It is very privacy friendly […]

What makes you believe that? The most information I could find about this is that it doesn’t “save your session data.” The Orbit privacy policy also seems a bit bare, and I can’t decide if that’s a good thing or not.

Either way, you’re still sending data to a third party service to process. Might be worth it for some people.

More information about the privacy preserving ad measurement feature and how to disable it if you wanted. Mixed feelings.

“And immediately after we had removed them from the environment, another attack set off, which we attributed to the same group trying to get back in through other means,” he added.

This happened within 24 hours, with a credential-stuffing attack. “There was no opsec, no slow-and-low,” Dwyer said. “They put the persistent in APT. Once they identify a target as valuable to them and their goals and objectives, they will continue to try to get back in.”

And this is from a company that seems to at least sort of take security seriously (ignoring the glaring error that got them in this situation). Responding to this threat seems like a challenge for most companies down the supply chain.

Need me a cyberpunk detective game with real verbal interviews.

ZDNet? Haven’t heard that one in a minute.

A malicious GitHub user opens a new “issue” on an open source repository falsely claiming that the project contains a “security vulnerability” and urges others to visit a counterfeit “GitHub Scanner” domain. The domain in question, however, is not associated with GitHub and tricks users into installing Windows malware.

It’s really not that clever.

Presumably it loads comments when you visit a page. That would send a request with the URL to whatever service they’re running.

Sounds to me like an extension that by design tracks every Web page you visit.

9 times out of 10 I prefer reading, but there’s some videos that are absolutely worth watching over reading. That said, I don’t really want to see talking heads. And I think people should include the channel/creator name in the title.

But as a reality check, I’m looking at the first page of this community and only see one YouTube link. Doesn’t really seem like a problem worthy of a rule.

These tools look amazing. Thanks for sharing.

Here’s a link for those interested: https://rethinkdns.com/

Thanks for the info. For others curious, here’s a decent short intro to K3s.

Now I’m kind of wondering if this is light enough for integration tests.

Basically the Ubuntu logo.

So does this setup like a one-node kubernetes cluster on your local machine or something? I didn’t know that was possible.

You SWOT m8?

the overall malware campaign against the Python development community has been running since at least August of 2023, when a number of popular open source Python tools were maliciously duplicated with added malware. Now, though, there are also attacks involving “coding tests” that only exist to get the end user to install hidden malware on their system (cleverly hidden with Base64 encoding) that allows remote execution once present.

So, a supply chain attack or they’re sending you code to run?

This is a good time to refer to PEP 668 which enforces virtual environments for non-system wide Python installs.

Virtual environments are not isolated sandboxes. This is not a security feature. Do not expect any kind of safety by running things in a venv.

Basically just a pitch for Gemini. The problem with Gemini is that we could do all that now with the web. They’re just stripping features to enforce what they think the Web should be.

I kind of get it. I like the idea of a simplified protocol. No JS engines to be exploited. I like building small static sites and wish more people would.

But also, there’s a million reasons we moved away from plain rudimentary HTML and terminal browsers. Not least of which is interactivity and writability. You couldn’t create a Lemmy frontend, forum, or any kind of database UI using this protocol.

Shy of reading documentation like man pages, I don’t really see the value.

So where is the line drawn? What about the teens who want to lookup how to do an exercise correctly without getting injured?

From the article:

The platform will still allow 13- to 17-year-olds to view the videos, but its algorithms will not push young users down related content “rabbit holes” afterwards.

The calendar will return in 2024.

Doesn’t look like it still exists.

Libertarians about to get off on having gold mines in their garages.

Lots of good insight there. While I disagree with much of it, I get it.

I’m all for keeping one’s cognitive skills. However it is a fact that this decline happens, and that there is a phase of life where one has wisdom without necessarily having the same raw intelligence they had before. The wisdom is encoded in crystallized intelligence.

Yeah, realizing you have that wisdom is eye opening and it’s actually pretty powerful. I can hunt down bugs by smell now with surprising accuracy. But I’m not convinced it’s mutually exclusive to fluidity. I guess I’m just hoping my brain doesn’t petrify and am battling against it.

That was possible because those machines don’t change too much as time marches on. Because they use a stable platform, his organization was able to do better work by relying on his deep expertise. He could train those younger guys because it was the same platform he’d always used. Same dirt, same physics, mostly the same machines, same techniques, same pitfalls, etc.

It’s a poor analogy for software though. Software is an ongoing conversation. Not a device you build and forget about. User demands change, hardware changes, bugs are found, and performance is improved.

I’m honestly curious what the oldest line of code in the Linux kernel is now. I would be pretty shocked to see that anything survived 30 years. And I don’t think that’s because of enshittification.

This example doesn’t work as well with C/++ since that’s older than most people here (though the language has also gone through iterations) and likely won’t be going away any time soon. But still, in most cases you probably don’t want to use that language for general work.

Why not? Because you won’t be able to hire younger devs? That is a function of this culture of pushing for change in everything.

No, because C/++ isn’t the right tool for every job. If I want to write up something quick and dirty to download a sequence of files, I’m not going to write that in C. It’s worth learning other things.

I have to admit though that the conservative approach is more suited to things like a kernel, aerospace applications, or other things with lives riding on it. But also software that doesn’t change becomes useless and irrelevant very quickly. For instance, running Windows XP is a bad call in just about any case.

But again I’m also not trying to say all software should be trend following. Just that devs should embrace learning and experiencing new things.