I feel like its a mixed bag. Certainly there's an infinitely higher chance of someone randomly noticing a backdoor in OSS than in closed source simply because any OSS project in use has someone looking at it. Many closed systems have dusty corners that haven't had programmer eyes on them in years.
But also, modern dev requires either more vigilance than most of us have to give or more trust than most of us would ideally be comfortable offering. Forget leftpad, I've had npm dependencies run a full python script to compile and build sub dependencies. Every time I run npm update, it could be mining a couple of bitcoins for all I know in addition to installing gigs and gigs of other people's code.
The whole industry had deep talks after leftpadgate about what needed to be done and ultimately, not much changed. NPM changed policy so that people couldn't just dissapear their packages. But we didn't come up with some better way.
Pretty much every language has its own NPM now, the problem is more widespread than ever. With Rust, it can run arbitrary macros and rust code in the build files, it can embed C dependencies. I'm not saying it would be super easy to hide something in cargo, i haven't tried so I don't know, but i do think the build system is incredibly vulnerable to supply chain attacks. A dependency chain could easily pull in some backdoor native code, embed it deep into your app, and you might never realize it's even there.
A timeless classic on any system! Even though the remake is.... 20 years(!!!) old, its still an excellent way to play the game. They updated the graphic and interface, but kept all the core gameplay the same. There's never been a pirate rpg\sim as comprehensive as Pirates!
There is but one truly serious philosophical problem, and that is suicide. Judging whether life is or is not worth living amounts to answering the fundamental question of philosophy.
That blows but I'm not surprised. Reddit has gone full lockdown on anything opposing glorious leader, his politics, and the money Spez presume will soon flow to him as just reward. The LA sub was already super conservative anyway. Even the fucking NOLA sub is shockingly conservative for this town. The Money doesn't like to be reminded of inconvenient truths.
Well, I've labelled you as an LA local. If we keep posting and building up a fediverse LA community, I know we'll eventually get to critical mass here!
Reminds me a bit of the old default Gtk look. Or maybe early Java Swing... The flat look, primary colors, and some other elements to me; it's very nostalgic. Not sure of any themes that fit it though, sorry, haha
Obviously the pope's protective glass box is permanent, and must be slotted into the truck. The moment they decide you're pope, into the safety box you go.
(Theres a 40K\golden-throne joke in there somewhere but I'm feeling lazy today.)
Can you make a movie out of pure lore? Maybe a prequel, like The Fall of Hoarah Loux or Ranni's Rebellion? Will the audience be required to parry things?
I should probably standardize my tags a bit, but like others I mainly use it to label argumentative people with mean names as a reminder not to argue with them and their dumbass\shithead\moron\cia-psyop views.
I should also start tagging locals when I suspect them. Maybe all 3 of us can have a Lemmy NOLA meetup sometime?
Works for me. I got stuck on the puppet king second phase and gave up. Not like rage quit, I just never went back to the game after like a dozen attempts, uninstalled it months later to free up space.
I love difficulty adjustments. Tuning a game to be right for every audience is impossible, better to let the end client have some control over fine tuning their experience.
Control is an excellent example of this for me. My GOTY when it came out, still an all time fav. I love the story and setting, but the combat is tedious after a while. In that case, lowering enemy health made the game less boring without being substantially easier, giving me the kind of experience I could enjoy.
I doubt they'll get anywhere with weak action like that. "Stop forcing copilot on us or we'll be very sad and we'll strongly consider moving some of our hosting to another site."
GitHub is a disaster for open source software. MS controls some insane amount of all the code created on earth, and even with self-hosted forges being more prolific and easier to access than ever, people act like their projects can't live without Big Daddy MS's social media for coders.
I saw someone the other day, on Lemmy and in full seriousness, proclaim that the world really needed distributed version control. To avoid censorship, like how the fediverse is decentralized.
This is what GitHub has done to a generation of programmers. For those missing the joke, git is already decentralized. You don't need a central Hub of some kind for your code. You do for your issues, releases, and all that, but not for the code. And if we'd collectively moved to a well designed, intentionally improved system like Fossil, all that woukd have been decentralized and distributed too.
But no, easier and more efficient/profitable to keep using the one C library that's compatible with Torvald's pile of old Perl scripts. My website can't live without a built in Travis CI bot and nonstop PRs from dependency bot, but allowing every moron on earth to submit AI generated content, at last we've found the step too far.
Funny, though, cabbage (in coleslaw) is also slang for money. Fries are just fries, I think, but chicks or birds are slang for women. So really, this incel nerd should be substituting the whole box for a loaf of bread and extra sauce.
Some poboy shops here sell a long burger. My gym buddy used to regularly eat the 8 patty footlong double. Must have been a pound of meat on it, never mind the cheese and other toppings.
A pretty large amount of people don't own a PC at all, though I'm finding it surprisingly hard to get a good number on it. Just anecdotally, most people I know who aren't IT professionals have either no PC or 1 old laptop, often from college or on loan from work. Most folks use their phones for everything. People I know with kids have school issued Chromebooks, which barely counts.
As to exact numbers, I'm curious what others can find. I turned up between 74% and 94% of adults in the US owned a PC, which seems insanely high to me. But on the same page claiming that 89% of all households have a PC, I also saw
In the United States, the number of households with computers is projected to surge from 4.7 million to 120.45 million between 2024 and 2029, indicating a substantial increase in computer ownership.
Which... That's bonkers. They expect the number of PCs (in homes) to go up by a factor of 30 in just 5 years, presumably that guess was before tariffs as well. I'm wondering if these household and per capita numbers somehow include corporate spending because businesses and schools do purchase literal tons of computers.
CodexArcanum @ codexarcanum @lemmy.dbzer0.com Posts 5Comments 285Joined 7 mo. ago
I feel like its a mixed bag. Certainly there's an infinitely higher chance of someone randomly noticing a backdoor in OSS than in closed source simply because any OSS project in use has someone looking at it. Many closed systems have dusty corners that haven't had programmer eyes on them in years.
But also, modern dev requires either more vigilance than most of us have to give or more trust than most of us would ideally be comfortable offering. Forget leftpad, I've had npm dependencies run a full python script to compile and build sub dependencies. Every time I run npm update, it could be mining a couple of bitcoins for all I know in addition to installing gigs and gigs of other people's code.
The whole industry had deep talks after leftpadgate about what needed to be done and ultimately, not much changed. NPM changed policy so that people couldn't just dissapear their packages. But we didn't come up with some better way.
Pretty much every language has its own NPM now, the problem is more widespread than ever. With Rust, it can run arbitrary macros and rust code in the build files, it can embed C dependencies. I'm not saying it would be super easy to hide something in cargo, i haven't tried so I don't know, but i do think the build system is incredibly vulnerable to supply chain attacks. A dependency chain could easily pull in some backdoor native code, embed it deep into your app, and you might never realize it's even there.