As far as I know you can do double puppeting with Matrix discord bridges, or whatever it is called.
As in “the bridge posts using your account, and not a bot”. I have it set up on my own Matrix server, and I have servers and DMs bridged without issues.
Also, setting up a server with the ansible project is super easy, it’s one of those rare cases where the ansible is robust, easy to use and actually doesn’t break.
I have no experience with React, so I couldn’t tell. Thanks for the info, I’ll keep it in mind.
I think I’ve seen it mentioned that in case RSC isn’t used, it might be vulnerable but it’s not really confirmed, but you’re right that it probably doesn’t warrant shutting down the server.
I don’t really need it that much, though, so I’ll just wait for the update, take a scour through logs and use it as a learning opportunity for forensics, and skip the reinstall.
Well, Element seems to still be running at the unupdated version even after update, so I’m just shutting the server down.
I’m bummed that it took me 5 days to learn about it, does anyone have some tips how to get early warnings for techs you’re using? I’m guessing there’s a way with npm.
Also, anyone has some tips how to properly compromise-check your server? I’m guessing there are logs to check for compromise, and audit your startup scripts for persistence? Any tools that could help with that?
Fuck, Element for Matrix is apparently build on React, and I was updating like 4 days ago after few months.
Well, time to update again, I hope it’s fine. Never really learned how to properly compromise-check your server.
First time I’m seeing Uiua, and I like it. It’s kind of cute, even though I know I’ll probably never use it.
However, seeing one of their goals being “code that is as short as possible while remaining readable” is kind of ironic, given how it looks and reads. But I don’t mind, it’s still pretty adorable.
It looks like it’s hell to learn and write. It’s possible that once you learn all the glyphs (which IMO adds unneccessary complexity that goes against their goal of being readable), it might be easier to parse. I’m probably not the target audience, though.
If I understood it right, one of the projects he was working on as part of the experiment was the website.
Figures.
I was planning to look into Zig for this year’s Advent of Code. Haven’t really looked at it yet, but I’ve heard good things about it. Nowadays I mostly write in C# or Python for smaller scripts, so I kind of expect getting back to C-style code might have some friction, but it’s about time to refresh my memory. I had a pretty good time with Rust for AoC in the previous years (not that I ever used it for anything else), but I guess it’s time to try something else.
If you mean PhotoGimp, it’s just a config file thst rebinds keybinds and sets up UI layout, like location of tools and windows, to be similar to photoshop.
I was doing cybersecurity for a few years before I moved to gamedev, and I vaguely remember that at least the older versions of GUID were definitely not safe, and could be “easily” guessed.
I had to look it up, in case anyone’s interrested, and from a quick glance to the GUID RFC, it depends on the version used, but if I’m reading it right, 6 bits out of the 128 are used for version identification, and then based on the version it’s some kind of timestamp, either from UTC time or some kind of a name-space (I didn’t really read through the details), and then a clock sequence, which make it a lot more guessable. I wonder how different would the odds be for different versions of the UUID, but I’m too tired to actually understand the spec enough to be able to tell.
However, for GUID version 4, both the timestamp and clock sequence should instead be a randomly generated number, which would give you 122 bits of entropy. It of course depends on the implementation and what kind of random generator was used when generating it, but I’d say it may be good enough for some uses.
The spec also says that you specifically should not use it for auth tokens and the like, so there’s that.
Not mine, but svn-based JDSL is the best related story that’s always worth sharing.
Aren’t UUIDs designed to prevent collisions, rather than be cryptographycally secure? Not that it’s doing a great job here :D
Edit: Nvm, that was guid.
deleted by creator
one that would be poorly maintained by both us and EAC due to the low user base.
I’m sure I’ve been playing a lot of games with EAC, because it’s actually one of the few ones that support Linux.
If I’m not mistaken (judging entirely by the RAC popup/loading), from the games I’m playing, Hell Let Loose, Fellowship, Helldivers 2, I think even The Finals used it.
Hell Let Loose wasn’t working at first, because you have to check a checkbox and enable Linux support when building, which did take them a while.
So, unless I’m misremembering/confusing it with another anticheat, this is bullshit.
Also “unless you have an in-house anti-cheat team”
You made millions out of your player base. You can afford it. You’re just lazy.
Oh, cool, so if I understand it right, you have a hardware that directly reads the physical memory, so you can access it unrestricted and undetectable from another PC, where the cheat runs, and then you use a HDMI fuser to merge the output of the game and the cheat that runs on the second PC on a single monitor.
That’s actually really clever, I love solutions like this. Not that I approve of cheating, I have 0 respect for people who (unconsesualy, as in all involved parties agree to it being allowed) cheat. But from the hardware/security point of view, it’s amazing.
Oh, cool. Tbh I haven’t really looked into cheats much, but I did briefly work in cybersecurity where I was doing malware development, where AV avoidance is basically the same problem as game cheats are dealing with, so I just extrapolated what I assumed works the same.
This is a cool piece of tech, I’ll look into it more. I like seeing new exploits, thanks!
It’s just a skill issue on the part of the developers.
Making anti-cheat properly is hard. Writing a spyware that watches everything that happens on your PC and blocks any attempts of touching the game is way easier, but bypassing that is easy with solutions that have higher privledges, thus being invisible even for the anti-cheat. You can just fake calls or hide memory from the anti-cheat, or just edit the anti-cheat in itself.
The solution for that is to run anti-cheat in the highest possible permission - the kernel.
Now, you could just make another kernel-level program that would have the same permissions to defeat that, or just edit your OS (i.e Linux, or a VM) where your cheat lives outside and has even higher privileges than the anti-cheat.
This is where Windows comes in - the only way to run kernel code is to have it signed by Microsoft, and that certification process is extremely difficult and annoying, which puts a pretty big hurdle in front of cheat developers. It’s the easy way out.
You could also somehow reverse-engineer Windows and run a custom version to bypass this. And that’s where TPM comes in, which (if I understood it right) validates that your Windows is the official signed one, and thus the kernel anti-cheat is safe. You can’t have this kind of affirmation on Linux, and the lazy developers who don’t want to invest into actual moderation and proper anti-cheat solutions just resort to kernel anti-cheat rootkit and require TPM to be enabled.
There’s not much Steam can do about this, aside from locking up their OS with signign keys and certification for priviliged software, along with setting up the whole TPM so you can’t run modified versions, which isn’t really possible since they are based on Linux.
Aren’t neural networks AI by definition, if we take the academic definition into account?
I know that thermostat is an AI, because it reacts to a stimuli (current temperature) and makes an action (starts heating) basted on it’s state. Which is the formal AI definition.
Wait. That actually means transformers are not AI by definition. Hmm, I need to look into it some more.
EDIT: I was confusing things, that’s the definition of AI Agent. I’ll go research the AI definition some more :D
I second this. I only started slowly switching to nvim few months ago, and I already can feel slightly annoyed when I have to take off my hands of the keyboard to reach for a mouse, or when I’m editting a text in i.e a browser, want to make an edit few words back, and I have to spam keys like a madman instead of just jumping where I need to be.
It’s addicting and extremely comfortable, having a good keyboard navigation controls.
I really need to look into tiled window managers and a browser.
I do also like all the alt and ctrl combinations with arrow keys to move lines, blocks and jump over words.
That’s what I love the most about VIM, that it has dozen little tricks like these. Need to jump over a word? Jump to next occurance of letter L? Jump five words? Jump to second parameter of a function definition? Jump to matching bracket? There’s a motion for all of that, and more. Including “go to definition” or “go to references”, if you set up your vim correctly.
I don’t even know where to start to make vim or neovim do all that.
What I did was simply install IdeaVIM into my Rider, so I can start learning the motions while also keep the features of the IDE I’m used to, but also more importantly installed LazyVim, which is a pre-made config for nvim that can do most of that by default, or has a simple addon menu (LazyExtras) that automatically download and install plugins relevant for a language you are working on. I.e I need to work in Zig, I just open LazyExtras menu, find zig-lang, and it install LSP, debugger, linter, etc that’s specific for that language.
If you aren’t already using it, https://vencord.dev/ is a good Discord client mod that lets you get rid of some of the annoying features.
Might be against ToS, but so far I don’t think people had any issues with it.
Another option (that I use when I don’t need voice) is having your own Matrix server with Discord bridge. With double puppeting it can bridge both servers and DMs, and post in your name (without needing a bot on the server).