![](https://lemmy.zip/pictrs/image/f8786eb2-82f5-4e00-bd37-157be49f0074.jpeg)
![](https://lemmy.world/pictrs/image/8f2046ae-5d2e-495f-b467-f7b14ccb4152.png)
As much as I like the spirit of the idea, it honestly sounds pretty hard to enforce. What constitutes a mistake, bad memory, or a polished turd of a statement versus an act of deception?
As much as I like the spirit of the idea, it honestly sounds pretty hard to enforce. What constitutes a mistake, bad memory, or a polished turd of a statement versus an act of deception?
Nothing wrong with a little sunshine.
And it’s a weird article, because about half the article is also (named) people saying the exact opposite during the same timeframe. So at best people close to him can’t even agree. Headline seems like bait.
Then I guess “dox” in this context is resolving your name to other PII? I originally read it as more of a way to unmask people online.
Needless to say it’s powerful and thorough.
I mean, this does need to be said. It’s important details I was hoping to learn from the article. Otherwise it’s spooky stories we can’t actually build defenses for.
Bio-neural gel packs here we come.
Article doesn’t really go into how TLOxp can dox/unmask people.
Even if you’re poking at a black box and are reporting that “it acts funny when I poke it this way.” I’m my opinion, a reporter should send along a script or at least explicit instructions on how to repro.
I take the report more serious since it demonstrates you have an understanding of the issue or exploit. It will also save my time and it’s likely a trivial effort for the reporter since they’ve the context and knowledge of the issue loaded up and ready to go.
Missing key info. Read the article.
Agree that people like to fluff the severity of bugs they report. It’s better for prestige and bounty payouts. But this is a little more nuanced.
“While I didn’t really intend the module to be used for any security related checks, I’m very curious how an untrusted input could end up being passed into ip.isPrivate or ip.isPublic [functions] and then used for verifying where the network connection came from.”
It’s interesting, that it would be hard to make a case that there was a “vulnerability” in the ip
package. But it seems like this package’s entire purpose is input validation so it’s kind of weird the dev thinks otherwise.
Recurring incidents like these raise the question, how does one strike a balance? Relentlessly reporting theoretical vulnerabilities can leave open-source developers, many of who are volunteers, exhausted from triaging noise.
The researchers need to provide proofs of concept. Actual functional exploits.
Also, some of these Live Nation places are literally just fucking Old People places, like the local Elk’s Lodge. Nobody is doing wild concerts at the fucking Elk’s Lodge.
Some of the best shows I’ve ever been to were at an Elks or VFW. Often they’re the only venues available in suburban and rural areas. And they’re usually priced reasonably.
As if it’s just a given that online purchases (the increasing majority of all economic activity) is subject purely to a ToS and not the laws and protections granted to us by the government.
What? Of course they’re still subject to laws. There’s so many laws and precedent based around banking that it requires specialized lawyers.
As a very long time Arch user I wouldn’t say “easy” like everyone else seems to. I absolutely would not suggest it for a first distro for someone, which is what I would classify as the “easy” level.
But if you’re comfortable with using Linux, the terminal, and being able to follow written documentation you’ll be able to do it just fine maybe with a little frustration the first time. If you’re installing to a laptop, make sure to look up your model on the wiki first.
Of course we want affordable health care and housing, but I’d absolutely kill for a Bill Clinton or Bush Sr over a Trump any day.
Would really like to meet the person that’s undecided between Trump and Biden. I could understand someone staying home long before someone choosing between the two.
Yes, please!
“The roundtable setup featured Representative (and Trump V.P. wannabe) Byron Donalds, former Trump Housing and Urban Development Secretary Ben Carson, and Representative Wesley Hunt in attendance,” she writes. “The seats were positioned in a semi-arc facing a gaggle of cameras and sea of white people, and everyone looks abundantly unenthused to be there.”
Where are the photos, man!?!
BAT is trash but I’d love to see more quick crypto donation options.
SELinux was a product of the NSA. Maybe the best thing that agency has done.
The thing that usually kills windows is shitty drivers. So people with different hardware can have completely different experiences.