Regarding Sci-hub saving operation, I wonder if IPFS would not be the perfect solution for hosting this content. It is all static documents and content addressing would be exactly what's required..

X_Cli boosted

Good thing rust is memory safe. That gives programmers the time and energy to focus on other security relevant issues. :flan_evil:
marc.info/?l=oss-security&m=16

Suis-je le seul à trouver que devoir rechercher à intervalle sur Doctolib s'il y a des places pour se faire vacciner, ça ressemble à une grande lotterie nationale avec pour prix l'amélioraiton des chances de survie des gagnants (sans compter les accès réservés pour les super-citoyens qui ont gagné le droit au "pass sanitaire" ) ?

I am baffled. I sent a diff containing 200k lines of code with git send-email.
Evolution hangs. Kmail hangs when you try to reply. Thunderbird seems OK in some respect but I had to dump it because threading is broken.
So basically, the only MUA with good perf and good threading that I could find is... mutt.

Why is it so fucking hard to do code review in 2021?!

And no, the commit size is not the issue. The issues are broken threading, and low perf on displaying text files.

X_Cli boosted

I am OK with this: hacking GPG compatibility to sign git stuff with signify (or minisign I suppose)

seankhliao.com/blog/12020-10-3

mailman.videolan.org/pipermail

It is funny to see the VLC developers moving from email based workflow to Gitlab. And to read how unhappy some are about this move.
I can only sympathize with them.

Show thread
X_Cli boosted

> Cryptocurrency is a disaster
drewdevault.com/2021/04/26/Cry

Comment:
I own 2 BAT from last month Brave revenue. That's it. I never owned cryptocurrency before that.

I agree with the author.

There is one exception that I want to name: the SCP protocol (Stellar Consensus Protocol) is not based on Proof-of-Work nor Proof-of-Stake. It is really an interesting piece of work, if you are passionate as I am about network protocols.
I don't own any XLM because I'm not sure about the ecosystem though.

With my team, we dumped Gitlab for good. Too buggy and horrific performance issues. We are currently using email code reviews, with git send-email (and vscode+gitlens and mutt), and I have to say that we should have done this a long time ago. Very efficient, streamlined, full-text search that actually works.

Just git. Done right.
Gitlab never again.

Follow-up: the guy never made it to the interview after not confirming the interview for more than 6 days.

Some candidates...

Still looking for a senior system developer, BTW

Show thread
X_Cli boosted

University of Minnesota banned from Linux kernel development and a purge begins:

"Because of this, I will now have to ban all future contributions from your University and rip out your previous contributions"

lore.kernel.org/linux-nfs/YH%2

```
permissions-policy: interest-cohort=()
```
is the new
```
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
```

A fucking header you have to put on every single resource just to compensate for dumb af browser decisions with insane default behaviors.

According to you, what is the maximum acceptable average delay for a candidate to reply to emails, during a job application procedure?
Additional detail: the job is 100% remote.

mathstodon.xyz/@JordiGH/106069

I am reading "Let's unite and be inclusive, by splitting the community." Also, fuck logic.

If I could ditch GNU like I ditched Signal this week, I would have, over this move.

X_Cli boosted
X_Cli boosted

#Signal turning into a crypto-ponzi currency scheme?

stephendiehl.com/blog/signal.h

Surprise!

That Signal:
- isn't really free/libre software (as Moxie denied freedom to redistribute modified version)
- would *never* federate (political choice of centralization)
- updated server software wasn't published
- invaded people's phonebooks
- runs on Amazon+NSA's infrastructure
- is virtually impossible to use out of Google's infrastructure -
- etc.

...didn't seem to be enough to alarm Signal users.

X_Cli boosted

The #Signal messenger has become very problematic lately, and most of its problems come from it being centralised.

You may want to follow and support a decentralised messenger project instead, there are many of them on the Fediverse:

➡️ @snikket_im - New initiative giving XMPP servers & clients a newbie-friendly unified look and feel

➡️ @xmpp - The XMPP standards foundation

➡️ @matrix - Matrix is best known for its Element client

➡️ @delta - Messaging through email

➡️ @briar - P2P messaging

docs.python.org/3/library/os.p

```
>>> pathlib.Path('/titi') / '/toto'
PosixPath('/toto')
```

> If a component is an absolute path, all previous components are thrown away and joining continues from the absolute path component.

I wonder how many path transversal injections are enabled by this behavior.

Apparently, someone thought that was a good idea. To that person, I say "fuck you".

is a horrible language. Just don't.

social.nah.re/@alex/1060114483

People ranting about OpenPGP integration (or lack thereof) in Thunderbird always make me laugh. The issue is not integration. OpenPGP as a format should die. Now.

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.