![](/static/253f0d9/assets/icons/icon-96x96.png)
![](https://lemmy.ml/pictrs/image/a64z2tlDDD.png)
While it may be true that getting rid of SUID binary is ideal, widening systemd’s security surface area is much more concerning to me than the sudo binary.
While it may be true that getting rid of SUID binary is ideal, widening systemd’s security surface area is much more concerning to me than the sudo binary.
He’s talking about Andres Freund, who uncovered the OpenSSL backdoor that was slipped into liblzma from the xz malicious maintainer. Dude saw a valgrind error and a function with a fixed runtime was taking too long and using too much CPU and reversed out and saved a major ssh backdoor from going upstream as Fedora was going to release it just days later.
I actually disagree from a systems engineer perspective: The program doesn’t actually know shit if those bits hit any permanent medium, just that the OS told them “I’ll take care of it” it could be sitting in a write back cache when you save, see the “write complete” and rip the power and that’s all gone now. Basically, I don’t like promising durability when it’s not really there.
Ah, the nightmares of writing F5 iRules.
Quartz is the old macOS graphics framework, but the mouse shaking is probably just a cool show off feature of Core Animation. There’s uncontested Windows ports on GitHub, so I doubt Apple will throw any fits for Linux.
Import json Import pprint?
Hash the image, then assign hash ranges to servers that are part of the ring. You’d use RAFT to get consensus about who is responsible for which ranges. I’m largely just envisioning the Scylla gossip replacement as the underlying communications protocol.
Why? Use something like RAFT, elect the leader, have the leader run the AI tool, then exchange results, with each node running it’s own subset of image hashes.
That does mean you need a trust system, though.
Zoom’s about to try and claim their click through EULA trumps client-attorney privilege. Let’s see how that goes for them.
They don’t employ the people who made their backend so special anymore. Not one of their original chaos engineering team work there anymore, and Brendan Gregg (Hooray for learning BCC/perf!) is over at Intel
Yes, but Netflix isn’t in the same class anymore (High growth, dominating their relevant fields, diversification). Nvidia may fit.
FANG isn’t really an accurate word anymore.
It’s MAAA: Meta, Apple, Alphabet, Amazon.
That prompts in most modern distros. You should pipe it to sshpass.
But why?
Did you start with busybox and just decide to stay there?
Depending on your distro, vi is vim aliased with the fanciness off by default.
META-c. My hands on meta and ESC is all the way over there
They literally had to be called out for link jacking and tried to deny it for awhile. They’re anything be open. They are giant pieces of shit.
Brave’s been super shady its entire existence. They’ve been caught linkjacking and accepting “donations” for websites that don’t have accounts (so theft via fraud).
I mean, does writing in Python rather than C free up your mind? It’s just another abstraction tradeoff.