Checks I Should Have Done Before Posting

Sorry for the self-posting. I just wanted to share my post-hoc file checks since it was due-diligence I didn't think of until after I shared.

TLDR: I redirected into a file and inspected it at least enough to say I received an mkv container with an h264 video and opus audio.

Caveats

1. I am not in any way knowledgeable about security.
2. You can do weird things with some files. I have no idea if mkv, opus, or h264 have comments or chimeras. See talks by Corkami for more information.
3. Quad9 uses a dynamic TXT record to let the user know if they have configured their DNS resolver correctly, so I imagine you could receive a different file than I did. I have included a SHA-512 checksum for convenience which only tells you anything if you trust me for some reason.

Details

I ran the command from my post in a world-readable directory with >mystery_video_file substituted for | mpv -- - and inspected the download with

sudo --user=nobody -- file -- mystery_video_file

which output

mystery_video_file: Matroska data

I ran rename --last -- '' '.mkv' mystery_video_file # the '' is the empty string delimited with apostrophes and then

sudo --user=nobody -- ffprobe -hide_banner -- mystery_video_file.mkv

which output

Input #0, matroska,webm, from 'mystery_video_file.mkv': Metadata: COMPATIBLE_BRANDS: isommp42 MAJOR_BRAND : mp42 MINOR_VERSION : 0 ENCODER : Lavf60.16.100 Duration: N/A, start: -0.007000, bitrate: N/A Stream #0:0: Video: h264 (High), yuv420p(tv, bt709, progressive), 256x144 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 1k tbn (default) Metadata: HANDLER_NAME : ISO Media file produced by Google Inc. Created on: 05/29/2024. VENDOR_ID : [0][0][0][0] ENCODER : Lavc60.31.102 libx264 Stream #0:1(eng): Audio: opus, 48000 Hz, stereo, fltp (default) Metadata: HANDLER_NAME : ISO Media file produced by Google Inc. Created on: 05/29/2024. VENDOR_ID : [0][0][0][0] ENCODER : Lavc60.31.102 libopus

If you trust me and not the presenter for some inexplicable reason, the SHA-512 checksum for the video is “24345bd3ca8015c14a7d5d63d6b2a40f9d0f8c0307a65996226a496f121fa5ae934718cf58090f43ee67bc250b06804f23c73688cc871c15c1ba18d79b1a82a8”.

I just came back to comment that -- probably doesn't add security unless something like xargs which puts stdin on the command line itself is used. I have gotten in the habit of mindlessly adding it I guess.

Oh, I see the part that says “Delist…”. I did see that. I guess I was used to hearing “prompt injection” with regards to the LLM web prompts versus something that crawlers would use that I was worried I'd made a mistake sharing.

I'm sorry. I didn't read the whole page. Just the part about video-over-dns which was covered in the talk.

Are you talking about that weird logo and do you recommend I remove the link?

I would've appreciated a trigger warning on the post since it uses a slur, but wow, it is amusing (I'm sure it'll be less amusing once I experience more overt transphobia).

They just said :wq in school, so thanks for the tip. Hard to believe it saves even when the file hasn't been changed if you use :wq. What is the use case for that? If the file gets changed in another program and you want to revert?? Edit: Just saw the comment about the modification times being updated.

You must know my parents 😅

Whoops, looks like someone forgot to make the base juice class abstract…

That's certainly true. I'd still say that for the online stores, for which that policy applies, there isn't a lot of upside to preordering. Because the purchase is digital, you will always be able to get a copy on release day (unless the publisher artificially limits how many games it will sell, but I've never heard of a publisher doing this).

Financially, preorders without a “preorder bonus” are a zero interest loan to the developer. Preorders with the “preorder bonus” are a loan with the bonus as interest. Even if the game were guaranteed to be good, you could most likely be doing something better with the money until it comes out. Since the game is not guaranteed to be good, it is a risky loan as well. Without any of the protections you get when you make an actual loan.

It's also helpful to note that “shell builtins” don't typically have man pages (at least for BASH). You can find help on these commands by typing [builtin name] --help or looking in the shell's man page or info doc (no one told me when I was learning, so I got confused as to why some of the more common commands didn't have man pages)

Trivial exercise.

Just change all the boxes so they all read “Chat GPT-4.”

Couldn't a Chromium clone relicensed under some copyleft license also be a viable option against Chromiums? Chromium is licensed under BSD-3 which Wikipedia claims is compatible with the GPL, so there wouldn't be any legal reason this couldn't be done, right? Other than not really wanting to split a project with excessive forks (which is only bad if you think that the Chromium project itself is a net good), is there some technical or other reason why this would be a bad idea?