robryk @robryk@qoto.org
I enjoy things around information theory (and data compression), complexity theory (and cryptography), read hard scifi, currently work on weird ML (we'll see how it goes), am somewhat literal minded and have approximate knowledge of random things. I like when statements have truth values, and when things can be described simply (which is not exactly the same as shortly) and yet have interesting properties.
I live in the largest city of Switzerland (and yet have cow and sheep pastures and a swimmable lake within a few hundred meters of my place :)). I speak Polish, English, German, and can understand simple Swiss German and French.
If in doubt, please err on the side of being direct with me. I very much appreciate when people tell me that I'm being inaccurate. I think that satisfying people's curiosity is the most important thing I could be doing (and usually enjoy doing it). I am normally terse in my writing and would appreciate requests to verbosify.
I appreciate it if my grammar or style is corrected (in any of the languages I use here).
Joined Nov 2020
@Adam_Cadmon1 And large enough.
You might wish to know that right to be forgotten exclusion in websearch are (usually? always?) query-specific, so one should still be able to find such articles by not searching for any person. I failed to (easily) turn anything up with that approach here, though.
@freemo It seems to be located in an Italian museum: https://exhibits.museogalileo.it/bicycles/objects/FiremansBicycle.html
@Luccus How do you enter them? Is there an emoji picker in the login dialog?
I'd claim that this happens not only about information related to people: support for modification is very often an afterthought and a large fraction of all infosec problems I've discovered were caused by people assuming that these things that can change will surely not change in _this_ time window.
robryk
boosted
IFComp 2023 begins now! https://youtu.be/bd1X9GrkCcs
war
It's not the first instance of the latter: they did the same for the marine drone attack on the Kerch bridge. Do you perchance know of other examples?
I would expect that the important question about such firms would be who are the management.
I'm confused. The way you stated the question if someone doesn't eat anything until lunch they do eat "breakfast", and only the people who "eat" a meal of only coffee, tea, or juice first don't. Was this what you intended?
What kinds of choices do you refer to? Things like finding a place for residency?
@freemo If I gather correctly, you are thinking of a construction that is loaded ~only in compression. Am I right?
What's the order of magnitude of the size you're thinking about (it's not obvious, because it depends on the angle in the pyramid's tip)? Less than 1% of Earth's mass/more than that?
> But it seems to me like we should be fixing this on the OS level, not trying to cram the OS into browsers.
OSes have much of the same problem that browsers do: the interfaces they expose are terrible and cannot change, because something relies on every aspect of that terribleness (see e.g. POSIX filesystems woes, where interacting with a directory where an untrusted entity can write is something that people virtually always get wrong in a way that gives that entity a file read/write oracle, because it's absurdly hard or impossible to get right depending on what operations you want to perform).
I have higher hopes for implementing interfaces with limited scope using the non-terrible part of the OS API than fixing the terrible OS-provided ones (because former admits easier experimentation and mixing-and-matching, if for no other reason).
@rysiek What I find weird and frustrating is that it's very often hard to convince people that making them less leaky is worthwhile (e.g. that it's worthwhile to be able to succinctly formulate the contract something exposes to the things above it).
robryk
boosted
Related to the latest round of everyone finding out what happens when you write image decoders in C++ now known as CVE-2023-5129: you may want to update every electron app on your machine as much as possible. Electron is built on the foundation of Google Chrome and it turns out that the webp vulnerability is also present in Electron. Annoyingly, this is going to require you to figure out which vendors have patched their apps for the vulnerability. Good luck.
You probably should update Discord immediately.
@christianp do you know that this problem wasn't happening earlier? Might it have been masked by something, which then changed with the mastodon update and stopped masking it? (For example, maybe there is a fallback to a CDN, which is now made infeasible by a change in cors.)
@christianp also, I strongly doubt it has anything to do with cors. Font sanitization is there to protect the computer from the websites.
@christianp maybe try replacing the font with its sanitized version?
This sounds like _when the thing is downloaded for use a font_ Firefox considers it invalid.
https://github.com/mozilla/gecko-dev/blob/57f94ca1d57ab745242daafc8926690377579b83/gfx/thebes/gfxUserFontSet.cpp#L692 is where the error is likely generated, and https://github.com/mozilla/gecko-dev/blob/57f94ca1d57ab745242daafc8926690377579b83/gfx/thebes/gfxUserFontSet.cpp#L193 is likely where it's caused.
That seems to refer to https://github.com/khaledhosny/ots, which seems to have a CLI tool to sanitize a font: https://github.com/khaledhosny/ots/blob/main/util/ots-sanitize.cc
If I have time in the evening I might try building it and running it against the font you have to see what the problem is.
@mynotaurus ... and stuffing them into the laptop, so that they are "internal" :)
> But they're not and we don't, which is the whole point!
I think an issue that causes all that hedging is that people start do behave as if this wasn't true, and expect others to precisely promise results.
I enjoy things around information theory (and data compression), complexity theory (and cryptography), read hard scifi, currently work on weird ML (we'll see how it goes), am somewhat literal minded and have approximate knowledge of random things. I like when statements have truth values, and when things can be described simply (which is not exactly the same as shortly) and yet have interesting properties.
I live in the largest city of Switzerland (and yet have cow and sheep pastures and a swimmable lake within a few hundred meters of my place :)). I speak Polish, English, German, and can understand simple Swiss German and French.
If in doubt, please err on the side of being direct with me. I very much appreciate when people tell me that I'm being inaccurate. I think that satisfying people's curiosity is the most important thing I could be doing (and usually enjoy doing it). I am normally terse in my writing and would appreciate requests to verbosify.
I appreciate it if my grammar or style is corrected (in any of the languages I use here).
Joined Nov 2020
