Wait, so cool t shirts?!
cybersandwich
joined 2 years ago
It highlighted some pretty glaring weaknesses in OSS as well. Over worked maintainers, unvetted contributers, etc etc.
The XZ thing seems like we got "lucky" more than anything. But that type of attack may have been successful already or in progress elsewhere. It's not like people are auditing every line of every open source tool/library. It takes really talented devs and researchers to truly audit code.
I mean, I certainly couldn't do it for anything semi advanced, super clever, or obfuscated the way the XZ thing was.
But I agree, that the fact we could audit it at all is a plus. The flip side is: an unvetted bad actor was able to publish these changes because of the nature of open source. I'm not saying bad actors can't weasel their way into Microsoft, but that's a much higher bar in terms of vetting.
It's pretty hilarious when people act like being open source means it's "more secure". It can be, but it's absolutely not guaranteed. The xz debacle comes to mind.
There are tons of bugs in open source software. Linux has had its fair share.
It sounds like they need a little more oversight but if you read the article the cop was working around the safeguards and using real case #s and whatnot.
The audit caught him though which is a good thing. The not so great thing is that this was an audit to figure out their usage for re,doing licenses, and not a routine audit to check for...behavior like this.
The biggest issue I have with all of this is that he resigned before the merit board could make a determination...so what? That's that? I'd imagine they can still make a determination.
As much as I hate that prime added ads to a paid service (absolute horse shit), the way they've implemented it so far is one of the better methods. They'll do a single ad at the beginning that's like "this show is brought to you uninterrupted by Samsung". Then no more ads until the next episode.
YouTube is trash with it.
Of course you are getting downvoted, because you are right and not being a reactionary douche like your average lemmizen.
Lol?
You think the current currency system is the cause of war?
Because with the way we do our voting (first past the post), a vote for Stein is effectively a vote for Donald J Trump, Convicted Felon, adulterer, fraudster, sexual assaulter, etc, etc.
This election is NOT the election to get "principled" with your choice. The consequence of Trump getting another term is incredibly dire for the health of our country and democracy. The consequence of Biden winning is a shift back in the right direction. Jill Stein and other candidates will still be around in 4 years and you can vote for them then-- and she'll lose then, but maybe, with another 4 years of Biden, we'll have laws protecting womens choice, supreme court nominees that aren't conservative lunatics, and forward thinking stability. So you vote 4 years from now we'll be on more solid ground in the event you cause a Republican to win.
If you vote for her now, and Trump wins as a consequence, you might not ever get a chance to vote again. (only being a little dramatic).
Yea probably. But she also ran because she was most likely drunk and she was speeding. So those parts might have also done her in too even if she stopped.
This is a fantastic analogy.
I'd say they limit the impact of corruption.
I switched the the snap package and it's been rock solid and pain free the entire time.
I welcome any and all comments on why snap is Satan.