Skip Navigation

InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)T

thomask

@ thomask @lemmy.sdf.org

Posts
9
Comments
21
Joined
3 yr. ago

  • Adventures in Rust borrowing deserialisation

    Jump

  • I did in the end, of course, but I encountered the two consequences separately and it wasn’t obvious at first.

  • What’s a good terminal emulator for windows to connect to ssh and WSL?

    Jump

  • End of 10 - Windows ten is ending. Microsoft wants you to buy a new computer. But what if you could make your current one fast and secure again?

    Jump

  • I know it's not the sub for it however some people might like to know: the open source tool Rufus, when noticing that you're creating a Win11 USB, will by default offer to patch it to remove the TPM requirement and other restrictions. So now I have W11 happily running on an "unsupported" machine. Yes, I did have Linux on it previously but something has regressed in the kernel in the last year or two and it often freezes on wake, which is well beyond my care factor to help debug.

  • Programming @programming.dev
    thomask @lemmy.sdf.org

    AI: a fork in the road for open source

    octet-stream.net /b/scb/2025-04-21-ai-a-fork-in-the-road-for-open-source.html
  • Deleted

    Permanently Deleted

    Jump

  • Why is this LLM trying to teach me about acyclic graphs in the middle of an article about Linux platform support?

  • Torvalds Frustrated Over "Disgusting" Testing "Turd" DRM Code Landing In Linux 6.15

    Jump

  • AFAICT this is super mundane. Devs added some checks that when run will drop .hdrtest files all over the source tree when you do a normal build. This is really unclean and has practical ramifications even if you gitignore them as Linus points out. Pretty much any lead developer would be upset if someone tried to merge something like this in a software project, and it has essentially nothing to do with the particular drivers or code functionality.

  • Strange behavior with images

    Jump

  • As a rule I don't directly quote bboard messages elsewhere, even if they're mundane or from the admin. Just a bit of respect to folks who aren't posting on the web and might not want to be.

  • Strange behavior with images

    Jump

  • There was a reply that it should be okay now but more disks will be needed soon

  • Strange behavior with images

    Jump

  • FYI I posted in REQUESTS, so I'm sure it will get looked at sooner or later.

  • retroNET - Vintage Culture/Websites/Software @lemmy.sdf.org
    thomask @lemmy.sdf.org

    Mythbusters: Wing Commander I Edition

    www.wcnews.com /news/update/16279
  • Linux @programming.dev
    thomask @lemmy.sdf.org

    HiDPI XFCE - use DPI, not scaling and life is good. Better than good.

  • Am in the only one who cringes at install instructions that require piping some curl output into bash?

    Jump

  • Ah yes, so straightforward.

  • Am in the only one who cringes at install instructions that require piping some curl output into bash?

    Jump

  • I'm confident that if the host is compromised I'm screwed regardless.

  • Am in the only one who cringes at install instructions that require piping some curl output into bash?

    Jump

  • I have to assume that we're in this situation because because the app does not exist in our distro's repo (or homebrew or whatever else). So how do you go about this verification? You need a trusted public key, right? You wouldn't happen to be downloading that from the same website that you're worried might be sending you compromised scripts or binaries? You wouldn't happen to be downloading the key from a public keyserver and assuming it belongs to the person whose name is on it?

    This is such a ridiculously high bar to avert a "security nightmare". Regular users will be better off ignoring such esoteric suggestions and just looking for lots of stars on GitHub.

  • Am in the only one who cringes at install instructions that require piping some curl output into bash?

    Jump

  • So tell me: if I download and run a bash script over https, or a .deb file over https and then install it, why is the former a "security nightmare" and the latter not?

  • Am in the only one who cringes at install instructions that require piping some curl output into bash?

    Jump

  • The security concerns are often overblown. The bigger problem for me is I don't know what kind of mess it's going to make or whether I can undo it. If it's a .deb or even a tarball to extract in /usr/local then I know how to uninstall.

    I will still use them sometimes but for things I know and understand - e.g. rustup will put things in ~/.rustup and update the PATH in my shell profile and because I know that's what it does I'm happy to use the automation on a new system.

  • Am in the only one who cringes at install instructions that require piping some curl output into bash?

    Jump

  • I realise you're trolling but actually yes. This is why I use Debian stable where possible - if egregious malware shows up it will probably be discovered by all the folks using rolling distros first.

  • What's your self-induced pain points fellow linux users

    Jump

  • 🙅 Write a script or shell alias for important or frequent tasks👍 Pray it's in my ctrl-r history the next time I need it

  • What's your self-induced pain points fellow linux users

    Jump

  • I feel this in my soul. With a side of "modern memory-safe languages are great" vs "the consistency and efficiency of shared libraries is what makes distributions great even if they're written in C".

  • Privacy @lemmy.ml
    thomask @lemmy.sdf.org

    How Safari search engine extensions work

    lapcatsoftware.com /articles/2025/2/2.html
  • Deleted

    Permanently Deleted

    Jump

  • If you are feeling ambitious and want to go "serverless", try out DecSync and a compatible android app for contact sync. This represents all your contacts as files on disk in a way that avoids conflicts, and you can use SyncThing to keep your devices in sync 100% peer to peer. Unfortunately on your desktop you'll probably have to use something like radicale on localhost and the plugin to convert it into CardDAV for your regular email client to understand.

  • Cybersecurity @sh.itjust.works
    thomask @lemmy.sdf.org

    RSYNC: 6 vulnerabilities

    www.openwall.com /lists/oss-security/2025/01/14/3

  • What is the State of Linux in 2024?

    Jump

  • Continued not to show me anything AI-related

  • Golang @programming.dev
    thomask @lemmy.sdf.org

    Go Turns 15

    go.dev /blog/15years
  • Cybersecurity @sh.itjust.works
    thomask @lemmy.sdf.org

    Abusing Ubuntu 24.04 features for root privilege escalation

    snyk.io /blog/abusing-ubuntu-root-privilege-escalation/

  • Hackers Gained Unauthorized Network Access to Casio Networks

    Jump

  • People like me keep buying more F-91Ws when the old ones break or get lost

  • Cybersecurity @sh.itjust.works
    thomask @lemmy.sdf.org

    regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

    www.qualys.com /2024/07/01/cve-2024-6387/regresshion.txt