-
imer
you guys meet people IRL? :p
-
imer
(i kid)
-
nulldata
Should have just taken the L and thanked the person for bringing the broad language to their attention. The deflection looks terrible.
-
Barto
JAA: reading through marcan argument, maybe there's a problem in wording in agpl, but it's not a reason to trash it entirely. Again IANAL, and neither am I rms.
-
Barto
the comment by Wowfunhappy is interesting to me, and that's where i feel like marcan is going maybe too far on trying to fit a round peg in a square hole.
-
Barto
look,
opensource.apple.com is fine to me
-
Terbium
imer: i don't meet people IRL or online
-
fireonlive
what's IRL
-
nukke
is there a data archivist conference?
-
Terbium
Wait, this isn't the data archivist conference?
-
nukke
this is the data hoarder conference
-
pabs
rewby: I met someone here at DebConf many times, but I wasn't involved here at the time
-
fireonlive
maybe you've all met me once ;)
-
fireonlive
>Results for people are limited
-
fireonlive
fuck you google
-
pabs
switch to bing! \o/ :)
-
fireonlive
x3
-
fireonlive
-
fireonlive
-
Terbium
*Rockstar didn't like that*
-
nulldata
Probably should save
twitter.com/SuperstarS31668 and out links before Take-Two's lawyers wake up
-
fireonlive
currently no way to save twitter aiui
-
nulldata
Yeah would have to be 'manual'
-
nulldata
Threw the GitHub pages site into AB
-
fireonlive
smoke weed every day
-
nukke
-
nukke
I'm dreading the thought of migrating to Scale
-
fireonlive
nukke: i still haven't
-
fireonlive
don't want to migrate the jails T_T
-
pabs
-
nukke
I literally just finished reading that article
-
nukke
Great stuff but sounds incredibly frustrating for everyone, especially package maintainers
-
nukke
Maybe computers were a mistake
-
fireonlive
nukke: not if that's how we met baby ;)
-
nukke
OwO
-
fireonlive
o3o
-
» pabs perusing the HN thread
-
» fireonlive peruses nukke
-
fireonlive
I found a way to highlight people, but bypass highlighting! ππΈπΈ πΉπ°π° π
Ήπ
°π
° πΉπ°π°
-
JAA
fβireonlive
-
JAA
Fun fact, you can use ππ£π¦π in Python. You can also redefine it!
-
pabs
grr, GitHub went back to JS for READMEs
-
fireonlive
nice :D
-
fireonlive
(not the github thing)
-
fireonlive
-
fireonlive
π€ o_O
-
JAA
Not enough emojis.
-
fireonlive
these were a couple other suggestions
-
fireonlive
π« β π π π₯ππ π π β π«
-
fireonlive
π« β π¬ π π₯ππ π π¬ β π«
-
» fireonlive asks chatgpt
-
fireonlive
"Unexpected server error" x 5
-
DigitalDragons
ΖΞΉΡΡΟΞ·βΞΉΞ½Ρ
-
fireonlive
:3
-
-
fireonlive
-
fireonlive
ahh
-
DigitalDragons
you broke it :(
-
fireonlive
<_<
-
fireonlive
>_>
-
JAA
Interesting, I got a phishing email linking to a page using Buttflare's IPFS gateway. Not sure I've seen that before.
-
» pabs has had multiple, IIRC CF do block them
-
Barto
xkcd.com/963 Finally, I did rm my xorg.conf that i generated years ago with "X -configure".
-
Ryz
Had to remove a Firefox extension named 'Disable JavaScript' on the suspicion of being sold (and that there were some new permissions being asked but the extension wasn't updated...?) -
dpacassi/disable-javascript #118
-
that_lurker
-
that_lurker
"Subject: backdoor in upstream xz/liblzma leading to ssh server compromise"
-
Barto
goddamn
-
that_lurker
news.ycombinator.com/item?id=39865810 interesting comment on the matter by rwmj
-
Barto
interesting
-
Barto
the dude claiming he got a pr to update the go library, too
-
nukke
>Good afternoon! A recent exploit has been identified in xz/liblzma. Libera is not affected by this vulnerability, but many other systems might be. You can read more about the incident here:
openwall.com/lists/oss-security/2024/03/29/4 . Have a good weekend.
-
nukke
damn taht was a quick announcement
-
tech234a
-
Ryz
Oh? Huh, and it's per website too?
-
tech234a
yeah and it looks like there is an option to disable globally by default if you prefer
-
Ryz
Oh, huh, thanks for that tech234a; I think the only reason I use that other extension is that it has an easy right-click option to disable it from there~
-
Ryz
And it really makes it easy to tell if I disabled it since the previous extension doesn't explicitly inform me in comparsion
-
Barto
nukke: always those patches during bank holidays :D
-
Barto
congratz to debian finding it
-
» nukke dabs
-
nukke
thankfully only unstable/upstream is affected so no need to patch shit this weekend for the rest of us
-
Barto
i have 2 fedora vms at work though
-
nukke
are you running rawhide?
-
Barto
last stable iirc
-
nukke
ok, that's 39 so you're good. fedora 40 beta came out like 2-3 days ago
-
Barto
so i'm safe i think, anyhow i'm running an update everytime i boot it
-
nukke
only 40/rawhide are affected
-
Barto
congratz to all those package maintainers catching it early
-
Barto
xz team might bit the bullet for all other open source projects
-
Barto
-
Barto
-
Barto
-
Barto
it starts popping everywhere in my feeds lol
-
nukke
oh sweet protonmail finally supports passkeys
-
nukke
err protonass*
-
Barto
proton ass?
-
Barto
damn
-
nukke
gotta protect your ass from the dick corporations
-
JAA
> Accepted xz-utils 5.6.1+really5.4.5-1 (source) into unstable
-
JAA
:-)
-
imer
scary stuff.
-
kiska
Oh fun!
-
kiska
Too bad I don't update my systems that often :D
-
yzqzss
Too good I am a debian testing user :(
-
nukke
is this the first 10.0 CVE of the year?
-
Terbium
-
Barto
Good guys cisa
-
fireonlive
-
fireonlive
from a dev on the project
-
fireonlive
ugh/neat tho
-
Ryz
-
Ryz
Or to make a fake clickbait article, "Why Windows is Better than Linux" o.o;
-
Terbium
Windows comes with backdoors included out of box as a feature
-
Barto
this might sound like doing a fork of xz might be necessary to clean things up
-
JAA
Terbium: More like frontdoor, really.
-
JAA
Barto: I suppose, but how many key projects are there like this that qualify for
xkcd.com/2347 ? I bet the number is much higher than we'd like, and all of those are vulnerable to the same kind of thing. :-/
-
Barto
i was expecting this xkcd anytime
-
Barto
:-)
-
Barto
i haven't even clicked on it
-
Barto
yeap, that's the one
-
Barto
prolly we'd need a list of infrastructure-critical projects and them make them join a common group, kinda owasp-like.
-
Barto
owasp is far from perfect, mind you, but you get the idea
-
Barto
it's kinda the same disease that got us heartbleed in openssl
-
JAA
Also funding. Lots of funding.
-
Barto
yeah
-
nukke
there was an article like 2-3 weeks ago about how microsoft _still_ doesn't know how bad their recent hack was
-
JAA
-
JAA
Note the date. :-)
-
nukke
Is that the suspected backdoor person?
-
katia
-
Barto
lol
-
Barto
You know what makes me grin: the person is now damn quiet about this :D
-
nukke
Oh shit it is
-
Barto
:-)
-
nukke
That was a great read.
-
JAA
The Gist linked an hour ago is also quite good.
-
nicolas17
JAA: it looks like yesterday (when Jia Tan filed that launchpad bug) Debian was already aware of the backdoor
-
JAA
Yes, it was in the works behind the scenes for a day, apparently.
-
nicolas17
crazy timing
-
fireonlive
-
fireonlive
heyyyyyyy gaaaaaaaaalssss π
π»
-
fireonlive
i come to you with the hottest starbz tea π΅ π«
-
fireonlive
π§π§π§
-
fireonlive
coming soon π€©π€©π€©
-
» that_lurker Cries as the nearest Starbucks is too far away
-
Barto
-
Barto
-
Barto
comment 6 is funny
-
Barto
Jia shows up in comment 16
-
Barto
also, yeah, dates
-
nukke
πΏ
-
fireonlive
that_lurker: perkele :(