-
It was irresponsible and dumb.
It’s also what journalists have done forever. The term “doxxing” is the new part… the idea of allowing people to preserve the anonymity of their online identity is relatively new. I think we’re going to see a protracted struggle to establish a new cultural norm about this.
For example, can you believe that companies used to publish big books with everybody’s name, home address, and phone number printed right in it? And they would give it away totally for free. (I’m only half-joking… kids now are stunned to learn that phone books used to be a thing.)
-
allowing people to preserve the anonymity of their online identity
It’s more of a collective fiction. Let’s all pretend that what we wrote last year can no longer be accessed by the people we have silly feuds with today. So many people think that this is a good idea, that even the European Union took it seriously and gave people the right to rewrite online history to better suit their mood.
Real anonymity is hard, with almost all the communication channels wiretapped with the excuse of terrorists and paedophiles, so we’re supposed to focus on pretend-anonymity now. Unfortunately, it’s working.
-
I have to disagree. Your point about the intractability of the problem is well-taken, but taking the attitude that anonymity is a fiction has the result that nobody feels responsible for fixing it.
Besides, there actually is a clear line here: Disclosing somebody’s legal residence has very real consequences for them. And it’s clear that putting it together in this case wasn’t an easy task, even though the information was nominally “public”.
People who have the knowledge and experience to follow that kind of trail should be careful about how they use it, just as a locksmith shouldn’t go around unlocking random people’s doors and rationalize it by saying they’re just rearranging public pieces of metal which were on the outside of the home.
-
Unlocking a locked door is clearly a single unified action. There might be some objective sense in which it’s a bunch of separate movements of pieces of metal, but no human would see it that way.
There is something deeply, viscerally oppressive about the idea that it might be ok to read published fact A, read published fact A => B, but not ok to publish B. It seems like 1984-style doublethink.
-
I think your second paragraph is insightful, and gets to the heart of a lot of objections to my position, especially objections from technically-minded people. Thank you for saying it.
I nonetheless do take the position you mention. “Not okay” is a pretty broad term, and I’m not suggesting it should be illegal… but I really do feel that it’s the consequences, not the actions themselves, which should have primary importance when we talk about ethics.
I don’t really think the “single unified action” thing is a meaningful distinction; I think that it’s a valid perception, but more a matter of perspective than anything really different between the scenarios. I had to hire a locksmith not long ago, which is why it came to mind; I’m pretty sure it was a bunch of individual steps to him, establishing tension then working one pin at a time, even though to me the upshot was that I waited a few minutes and then my door was open. (It was also somewhat frightening how few minutes it took.)
-
I don’t really think the “single unified action” thing is a meaningful distinction; I think that it’s a valid perception, but more a matter of perspective than anything really different between the scenarios. I had to hire a locksmith not long ago, which is why it came to mind; I’m pretty sure it was a bunch of individual steps to him, establishing tension then working one pin at a time, even though to me the upshot was that I waited a few minutes and then my door was open. (It was also somewhat frightening how few minutes it took.)
Well, put it this way: I don’t think there are many noncontrived cases where it would be unclear who had unlocked your door. I mean it would be possible for a locksmith to jiggle a few pins, leave the tools in place, and have another locksmith come and finish it off, but I don’t think that’s a common enough case that we need to worry about the morality of it.
I’m reminded of the “ghost gun” business in the US. Roughly, from memory: commercial gun sellers are required to register their sales, but private individuals are allowed to make their own guns, and gun professionals are allowed to sell replacement parts or help people assemble guns without needing to check registration. Eventually the government was obliged to formalise things, and thus we have the “80% finished lower receiver”: one particular part is regarded as being “the gun”, and it’s considered a piece of metal after it’s shaped but before the holes are drilled in it, and a gun afterwards. So to “make” your own gun you can buy the parts, drill the holes in that one piece yourself, then get it assembled.
Kind of absurd, but at least they did manage to draw a line somewhere. Doing this with linking a name and address is much harder - is it the person who publishes that person x went to school in town y? The person who publishes that internet personality z is a fan of sports team w?
It doesn’t feel like it should be the person who puts published facts together, though maybe that’s my biases. The classical philosophical tradition is that all true logical statements are regarded as vacuous; if we knew all the facts that lead us to a given conclusion, then we already knew the conclusion. This is unsatisfying when it comes to something like Fermat’s Last Theorem, where the proof was clearly an enormous amount of work. But we don’t really have a good model for assigning credit/blame for that kind of work - for mathematical theorems the credit tends to go to whoever puts the capstone on, but that seems rather unfair. We seem to be approaching these inferences the same way.
-
Sorry I missed this yesterday.
You make a fair point. The category of response I’m thinking about is: I’m less interested in assigning blame than in raising awareness. If people are conscious of how the information they’re sharing could be used against other people, we can get to a higher level of responsibility. It would be unreasonable to demand constant caution until awareness of the threat model is widespread.
If I were trying to assign blame, I’d place it on everyone who could reasonably anticipate the result. People who post things; site owners who don’t have a process to remove private information; unnecessarily broad data-retention policies; people who train customer-service representatives and don’t adequately prepare them for social engineering … In this particular case I do imagine some of the blame belongs with the journalist who put the pieces together; I kind of doubt that it was entirely a matter of web searching, or it would have happened long before.
But I really am not trying to assign blame so much as encourage people to take responsibility. I understand that this must seem like a fantasy, but if every raindrop decided to be responsible, there wouldn’t be a flood.
-
-
-
-
People who have the knowledge and experience to follow that kind of trail should be careful about how they use it, just as a locksmith shouldn’t go around unlocking random people’s doors
A more appropriate comparison would be a photographer going around public places and taking pictures. Not illegal, not immoral, not unexpected. (yes, I think requiring Google/Bing Maps to blur faces and street numbers is absurd).
-
You’re just restating your position that there’s nothing immoral here. I don’t want to put words in your mouth, but I understand your reasoning to be that people should expect doxxing to happen, and therefore there cannot be anything wrong with it, regardless of its effects. But I expect a laptop to get stolen if I leave it visible in my car; that doesn’t mean the thief has done nothing wrong. Have I summarized accurately? Do we agree on that example? Does it seem like a relevant example to you?
You don’t have to debate, of course, and I’m happy to drop this if you want to. Just to say that, because it can’t be taken for granted.
-
Have I summarized accurately? Do we agree on that example? Does it seem like a relevant example to you?
No, of course not. My position is that “doxxing” is nothing more than journalism and that journalism is not illegal, not even when done by amateurs.
-
Heh, well it’s of course to you, but that’s why I asked…
I feel like there are a lot of things that cause serious harm that aren’t illegal. The law necessarily takes a quite weak position on what things people should avoid doing. There’s no law that says you can’t cut in line at the supermarket, but don’t do it, anyway. I don’t really see the law as relevant here at all, so I doubt we’ll find agreement.
-
-
-
-
-
-
For example, can you believe that companies used to publish big books with everybody’s name, home address, and phone number printed right in it? And they would give it away totally for free. (I’m only half-joking… kids now are stunned to learn that phone books used to be a thing.)
Are phonebooks no longer a thing in the United States? When did that stop?
-
They were still publishing them as of a couple years ago, but I suspect they were mostly used as a source of free kindling for backyard BBQs.
-
The Bells no longer print phone books themselves; that business was sold off, at least ten years ago, to independent companies. I’ve met salespeople who were doing hard-sell approaches to get local businesses to buy ads in the yellow pages, which was always a significant revenue source and now seems to be all that’s left.
-
-
-
-
munyari
1 year ago
|
link
| on:
HOWTO: Strong Passwords, aka The Most Important Guide On The Internet
At a bare minimum you should be using a unique 32 character random alphanumeric on every website or service that you use
Source for this claim? What makes you say this is the “bare minimum”? Also, why restrict passwords to not include special characters?
-
I do 20 characters alphanumeric, which gives about 120 bits¹ and is short enough to be bearable to type in by hand (or memorize) if necessary.
I do alphanumeric because I’ve had sites silently corrupt passwords that contain special characters (whereas alphanumeric is basically guaranteed to work) and they only buy you a few more bits regardless.
¹ Which is sufficient. If an attacker can iterate through 10^20 passwords per second (an arbitrary guess at the processing power of the entire world), it will take them a trillion years to go through all of them. My secrets will certainly be uninteresting by then.
-
I generally do 25. I used to do 99, but found 25 to be right around the threshold of “I can tolerably type this in when necessary”. I don’t think I’ve ever encountered the silent corruption issue, but it’s an interesting issue.
Reminds me of when I recently signed up for some website and it silently truncated my password when I logged in. I went to reset the password, and it just emailed me the password in plaintext. Yikes.
-
-
117
I calculate
log((26+26+10)^20)/log(2) = 119.1. Regardless, no, it’s not a big difference.in 5 years 20 might be too short
The thermodynamic argument for cryptographic strength (briefly, there is a certain thermodynamic minimum amount of energy required to perform any computation and merely counting to 2^256 uses all the energy in the known universe; and the second law of thermodynamics definitely supersedes Moore’s law) indicates that while, eventually, 20 characters may be too short, 40 characters never will be. Going beyond that is pointless and makes the password needlessly difficult to type by hand.
Incidentally, performing this same physics exercise with a 20-character password tells us the bare minimum to count that high on the most efficient computer physically possible would take 31 TJ, which at current electricity prices would cost about $1M. (Practically speaking, of course, the cost to actually crack them on real hardware that actually exists would be dozens of orders of magnitude higher.) I’m comfortable saying that’s well above the value of anything protected by any of my passwords.
-
The thermodynamic argument for cryptographic strength (briefly, there is a certain thermodynamic minimum amount of energy required to perform any computation and merely counting to 2^256 uses all the energy in the known universe; and the second law of thermodynamics definitely supersedes Moore’s law) indicates that while, eventually, 20 characters may be too short, 40 characters never will be.
Thanks for the link, the thermodynamic argument is not one I’d heard before. Since this link talks about symmetric keys, how did you determine that a 40 character password is long enough for the same thermodynamic guarantee?
-
Passwords are symmetric keys, approximately. (The harder part is converting asymmetric keys because the difficulty of cracking them, at least for RSA keys, is not proportional to the magnitude of the key but to the square root thereof.) Brute-forcing a password with
nbits of entropy is (wild hand-waving) more or less equivalent to brute-forcing a symmetric encryption key withnbits of entropy. A 20 character mixed-case alphanumeric password has about 119 bits of entropy; a 40-character one has about 238 bits.¹ Given that, the same argument follows: the minimum amount of energy for a (more hand-waving) “computation” is 4.4e-16 ergs, so doing one for every 40-character password will use up 2.2e37 TJ of energy, or about five orders of magnitude more than is released by a supernova.²
¹ “Number of bits” is just base-2 log of the size of the password space. There are
26+26+10 = 62mixed-case alphanumeric characters, so62^20 = 7.0e35possible 20-character passwords; log base 2 of that is approximately 119.08.² Physicists being physicists, there is an evocatively-named unit for this amount of energy: the “foe”, conveniently memorable as ten to the fifty one ergs.Our hypothetical hyper-efficient computer uses about 238 thousand foe going through all the 40-charcter passwords.
-
-
-
-
-
-
-
[Comment removed by author]
-
-
-
-
-
-
I wouldn’t mind your fork if it didn’t violate the authors’ copyright. If you re-add the MIT license block in the LICENSE file, you are free to do whatever you want.
I doubt your fork will be successful in the long run though, because it looks to me like an overcomplication, but time will tell and experiments are always fun.
-
I really tried hard to explain this to the OP but he/she wasn’t at all bothered by it - https://github.com/small-utils/xmenu/issues/1
Oh well…
-
Thanks for taking your time to bring this issue up.
The original MIT license block really has to be in the LICENSE file. The reason for that is that each source file has a header of the form
/* See LICENSE file for copyright and license details. */By definition, each source file would have to have the MIT block, but for the sake of simplicity, it has been “exported” to the LICENSE file. It is not sufficient to just list the authors in the README, because that’s not where the license notice points to in the source files.
By the way, please stop assuming the OP’s gender to be within the patriarchal norms “he” or “she”. OP might as well be non-binary or have no gender at all. /s
-
-
-
As a small note: You are free to use the MPLv2 for xmenu, however I have to tell you that it will be impossible for you to enforce it, should the problem arise at some point in the future. MPLv2 is a weak copyleft license, however, if an entity violates that and this goes in front of court, they would argue based on the fact that it has originally been licensed under the MIT license. Copyleft basically only works for complete works, because it is easy to argue that the secondary changes made to a program were not in violation of the copyleft and within the bounds of the MIT license. I understand your enthusiasm to use the MPLv2, but in the case of this fork, it’s just senseless.
The authors of the GPL are aware of this fact and explicitly state that the GPL only works with complete works (or say: original works). Forking a MIT project and licensing it under the GPL is legal, as long as the MIT license is still included, but makes no sense because the very permissive nature of the MIT license destroys the GPL unless the project really has been substantially rewritten with changes licensed under the GPL.
As you probably won’t do that with xmenu, I’d keep it under the MIT. If you can sleep better at night with the MPLv2, go for it.
-
-
You can not do that, because unlike MIT, MPLv2 is restrictive in that regard. What you can do is keep the project as MIT and put the MPLv2 license block at the top of the C4.md file. You also don’t need to include the whole MPLv2 license. If you have the single file C4.md, you can write at the top “This document is licensed under the MPLv2 license” and be done with it. As long as you do not modify the C4.md file, you are not publishing derivative works and are safe anyway.
-
-
I believe you amassed a lot of down votes for downplaying the importance of the license, removing copyrights and then saying that if someone cares he can do the work for you of adding it back in.
It doesn’t matter if it’s the first time you had contact with licenses, you should show some respect and read on the subject before doing changes.
-
Lobsters is a strange forum in terms of whether people will vote at all on a comment or how much. It’s a high-reading, low-writing forum in general which contributes to its low noise impression. The only thing votes should tell you here is what to keep posting or not posting. Your situation is straightforward, though, given your actions:
-
You slammed a community that has some respect here talking about their hostility toward your contributions. Made it something really bad as opposed to just not in their interests.
-
At least one person started linking to mailing list showing the opposite.
-
You removed all credit to the original contributors in your files. Stealing credit is universally hated by any merit-based profession. It’s also illegal in this case.
You got downvotes for these by the people who just wanted it off the site or to punish you for that behavior. Others took the time to write counterpoints or helpful advice. Then, your comments recognizing your wrongdoing and/or apologizing for this got upvotes. That is, your corrective actions received positive feedback from some that were downvoting you before.
To me, it looks like a combo of curation and peer review that’s working as intended by admins and community. There’s nothing prejudicial or pointless going on in the voting. If wanting good reception on forks, just follow the licenses and don’t slam the other parties. Simply say you disagreed so you’re forking it.
-
You removed all credit to the original contributors in your files.
This is also, unfortunately, an extremely common misunderstanding of the MIT/BSD “permissive” licenses. Especially in the proprietary software world, where simply copy/pasting MIT/BSD code into your codebase without acknowledgment is rampant. People sometimes find it out later through disassembly, but usually it goes undiscovered.
To be honest almost nobody seems to understand how these licenses work, even though they aren’t that complicated. You can add restrictions to them, ranging from GPL-type copyleft restrictions all the way up to “all rights reserved” proprietary restrictions, but must in all cases maintain the original copyright notice and acknowledgment of the original authors, in both source and binary distributions of the derivative software. Large companies like Microsoft and IBM, not to mention probably a third or so of FreeBSD’s downstream users, repeatedly demonstrate that they do not understand this, so it’s hard for me to be too harsh towards random free-software forks without legal teams that also don’t understand it.
-
I agree with you misunderstandings are common. I wasnt even griping about that much as the rest. It’s more ethics to me where people building on others’ work should give them credit. Their names in a file aren’t hurting anything. Author could just add his or her name to list of contributors. So, it was more insult than legal injury I was focusing on.
-
-
-
To be honest, the corrective function is too punitive. It doesn’t take hostility to make social people behave in most cases including this one.
I’d think they’d reply the person doing wrong complaining about the results should’ve not done wrong in the first place. Personally, I lean more toward constructive criticism which you already received from others. Others might save time just saying take that BS out of here.
“This could be the last comment I ever write on lobste.rs. Adios amigos.”
Or just submit interesting tech links, stick to technical debate in comments, have facts to back you up, and so on. These will get positive response here and at other tech forums especially since you still got upvotes even in this thread. This very thread would’ve gone 100% differently if you just said, “Here’s (project). It’s a fork of (other project) to add (differentiating features) that didn’t fit with (other project)‘s goals. Also, I’m using (contributor policy) to see if increases amount of contributions or reduces friction with this project like it did in ZeroMQ project.”
Boom. Something possibly worth upvoting, commenting on, or contributing if any reader is interested in that sort of thing. I’ve generalized it to show it can work for many other submissions.
-
-
What caustic comments? I saw this thread had a lot of comments and got curious, after reading all of this I think every single person in this thread was quite level headed and explained your faults (with evidence) very clearly. Multiple people have asked for sources of the abusive comments and I am here to echo that and extend it to this community. I don’t see a single traditional “hate speech” internet comment.
The most terse it got in here was when you removed authorship and violated the license. You might be “new to copyright”, but you in fact attacked those peoples rights and they were nothing but civil to you. I wouldn’t have blamed them for actually being angry to be honest.
-
-
This feels like pure school bullying. Is it so hard to imagine there are people who know little about copyrights? Is it what you say to someone who makes mistakes? Did I say I knew well about copyrights and still ignore them? This is clearly someone who doesn’t care about hurting others because his comments are not linked to his real-life identity. This community is hostile to newbies. It seems people don’t accept the fact that people are not born with knowledge.
to stay with your school analogy: people expect you to do your homework. you are lucky that the suckless people aren’t a big company, which would have instantly sued you. no friendly introduction to copyright and licenses, just a letter from a lawyer.
i have the feeling that this community expects you to rtfm, and i like it that way (community: correct me if i’m wrong here).
i learned from “my years in the internet” to think thrice before i click the post button, which is a valuable lesson. many conflicts can be avoided by this.
This thread lacks empathy and feels even sociopathic. Given that 4~8% of the population are hardcore psychopaths, some people would be actual psychopaths.
you should be careful with such assertions. one could think this is namecalling again. you wouldn’t want people to think that, being interested in treated good yourself.
-
-
I stand behind my words and I would have said them to you face-to-face.
Stopping caring about downvotes is a good thing, they are just internet points that mean very little in the long run. Caring about them too much just turns the conversation into “me-too” circlejerking with no other opinions raising up in fear of losing internet points.
Not really sure that what parts of internet you are using, but Lobste.rs is one of the nicests places around.
-
Thanks for the examples.
Personally, I’m often confused because people see hostility where I see none. I don see hostility in those examples either. This worries me, because it means that I my comments could be seen as hostile without me intending it.
My only idea would be to use more smilies/emojies. Would the following remove the hostility?
You should not expect us, people who all make our livings and channel our passions into programming, to shrug off your actions without some degree of affront. ?
-
This is clearly someone who doesn’t care about hurting others because his comments are not linked to his real-life identity.
Maybe I just don’t care about hurting others who keep disregarding good advice and who, at the first sight of conflict, cry “help help i’m being repressed!”
Also, have the guts to cite my name: @angersock . Failing to cite sources is basically what landed you in this mess, in case you’ve forgotten.
(Also, you shouldn’t assume gender on the internet, pro tip, unless you are able to back up why you think a he is a he. I’m a sock, preferred pronouns sock’s/sockself).
This community is hostile to newbies
Other folks, like @ruki, were newbies and have presumably had different experiences.
This community is hostile to people who make accusations without good evidence and who try to tar the good (ish) name of others. @FRIGN, for example, was pretty reasonable until you got them annoyed.
Painting us all with the same brush is also what got you here.
rain1 turned out to be a relatively reasonable man, though.
@rain1 tends to be a bit of a sympathetic ear on this sort of thing, rightly or wrongly. A lot of us aren’t.
-
-
-
-
-
-
-
at one point downvotes were deactivated, but that also wasn’t optimal. https://lobste.rs/s/csd2tj/week_no_story_downvotes
saying someone is hostile for not accepting patches is hostile in itself (i haven’t read the original discussion). i guess this led to downvoting you. maybe combined with the license fuckup (which can happen and seems to be fixed).
-
-
-
I get mixed feelings about this. On the one hand, it forces enough transparency that some people might do it less on impulse or consistently troll a person. On the other, it can escalate politics where people might accuse each other of biases and ganging up. That would create nice tangents like this one where we discuss or argue about votes instead of OP. I didn’t suggest it for that reason.
-
-
The old Kuro5hin made votes public, and I found the opposite. If someone just never liked my comments and downvoted them routinely, that was fine, it’s easier to ignore it. If someone I respect downvoted one I might think twice about whether I was at fault. Removes the weird uncertainty/anxiety around “one or more community members, but we won’t tell you who, don’t like your participation here”. And people were less likely to feel the need to ask “who downvoted this and why?!” b/c you could see who downvoted it, and based on that, could often surmise why.
And for the upvotes it was even more useful. Made the place feel less impersonal. Instead of counting “7 anonymous people liked this post”, you started to recognize names of people who consistently read/liked your posts. It also made it easy to give a quick “thanks for the reply, that was helpful” by upvoting without replying to end a thread, if that’s all you had to say. Similar to the role likes play on Facebook and Twitter, more recently.
-
-
-
-
-
People are ganging up against me and crocket with comment downvotes and it’s basically the worst part of the anonymity the internet provides with none of the good parts.
i wouldn’t call it “ganging up” if a comment has around 0 points. that may be only one downvote.
i guess the best thing would be to just ignore it if you are downvoted. maybe just someone on the other end having a bad day.
-
-
-
This may also be a cultural thing. Suckless is heavily influenced by German culture, especially when it comes to criticism. I am German myself, as most of the core suckless developers are.
From what I’ve learned over the years, the US-American way is rather superficial. You would never publicly criticize a person too harshly. In case it happens, it is considered a personal attack to publicly shame somebody. Maybe we are witnessing a cultural shock. Me being German, I am used to harsh criticism, even in front of many people. It’s not considered an attack, but by the general German public it is considered honorful to address problems in such an open way. In my opinion, it is also the most efficient way to deal with criticism.
For someone who grew up with the US-American culture, this may lead to a completely different interpretation. Added to this, we are dealing with textual communication, which omits 95% of non-verbal communication.
“Basic protection” just leads to censorship, because unpopular opinions get reported and removed. You may draw a line at attacks, but for that, you’d need fair moderators, which are often not given. So better yet, the individual should learn to deal with this aspect of internet communication and move on.
-
-
Clear rules always need people who enforce it. If none are present and this is moved to the readers, we end up with censorship of unpopular opinions.
However, if the manpower is present, I agree with you that it can work out very well. The subreddits you mentioned are a good example.
-
-
-
-
-
There were some degrees of verbal hostility.
You need to quote things in support of this kind of accusation, as that is itself a kind of hostility.
This thread has been, by and large, very polite to you considering that you erased the owners and authorship of a bunch of peoples’ hard work from the code you decided to fork.
Whether on purpose or by accident, you plagarized others’ work.
I’m sorry if this is viewed as an “attack”, but it’s the truth. If you read the licenses in question, there’s little doubt that what you did was both against the license (illegal) and against the legacy of the people whose work you’re building on (immoral).
You should not expect us, people who all make our livings and channel our passions into programming, to shrug off your actions without some degree of affront–especially when you chose to be so glib about supposed hostility from the people you stole from.
EDIT: One minor addition–you sorta argue elsewhere that “well I thought the commit history was enough”. If these files are ever moved to another system, or if the VCS loses that commit information for whatever reason, then the copyright and license information in those files is the only way that attribution is correct.
If somebody else decides to fork your project (because it’s now MPLv2 and should be okay to do so!), and then is too lazy to preserve history (and this happens all the time when transferring bewteen VCSs), then magically the authorship of the library is lost.
As I said elsewhere, just put the attributions back, keep the license, and spend your innovation points on improving the code instead of the legal stuff.
-
-
-
-
although getting downvoted by anonymous people feels horribleGrow yourself a skin and shrug it off as it is supposed to be. This is the internet and wild things happen here. I am amazed you lose sleep over some downvotes while in other places on earth, people are struggling to get clean water or in war zones are not sure if they’ll survive the day. Keep that in mind. I’m telling you this in a friendly way, hoping you have not fallen into depression due to that and other factors.
Look around and put your life into perspective. This way, these downvotes will become irrelevant, as they are. We are facing a dramatic financial crisis in the next 2 years and face existential problems along the way, maybe even the danger of a world war. We have never been closer to a nuclear war since the cold war ended. Inform yourself and stop worrying about “hostile attacks” by people you don’t know. Most of the time, downvotes exist for a reason and in general, the internet is a volatile place.
You are also working within the comfort of anonymity, so what’s the problem? All this stuff won’t be attached to your name anyway.
-
Using multiple licenses in the same project is a headache for everybody involved.
Stop being cute, just use the MIT license.
(also really you figured you could just “lol I’ll delete this license i don’t like”? srsly?)
-
-
-
-
-
-
Really?
I’d hope not, and would find that fairly disturbing; I tend to watch the moderation log and have never seen any entries, and for the moderators to do those changes without an entry would go against the site’s pledge for transparency.
I’d hope this is simply “tempers cool, calmer heads come in, and people tend to undo the downvotes”.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
That’s why I always open man-page/documentation before using a function. Until I know man-page by heart I will reopen the man-page and even then - better safe than sorry.
It is a bit funny how auto-completion in many cases would only give a false sense of understanding. But maybe it’s better than when I was using it. One could argue that it’s C’s fault, but surprising behavior can happen in every language and especially in an older one.
-
-
munyari
1 year ago
|
link
| on:
Second crowdfunding campaign for qutebrowser - a keyboard-focused, vim-like browser
I love the idea behind qutebrowser, but it unfortunately still crashes too often, causing me to revert to chromium.
-
What backend are you using (see
:open qute:version)? With the last qutebrowser release and either the QtWebKit-NG (only packaged on Archlinux currently, asqt5-webkit-ng- and there’s a Gentoo ebuild) or the QtWebEngine backend (based on Chromium, you’ll need to start qutebrowser with--backend webengine, but with the new config there’ll be an option for it), I haven’t seen crashes in a long time.-
Actually, since I wrote that comment I opened up qutebrowser and am pleasently surprised to report that it has not crashed in the past three hours. I had previously used the webengine backend but still had major stability issues, even while running of the qutebrowser-git package from the AUR, just two or three ago. Hopefully it’s stable enough to become my daily driver now. Keep up the good work! :)
EDIT: 3 more hours later, I’ve had it crash 3 times. Seems to struggle when my shitty internet connection suddenly goes away.
-
Ouch. You’re most likely running into this Qt bug then.
Currently qutebrowser still creates a QNetworkAccessManager even with QtWebEngine as it’s needed for some kinds of downloads (like the adblock lists). I want to convert those places to use the QtWebEngine/Chromium network stack as well, but QtWebEngine is still missing an API to do arbitrary downloads.
Either way, qutebrowser can probably avoid creating a QNAM if it’s not needed, so this Qt bug doesn’t happen until a QNAM is needed in some way, at least. I opened an issue for that now.
-
-
-
-
I found that neovim is much, much faster than vim, with a comparable setup. I would highly recommend trying it. I have been using neovim for over a year now, it’s very good. A lot of high quality plugins are being written with support for only neovim now.
Additionally, I would highly recommend fzf.vim over CtrlP and others. I have tried all of the major fuzzy finding plugins for vim, and fzf.vim is by far the fastest and works how I would expect.
I stopped using CtrlP because in a large project (several hundred thousand files), searching for a small string “icp” would not find “app/models/icp.rb”, but would instead find longer and more irrelevant results. fzf.vim works as I expect in this case.
You also never need to invalidate the cache, it rebuilds every time you search. It’s fast enough that you can use it to search all files on your computer. You can do
locate / | fzfand it’s ready to go in a second or so (you can still search while it’s indexing). In normal projects it’s pretty much instant.tl;dr: use neovim and fzf.vim. All hail junegunn.
Edit: Oh, and if you want to use
ctrl-pto activate it, add this to your vimrc.noremap <c-p> :FZF<CR> -
-
One example is CtrlP. It is currently the most recommended way of opening files in Vim. The default setup can be improved by using The Silver Searcher to find the files and using ctrl-py-matcher to match files with your search query. I always had issues with it.
I see ripgrep + fzf recommended much more often nowadays
From having to refresh every time I made a new file, to folders such as node_modules being included in the results unless I refreshed again (although this could be an issue with The Silver Searcher).
Did you set this in your agignore?
One of the settings that really slowed my Vim down, was the relativenumber setting. If you are not familiar with this setting, what it does is instead of displaying the actual line numbers in the file, it displays the how many lines away a line is relative to your current line. If that sounds confusing, just type :set relativenumber and you will see what I mean. Apparently this can make your Vim really slow when moving up and down.
TIL! Looks like
:lazyredrawmay help with this? In any case, definitely not the first culprit I would point to for slow down, so thanks.-
I see ripgrep + fzf recommended much more often nowadays
I was not aware of fzf. I will try it out someday.
Did you set this in your agignore?
No, but it was in my gitignore, which ag supposedly used as well. That folder would appear randomly every time I refreshed.
TIL! Looks like :lazyredraw may help with this? In any case, definitely not the first culprit I would point to for slow down, so thanks.
lazyredraw helps a bit but not when you are required to scroll.
-
-
if(transaction.merchant == "Deluxe Coffee") { root.postOnSlack('#coffee-club', 'Sarah bought a coffee!'); return true; // Approve transaction } else { return false; // Fail transaction }Anybody who thinks they can write better fraud protection than the industry leaders is delusional.
-
Anybody who thinks they can write better fraud protection than the industry leaders is delusional.
Don’t be so dramatic. I can think of several trivial examples, for example:
If I have a card used only for recurring transactions, then I can know the exact merchant, amount, and day-of-month to expect every transaction. I can use a whitelist, but none of my credit cards support such a thing.
I could have it post an interactive message to slack or SMS me for everything else, with a button to “add to whitelist” and simply ask the company to retry my card if they get a decline. My American Express app shows the approval in real time but nothing I can do to stop/revert/abort it.
I might lend someone my card and enable merchants within a few miles of me.
And so on. This sounds awesome to me, and I’m eager to try it out.
-
If I have a card used only for recurring transactions, then I can know the exact merchant, amount, and day-of-month to expect every transaction. I can use a whitelist, but none of my credit cards support such a thing.
Never thought about this, but that would be an amazing card feature
-
-
-
Doesn’t seem to work from the Tor browser bundle
-
Neat. Now, who to follow?
-
All aboard the follow train - https://mastodon.social/@mulander
-
-
Followed. I just set up https://mastadon.social/@munyari
-
I wondered why this link wasn’t working for me until I saw “mastadon” should be “mastodon” :P
-
I, too, am on this network, at https://icosahedron.website/@mjn
-
-
-
-
Something that I think would fit the federated model well, if @jcs wanted to do it (or let someone else do it with the domain), is if there were a lobste.rs server. In addition to being able to follow individual people who use any federated server, the client also supports viewing a global firehose (all federated servers) or a local firehose (just this server). The latter, on smallish servers, can provide a kind of IRC-like community, while also interoperating with the broader Twitter-like usage.
I think people are still working out what the social configuration of a federated system would look like, though. Some tech exists, but a lot is still up in the air.
-
I’m https://mastodon.social/@stevelord if anyone wants to follow me. Mostly posting AVR development and security stuff.
-
-
-
I’m there, https://mastodon.social/@balrogboogie
-
-
skade
1 year ago
|
link
| on:
Google Summer of Code Student Stipends (in 2017, based on Purchasing Power Parity, per country)
Does that extend to the amount paid to the mentoring organisation?
-
-
-
-
Ah, I misrembered that, too. Last year, the additional travel fund was just relatively close to what the student got as a stipend payment, so I confused that in my head.
Thanks!
Also fun:
Google is not required to pay any invoice submitted more than ninety (90) days after the end of the Program.Always nice to lend poor international companies money.
(For reference, old rules are here: https://web-beta.archive.org/web/20160615150102/https://summerofcode.withgoogle.com/rules/ )
-
-
-
-
-
Surprised not to see Neural Networks and Deep Learning
-
fs111
1 year ago
|
link
| on:
alert-after: CLI utility written to Rust to get a desktop notification after a command finishes
why not use
$ some –command; osascript -e ‘display notification “Done!!” with title “Done!”’
on your mac? (there are equivalents for gnome, kde, X etc.)
-
-
Good point! I forgot about shell aliases. I opened an issue to track adding support for that:
-
One option would be to just always run the command through the user’s shell. Yours isn’t the only otherwise-cool utility that doesn’t work on aliases. I recently found https://github.com/chneukirchen/nq and was super stoked until I realized it barfed on aliases. I may submit a PR to support that if I find time.
How do you like Rust? I haven’t found enough time or motivation to wrap my tiny brain around it yet :-(
-
-
-
I don’t think alert-after actually does this yet, but one advantage of using a wrapper is that it can check the exit status and automatically give you a success/failure notification. You could do that in shell too, but it’d be much more tedious to write out by hand every time.
-
-
-
A 101-character suffix on a command, versus the OP’s 2-character prefix on a command? Yes, I’d call that “much more tedious”.
(it would be pretty easy to turn your command into a shell-script wrapper with a two-character name, but that’s just an argument about implementation, not about whether a wrapper is a good design)
-
-
-
-
-
-
-
Amazing how Mozilla marches Firefox to it’s own death. Just more horrible interface options and zero creativity except to mimic Chrome.
-
-
The cartoon characters are unappealing. I realize this is a subjective opinion, regarding taste, but for a utility to adopt a mascot, or anthropomorphic-character-oriented motif, very careful consideration must be given to the degree of “cutesiness” expressed.
Compare the Plan 9 bunny:
To Microsoft’s Clippy:
Viewed repeatedly, one takes on a sense of irritating condescension while the other does not.
-
-
-
-
FYI - Your linked favorite SICP videos are going away from YouTube. Seems Berkeley is putting them behind campus auth.
I hope you can find another resource! I would find it very useful.
-
-
-
-
You can find links to all their lectures (including torrents) on archive.org.
-
-
-
-
-
-
As a result of the SS7/GSM MAP security research, seeing how slowly fixes are rolled out world wide and looking at how RADIUS turned into DIAMETER and re-introducing some of the conceptual flaws from SS7/GSM MAP, it is necessary that for 5G or 6G core networks we need to take over the standardization from big corporations and put people first. With your help and support we can get there.
How do you propose we do that?
-
OP, why not submit your updated C version?
-
They cannot because it breaks the rules of the game.
They would have to submit it to khash, get it accepted there, then get the game to use the newer version of khash. Not impossible, mind you, but more work.
-
mosh is amazing. I discovered after ~3 months of dropped ssh connections over a very poor internet connection. If only port forwarding was possible.
If someone wants to make some money: https://www.bountysource.com/issues/4471419-ssh-port-forwarding-doesn-t-work
If only there was a native Windows client …
Port forwarding is absolutely possible: Use ssh for it.
If you want a proper VPN that stands up to a lossy connection, use IPSEC with a dummy network.
mosh is secure remote desktop for terminals: Such a thing didn’t exist before mosh (or it wasn’t very good), but forwarding TCP is a solved problem.