Isn’t Ubuntu Pro basically just an extended support for a set of universe packages for their LTS versions and free for private use?

How is making enterprises pay for extended LTS because of corporate no-update-just-insert-coin mentalities even remotely close to ransomware?

Like I get everyone who doesn’t like Ubuntu for various reasons, but this sounds completely dumb to me.

NPM allows for code to be executed while you install the package which is different from maven or nuget and allows for easy exploitation paths

This is the winner. Combine that with a vastly bigger group of inexperienced developers (and I’m willing to die on that hill), and you have a lot of people running node / npm as an admin / root user, who have close to zero idea what they are doing, hitting their project with third party dependencies left and right for no particular reason (left-pad, is-number, ansi console and similar useless crap), and then your dependency management allows for code execution. Also, from my personal feeling, it seems that npm simply cannot properly audit the packages due to the sheer mass. From a technical standpoint it’s close to trivial to put your malware onto npm, and then you just need to get someone to install your package, which is way simpler than in other package managers

haven’t actually proven to be effective at stopping cheaters

This is what OP said, and it’s completely correct. It’s not that much impact in comparison to “regular” anti cheat systems. And both of those only detect either cheap/bad or known hacks.

Server-sided and data based anti cheats is what would actually be a huge step up. You’re running a 8 K/D in a game where the best players are between 1-2? Banned. You just flicked two enemies within 100ms? Banned. Suspicious activity that’s not that blatant needs to be reviewed.

The thing is - that’s fucking expensive, complicated and needs to be done one a per-game basis, and since its just cheaper to throw you under the bus with a kernel anticheat and claim it’s the best one, that’s being done.

Read up on the dangers.

Anything is beatable, hackable and abusable given the time and resources, and it shouldn’t be my system because some idiotic management took the decision to enforce ring0 access anti cheat to ban some percent more hackers.

No one said that anti cheat efforts do not make an impact, but the impact of ring0 anti cheats is massively overrated

I’m very interested to hear what went wrong.

We’ll probably never know. Given the impact of this fuck up, the most that crowdstrike will probably publish is a lawyer-corpo-talk how they did an oopsie doopsie, how complicated, unforseen, and absolutely unavoidable this issue has been, and how they are absolutely not responsible for it, but because they are such a great company and such good guys, they will implement measures that this absolutely, never ever again will happen.

If they admit any smallest wrongdoing whatsoever they will be piledrived by more lawyers than even they’d be able to handle. That’s a lot of CEO yachts in compensations if they will be held responsible.

Right, completely forgot that locking exists in SVN, and I guess it definitely makes sense if you’re collaboratively editing unmergeable files.

Thanks!

Serious question, why do they use SVN, as in what does SVN better than Git for the department using it?

It’s not surprising per se, but it’s something that people should be more aware of. And a lot of this consumption is not providing global services (like the Google search or workspace suite) but the whole AI hype.

I didn’t find numbers for Google or Microsoft specifically, but training ChatGPT 4 consumed 50 GWh on its own. The daily estimates for queries are estimated between 1-5 GWh.

Given that the extrapolation is an overestimate and calculating the actual consumption is pretty much impossible, it’s still probably a lot of energy wasted for a product that people do not want (e.g. Google AI “search”, Bing and Copilot being stuffed into everything).

Please don’t take personal offense, but you have merely a project scaffold with an unrealistic goal that will be blocked and C&D’d into the ground, without any other projects created.

It doesn’t matter how hard you’re working on your anonymity, this project will be ripped apart by a horde of lawyers in seconds. You’re not only doing something questionable or against ToS, you’re directly attacking and sabotaging their monetization. This will not be taken lightly by the legal team of reddit.

You want to provide a better, cooler, more robust and other random buzzwords API than the own of reddit. So, you alone, want to provide a better API than the whole team of reddit does for their absolute core product, all by scraping. This is simply not realistic.

While we’re at the topic of monetization, scraping, ETL into your own model and providing the API - for the amount of content that reddit has (quantity, not quality) this will be a highly resource intensive task. How do you plan to fund that, since your API will be better than the official one, I can expect at least the same performance as well, right?

And also, most importantly, even if you magically achieve working around all that and get that working - why? Who is your expected user group? Pretty much every software using reddit moved away from reddit or simply has died. AI gen content is rampant, and most discussions seem like bots talking to bots. There is literally nothing to gain from an API to reddit - so why would anyone bother using it?

How in the fuck are people actually defending signal for this, and with stupid arguments such as windows is compromised out of the box?

You. Don’t. Store. Secrets. In. Plaintext.

There is no circumstance where an app should store its secrets in plaintext, and there is no secret which should be stored in plaintext. Especially since this is not some random dudes random project, but a messenger claiming to be secure.

Edit: “If you got malware then this is a problem anyway and not only for signal” - no, because if secure means to store secrets are used, than they are encrypted or not easily accessible to the malware, and require way more resources to obtain. In this case, someone would only need to start a process on your machine. No further exploits, no malicious signatures, no privilege escalations.

“you need device access to exploit this” - There is no exploiting, just reading a file.

So, the “license to kill” is fine, as long it’s non US citizens?

Your definition of democracy and basic human rights is fucking unhinged.

These were casual, mutual conversations that sometimes leaned too much in the direction of being inappropriate, but nothing more. Nothing illegal happened, no pictures were shared, no crimes were committed, I never even met the individual. […] That’s on me as an adult, a husband and a father.

Jesus fucking christ. If you, as a father, are “leaning too much in the direction of being inappropriate” with a minor, you’re a fucking pedophile. There is nothing to discuss that’s leaning into being inappropriate with a minor, except if you’re a pedophile. Trying to make it sound less of an issue just because there weren’t pictures sent, is a pathetic attempt of an excuse for being a pedophile.

For being so real and no filter, there’s a fucking lot of sugarcoating for admitting the fact that he sexted with a minor.

I specifically don’t get how you can do that as a father, and even being the complete asshole that he is, not even once thinking that the victim could be his own child. I really wonder what he would say about such a tweet in this case.

Absolutely fucking disgusting.

It might be, but to be fair, that’s what the glorified autocompletion is actually good for, if it’s actually used a supporting tool, and not to pump out quantity over quality.

Man, the disclaimer at the bottom that Business Insider is partnered with OpenAI to allow them to train on their articles is really the cherry on top.

"We listened to our accounting, and the massive wave of refunds and unbought mtx is hurting our numbers. PR isn’t happy about the reviews either. We’ll keep you updated on future plans for fucking you over!

Do you really think that Sony will actually back down? They are calming down the shitstorm that is going over all media, socials and steam. They’ll reorganize and will move on with their plans. Arrowhead and Helldivers is just one of many assets.

Yeah, and yet I’m on PC using Steam. If I’d wanted PSN, I’d bought a Playstation. The same secondary account bullshit applies to Ubisoft, Origin, and all of their buddies. Honestly, Steam should simply refuse to list games that require that, since they could simply use your account, but yeah, money.

And so be mad at Sony specifically? But they are okay with Steam having their data and selling it? Do they also not use a smart phone? Do they drive a car made in the last 4 years? Do they use credit cards? Loyalty cards? The outrage over their data use by Sony specifically is ridiculous when everything else is also siphoning the same information for no benefit to them.

Damn, you only missed the chance for the if you got nothing to hide argument.

If I buy a smartphone, and choose to use Android and Google, I get the benefit of all the stuff Google provides me, by my choice. I can cancel my account, and buy an iPhone next. That’s fine for me, because I chose to do that to use the benefits. If I use a credit card for all my purchases comfortably in one place, then it’s my choice. I can swap to another payment method or bank anytime. That’s fine for me, because I chose to do that to use the benefits.

If I’m forced to create an account that does absolutely nothing for me, then I’d be pissed. Not to speak about people in countries without PSN. Where’s that written, and why did they happily sell the game to people they knew they’ll lock out? Where’s the announcement that a refund policy will be implemented for such cases?

There’s a HUGE fucking difference between your Sony bootlicking arguments you post in every thread about this, and the actual impact of Sonys actions.

The account link was optional, but somewhere they have written that the PSN account will be required at a later stage, seemingly due to issues at launch. Now, people who are living in a country where PSN is not available (which are quite a lot actually) will no longer be able to play, neither to refund, since the launch is months ago.

So it’s way more than just having yet another account, which is especially ridiculous in the case of PSN for Steam PC games.

Because lowering the amount they’re charging or increasing the amount of aid will cost more than measly 25 million and doesn’t make such good headlines.

The Hamas-led murderous rampage into southern Israel was the deadliest terror attack in Israel’s history, killing at least 1,200 people and abducting more than 250 others. Israeli attacks on Gaza have since killed at least 33,634 Palestinians and injured another 76,214 people, according to the Ministry of Health there.

Jesus fuck, Germany is paying symbolic money to roughly as many genocide survivors in Israel as people have been murdered and injured by Israel committing genocide.

The current German government is an absolute fucking joke, and they are doing everything to actually show it.