Piatro @ Piatro @programming.dev

Posts

2

Comments

77

Joined

2 yr. ago

Yes I was wrong to say that this an implementation detail rather than a protocol problem as the OpenSSH release notes to prevent this vulnerability include extensions to the SSH Transport Protocol, however I still believe that the headline is sensationalist at best since it can and has been protected against by patching ssh clients and servers. It would be entirely unreasonable in the majority of cases to simply stop using SSH on the basis of this vulnerability and that's why I think the headline exaggerates the problem. The Register has a much more measured take on this including comments from the paper's authors that people shouldn't panic and try to fix immediately.

Bit of an alarmist headline here. The vulnerability has been patched in the most common clients (openssh) and it was because the protocol wasn't being implemented correctly. To say that the SSH protocol "just got a lot weaker" is just not true.

I disagree with the $ per hour framing (it's more about the value the entertainment provides than the amount of time it takes to consume) but yes you should pay for your entertainment. I got far too used to paying nothing or close to nothing as a student that it took me a while to readjust.

I think for most people it's whatever you got used to first. I agree the hatred the GUIs get is overblown. I would always recommend people learn the command line but if you want to use a GUI, go for it, doesn't affect me unless your commits are bad, in which case the CLI wouldn't have helped anyway.

Another commenter said this but the last two prime ministers were only chosen by the conservative party membership, not by general election. So about 30,000 people have decided the ruler of the country for the past couple of years. You can argue about PMs before then but First Past the Post voting also has a lot to answer for.

Why are people weaving social media and the internet into a single thread? The internet is so vast, social media makes up a tiny sliver of it.

Because to most people outside Lemmy the "internet" (by which they mean the world wide web but that's me being a pedant) IS social media. There might as well not be anything outside the walled gardens of social media to them because they've been conditioned to only stay on one, maybe two platforms for years at this point. The old "what's a browser?" question these days gets answered with "I don't need a browser I have Facebook". Completely nonsensical to us but to them it's totally natural. Not being derogatory about them or anything but the 60k lemmy users and however many million on Reddit are not the majority. Facebook with it's 3 billion (with a b) users, IS the majority of the internet.

My friend and I are looking to make a game and the general consensus has been that perforce is still better than git LFS, so we're setting up a perforce server. What is it about SVN and perforce that you miss? I've only ever used git professionally for VCS so I'm finding perforce's always-online and exclusive-checkouts model just very strange (though I understand the need for it when working with binary files).

I like it and have been using it for something like 6 months. I had an issue where I really liked the application and how simple it was but I didn't really want to "budget", just keep an eye on where my money was going. That was fine, just keep zero-ing the numbers every month, slightly tedious though. Now they've got a "report" style behind an experimental flag and that's made it pretty perfect for me.

I set up some family members with the electron app after they had spent 3 days to do in a spreadsheet what I had done in 3 hours in actual. There was resistance initially due to sunk cost fallacy but now they're loving it.

Other options like ynab and firefly were just too bloated and complex for our simple use case.

Why is it surprising that you had a pocket knife confiscated at a bar?

I agree it's a low-to-mid tier phone but as I'm only using my FP4 for calls, discord, email, browsing, youtube etc it's perfectly fine. Most people don't need a top tier phone these days.

I've heard the argument as a positive of learning vim and while it did finally force me to touch type I can't say that it had any impact on my programming speed.

I agree with those saying mailing lists are intimidating. I don't know if others are using dedicated tools or something but I find web based mailing list UIs just incomprehensibly bad and difficult to navigate.

I know them outside of d&d

Totally would if we were in person or on camera!

Yeah very good questions! Never quite figured it out in the backstory. Do you think a characters reason for adventuring is tied to how you would play them as a character? Also I'm conscious of going too serious with it. One of our party is a warlock who thinks clerics are just stick up warlocks and has a distinct, and funny (to the players at least!) personality, they're fun to play with, I don't want to make a too serious character who's just not fun to play with.

That's part of the problem in that I can tell you stats and that he believes that generally people deserve to live, to the point where he has died and caused a party member to die to save someone else, but I can't tell you anything about his personality other than it's me, and every character I ever play is like that. Trying to do something different ends up being annoying (my preachy dwarf cleric) or bland (young naïve wizard).

"Too slow to be viable" is a bit strong. I've had a fairphone 4 for at least a year now and I've had no issues.

Thanks, the flexibility and closed source (I assume) of turn key solutions puts me off them. I've already got a raspberry pi running a few containers and I work with docker and Linux in my day job so I know a decent amount. The form factor of the turnkey solutions is the big draw for me at the moment to them as I've just got a spare ATX mid size tower handy. Would ideally replace with smaller case but then I'd need a smaller motherboard and that's just raising costs for starting out. Potential upgrade path anyway.