• 4 Posts
Joined antaŭ 2 jaroj
Cake day: jan 21, 2021


On the other hand I have had issues in the past where the website required a “special character”.

I would hope that it respects the pattern attribute on the password field in simple cases. Of course that isn’t always set.

That is a weird message, I think it is technically correct but since SMS is wholly unencrypted everything is available. Not only that but often the entire messages are retained for an extended period of time (many carriers let view your SMS log with full messages). So saying “the length of the message” is a bit misleading because the whole message is likely retained.

And do phone calls have the same meta data?

Phone calls are also completely unencrypted from the point of view of carriers on either side of the call. However AFAIK they are frequently not recorded by carriers, likely due to the higher cost of storing audio. Of course I can’t say anything about other agencies that may be intercepting the call with or without carrier cooperation.

TL;DR If you care about privacy avoid the telephone system, just use it as an untrusted data pipe and send all data over it encrypted.

Just paste the URL for the view you want (new, top, …) into your reader and it should find the matching feed automatically. Basically every view on Reddit has a feed.

I’m glad I did this extra work, and it’s a case where App Review helps a developer improve their product.

Did you improve the product though? I really don’t need my inspirational quote app merged into my utility to blank the screen. If I want an inspirational quote app at all it would be most convenient as a separate app.

This is sort of a confused article. blob: URLs (not blob in the url) are references to local data. They can’t really be downloaded (well if they are still live you probably can) and typically only contain a small slice of the video (timewise).

What this is doing is finding the playlist file that describes this video and playing this (or using a player like VLC to stitch these chunks together).

Then it has other instructions to use different tools for specific sites.

So really the only reason blob: is relevant at all is because it is what you might see if you try the “simple” solution of right-click save. The actual article doesn’t deal with the blob: URL at all.

So guess the more accurate title is “Are you trying to download a video but it has a blob: URL? There is a decent chance that this is using DASH or HLS under the hood. You can try to find the playlist like this: $find_m3u8 and then stitch that into a single video like $vlc”.

As much as I don’t love the idea of a government-run internet the do a pretty great job with power, water, waste and other infrastructure where I live and the public companies are ok at best. Plus duplicating the infrastructure for every provider is just wasteful both economically and visually when you can see the wires above-ground…

Not only that but internet is becoming a necessity of modern life. The government should help everyone get access.

The uninitialized variables would have required -fsanitize=memory but that one can be hard to use because IIUC it requires recompiling all dependencies.

However in this case you likely would have got a compiler warning. I recommend compiling with -Wall to start, you can then turn off a few warnings that are too noisy.

I would trying running with address and undefined behaviour sanitizers enabled. The results can often be surprising.

Other than that look for entropy sources. Do you ever reference the current time, random numbers or anything else that could make a difference from one run to the next?

That seems like a big leap. I have seen many performant and buggy Rust tools.

But either way, if your goal is to find tools that are performant and correct why not call it fastreliableyour.life? Focus on the actual direct benefits rather than implying them and excluding other tools that may fit your needs.

But why? It seems weird to choose your tools based on the language they are implemented in. I love Rust (it is my goto language) but I choose my tools based on what they do, not how they were implemented.

I’m curious how this works from a Windows host. Does it transfer the windows version and play it on wine? (Even if there is a Linux build available.) Or does it transfer the shared assets but download the difference?

as is an escape hatch and super dangerous. I think they shouldn’t have given it such a nice name. unsafeCastAs would have been much better IMHO.

It does require the uglier as unknown as in cases where it can provide that the cast is impossible. But that still allows many cases such as Foo|undefined as Bar|undefined working fine (TypeScript assumes undefined and doesn’t require the cast via unknown).

Disclaimer IANAL

I think this is obvious and widely known. Copyright is not something that you need to apply for, declare or otherwise explicitly get. All eligible work that any human creates is automatically protected under copyright.

The reason for the years in copyright notices is documentation. It makes it a bit easier to convince someone that this code is still under copyright because it is less than X years old. It can also serve as a base for invalidating patents as this code was clearly written before the patents.

But the actual declaration probably doesn’t mean much. If I submit code to a project without signing away the rights I probably still own the copyright for that code even if the top of the file says Copyright Some Guy 2020. (Talk to your lawyer if this is important, I wouldn’t want to be in a fight over if adding code to a file with a copyright declaration at the top is explicit enough to be considered a knowing assignment.) Similarly if the code wasn’t written in 2022 I don’t think it matters that the top of the file says 2022, the date that each particular bit of code was authored matters, not what the top of the file says.

So the year was probably a holdout from products such as books and software CDs that had a definite start and end date when released. In those contexts the documentation easily holds its weight. This is similar to why companies still stick Copyright FooCorp all over the top of their files. It isn’t necessary but is low cost documentation that makes things a bit easier if this does ever end up in court.

GitLab CI is pretty acceptable if you are using GitLab (and even ok if you aren’t). I wouldn’t say it is fantastic but it does the job with little pain.

While I probably wouldn’t use a propitiatory client I have no real issues with it. You can always switch off if you feel that it isn’t respecting you, even if it is harder to verify what it is doing under the hood.

Basically having a federated and open protocol greatly mitigates the downsides of a proprietary client.

I’ve been using Wayland every day for years with no issue (GNOME 3 on AMD graphics).

And the best part is that my OS isn’t actively hostile towards me (Windows) or at least want to control what I do with my computer (macOS).

Wow, the general public is smarted than I thought they were.

Internet-connected smart appliances are almost universally a bad idea. In some cases it is just extra features (like remote phone notifications when a laundry cycle ends) but it almost always involves tracking and vulnerabilities that you don’t way.

If there was a good local protocol I would be much more eager, but until Thread catches on it doesn’t really seem like there are great options.

That seems like just a few empty repos? I don’t see any info there.

as they having a crawling bot

That is cool. Do you have any more info about that? I can’t see it mentioned on their website.

So you own your own blog and content. You can host your blog in a Wordpress site, GitHub pages, Ghost, or wherever you want.

Sounds like it just pulls feeds from anywhere. Nothing specific about GitHub at all.

This is like saying that Google is a search engine for GitHub blogs 🤷 I mean it is, but it is also a much more general tool.

What does diff.blog have to do with GitHub?

That sounds like it could be a recipe for disaster if they as the owner decide to fuck you over. The nice thing about actually owning the domains is that even if your registrar goes rogue you can still transfer it out (although it may be painful).

Regarding the edit:

what I should have said was providing a product in the same market. So the fact that’s its free might not be relevant and a free, instance of a decentralized social network could be considered in the same market as a commercial, centralized social network.

Again, I don’t think the exact product matters too much. Being in different markets can help, for example a Twitter Whistle would have a better argument than a Twitter Social Network. But for huge brands that are well known everywhere (like Twitter) the market difference tends to matter less.

I still don’t see twitter going after this single instance

Yes, it is unlikely. But definitely not impossible with things that Twitter has already done to try and push out Mastodon (like banning links). And if it does happen it will be devastating to the instance as changing domains is painful. So I’m just suggesting that it may be best to play it safe here to avoid possible problems down the road.

I am not a lawyer. But…

I don’t think selling matters at all. The problem is if someone could confuse it. “Is Twitter Down” is arguably very hard to confuse as it is clearly something about Twitter (telling if it is down), and it doesn’t seem to present itself as being made/run by Twitter. This is further supported by the “by ryan king” in the corner.

However if people often talk about #BlackTwitter as some subset of content on Twitter it seems entirely possible that people could think that blacktwitter.io could think that it is run by Twitter. If it was called something like thenewblacktwitter or blacktwitteralternative it would be less likely to cause this confusion.

Another angle that they may argue is that they have an official product called “Twitter Blue” and they could argue that people would believe that “Black Twitter” is also an official Twitter product.

The most important think to remember about Trademark law is that it is very much about consumer protection. It doesn’t give you exclusive rights to use your trademark, it just prevents people from using your trademark to make something seem to be from you.

On top of all of that being legally right isn’t the only thing that matters. If Twitter accuses you of Trademark infringement unless you want to hire a bunch of lawyers you are probably just going to do what they say.

This is the same. You trust the recipient but don’t wan the messages to be stored for a long time.

You probably don’t want to use “twitter” in your name/domain like that. You are probably infringing their trademark.

WordPress is always a good option. They have a freeium hosted option at wordpress.com or you can run your own. You can also always move to another provider or host it yourself.

Tumblr is also big and popular and there are tons of smaller hosts like https://bearblog.dev/.

This is like telling someone to stay in an abusive relationship because other people like your partner. No, find something that works well for you. Your true friends will adapt.

my feeling is that it is reasonable to have the sender of the message set the terms here

This is fundamentally impossible thanks to the analog loophole. The receiver can always copy down the message to a notepad, or just remember it. Exposing this mutual agreement is staying honest and make sure that it is understood by everyone involved.

It is important to remember that disappearing messages (in any application) are only helpful for people who you trust currently. (And until the messages are deleted.)

Remember when Google Talk was federated XMPP? Maybe we’ll have a second chance.

I think that is an enforcement problem. The law is intended to stop people from doing this. If examples are found the government now has a reason to hunt them down and a punishment to discipline them with.

I’m sure that most violations of most laws aren’t caught. That doesn’t make the law useless.

Honestly I think a fresh coat of paint is what K9 needs most. The recent swipe gestures both to navigate between messages and in the message list have been fantastic. But really working thorough the UX on component at a time will be a dramatic improvement to K9.

For example the folder classes UI is both too complicated to do simple things and impossible to do more complicated things. The compose window is OK but can use a cleanup. The search UX is pretty awkward (and buggy). I’m glad to see the message window improve as well. The fact that there is currently no way to see both the name and address of the sender is very annoying. I need to pop up the “Show Headers” option way too often. I’d also really appreciate more powerful options for remote content in messages. The current On/Contacts Only/Off is too simple for my taste.

I think this mockup shows understanding of the current design and what features are valuable and missing. Note that the mockup also has very long subjects and similar so this is the worst-case space usage. I’m sure it will also be refined a bit more before being shipped.

New things are always scary and carry some risk, but I’m personally quite optimistic.

Yes, but also not really. You can think of Web Push as a webhook that goes to your browser.

I don’t use bookmarks often but I really use them just like a prioritized browser history. If I know that I might want to visit a page again I bookmark it, maybe add some keywords, then pull it up by typing in the URL bar. The point of the bookmark is mostly to ensure that is is synced to all devices and ranks with a high priority. However another benefit is for websites with hard-to-understand URLs the bookmark icon can indicate that this is the one that I want.

It seems that I haven't got an email notification for comment replies in a long time (for this account). I have "Send notifications to Email" checked in my settings. I have got notifications in the past but the last one was 2022-01-18 despite me getting replies since then. I did change my mail server at roughly that time but IDK why that would be a problem since I am getting other messages. (unless it is rejecting lemmy.ml for some reason?)