-
Missed the most important customisation of them all: disabling that drafted hot corner!
I don’t really get the user extension hate however. Sure we all have to bash JavaScript, but the fact that gnome shell is scriptable and extensible would be a draw to most “power users” imo. And I’m certain disabling user extensions does nothing more than not searching the extension directory in startup and certainly does not disable any core parts of the shell.
-
Honestly this has no right to be making me so nostalgic. Better days there were not but I miss them nonetheless.
-
sdhand
5 months ago
|
link
| on:
EU wants to require platforms to filter uploaded content (including code)
Screw just writing to your MEP to exclude software repositories, write to them to scrap the bill entirely. Mandatory auto copyright enforcement benefits no one except except large studios and labels.
-
I don’t see how sending magic codes is better UX. It requires the user to leave the context of my application open up some kind of email client, click the link and return to the application.
-
It proves you have control of the email account (Or at least can intercept it :) ). It’s like an “I am this person”. Some people use their email account as their password manager anyway, so this could be at least slightly more secure than that, you have to have current access to the email account, it can’t just be a copy of all their emails from 1 year ago.
-
-
-
I doubt the lambda user would setup pass, dmenu and gpg-agent for this workflow to be easy though. They’ll mostly keep their password manager wide open at all time, which means they still have to switch window, search password, copy it, go back, paste, login. On the other end, receiving a magic link would only have you switch window, click twice, and you’re in. Sounds simpler to me, especially on phone, where inputting a viable master password is a HUGE pain in the neck, as much as switching windows.
-
-
-
-
-
It requires the user to leave the context of my application open up some kind of email client, click the link and return to the application.
I think the idea is that if you have a rarely used app, the users will need to do that to either reset the password or look up the password anyway.
-
-
I’m confused, you disagree with tags and hiding threads, but yet you want a tag to do exactly this.
And to voice this opinion you start the exact kind of thread that you don’t want to see.
Surely you understand that other people feel this way about other topics, hence the existence of other tag suggestion threads.
With this being said I think adding the tag is a good idea, I just find your position contradictory.
-
-
-
The Humane Representation of Thought - Bret Victor
-
On the Turing Completeness of PowerPoint - Tom Wildenhaim
-
Watch for Rolling Rocks - 0.5x a Presses - Pannencoek (maybe not strictly cs, but goes into a lot of detail about just how a game can be exploited to ridiculous lengths)
-
That Pannencoek video is impressive. I know games are broken, and I understand how the LoZ: OoT record got reduced to what it is now by glitches and clever manipulation of hitboxes, map loading techniques etc. But that Pannencoek stuff is on another level. He had to sit there, and plan it, and try it, and rinse and repeat, until it worked, and then he can claim a “0.5x A presses” run. Crazy shit. lol
-
-
I would say Stephen Kell’s work on the “lurking Smalltalk within Unix” has been on my mind the most.
His papers are full of great information and thoughtful arguments (full list on his personal site). At times, they can be dense, and they might take a few readings to absorb, but that’s true of anything worth reading. It’s all “systems” research and not particularly mathematical, so there shouldn’t be any fundamental barriers.
I think it is worth comparing Unix to SmallTalk/Lisp. The latter systems definitely have a “purity” to them, but people sometimes overlook that Unix can do the same things. His work on liballocs is about reflection over C data types in Unix processes. It has some philosophical similarity to DTrace.
FWIW it also reminds me of one of my blog posts, where someone suggested a Lisp-ish solution, and my response is that “Unix can already do that”. [1]
I think what I like about his work is that it’s inherently “conservative”, trying to understand what existing systems already do – which is surprising in many cases! I think a lot of papers are suggesting new things without adequately understanding what practitioners already do.
http://www.cl.cam.ac.uk/~srk31/#onward15
http://www.cl.cam.ac.uk/~srk31/research/papers/kell15towards-preprint.pdf
Videos:
https://www.youtube.com/watch?v=saIFAQdxD-U&feature=youtu.be
-
-
There is another step which is sort of optimized away… but you can force it to re-appear with the -S gcc option
The compiler, I believe originally generated assembler, which then was assembled into the object file.
I think these days that steep as been optimized away and they are going direct to machine code. (I no longer see “as” running when I compile, but you used to in the Bad Old Days.)
-
-
You’re right, I tested sloppily (looked casually at top and didn’t see it) but if I strace yes it, it runs “as”
-
-
-
This article has a very low quality: it reports on two not interesting facts (retrieving code via http and loading a DLL from current directory). Why is it upvoted so much?
-
Two relevant points at least: (1) an unverified binary is downloaded and installed and (2) on Windows outdated and likely exploitable versions of OpenVPN and OpenSSL are installed.
Then there’s the other more trivial stuff in the article that may or may not be interesting.
Despite the abrupt nature of the article, it seems worth talking about.
-
Yeah, I’m kind of appalled that the author completely glanced over the setup step where you download the script asking you to send your password over an unsecured connection. Forget about a man in the middle attack that switches the script, all you need is to log the HTTP requests and you get the user’s password.
-
-
-
-
-
This article is so confused it actually made me wonder if I might have missed some important information about paths all these years, which could have caused that…
If
/directory/filepoints to a file calledfilein a directory calleddirectory, where does/directory//filepoint? Is it a file calledfilein a directory calleddirectory/? Is it a file called/filein a directory called directory?/isn’t allowed to be part of a filename.Only the treatment of // at the beginning of the path is implementation specific.
Luckily, most of the time multiple slashes are to be treated as a single slash.
The pathname resolution is covered by POSIX.
/is a path that points to the root directory, whatever that means.As explained in the link above it’s the root directory of the current process, which indeed might not be the same for all processes.
Escaping
/(and other characters) is usually done with a backslash (\) character.As mentioned above
/isn’t allowed to be a part of a filename. Even if you precede it by\it is still not part of the filename, but always treated as a path separator. Thusdir\/filerefers to a file calledfilelocated in a directory calleddir\.What does ‘/.’ mean?
The link above states that “[t]he special filename dot shall refer to the directory specified by its predecessor.” And since
/refers to the root directory of the process, so does/.. POSIX doesn’t have a concept of file extensions.Never mind that not every user need necessarily have a home directory or that the concept of a ‘user’ may not even exist!
The second link refers to the Wikipedia page for unikernels. I don’t see what a unikernel has to do with a critique POSIX concepts like files or users. It doesn’t implement any of them and therefore is irrelevant in a discussion about them.
This means that whenever paths are passed as arguments in a list of arguments that is separated by spaces, spaces need to be escaped.
That’s not an issue with paths themselves, but with how shells treat whitespace. For example there’s no need to escape whitespace when passing paths with C’s
execve().rmwon’t let you remove a symlink to a directory if there’s a slash at the endThat is because the trailing slash causes the path to be resolved to the target of the symlink, which is a directory, which
rmdoesn’t remove unless-r,-Ror-d(some implementations) is specified. Compare the output ofstat my-symlink-to-a-directoryandstat my-symlink-to-a-directory/. -
-
The irony is it’s not long since someone managed to escape this “secure edge sandbox” and end up with full privelege escalation. The idea that edge is any more secure than any other major browser is laughable.
-
https://lobste.rs/s/vnaih0/goto_multiple_inheritance_eval Comment thread from last time (a differently formatted version of) this article was posted.
-
sdhand
1 year ago
|
link
| on:
Not OK, Google: Burger King advert designed to hijack Google Home speakers backfires
I really don’t see how burger king are causing “an invasion of privacy”. I find it very odd people who are willingly having an always on microphone in their home are complaining about this.
-
-
The alternative is to blame oneself for lack for diligence in deciding what device to purchase and how to configure it to be useful and secure.
People have a tendency to demand extraordinary measures for their security when somebody can be made responsible for it but if they themselves have to be responsible i.e. putting on a seatbelt or driving safely, well we can’t have that.
-
BK wasn’t simply the “messenger” here, they actively exploited it.
Security researchers tend to avoid affecting actual users in cases like this (and still get screwed). While there wasn’t any “harm” done, this certainly wasn’t a good faith disclosure. IMO we shouldn’t equate the flak BK gets with the flak that security researchers get when they prove a vulnerability (or responsibly disclose one); they are very different situations.
-
-
Society lives off of respect for others, beyond what’s physically prevented. It’s generally appreciated to not be rude
If I live on the first floor of a building, people might be able to look in my apartment, but I still don’t want people to set bleachers and start selling popcorn.
-
-
sdhand
1 year ago
|
link
| on:
Windows 10 Creator’s Update: What’s new in Bash/WSL & Windows Console
Interested to find out more about how well running Windows programmes from within WSL works. The ability to include Windows programmes within scripts and use piping etc. could be very useful.
-
If you have any specific questions, I’m happy to answer. I’ve worked on and off for the last two months getting to a point where Khan Academy’s entire dev chain runs well under WSL, so I feel I’ve got a pretty good knowledge of what works well, what works at all, and what’s broken or painful. At a high level, I’ll say that, beginning with some of the Creator’s Update betas, I’ve been really impressed; the main issues I’ve hit have to do with the Windows and Linux file systems, while both being accessible from the others' tools, not using the same paths, semantics, permissions models, and so on. The most concrete issue that’s brought up is that, while Khan Academy’s website runs in WSL just fine, and while you can check the code out on Windows, you cannot run the thing from the Windows checkout, and you cannot edit a Linux checkout with a Windows program (such as PyCharm). I’ve handled that by running PyCharm in X from WSL, but…yeah.
-
you cannot edit a Linux checkout with a Windows program (such as PyCharm).
I hear they’re going to be fixing this soon; I thought it was in this update, but they also didn’t mention it.
-
I’ve heard they’re going to fix it, but I haven’t seen them actually do so yet. “All” they’d have to do is not clobber the NTFS file stream in charge of Unix permissions, and I assume they deliberately picked a brand-new and weird location for that stream specifically so that they could transparently have the Win32 subsystem not touch it, but this was still broken as of roughly one month ago on the Slow insider update channel.
-
-
-
-
Please stop adding author and summary to titles.
-
-
Generally speaking changing titles is not great–it confuses search, it adds opportunities for editorializing, etc.
If the title is vague, filling in the story description is usually a better option. That also lets you do things like link out to relevant background material.
-
If the title is vague, filling in the story description is usually a better option.
The real takeaway from the comment. For any new people reading, Lobsters' homepage has a symbol to the right of the title that looks like this…
http://graphemica.com/%E2%98%B6
…that links to a description giving extra info on the article. Result looks just like the page you’re seeing but with the text right under (example) “via ThisIs_MyName.” That comes from the text field of Submit Story. Most regulars seem to prefer you use it for extra details that might clutter up a title on front page.
-
-
-
Will do.
-
-
It’s fine to add them–just in the story description and not the title. :)
-
-
-
-
michaelochurch
1 year ago
|
link
| on:
Goto, multiple inheritance, eval, and recursion—They still have use cases
Ah, this “awkward squad”.
The C language’s
goto, I believe, is limited within function scope. It’s not nearly as dangerous as BASIC’s version, which allows you to warp anywhere in the program. Assembly code has unrestrictedjmp, which is just poking the instruction pointer, but that’s bad in source code. What makes C’sgotoreasonable or abhorrent is the size of the function. If you have a 20,000-line function, then it can exacerbate your problems but it isn’t the only one.For non-local jumps in C, you have to use
setjmpandlongjmp, which have their own restrictions.With multiple inheritance, the problem is often inheritance. Object-oriented programming has some use in terms of managing allocated blocks of memory, but in general, object-ness is a complication relative to declarative data that we should only use when it’s absolutely needed, and the number of cases where even regular inheritance, much less multiple inheritance, are the cleanest model, is small.
With
eval, I generally agree that it doesn’t necessarily deserve a bad rap, but it’s usually a sign that you’re doing something wrong. But as always, there are exceptions.Recursion doesn’t belong on this list, in my opinion. It’s not weird, and it’s only a problem because a lot of languages have mediocre compilers that can’t handle it. (A good compiler will generate fast, iterative code when possible.) The only environments where I’d put recursion on the “please avoid” list are low latency environments (if recursion depth can’t be known statically) and in embedded systems with very little stack space (at which point, I’d be inclined to favor static memory allocation as much as possible).
-
Instead of using goto I like to use a parent and child function instead of goto, the parent does the init and destruction, the child does some work and returns whenever as many times as it feels like. This way the destroy code is always called, it’s effectively like basic, local RAII. Lambdas and classes can be used in C++ to keep the code even simpler.
Apart from virtual function callbacks, I’m finding that I can usually avoid using inheritence at all, let alone multiple inheritence, composition always wins.
Recursion is fine as you say, you just need a max depth counter, or you need to manually unroll your recursive functions if you are on restricted hardware.
-
-
I wonder if he included recursion because it’s recursion.
-
-
-
-
nickpsecurity
2 years ago
|
link
| on:
Walking is 3 times more expensive than driving, from a fuel perspective
Just going by title, tell that to the people who live on $1-2 a day walking plenty. They couldn’t even afford a Ford Pinto. They can’t afford the gas for a hybrid if there’s a significant commute. Doesn’t sound like Im living the budget option with my vehicle.
-
-
If you are talking about people living in the US, you have to keep in mind that even though they may not be paying for their food, someone is.
-
-
Because in countries without a welfare system, those people often eat refuse instead of food.
-
People on welfare here in America eat refuse, too. It’s just lower-risk, tastes better, mis-labeled as food, and requires scrutinizing ingredients list to know it’s refuse. Multi-billion dollar industry.
-
To be fair, middle class people eat that sort of refuse as well. ;)
-
-
-
-
-
-
In my country, they abolished TV licensing and repaced it with a tax that everyone (beyond a minimum level of income) pays whether they use the Yle services or not. I would prefer vans.
-
-
I’m assuming this is just trying to scare people into paying the licence. If it isn’t then whatever method there using should clearly be fucking illegal.
-
spoiler: no.
I usually link to Betteridge’s Law when I write a post like this, but didn’t this time.
Apparently a significant portion of people found the title to be clickbait-y, but I thought it was a pretty straightforward question. Oh well!
This knee-jerk reaction against “clickbait” kind of annoys me. Imo there is nothing wrong with an article having a title that attempts to engage a reader and pique their interest. I would also much rather a title pose a question and answer it in the article, rather than containing the answer in the title itself. (The latter can lead to people just reading the title and missing any nuance the article conveys).
I agree. Clickbait really implies that the article has no meaningful content. If the article is actually worth reading, it’s not clickbait, it’s catchy.
It’s a fine title, imo. Maybe there’s a better one possible, but it’s fine.
“WebAssembly is not the return of Java Applets and Flash.”
Edit: I did enjoy the article, however.
Edit2: As site comment:
I had no idea what the “kudos” widget was, moved my mouse to it, saw some animation happening, and realized I just “upvoted” a random article, with no way to undo it. Wondeful design. >.<
That’s fine, and probably an improvement, but worth a correction? I don’t really think so.