Discussion on 'Missing women on Lemmy and decentralised networks'
Make sure you're helping make Lemmy a welcoming place for non-males
I'd phrase that as "make sure you're helping make Lemmy a welcoming place for everybody"
Being active in a pretty friendly tech scene in the late 90s/early 00s I've seen things being ruined for quite a bunch of people who enjoyed being where nobody was judging them for who they were or wanted to be after a bunch of newly joined women decided to try force a bunch of "women only" policies.
Just don't be dicks to each other, no matter who's on the other end. And don't try to force talking about who you are in places where nobody cares - there are specific groups for that.
I'd just let them see, but make them temporarily go blind every time they'd be about to see something they care about, or are in a dangerous situation where being able to see would be useful.
As a shortsighted person - reading with an ebook reader in bed after removing glasses is significantly easier than reading an actual book.
Because it isn't. This impacts when the scheduler kicks in, not on how many cores stuff is running on. With fewer cores scheduler is faster triggered again, and and at 8 cores the adjustment for that stops. Which may be an intentional decision to avoid high latency issues.
I assume you mean "lookup", as import doesn't really make much sense.
I'm currently using this with wofi, though I'll eventually rewrite it as anyrun plugin, which provides a bit more control:
#!/usr/bin/env python3
from argparse import ArgumentParser
import subprocess
import json
import os
ssh_config_file = "~/.ssh/config"
ssh_known_hosts_file = "~/.ssh/known_hosts"
# Returns a list of all hosts
def get_hosts():
hosts = []
with open(os.path.expanduser(ssh_config_file)) as f:
content = f.readlines()
for line in content:
line = line.lstrip()
# Ignore wildcards
if line.startswith('Host ') and not '*' in line:
for host in line.split()[1:]:
hosts.append(host)
# Removes duplicate entries
hosts = sorted(set(hosts))
return hosts
def get_known_hosts():
hosts = []
with open(os.path.expanduser(ssh_known_hosts_file)) as f:
content = f.readlines()
for line in content:
line = line.lstrip()
host_entry = line.partition(" ")[0]
hosts.append(host_entry.partition(",")[0])
# Removes duplicate entries
hosts = sorted(set(hosts))
return hosts
# Returns a newline seperated UFT-8 encoded string of all ssh hosts
def parse_hosts(hosts):
return "\n".join(hosts).encode("UTF-8")
# Executes wofi with the given input string
def show_wofi(command, hosts):
process = subprocess.Popen(command,shell=True,stdin=subprocess.PIPE,stdout=subprocess.PIPE)
ret = process.communicate(input=hosts)
host, rest = ret
return host
# Switches the focus to the given id
def ssh_to_host(host, terminal, ssh_command):
if "]:" in host:
host, port = host[1:].split("]:")
command = "{terminal} \'{ssh_command} {host} -p {port}\'".format(terminal=terminal, ssh_command=ssh_command, host=host, port=port)
else:
command = "{terminal} \'{ssh_command} {host}\'".format(terminal=terminal, ssh_command=ssh_command, host=host)
process = subprocess.Popen(command,shell=True)
# Entry point
if __name__ == "__main__":
parser = ArgumentParser(description="Wofi based ssh launcher")
parser.add_argument("terminal", help='Terminal command to use')
parser.add_argument("--ssh-command", dest='ssh_command', default='ssh', help='ssh command to use (default=ssh)')
parser.add_argument("--mode", dest='mode', default='known_hosts', help='where to read from (default=known_hosts)')
parser.add_argument("--command", default='wofi -p \"SSH hosts: \" -d -i --hide-scroll', help='launcher command to use')
args = parser.parse_args()
if (args.mode == "config"):
hosts = get_hosts()
elif (args.mode == "known_hosts"):
hosts = get_known_hosts()
parsed_hosts = parse_hosts(hosts)
selected = show_wofi(args.command, parsed_hosts)
selected_host = selected.decode('utf-8').rstrip()
if selected_host != "":
ssh_to_host(selected_host, args.terminal, args.ssh_command)
There's a lot of other stuff where Wayland improves the experience. Pretty much everything hotplug works to some extend on X, but it's all stuff that got bolted on later. Hotplugging an input device with a custom keymap? You probably can get it working somewhat reliably by having udev triggers call your xmodmap scripts - or just use a Wayland compositor handling that.
Similar with xrandr - works a lot of the time nowadays, but still a compositor just dealing with that provides a nicer experience.
Plus it stops clients from doing stupid things - changing resolutions, moving windows around or messing up what is focused is also a thing of the past.
You have a list of systems you've connected to in known_hosts, though. And the config file is easy enough to parse - throwing away the stuff you don't care about - to expand on that list.
Lack of accountability goes both ways, though...
For the usual candidates I either keep detailed notes, or make sure I can quickly find an earlier conversation (chat, email, whatever).
So in that case I'm then just answering "As we've discussed on 14.04. at 13:39, 17.04 14:30 and 20.04 at 14:15 already..."
They typically get the hint that when I'm capable of remembering in detail when we discussed it they maybe should make an effort of remembering what we discussed.
I have a custom TrueType font embedding the UCS bitmap fonts so I can use it with modern font renderers which dropped support for those old font formats.
POE also is point to point, and currently tops out at 30W per link. You could split it off in a socket - but that reduces the available power per device even more.
Or we could use the current AC cabling where we use a single wire over multiple sockets and get a combined 3600W over a standard 16A fuse over 1.5mm2 wire - which with ground and neutral is about the same thickness as a shielded ethernet cable.
It's getting better. I recently removed a bunch of AIX and Solaris specific dotfiles/directories that haven't been of use for years.
And if you do, do you intentionally not use MFA (if it's available) because you believe it should be those services making sure you are secure instead of you taking steps to make it harder to compromise your accounts?
Yep. We can discuss me using a second factor once they start designing their services better.
Payment on such sites is set to require approval via my bank (hardware token), I don't care about the purchase history - so if somebody manages to breach the account and order something it's entirely their problem, not mine. I'm aware they might close my account when confronted with that attitude, but I'm also fine with that.
so both sides have to take steps to secure a transaction
My passwords are stored locally encrypted, with the encryption key stored in a hardware token. The browser doesn't have access to that. That's already more than a lot of sites are doing for their security...
yet the minute you need to use a third party service, you let go and put everything on the service, KNOWING they are not doing a good job with it.
That's exactly why I treat any 3rd party service as throwaway.
A lot of current "best industry practices" - including the ones described - are grossly negligent. It also moves the burden of proof of responsibility for a security incident more in my direction - while providing me less and less means to prevent it.
With the iframe example - I nowadays typically can't see if I enter my credentials (including potential 2FA to unlock a session) into a form belonging to my bank, or some malicious 3rd party without going into developer settings. That's not acceptable.
There's no good reason for a modern browser even allow this - just as there's no good reason for allowing to load script files from arbitrary domains. But we now have the situation where the business model of the main browser developer depends on not stopping that kind of behaviour.
So what I want is that putting design over sensible security choices gets expensive for companies - and I'm not interested in adding some band-aid reducing their risk while this is not the case.
The only online accounts I care about are my bank accounts - for those I'm using hardware dongles for TAN generation instead of the shitty Android app their pushing (which would allow transactions without external auth, due to some "trusted device" nonsense). Everything else can either be replaced, or is on my own infrastructure.
It's pretty clear from all the responses here that the view is massively different depending on if you're from the US, or not.
I'm not from the US - and Bush massively and irrevocably messed up a lot of things for me. And I'm just in the EU, not directly getting bombed by US military.
With Trump the consequences were pretty much all inside of the US, any fallout we felt over here were still from the Bush era, or to some extent Obama. Given all the damage that was done by those two maybe the structure of your government over there is shit and should be attacked - my hope from over here was that the whole Trump situation would lead to finally stuff getting fixed. It won't be pretty for you guys - but from the outside I'd rather have someone incompetent like Trump mess up your stuff until the pain is big enough to actually do something than someone halfway competent break things on a global scale again.
Is Arch really that popular nowadays?
I mainly know it from the colleague who switched to it back in 2006, and then we made fun of him over the next year for all the stuff that was broken on his system, and worked on ours. He only was let off because a new hire went for Gentoo, and had stuff even more broken.
Yeah, I assumed you meant the master password to the password manager.
Still, that falls under the duty of the page I'm visiting to keep their stuff secure - and while I'm very unhappy about some recent practices¹ I'd more for documenting and battling it out in court, if necessary.
¹ My browser configuration used to prevent 3rd party iframes or similar constructs for entering passwords - unfortunately in recent years some idiots decided that's good design, so more and more often you nowadays have to allow embedding third party components without it being visible where it comes from.
Even worse, quite often credit card verification or other payment forms get embedded the same way. Until a few years ago my bank was throwing errors in their forms when they got embedded this way, but unfortunately they caved in to the general idiocy out there, and allow that nowadays.
Problem with Apple is that they're trying very hard to control use of their stuff - so working with their stuff is very annoying. I only recently looked into it again as it was required for work projects where acquiring relevant hardware wasn't a problem - and even then it still is very annoying to manage, compared to Linux and even Windows.
I used to run cross compile setups for a bunch of open source projects 10-15 years ago, including MacOS. Back then they were using a gcc based toolchain, and thanks to GPL had to publish the base toolchain - yet they still tried very hard to break things between releases, which eventually got so bad that we decided to first drop MacOS builds, and later just completely drop MacOS support as you can't really do that without proper hardware access.
The situation has gotten a lot worse since LLVM - which Apple was pushing in big part as it allowed them to publish their SDKs under their licenses only. So nowadays you still can download their SDK - but using it on non-Apple-silicon is against their TOS.
You're describing a shitty password manager.
In my case I have a local copy of the encrypted password database, and my master password unlocks the encryption key for that, which is stored in a hardware dongle. Browsers and other high risk software are running isolated and have no access to the encrypted password database or the hardware dongle.
I mainly see two factor authentication as a way for service providers to be lazy about account protection on their side, which they try to outsource to me.
Even in this thread I'd rather phrase it explicitly to include everyone - I've seen statements like this interpreted by some individuals as "make it welcoming for women at all costs, which may include making it openly hostile for people not meeting my specific definition of woman", which didn't have a very pretty end result.