• 0 Posts
  • 29 Comments
Joined 4 years ago
cake
Cake day: February 15th, 2021

help-circle
  • You share public keys when registering the passkey on a third party service, but for the portability of the keys to other password managers (what the article is about) the private ones do need to be transferred (that’s the whole point of making them portable).

    I think the phishing concerns are about attackers using this new portability feature to get a user (via phishing / social engineering) to export/move their passkeys to the attacker’s store. The point is that portability shouldn’t be so user-friendly / transparent that it becomes exploitable.

    That said, I don’t know if this new protocol makes things THAT easy to port (probably not?).


  • I’m ok with not considering it “public good” when something has a license that sets conditions and it’s under Copyright of a particular private person/entity. But if you do need to ask consent to a private party for the use of something in a derivative work of certain conditions, then I don’t think it makes sense to call it a public good.


  • Yeah, it protects Jimmy from having to unconditionally contribute to society & its many organizations.

    It allows Jimmy to set conditions and control who can use it and who cannot. For example, he can ally with one particular big corpo (or even start building one himself) so they can hold that thing hostage and require agreements/fees for the use of that thing for a long long time.

    So now, instead of all people, including big (and small) corpos, having free access to the idea, only the friends of Jimmy will.

    The reality is that if it wasn’t for Jimmy, it’s likely that Tommy would have invented it himself anyway at some point (and even improved on it!). But now Tommy can’t work on the thing, cos Jimmy doesn’t wanna be his friend.

    So not only does it protect Jimmy from having to contribute to society without conditions, it also protects society from improving over what Jimmy decided to allow (some) people access to. No competition against Jimmy allowed! :D

    Even without patents, if the invention is useful I doubt the inventor will have problems making money. It would be one hell of a thing to have in their portfolio / CV. Many corpos are likely to want Jimmy in their workforce. Of course, he might not become filthy rich… but did Jimmy really deserve to be that much more richer than Tommy?


  • There are many games that had that mechanic before Arceus.

    In particular, Craftopia (which is from the same developers of Palworld) had capsule devices that you can throw to enemies in a “virtual space” while characters “engage in combat” before Arceus was a thing.

    Just because they wrote a patent does not make it enforceable… patents don’t really mean anything until they are actually tested in court so they are just tools to try and scare people away whenever a company wants to bully with the prospect of a lawsuit.

    I feel that Palworld is likely to win this, this actually is an idiotic move from Nintendo and a win for Palworld… now they will get more publicity, perhaps another spike in sales, and they are finally given the opportunity to prove how they are in the right, so they can shut up all the naysayers who complained about it. I’m hoping all the paranoic empty claims about “blatant asset theft” will be settled once and for all.


  • Yes, that’s why im saying that this kind of problem isn’t something particular about this project.

    In fact I’m not sure if it’s the case that the builds aren’t reproducible/verifiable for these binaries in ventoy. And if they aren’t, then I think it’s in the upstream projects where it should be fixed.

    Of course ventoy should try to provide traceability for the specific versions they are using, but in principle I don’t think it should be a problem to rely on those binaries if they are verifiable… just the same way as we rely on binaries for many dynamic libraries in a lot of distributions. After all, Ventoy is closer to being an OS/distribution than a particular program.


  • That’s ok if we are talking about malware publicly shown in the published source code… but there’s also the possibility of a private source-code patch with malware that it’s secretly being applied when building the binaries for distribution. Having clean source code in the repo is not a guarantee that the source code is the same that was used to produce the binaries.

    This is why it’s important for builds to be reproducible, any third party should be able to build their own binary from clean source code and be able to obtain the exact same binary with the same hash. If the hashes match, then you have a proof of the binary being clean. You have this same problem with every single binary distribution, even the ones that don’t include pre-compiled binaries in their repo.




  • My worry is that the other 20% might actually come from other forms of partnerships and integrations not unlike what they probably had in mind with this, and that dropping Google might actually make them more dependent on seeking this kind of initiatives, not less.

    I don’t know how many people you actually need to maintain a browser. But if it’s actually possible to do it without any kind of money from any of those sources in a way that can be sustained, then it would make more sense to make a fork (or alternative, like Ladybird) and just use that.

    Like I said, I think it’s too late for Mozilla to shift course, I don’t expect they’ll ever do that. At least not until they are forced by a competing project if it happens to become successful (or a similar huge wake up call that leaves them no alternative).



  • Is “intent” what makes all the difference? I think doing something bad unintentionally does not make it good, right?

    Otherwise, all I need to do something bad is have no bad intentions. I’m sure you can find good intentions for almost any action, but generally, the end does not justify the means.

    I’m not saying that those who act unintentionally should be given the same kind of punishment as those who do it with premeditation… what I’m saying is that if something is bad we should try to prevent it in the same level, as opposed to simply allowing it or sometimes even encourage it. And this can be done in the same way regardless of what tools are used. I think we just need to define more clearly what separates “bad” from “good” specifically based on the action taken (as opposed to the tools the actor used).


  • I think that’s the difference right there.

    One is up for debate, the other one is already heavily regulated currently. Libraries are generally required to have consent if they are making straight copies of copyrighted works. Whether we like it or not.

    What AI does is not really a straight up copy, which is why it’s fuzzy, and much harder to regulate without stepping in our own toes, specially as tech advances and the difference between a human reading something and a machine doing it becomes harder and harder to detect.


  • Yes, I don’t think it’s just about the execution of Win32 code, but also the possibility of MS using marketing techniques and dirty manipulation methods to give themselves advantages within the Windows platform to sway the general public to their store in a similar manner as how they push their browser, their MS Teams communication platform, their One Drive Cloud Storage, their search engine, their data-collection tech, their assistant, etc.



  • Ferk@lemmy.mltoLinux@lemmy.mlHyprland is now fully independent!
    link
    fedilink
    arrow-up
    3
    arrow-down
    1
    ·
    edit-2
    4 months ago

    Which is why you should only care about the personal opinion of those people when it actually relates to that reliability.

    I don’t care whether Linus Torvalds likes disrespecting whichever company or people he might want to give the middle finger to, or throw rants in the mailing list or mastodon to attack any particular individual, so long as he continues doing a good job maintaining the kernel and accepting contributions from those same people when they provide quality code, regardless of whatever feelings he might have about whatever opinions they might hold.

    You rely on the performance of the software, the clarity of the docs, the efficiency of their bug tracking… but the opinions of the people running those things don’t matter so long as they keep being reliable.


  • Ferk@lemmy.mltoLinux@lemmy.mlHyprland is now fully independent!
    link
    fedilink
    arrow-up
    3
    arrow-down
    1
    ·
    edit-2
    4 months ago

    I have contributed to other projects without really needing to get involved in their community in any personal/parasocial level, though.

    I just make a pull request and when the code was good it was accepted, when not it got rejected. Sometimes I’ve had to make changes before it getting merged, but I had no need to engage in discussions on discord or anything like that. I’ve been in some mailing lists to keep track on some projects, but never really engaged deeply, specially if it goes off-topic.

    If I find that a good code contribution is rejected for whatever toxic reason, then the consequence of that is the code would stop being as good as it could have (because of the contributions being rejected/slowed down), so it’s then that forking might be in order. Of course the code matters.


  • Ferk@lemmy.mltoLinux@lemmy.mlHyprland is now fully independent!
    link
    fedilink
    arrow-up
    11
    arrow-down
    2
    ·
    edit-2
    4 months ago

    To his point: if not “discuss”, what is the correct approach against fascism? war and murder? dismiss it, try to “cancel it” without giving any arguments so it can continue to fester on its own and keep growing in opposition?

    To me, fascism is a stupid position that doesn’t make much sense, to the point that it falls on itself the moment you “discuss” it.

    I would have expected that it would be the fascists the ones unable/unwilling to discuss their position, since it’s the least rational one. So it’s certainly very jarring whenever I hear people jumping to defend against fascism while at the same time stopping in their tracks when it comes to discussing it. Even if those unable to reason might not be convinced by our arguments, anyone with reason would. Rejecting discussion does a disservice, because it does put off those willing to listen and strengthens those who didn’t really want an argument anyway.

    Like flat-earthers, they should be challenged with reason, with discussion. Not dismissed as if it were true that there’s a huge conspiracy against them. Whether they listen or not to that reason, dehumanizing them and rejecting civil and rational discourse would play in favor of their movement.

    Stating “genocide is bad” should NOT be a statement of faith. Faith is the shakiest of the grounds, if we are unable to articulate the specific reasons that make genocide be bad, then we are condemned to see it repeat itself. So, I’d argue it’s for the sake of the victims in Auschwitz that antifascism should not be turned into a religion, but into a solid and rational position that’s not distorted nor used willy-nilly.


  • To each their own. For me, a good lore and dialog is what makes a good RPG stand out.

    If I want action and reflexes, I’d go play an action game. If I want strategy, I’d go for a puzzle game, or a 4X, deckbuilder, etc. But in a proper RPG what I look for is good lore, engaging story and some level of freedom that makes me feel I’m having an impact in that world. If AI can help with immersion and/or dynamic changes, I’m all for it. Of course, for that to happen they need to make sure it does stay in character and does not hallucinate something incoherent.

    If there’s an AI chatbox that actually can stay coherent and be set up as a game without feeling like you have to input too many instructions to the AI to push the narrative (I think AI Dungeon gets close) then well, you could almost consider that being an RPG already. After all, the first RPGs were all text based. So I would already consider that the first iteration of AI-based RPG game. But translating that to a live 3D environment would be the next step.



  • The article talks about how they are ok with using AI for things outside generating images, texts and so. For example, they are fine using the rudimentary AI of any typical enemy in one of their games. So I expect procedural generation that does not rely on trained bayesian network models is ok for them.

    It looks like they just seem to be concerned about the legality of it… so they might just start using it as soon as the legal situation for AI models is made safe.