but still one of the most feature-rich.

pkill, to programmer_humor in Release notes of an open source app. Someone is pretty mad at Canonical for Snap

Fair point. For instance one thing that sucks about flatpaks is that you can’t torsocks them

pkill, to programmer_humor in Release notes of an open source app. Someone is pretty mad at Canonical for Snap

Why are they even still pushing that nonsense when flatpak at least somewhat gets closer to getting bwrap implemented right?

pkill, to programmer_humor in GitHub Desktop or Git CLI?

gitui

pkill, (edited ) to privacy in Signal leaked random contacts to me!

Also regarding tiling compositors/WMs. Base rate fallacy. Yeah desktop linux has got 3% market share but probably somewhat more if you exclude company or public computers. But then, probably also higher among Signal users. Anyway, that’s probably an Electron issue. Glad to see Flare getting better, so hopefully if it doesn’t get abandoned we might soon have a viable alternative that is more lightweight, secure and integrates better with the system in a more agnostic fashion. Heck, I might be even inclined to contribute a little to that project myself.

pkill, to privacy in Signal leaked random contacts to me!

It wasn’t my intention to state that an extensions of certain big software is always better or should get all the credit. No. First of all, I consider Molly protestware and second of all, the thing about being able to do federation and whatnot with much smaller funding was not about Molly. It was about simplex, matrix, XMPP, E2EE for Fedi and handful other decentralized/federated projects. Signal already has been downloaded hundreds of millions of times according to App Store/Play Store and received countless endorsements. And they did in fact face outages after receiving one from Elon Muskrat. So, they needed to find ways to scale better. Their server software could in theory be self hosted, but unlike Matrix or XMPP, it won’t federate so in a way it’s even worse than e-mail when it comes to this. One would thus think that it’s implicit that they would finally add the possibility to let people run their own servers or even devolve towards more P2P-oriented design. But instead they’ve decided to partner with a pump and dump shitcoin scheme whose privacy-friendliness was absolute trash, though granted, that was also at a time when every tech company was trying to join the Web3 hype. Now their reach is even bigger, but has grown at a steadier pace. I won’t try to go more tinfoil here with any unsubstantiated suspicions and begging the question but even though decentralized or federated systems are harder to design in a way that makes them secure, centralized ones are more abusable and create a single point of failure that can affect a large share of the user base.

pkill, to programmer_humor in 10 months later bill revisits his spaghetti code. forgets absolutely everything and refuses to elaborate. this wouldn't have happened if Bill forgot to comment on his code

yep. Good code is self-documenting and syntax highligting and having longer sections folded up may help more than having to process some greyed out text. But comments are still useful for generating proper autocompletion and avoiding having to skim through you '“self documenting code”. Also it helps greatly with TDD and maintaining good coding practices. For example if you need a numbered list to reliably sum up what some function does, it’s often a good sign that it should be broken into a couple smaller ones.

pkill, to programmer_humor in 10 months later bill revisits his spaghetti code. forgets absolutely everything and refuses to elaborate. this wouldn't have happened if Bill forgot to comment on his code

This is Bill.

Bill doesn’t need to minify his code, he names things using a single character even in compiled languages.

Bill is a heckin chad who can guess what the code does merely by looking at types and control flow.

Be like Bill

pkill, to privacy in Signal leaked random contacts to me!

I see your point and don’t negate such possibility. Although the black box nature of proprietary dependencies in vanilla Signal means an inclusion of potential trojan spyware. Speaking of the need for app lock, as an alternative solution, you can create a separate profile for Signal to have a dedicated PIN. But afaik only GrapheneOS allows notification relaying to main profile. LineageOS on the other hand has a feature called AppLocker. If you intentionally lend your device to kids, Android has a feature called app pinning.

pkill, to privacy in Signal leaked random contacts to me!

maybe try setting up a matrix bridge if you feel confident you can secure that properly. On one hand it might increase attack surface (use only servers and bridges with End to Bridge Encryption) but what’s an attack surface on software that is so ridiculously compromised. Also you can try using an alternative client such as Flare. Though YMMV, for me the last time I’ve used it it was quite rough around the edges but I’m happy to see it’s actively maintained so might be worth checking out.

Also no, flatpak doesn’t fix this issue. Yeah it provides some isolation which can be further improved with flatseal, and other defense-in-depth methods. But unless you are willing to face the trade-offs of using Qubes, you won’t compartmentalize your entire system. The key file in question is stored in ~/.local/share. I’m not denying vulnerabilities in userland applications, but thanks to it’s wide reach, often massive codebases and use of unsafe languages like C, it’s the core system or networked software that is the most common attack vector. And that doesn’t ship and will never ship via flatpak.

The most obvious way this is exploitable is directory traversal. But not only that. Just look up “Electron $VULNERABILITY”, be it CSRF, XSS or RCE. Sandbox escape is much easier with this crap than any major browser, since contextIsolation is often intentionally disabled to access nodejs primitives instead of electron’s safer replacements. Btw Signal Desktop is also an electron app.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • localhost
  • All magazines
  • 200 @ user_comments
    HTTP status 200 OK
    Route name user_comments
    Has session yes
    Stateless Check no
    Time 724 ms
    Total time 724 ms
    Initialization time 76 ms
    Memory 16.0 MiB
    Peak memory usage 16.0 MiB
    PHP memory limit 128 MiB
    Logger 86
    Errors 0
    Warnings 0
    Deprecations 86
    Cache 44 in 84.26 ms
    Cache Calls 44
    Total time 84.26 ms
    Cache hits 46 / 54 (85.19%)
    Cache writes 5
    3
    Default locale en
    Missing messages 3
    Fallback messages 0
    Defined messages 127
    Security n/a
    Authenticated No
    Firewall name main
    Twig 608 ms
    Render Time 608 ms
    Template Calls 203
    Block Calls 24
    Macro Calls 0
    165 in 271 ms
    date 16
    entry_comment 15
    user_inline 15
    date_edited 15
    magazine_inline 15
    entry_inline 15
    user_avatar 15
    vote 15
    boost 15
    settings_row_switch 15
    user_settings_row_switch 4
    settings_row_enum 2
    user_actions 1
    related_magazines 1
    active_users 1
    related_categories 1
    related_posts 1
    related_entries 1
    support_us_block 1
    featured_magazines 1
    24 in 155.17 ms
    Database Queries 24
    Different statements 16
    Query time 155.17 ms
    Invalid entities 0
    Cache hits 24
    Cache misses 0
    Cache puts 0
    6.4.0
    Profiler token 5128ce
    Environment dev
    Debug enabled
    PHP version 8.2.26   View phpinfo()
    PHP Extensions Xdebug ✗ APCu ✓ OPcache ✓
    PHP SAPI apache2handler