• 0 Posts
  • 31 Comments
Joined 4 years ago
cake
Cake day: February 15th, 2021

help-circle

  • I don’t understand the posh stylistic decisions around padding, rounded borders, etc. How do those things make the UI better exactly?

    As someone who used low resolutions for most of my University years (I did my thesis in a tiny ultralaptop), I relied heavily on a custom gtk2 theme I had to write to remove most of that padding that made the UI feel so unnecessary and my screen so cramped.

    Gnome now pushing for removing theming completely and relying on just color scheme customization feels totally backwards to me. I don’t have an answer for OP sadly… other than just using terminal / tui apps more whenever possible.


  • It’s true that they say both things out of comfort.

    Though to be completely honest, both statements are not contradictory. They are not necessarily accepting that they do have something worth hiding, but just stating that hiding is too difficult these days anyway. That does not mean (sadly) that they would start doing it were it easier, just that they have even less of a motive to care about it now that hiding is so much harder (to the point of almost being “a myth”).

    I’m not saying they are right, I’m saying that lack of consistency is not the problem with that attitude. It’s not a “shift”, just a consistent continuation of a lazy attitude towards comfort.


  • You share public keys when registering the passkey on a third party service, but for the portability of the keys to other password managers (what the article is about) the private ones do need to be transferred (that’s the whole point of making them portable).

    I think the phishing concerns are about attackers using this new portability feature to get a user (via phishing / social engineering) to export/move their passkeys to the attacker’s store. The point is that portability shouldn’t be so user-friendly / transparent that it becomes exploitable.

    That said, I don’t know if this new protocol makes things THAT easy to port (probably not?).


  • I’m ok with not considering it “public good” when something has a license that sets conditions and it’s under Copyright of a particular private person/entity. But if you do need to ask consent to a private party for the use of something in a derivative work of certain conditions, then I don’t think it makes sense to call it a public good.


  • Yes, that’s why im saying that this kind of problem isn’t something particular about this project.

    In fact I’m not sure if it’s the case that the builds aren’t reproducible/verifiable for these binaries in ventoy. And if they aren’t, then I think it’s in the upstream projects where it should be fixed.

    Of course ventoy should try to provide traceability for the specific versions they are using, but in principle I don’t think it should be a problem to rely on those binaries if they are verifiable… just the same way as we rely on binaries for many dynamic libraries in a lot of distributions. After all, Ventoy is closer to being an OS/distribution than a particular program.


  • That’s ok if we are talking about malware publicly shown in the published source code… but there’s also the possibility of a private source-code patch with malware that it’s secretly being applied when building the binaries for distribution. Having clean source code in the repo is not a guarantee that the source code is the same that was used to produce the binaries.

    This is why it’s important for builds to be reproducible, any third party should be able to build their own binary from clean source code and be able to obtain the exact same binary with the same hash. If the hashes match, then you have a proof of the binary being clean. You have this same problem with every single binary distribution, even the ones that don’t include pre-compiled binaries in their repo.




  • Yes, I don’t think it’s just about the execution of Win32 code, but also the possibility of MS using marketing techniques and dirty manipulation methods to give themselves advantages within the Windows platform to sway the general public to their store in a similar manner as how they push their browser, their MS Teams communication platform, their One Drive Cloud Storage, their search engine, their data-collection tech, their assistant, etc.


  • Ferk@lemmy.mltoLinux@lemmy.mlHyprland is now fully independent!
    link
    fedilink
    arrow-up
    3
    arrow-down
    1
    ·
    edit-2
    4 months ago

    Which is why you should only care about the personal opinion of those people when it actually relates to that reliability.

    I don’t care whether Linus Torvalds likes disrespecting whichever company or people he might want to give the middle finger to, or throw rants in the mailing list or mastodon to attack any particular individual, so long as he continues doing a good job maintaining the kernel and accepting contributions from those same people when they provide quality code, regardless of whatever feelings he might have about whatever opinions they might hold.

    You rely on the performance of the software, the clarity of the docs, the efficiency of their bug tracking… but the opinions of the people running those things don’t matter so long as they keep being reliable.


  • Ferk@lemmy.mltoLinux@lemmy.mlHyprland is now fully independent!
    link
    fedilink
    arrow-up
    3
    arrow-down
    1
    ·
    edit-2
    4 months ago

    I have contributed to other projects without really needing to get involved in their community in any personal/parasocial level, though.

    I just make a pull request and when the code was good it was accepted, when not it got rejected. Sometimes I’ve had to make changes before it getting merged, but I had no need to engage in discussions on discord or anything like that. I’ve been in some mailing lists to keep track on some projects, but never really engaged deeply, specially if it goes off-topic.

    If I find that a good code contribution is rejected for whatever toxic reason, then the consequence of that is the code would stop being as good as it could have (because of the contributions being rejected/slowed down), so it’s then that forking might be in order. Of course the code matters.


  • Ferk@lemmy.mltoLinux@lemmy.mlHyprland is now fully independent!
    link
    fedilink
    arrow-up
    11
    arrow-down
    2
    ·
    edit-2
    4 months ago

    To his point: if not “discuss”, what is the correct approach against fascism? war and murder? dismiss it, try to “cancel it” without giving any arguments so it can continue to fester on its own and keep growing in opposition?

    To me, fascism is a stupid position that doesn’t make much sense, to the point that it falls on itself the moment you “discuss” it.

    I would have expected that it would be the fascists the ones unable/unwilling to discuss their position, since it’s the least rational one. So it’s certainly very jarring whenever I hear people jumping to defend against fascism while at the same time stopping in their tracks when it comes to discussing it. Even if those unable to reason might not be convinced by our arguments, anyone with reason would. Rejecting discussion does a disservice, because it does put off those willing to listen and strengthens those who didn’t really want an argument anyway.

    Like flat-earthers, they should be challenged with reason, with discussion. Not dismissed as if it were true that there’s a huge conspiracy against them. Whether they listen or not to that reason, dehumanizing them and rejecting civil and rational discourse would play in favor of their movement.

    Stating “genocide is bad” should NOT be a statement of faith. Faith is the shakiest of the grounds, if we are unable to articulate the specific reasons that make genocide be bad, then we are condemned to see it repeat itself. So, I’d argue it’s for the sake of the victims in Auschwitz that antifascism should not be turned into a religion, but into a solid and rational position that’s not distorted nor used willy-nilly.



  • Bash. By default it might seem less featureful than zsh… but bash is a lot more powerful and extensible than some give it credit for. It might be more complex to set it up the way you like it, but once you do it, that configuration can be ported over wherever bash exists (ie. almost everywhere).



  • In that counter argument they are essentially admitting that 99% of their content was distributed without the copyright holder’s consent.

    In the CDL lawsuit, they have admitted that of the millions of books we have digitized, they themselves have only made about 33,000 available to libraries; only about 1% of what we have done, and only under restrictive and expensive license agreements. This is, they claim, the essence of their copyright rights: the ability to restrict access to information as they see fit, to further their theoretical economic interests, without regard to libraries traditional functions and the greater public good.

    Was it fair use in the past to redistribute reprints/format-conversions of works without the copyright holders consent?

    I agree that copyright law sucks… but that’s why it needs to change so it actually serves “the greater public good”. The judiciary system is not the right place to advocate for that (they don’t make the law, just interpret it), so I don’t really think there’s much hope in them winning this. Sadly.


  • “you want a government backdoor on GPL licensed code? publish the backdoor for everyone to use, see and exploit/check for themselves. And/or watch as people simply take a version of the software built from a more reputable source without that backdoor instead. Thanks for the money!”

    “you want to force all foss projects existing in the global internet across countries to get paid by you or close? enjoy your logistic nightmare as you pay to be made fun of by all other countries while I fork projects with one click”


  • If they really think there’s no reason to hide anything, why are they prosecuting Snowden for exposing something that was hidden?

    Before having surveillance on people, they should have it on themselves.

    Imagine how many corruption cases could have been prevented if the government was publicly monitored, with live streams from all offices, like a “big brother” show set up in the white house with live recordings of all calls and communications, so the voters can judge by themselves and monitor if the person they employed as the servant for the country is doing its job.


  • I expect it would be technically possible to have lemmy-like or peertube-like services built on top of the AT protocol Bluesky uses, like with ActivityPub. And I expect if/when that happens the communication across services would probably work too.

    In fact, accounts being “portable” in the AT protocol can potentially make the integration more seamless across different services, not only might the posts be seen from different services, but you might be able to directly access those different services with the same account. Imagine if you could login in lemmy with a mastodon account or vice-versa.

    Bluesky is just one of the possible services. But as long as the invites are private and you can’t host your own instance, I wouldn’t even consider it an alternative. I think it’s a bit early to judge, both its positives and its negatives.