Shamar
boosted
@mozilla@mozilla.social stop. Nobody asked for this. Nobody wants an "ai browser". I still have no clue what an ai browser even is or does, and I do not see how shoving a statistical model into a browser will enhance anything at all. Nobody is using firefox because they want this kind of crap.Please, for the love of all that is holy, shift focus back onto juat making a decent web browser. Not a single person who uses your browser wants this.
La #CGIL inizia a comprendere la complessità, i molti rischi e le fragili opportunità della società #cibernetica in cui viviamo.
Bell'articolo con un ottimo finale
(grazie a @lanibaldi per la segnalazione)
https://www.collettiva.it/copertine/lavoro/ia-un-quadro-regolatorio-da-rivedere-bubciwks
Spero che alle parole seguano fatti e che la CGIL inizi a fornire agli iscritti i servizi informatici basilari, come email, instant messanging cifrato (#xmmp? #matrix?), ed inizi ad evitare come la peste a tutti i livelli quei fornitori che profilano i lavoratori per manipolarli (#Google, #Facebook, #Amazon etc...)
Shamar
boosted
My one-line #testing #framework for #C #programming:
#define RUN(f) if(f()){printf(#f ": OK\n");}else{printf(#f ": FAILED\n");}It's amusing to see the mix of moral panic and hypocrisy in #InfoSec arousing around the #xzbackdoor.
Everybody propose "#xz takeaway", "lesson learned" and so on...
But everybody pretends such kind of carefully crafted attacks to be something new, something clever and unprecedented.
It's not.
For a #backdoor that has been discovered (by a fortunate and unlikely row of coincidences, while analyzing benchmarks of an unrelated software), thousands are still running in production.
Hiding backdoors in modern stack is incredibly easy due to its huge complexity. And this is obviously true for both #opensource and proprietary software.
The only way out is to redesign and rewrite everything from scratch to be human readable.
#Wirth was right.
Shamar
boosted
Three years ago, #FDroid had a similar kind of attempt as the #xz #backdoor. A new contributor submitted a merge request to improve the search, which was oft requested but the maintainers hadn't found time to work on. There was also pressure from other random accounts to merge it. In the end, it became clear that it added a #SQLinjection #vuln. In this case, we managed to catch it before it was merged. Since similar tactics were used, I think its relevant now
Shamar
boosted
https://objfw.nil.im/wiki?name=News
Due to supply chain attacks against open source compression tools, all future releases will be created using WinRAR and use the .rar format.
Due to supply chain attacks against open source compression tools, all future releases will be created using WinRAR and use the .rar format.
Shamar
boosted
@djsundog @andrewfeeney I make a lot of finished software. Mostly for personal use. And a lot of it adheres to these principles:
https://rosswintle.uk/2024/02/a-manifesto-for-small-static-web-apps/
You may also like this:
Shamar
boosted
xz / open-source libs
The majority of libs you know at the very least _started out_ as someone just noodling around on their private project and then over time turned into the go-to solution for XYZ.
But for many libs, that's just never been the goal, and pretending that not having that level of ambition is tantamount to failure is also not serving anybody.
Shamar
boosted
xz / open-source libs
And "any open-source lib anywhere in the wild must be up to professional quality standards and respond to all bug reports in a timely fashion" is also a bullshit standard to apply to anything. It just doesn't work that way.
Shamar
boosted
PostgreSQL maintainer Simon Riggs has died in a small airplane crash, on Tuesday.
For those who didn't know Simon, he's responsible for PostgreSQL Binary Replication and many big data features. He and I worked together at Greenplum 2006-2008. Postgres would not be the world-leading DB it is today if it weren't for him.
Shamar
boosted
Ok, so let's first explain what MTU is. I guess half of you already know, in which case you can skip 2 posts ahead.
As you may expect, there's a limit of how big an IP packet can be. This limit is called Maximum Transfer Unit, and it depends on the underlying link layer, eg. for Ethernet it's usually 1500.
If your Ethernet supports Jumbo Frames, MTU can be over 9000.
If you add VPNs / tunneling layers, it can go lower, eg. Ethernet with MTU 1500 goes down to ~1420* when you add IPSec.
1/
Shamar
boosted
@mcp @informapirata @informatica
L'AI Act, impostatato com'è sul rischio di danno e sulle valutazioni di impatto, rende leciti quasi tutti i sistemi maggiormente lesivi dei diritti individuali.
Si arricchiranno, oltre alle big tech, le imprese che si occuperanno di valutazione del rischio.
L'autorità italiana che dovrebbe fare, baloccarsi con le check lists?
L'unica cosa utile sarebbe una presa di posiziione italiana, che sancisca l'illegalità di diritto
di ciò che è già illegale sulla base del diritto vigente, al netto dell'AI Act: ad esempio, che la polizia possa usare un sistema intrusivo e non funzionante di "riconoscimento" delle emozioni.
Shamar
boosted
Thanks for the nice words.
The xs is an intentionally lightweight library I (with the help of some friends) started for a very different project that never was. As it adds some niceties to C coding, I use it everywhere. It's mostly feature-complete now, but I fix and add some things occasionally. These days, #snac is mostly its main user, as other projects that use it are pretty irrelevant.
Using C headers both for implementations and prototyping is somewhat of a perversion 😆, but it simplifies immensely sharing code between projects, because you don't have to care about building libraries (static nor dynamic) and their operating system idiosyncracies. You just drop the .h in your project, include it and it's done. The reason: simplicity. If I had a motto as a developer, simplicity would be.
The xs is an intentionally lightweight library I (with the help of some friends) started for a very different project that never was. As it adds some niceties to C coding, I use it everywhere. It's mostly feature-complete now, but I fix and add some things occasionally. These days, #snac is mostly its main user, as other projects that use it are pretty irrelevant.
Using C headers both for implementations and prototyping is somewhat of a perversion 😆, but it simplifies immensely sharing code between projects, because you don't have to care about building libraries (static nor dynamic) and their operating system idiosyncracies. You just drop the .h in your project, include it and it's done. The reason: simplicity. If I had a motto as a developer, simplicity would be.
Shamar
boosted
So it seems that, now that Threads is federating, the most popular person in the fediverse is... Mark Zuckerberg:
https://mastodon.bsd.cafe/users/release_candidate/statuses/112140845317198247
I find these "popularity contests" pointless, ridiculous and inherently toxic, and a signature of private social networks where the goal is not to help people communicate between each other.
This is the reason why #snac does not propagate how many followers nor likes a person have.
https://mastodon.bsd.cafe/users/release_candidate/statuses/112140845317198247
I find these "popularity contests" pointless, ridiculous and inherently toxic, and a signature of private social networks where the goal is not to help people communicate between each other.
This is the reason why #snac does not propagate how many followers nor likes a person have.
Shamar
boosted
I'm glad to announce the release of version 2.50 of #snac, the simple, minimalistic #ActivityPub instance server written in C. It includes the following changes:
Incoming posts can now be filtered out by content using regular expressions on a server level (these regexes are written in the
Improved page position after hitting the
Use a shorter maximum conversation thread level (also, this maximum value is now configurable at compilation level with the
Fixed a bug where editing a post made the attached media or video to be lost.
The way of refreshing remote actor data has been improved.
Posting from the command-line now allows attachments.
Added defines for time to enable MacOS builds (contributed by andypiper).
https://comam.es/what-is-snac
If you find #snac useful, please consider buying grunfink a coffee: https://ko-fi.com/grunfink
This release has been inspired by the song The Raven by #CarolineLavelle.
#snacAnnounces
Incoming posts can now be filtered out by content using regular expressions on a server level (these regexes are written in the
filter_reject.txt file at the server base directory; see snac(5) and snac(8)).Improved page position after hitting the
Hide or MUTE buttons (for most cases).Use a shorter maximum conversation thread level (also, this maximum value is now configurable at compilation level with the
MAX_CONVERSATION_LEVELS define).Fixed a bug where editing a post made the attached media or video to be lost.
The way of refreshing remote actor data has been improved.
Posting from the command-line now allows attachments.
Added defines for time to enable MacOS builds (contributed by andypiper).
https://comam.es/what-is-snac
If you find #snac useful, please consider buying grunfink a coffee: https://ko-fi.com/grunfink
This release has been inspired by the song The Raven by #CarolineLavelle.
#snacAnnounces
Shamar
boosted
Using Twitter/X to promote research findings found to have little impact on number of citations https://phys.org/news/2024-03-twitterx-impact-citations.html #science
Shamar
boosted
@zacchiro which part of that, the result? The concatenator (I’m hesitant to call it builder)? They basically have the equivalent of d/copyright (except less well done and nowhere near machine-readable) in every module and concatenate those on image build, and it shows up on the about box of Android, of in-car entertainment systems, etc. or on websites with docs for the images.
Only those modules that went into the build ofc as Shamar said the others are not relevant.
- O.S.
- http://jehanne.io
Joined May 2019
