Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)FI
fireflash38 @ fireflash38 @lemmy.world
Posts
0
Comments
15
Joined
2 yr. ago

Snap...

Jump

  • Blame the thousands of supply chain attacks.

    • Why is the US airdropping humanitarian aid to Gaza at the same time they are funding Israel to invade Gaza?

    Jump

  • Got a source for the majority claim?

    • My lazy ass, nowadays.

    Jump

  • I'd agree more if most docker stuff didn't depend on running as root.

    • Tool to manage CLI tools

    Jump

  • Now install tools that are only available as github released binaries. And ensure that hashes match for that. Maybe install a tool that needs to be compiled.

    • Yes

    Jump

  • What if, get this, we put the bash scripts in yaml. And then put it in kubernetes.

    • Larion Studios forum stores your passwords in unhashed plaintext.

    Jump

  • There are ways to have passwords transmitted completely encrypted, but it involves hitting the backend for a challenge, then using that challenge to encrypt the password client side before sending. It still gets decrypted on the backend tho before hash and store.

    • OP finds vulnerability where a forum sends you your password in plaintext over email and everyone misses the forest for the trees

    Jump

  • And what is the token in the link?

    • What are the pros and cons of authentication with API key vs client_id+secret?

    Jump

  • Consider that a 'username+password' is much harder to 'revoke' individually. As in, you can have 3-4 API keys in use, and can revoke any one of them without having to change a password.

    You can also change password independently of the keys, or have it linked so keys are revoked on a password change. It also allows traceability as to where accesses are coming from (auditability). If everything is using the same client-id+secret (or usn/pwd), you don't know which 'client' is doing what.

    • HW News - Linus Tech Tips' Terrible Response, ESMC, & Starfield x AMD GPUs

    Jump

  • It's the sort of thing that makes me really, really sad for the people working there. That crazy breakneck pace cannot be good for mental health.

    • Why you shouldn't use Brave Browser

    Jump

  • Did you only make it past the first paragraph? Cause you missed the years of scummy shit they've done, completely unrelated to politics.

    • Baldur's Gate 3 Review Thread

    Jump

  • Having played DOS2 with a controller & split screen, it worked just fine.

    • The Weekly Discussion Topic - Roguelikes - 28-07-2023

    Jump

  • Slay the Spire is a complete 10/10 for deck builder roguelike.

    • Mod Response & Survey Meta Discussion (Mod Approved)

    Jump

  • I think too many people forgot the satire in the original name.

    • Why I prefer Linux

    Jump

  • I do wish I could hit a key chord or something to show a terminal of what is happening under the hood with Windows...

    • These U.S. states have the best and the worst tap water: Kentucky ranked No. 1 while Alabama came in dead last

    Jump

  • It's barely rating the quality of the actual water coming from the taps. That's a single datapoint among 6 other factors, like customer service of the water utility.

    And the source of the ranking (JD Power) doesn't really list any breakdowns of that either.