Posts by tinpinion

This is also a story about a developer who put their faith in Google not arbitrarily shutting down products and services that people rely on.

I now aim to share an anecdote that amuses me: Google once decided that people would want to stream video games instead of running them locally, marketed the technology for months, won exclusivity contracts with game developers, built and shipped physical game console products, and then ate the entire cost of the endeavor just so they could add Stadia to killedbygoogle.com.

Re: AGPL

The GPLv3 was designed as a direct upgrade to strengthen the freedoms granted by the GPLv2. The biggest challenge it aims to tackle is Tivoization, where a device manufacturer bundles GPL'd code with the device but does not provide a means of changing the code running on the device (or actively employs DRM technologies to prevent you from running your own version of that code). The other big change is about patents, and I'm not diving into that. Either way, it has nothing to do with what you're claiming.

The AGPLv3 (Affero GNU Public License) is the thing that you're thinking of. It's basically just the GPLv3, except with an additional clause that give users interacting with AGPL-licensed software over a network the right to acquire the source for that software.

I hope Redis wins back some traction because I'm still more strongly aligned with the Free Software crowd than the Open Source one.

It probably makes it harder to train LLMs on transcribed Outlook emails, too!

Re: Respect has been lost

I may need help with my reading comprehension too. I'd appreciate any information about how I've misunderstood the post.

Panicking is useless so stop.

I will now attempt to use a very clumsy analogy involving child endangerment that doesn't really make a whole lot of sense but whatever. (The phrase 'sharpest materials' really boggles my mind. As far as I can tell, sharpness is a property of edges rather than materials.)

All I did was warn people about the place without specifically discussing the risks involved leading to people imagining what kinds of horrible, awful things could be going on to cause me to issue such a nondescript warning.

This is a bad analogy because I didn't go into details. (I did for the analogy, but not for the actual thing I did. A better analogy would have omitted the last two sentences of the first paragraph of the analogy.) I wanted people to stop using atop before adversaries could determine a means of exploiting the thing I found.

I don't know how to exploit the thing I found, but I'm going to mention that overflow attacks were really bad thirty years ago and try to induce more panic.

Here are some pictures of terminals that I made showing things and I'm not going to state whether or not this has actually occurred, but it sure is panic-inducing!

I don't know what I'm talking about but maybe there's danger here?

I'm going to refer to my pictures again and still not state whether they demonstrate something that has actually happened or something that may happen.

Scaremongering!

I was right, y'all are dicks, stfu.

Re: License @Rich 2

If the copyright holder of a piece of code doesn't license that code, anyone using it is legally indistinguishable from a software "pirate". The copyright holder would be within their rights to sue unlicensed users for copyright infringement. Even if actual damages are zilch, statutory damages can be extracted if the copyright holder registers their copyright with the USCO prior to or within three months of its publication. That's $750-$30,000 per case of infringement.

Naturally, you'll want to talk to an actual lawyer about becoming a copyright troll, I'm just regurgitating 17 U.S.C. § 504 and 17 U.S.C. § 412 at you. Oh, and 17 U.S.C. § 505 means that the winner can request the court award attorney's fees and costs. Jo in the street might start giving a monkey something if they were individually targeted with a lawsuit like this.

Re: Another step towards CableTV-2.0

Hello Manifest v3 gutting ad-blocking technologies. Why, what coincidental timing you have!

Re: FFI Libraries

Ah, I may see why you don't understand Dostoevsky's annoyance!

If a Rust application doesn't have exclusive control of the memory regions that it has access to, the assurances of the borrow checker and runtime are wholly obliterated. In those circumstances, using the fact that the language was memory-safe to excuse the need for additional validation may result in a less safe application than one written in a memory-unsafe language where additional scrutiny is applied due to the unsafeness. Calling a C function within a Rust application, dealing with MMIO, or running code on a machine with a compromised kernel could lead to these circumstances (and a compromised kernel wouldn't even require the code to be explicitly unsafe).

The lack of granularity in unsafe could potentially be exploited for some pretty neat FFI-based supply chain attacks, unless cargo update automatically warns about changes to unsafe functions that are being called by the main application. I know for a fact that I wouldn't do a manual deep-dive into my unsafe dependencies at every update, so I have to imagine that other folks in positions of power are out there with the same shortcoming.

My personal issues with Rust are its aggressively homogeneous community of "rustaceans" who think that their language is objectively superior to all other languages in every way and its contributions towards the continued normalization of the language-as-a-package-manager trend. Despite those attributes, it's a beautifully-designed language, the documentation doesn't require Internet access, and Cargo has flags to suppress its desire to infect my machine with automatically-sourced third-party dependencies.

Re: Wayland?

You were lucky to have Linux From Scratch! We 'ad to wake up at two in the morning, find all the dependencies ourselves, assemble and link everything by 'and, power the computer all day by running in a tiny 'amster wheel, and our tea was superheated steam being sprayed at us if the machine crashed.

Re: Since the translation DB can't be held locally ...

As the article that Liam linked to only mentioned that the translations are performed locally, here's a bit more context:

The translation functionality that is now being rolled into Firefox is based on Project Bergamot (https://browser.mt), the product of an EU-funded consortium of universities and (since 2019) Mozilla. Using it requires you to download a translation model onto your device, but being able to perform device-side translation means that the contents of the translation are not shared with an online service.

Bergamot has been around in the form of browser extensions for a while: the Bergamot extension itself (https://addons.mozilla.org/en-US/firefox/addon/translatelocally-for-firefox/), followed by Mozilla's 'Firefox Translations' add-on (https://addons.mozilla.org/en-US/firefox/addon/firefox-translations/).

So, in summary: it works by downloading a machine learning model onto your device and feeding the contents of the page into that model locally. If it's using the same codebase as Mozilla's add-on, it'll be using the SSE4.1 CPU instructions to do it.

Re: "Burnout"

1.) Burnout also applies to paid development work: for me, it usually starts when I'm introduced to a Project Mangler. (How long will it take to implement this feature? Depends on how poorly-designed the data structure is when the seven other teams you're managing are done messing it up. It'll probably take about two hours to program and several weeks of trying to figure out good ways to tie loosely-related records together because you won't let the competent people sit together and discuss requirements and plans.)

2.) The open-source ecosystem benefits from corporate contributions in the exact same way that the free-software ecosystem does not. The GPL family of licenses hack copyright in a way that is often unacceptable to corporate greed. (Red Hat's core clientele are businesses, and, while I am disheartened by their strategy of penalizing customers who exercise their GPL-provided rights, I feel that their actions are (legally) justified as long as Red Hat fulfills their obligations.)

3.) What good could any government do? I'm seriously looking for answers, because the extremes of what government intervention can do are pretty bleak: prevent companies from contributing to free/open source software, prevent them from using it (won't somebody please think of the servers?!), require software developers to obtain a government license to practice their craft, levy hefty fines against free/open-source developers for contributing insecure code to organizations who don't audit what they consume...

4.) Imagine if a guy called Greg created a foundation which aimed to make retail workers' lives easier by rewarding patrons for keeping stores tidy. It's an incredibly bad analogy for the topic being discussed, but it sure would be funny if Greg actually managed to pull it off.

Re: This, coupled with YouTube's recent blitz

Firefox supports profiles, but they're admittedly not as easy to access as Chrome's are.

The way I've always done it is to add -P (or -ProfileManager) to the launch options to get access to the selection interface, and you can add --no-remote to allow multiple instances of Firefox to run simultaneously (at least on the Linux build).

I have just learned that there is also the about:profiles page, which allows access to the same functionality from within the running browser. Cool!

Re: While I do not agree with 99% of...

Spectacular idea! Here's a bookmarklet that I just threw together for myself to do the job. It adds an additional button to the left of the Reply button which hides the thread, and works on Firefox at least.

javascript:(function(){var a=[i=>document.createElement(i),'parentNode','setAttribute','appendChild','getElementsByClassName','addEventListener'];var h=function(t){var x=a[0]('li');var y=a[0]('div');var z=a[0]('a');z[a[2]]('href','javascript://unhide_post');z.innerHTML='unhide';y[a[3]](z);x[a[3]](y);z[a[5]]('click',function(){x[a[1]].removeChild(x);t[a[1]].style.display='';return false;});t[a[1]][a[1]].insertBefore(x,t[a[1]]);t[a[1]].style.display='none';};for(var i of document[a[4]]('post edited')){var r=i[a[4]]('reply_link')[0];var n=a[0]('a');n.innerHTML='Hide Thread';n[a[2]]('class','reg_btn reply_link');n[a[2]]('href','javascript://hide thread');n[a[5]]('click',(function(i){return function(){h(i);};})(i));n.style.marginRight='5px';r[a[1]].insertBefore(n,r);}})()