Slashdot Mirror

What about following a development model like the Rust programming language has?

They have a variety of teams that work on various parts of the language and its ecosystem. One of the most important teams is the Rust Moderation Team, which enforces the Rust Code of Conduct. This code of conduct ensures a tolerant environment for all. Anyone who doesn't show tolerance is excluded.

They also make heavy use of GitHub, which is where they track the over 2,700 open issues that currently affect Rust. This also provides a collaborative environment for Rust's extremely diverse development team, which mainly consists of white males in their 20s, to work together on Rust.

It's also important to make sure that the language gets a lot of attention at places like Reddit, Hacker News and Stack Overflow. But remember, if anybody says anything critical about the language then those comments must be modded down. It's intolerant to say anything bad about Rust.

Java has been around a long time, and perhaps it's time for it to adopt a modern programming language development methodology like we've seen created by the Rust community. This approach has already worked well for Rust, causing it to become such a widely used language. It will surely work well for a language like Java, too.

What about following a development model like the Rust programming language has?

They have a variety of teams that work on various parts of the language and its ecosystem. One of the most important teams is the Rust Moderation Team, which enforces the Rust Code of Conduct. This code of conduct ensures a tolerant environment for all. Anyone who doesn't show tolerance is excluded.

They also make heavy use of GitHub, which is where they track the over 2,700 open issues that currently affect Rust. This also provides a collaborative environment for Rust's extremely diverse development team, which mainly consists of white males in their 20s, to work together on Rust.

It's also important to make sure that the language gets a lot of attention at places like Reddit, Hacker News and Stack Overflow. But remember, if anybody says anything critical about the language then those comments must be modded down. It's intolerant to say anything bad about Rust.

Java has been around a long time, and perhaps it's time for it to adopt a modern programming language development methodology like we've seen created by the Rust community. This approach has already worked well for Rust, causing it to become such a widely used language. It will surely work well for a language like Java, too.

Repo link: https://github.com/PhoenixOS/k...

Is this the Phoenix repo you are talking about?

macOS does not have write support for NTFS out of the box. And it has neither read nor write support for ext2, ext3, or ext4.

BZZT! Wrong! Thanks for playing!

Recent versions (I think at least as far back as OS X 10.8) DO have NTFS write support. You just have to Enable it using a Command-Line incantation:

http://www.techrepublic.com/ar...

As far as ext goes, you appear to be correct. The article I consulted was wrong, and thus I was wrong for claiming NATIVE support for ext in OS X/macOS.

HOWEVER, you CAN use MacFUSE/OSXFUSE and get at least read support for ext 2/3/4, plus, you should be able to use SMB fileharing to access ext volumes on a Linux server, right? :

https://github.com/osxfuse/osx...

If you care about having a cross platform (macOS, Windows, Linux) file system for that last resort backup/archive, with a built-in driver on those platforms, that also supports large file sizes, you'd use UDF. If you're more of a storage geek, you might consider NTFS by enabling write support. And if you're even more of a storage geek you'd look at OpenZFS.

I'd LOVE to consider OpenZFS; however, the lack of a GUI manager (at least the last I looked), and an ongoing list of rather scary bugs and limitations (still!!!) has me understandably gun-shy about it.

As for the rest, they are really no better than using HFS+, and are significantly worse and APFS.

Wait for this patch to me_cleaner to be better tested?

One thing that only people who've seen totality can understand is that almost seeing a total eclipse (99.x%) is so different from a total eclipse, they should come up with another name for it. For example the difference in ambient light between 99% and 100% is a factor of 10,000. Even 1 minute before totality you'd be tempted to say, "Meh. I've seen this before." Then you hit 100% and scream "Holy #)@* God tore the sun from the sky and replaced it with a portal to another dimension!"

So this is why my wife's trip to Minot with the UW-Green Bay astronomers on Feb 26, 1979 led to her convincing me to go to Antigua on Feb 26, 1998 (1 Saros later) where I asked her to marry me during the second diamond ring while the Montserrat volcano smoldered in the half-light. We planned our honeymoon around the 1999 total eclipse which passed through Europe (rained out in Stuttgart.) And finally planned to take our children and 21 other family members and friends from Wisconsin to the Kentucky Dam Village campground near Paducah. We scouted out the beach, dam, boat launch and considered the Golden Pond Observatory and Planetarium or one of the several other public viewings between Hopkinsville and Carbondale but decided on walking to a clearing at the south edge of the campground where oak trees would provide shade in the time between first contact and totality. We set up a few tarps in the grass (thankfully fire-ants have not yet gotten a solid foothold here but ticks have.) We set up a sun tent for the kids.

My brother-in-law is a professional photographer who brought a Sony DSLR, lens and filter and we found even better equipped astrophotographers within the park and along the dam so even though this was my 4th totality, I didn't feel any pressure to take photos. We considered flying a drone, but we were too near an airport. I considered leaving a CHDK interval timer script, android FP5Cam intervalometer and Wemos D1 mini temperature logger running but these weren't as much of a priority as enjoying it as much as I did the previous 3 totalities. There is only so much you can do in 2 minutes and 20 odd seconds.

The leaves of the oaks cast crescent shadows across the tent and everyone during the partial phases. I'd bought a pack of used cards from the Menominee casino where they had neatly cut holes to mark that the cards were no longer legal for gambling. 52 eclipse projectors for 50 cents! I handed them out to our gang and to our campground neighbors. Totality hit everyone with a wave of wonder. The hot whirring sound of cicadas was replaced with the nocturnal chirp of crickets. My niece's boyfriend asked to look through the telescope during totality. At first I explained that it's too hard to aim (I had no tracker) but then I decided to give it a try so he and I and my niece got a brief glance. I handed binoculars around to a few people.

One of the artists in our group compared it to a weird photoshop filter, a sci-fi movie. "WOW No one told me!" It reminded me of the scene in Contact where Ellie sees something indescribably beautiful that no one else will ever know. This was the most photographed total eclipse in history, drones, DSLRs, iPhones, 4k 60FPS video, VR... and yet I have not found anything that does it justice.

Imagine if sunsets were rare events that only one in every 1000 people had ever witnessed. Describing it would be like explaining the color green to a blind person. Photos of sunsets work for us because nearly everyone has witnessed a sunset but very few have witnessed totality. Ray Bradbury's All summer in a day was published in 1954, just three months before a total solar eclipse would have been visible from Northern Wisconsin, a few hours drive from his native Waukegan, Illinois. Like Ellie in Contact, Margo in this short story has witness

Oh, you mean the one that virtue signalling cuckold SJW asshole Matthew Garrett tried "FOR GREAT SOCIAL JUSTICE" because Sarah Sharp got butthurt right?

"This branch is 18 commits ahead, 105103 commits behind torvalds:master."

Even SJWs that can code cannot bring the other talented people with them because they're the most toxic people on the planet. Matthew Garrett in particular is a prime example of the SocJus fascist poisonous human garbage that needs to be kept as far away from your organization or project as possible.

https://github.com/BusFactor1I...

It's a Korn Shell script.

Check the readme above for a bit more of an explanation. It's fun. And really challenging, even though there's only 3 words and 3 bits to work with on the virtual machine, a 'Seed'. You combine the words together and see if the calculation computes correctly based on your assumption on a non-deterministic machine. It starts out easy, but it get's difficult quickly. Here's the start. Check the github for the rest: #!/bin/ksh DEBUG=t # expect - test your expectations # # BusFactor1 Inc. # 2017 # License: AGPL set +k tee () { echo -n "$1 " /usr/bin/tee $2 } function tri { # execute the next word if x is 1 x=$(

It's easy to mute websites. I've been doing so for a a long time.le For example:
facebook-hosts.txt

Shameless self-promotion of my master's thesis on third-party tracking follows; see full PDF for numbers backing up claims. A paper based on the thesis also got published by IEEE.

I'm uncomfortable being "monitored" and "logged" -- but worry less about visible advertisements, and more about either hidden web beacons or visible (but desirable) content served by known tracker organizations. Adblockers can block most visible ads, and you'll notice if one slips through -- but fewer care about less blinky-flashy tracking.

Google is the king here; they have embedded fonts, videos, maps, analytics scripts -- and own one or more ad networks. Google alone has resources present and loaded from 85%+ of global top sites. That includes domains protected by HTTPS, which doesn't actually protect against "active tracking." Among others, these numbers dwarf those of Facebook and Twitter -- and any other ad/tracker network that I know of; see Table C.14 for some Google services such as DoubleClick, Analytics, Maps, Youtube, Fonts, APIs.

For my master's thesis (2014-2015) I asked a similar, but broader, question: how prevalent are third-party resources on websites/domains? Turns out most domains in Alexa's top 10.000 sites have some kind of resource (image, script, video, fonts, ads, and so on) from another domain (internal/external CDN, content provider, advertising network, etcetera). Downloaded the front page of some 150.000 domains to compare; the pattern continues across other sets of domains. See Appendix C in the PDF for lots of numbers and graphs.

My personal tips: if you're stubborn, use uMatrix to block/unblock resources per origin domain and resource type. If you're even more stubborn, edit the settings to blacklist all non-first party resources and only whitelist what you'd like to see -- but expect a steep learning curve. Your boss is probably more comfortable with uBlock Origin.

Shameless self-promotion of my master's thesis on third-party tracking follows; see full PDF for numbers backing up claims. A paper based on the thesis also got published by IEEE.

I'm uncomfortable being "monitored" and "logged" -- but worry less about visible advertisements, and more about either hidden web beacons or visible (but desirable) content served by known tracker organizations. Adblockers can block most visible ads, and you'll notice if one slips through -- but fewer care about less blinky-flashy tracking.

Google is the king here; they have embedded fonts, videos, maps, analytics scripts -- and own one or more ad networks. Google alone has resources present and loaded from 85%+ of global top sites. That includes domains protected by HTTPS, which doesn't actually protect against "active tracking." Among others, these numbers dwarf those of Facebook and Twitter -- and any other ad/tracker network that I know of; see Table C.14 for some Google services such as DoubleClick, Analytics, Maps, Youtube, Fonts, APIs.

For my master's thesis (2014-2015) I asked a similar, but broader, question: how prevalent are third-party resources on websites/domains? Turns out most domains in Alexa's top 10.000 sites have some kind of resource (image, script, video, fonts, ads, and so on) from another domain (internal/external CDN, content provider, advertising network, etcetera). Downloaded the front page of some 150.000 domains to compare; the pattern continues across other sets of domains. See Appendix C in the PDF for lots of numbers and graphs.

My personal tips: if you're stubborn, use uMatrix to block/unblock resources per origin domain and resource type. If you're even more stubborn, edit the settings to blacklist all non-first party resources and only whitelist what you'd like to see -- but expect a steep learning curve. Your boss is probably more comfortable with uBlock Origin.

Why replace C/C++? Compilers do optional bounds checking it already, at least since 2012.

Come on, man, keep up with the times! check out Adress Sanitizer and all the other Sanitizer goodies. Enabled by default in recent versions of GCC/G++ (since 4.8) *and* Clang (with LLVM 3.1). Contributed by your friendly Google developers.

Your google skills *suck* man.

https://github.com/dotnet/core
https://github.com/dotnet/cli

He used Bing.

Your google skills *suck* man.

https://github.com/dotnet/core
https://github.com/dotnet/cli

He used Bing.

You are more than welcome to read the source code to the .NET compilers right here https://github.com/dotnet/rosl...

Both the C# and VB.NET compilers are there and fully open. (and this is where RedHat is going to get the compilers used alongside .NET core from)

Your google skills *suck* man.

Actually, I found that first thing called "core" which did not not include any core, and then I gave up. It turns out that it's in "coreclr". Which, by the way, you didn't find either. Nice try, though.

Your google skills *suck* man.

https://github.com/dotnet/core
https://github.com/dotnet/cli

Your google skills *suck* man.

https://github.com/dotnet/core
https://github.com/dotnet/cli

This is probably the most expensive option. Buy the hard drives you plan on backing up data to and then use a secure hierarchical file management tool like Cloud Storage Server:

https://github.com/cubiclesoft...

You can use the recommended Cloud Backup software or use whatever reliable backup software solution you prefer. Put all of your data onto the drive(s) first to save yourself the pain of the initial upload and then, when you are ready, drive them over to your friend's or relative's house and hook them up to their network. Then push regular incremental changes at night. Be sure to reciprocate and offer them the same service.

This approach backs up data off-site but still in the same town/city, meaning your data is fully recoverable within hours of most major data loss disasters. The only exceptions to this that I can think of are area flooding and nuclear attack. However, someone might prefer this option over dumping their data to some unknown data center or having it sit on a complete stranger's system. At the very least, it can be another place to stash data, is a fixed purchase, and you know exactly what "unlimited" means because you can't exceed the amount of physical disk storage that you purchased.

This approach is completely custom as you are basically building your own cloud storage hosting service in someone else's house.

I'm rather shocked that no one has mentioned it yet but check out OpenDrive. If you need a backup tool that supports OpenDrive, here's one that I actively maintain: https://github.com/cubiclesoft... It looks like OpenDrive recently lowered their prices from $13/month and added more options. For $9.95/month or $99/year, you can back up "unlimited" data. I use their service. Faded out in one spot in their per-user configuration, I once saw a user quota box with a faded out "1,024 TB". In my experience, both OpenDrive and Amazon Cloud Drive are extremely flaky cloud backup services that like to completely break in the middle of a backup for inexplicable reasons. The services could also vanish at any time. Amazon's service certainly looks to be headed that way. You can probably blame the DataHoarders subreddit for the service shutdowns.

Check out Flair. Not because you should buy one, but just look at their pitch. APIs, works with any system, integrate with other vendors's products... for a while, they had up on the main page that you could replace their firmware with your own custom firmware, but that seems to have not had much marketing impact and been removed as a statement.

I still say we need an OpenIoT standard, and I'm not the only one who's tried to come up with such a thing.

My big focus is security: I want every IoT device and control application to connect to an IoT hub and exchange certificates for identification and encryption (Curve 22519). Your entire attack surface from the outside is the part of the Web server that accepts connections; the part of your SSL library that validates a certificate; and any libraries and system functions used in the process.

It's a short enough path that you could quite possibly make it absolutely, provably secure by creating a specialized listener up front to do the TLS handshake, thus minimizing the active body of code and allowing you to audit the few tens of thousands of lines vigorously. Your back-end (e.g. nginx) would simply need to accept a proxy from this listener and trust the connection details (IP, etc.) it gives; the listener could even hand off the connection fd to the Web server (sendmsg()) and details on the TLS tunnel, thus allowing nginx etc. to take over an already-negotiated connection.

If the connection isn't from a client device which has at some point physically been in the presence of the IoT hub, then it won't have exchanged a trusted client certificate, and the connection is rejected. Your shitty back-end IoT software doesn't matter--no attack surface. Have the IoT device also only accept connections from the hub to seal the deal.

I have, however, also considered describing the packaging of Docker-based services to run on or behind the Hub. Instead of Nest talking to Google, you could have Nest talk to your IoT hub, which talks to a Nest server box or a generalized server box, if the IoT hub isn't beefy enough to self-host services. Thus you can either use Nest's servers or you can have your IoT hub give the Nest app its current public IPv6. Nest Cam could then be made to store its videos locally, without ever talking to the Nest service in the cloud.

Removal of cloud dependence means a compromised Cloud provider can't hack your device, either.

These days, I'd suggest as well allowing authentication by U2F, rather than only by client certificate. That would let you use a PC, or have your phone only capable of connecting to your IoT when you plugged a device into the bottom (or paired a bluetooth device). The certificate or the U2F would be your first factor; once you've connected, there's a log-on page--which you can't attempt to hack unless you have a first factor. As well, the first logic is "do I have any registered U2F keys?", so you're making that decision before processing user-supplied data, and thus a person not using U2F doesn't face a larger attack surface.

I've thought a lot about how to make IoT some kind of harmonious utopia where we have the same shitty or not-shitty products as today, but with network connectivity--rather than network connectivity being a dangerous beast that could destroy our lives.

I'm also a long time Plex user. The great feature of Plex is a central server to store your library and inexpensive players (in my case, Roku) attached to each TV. This allows you to carry your playlists and watched status between devices. My problem with Plex has always been that it's closed source and they're continually making changes to the Plex Pass paid for product. For me this was just a good excuse to cut ties with a product that already didn't really respect my rights. So yesterday I bought a Kodi capable player (NVIDIA Shield) and I'll be testing Kodi with a shared SQL database to share library information. I'm also looking at Emby and UMS to see how they might fit into a solution.

I will really miss the ease of Plex, but I think it's worth the "hassle" in the long run.

I've been re-learning programming using JavaScript on the frontend and Prolog on the backend, hoping to gradually build up a framework to do web-based strategy games, and I highly recommend it. (Ok, I'm not a child, but I am childish).

The key advantages I've found is visual programming is lots of fun, giving instant gratification which I think is important for novices of all ages. Something you can do in JavaScript which isn't easy in other languages is it's very cheap and easy to host things on the web, so easy to share with everyone.

To plug my project, a checkers game which kind of works I've put at http://www.frontiersoftware.co... and that's my development version which I work on and the new code runs every time someone refreshes the browser. The code is available at https://github.com/roblaing/ch...

The more I get into JavaScript, the more I think it's a very underestimated language.

https://github.com/SoylentNews...

Their fork.

"Oh, I'm sorry. Snapd won't support that because that might compromise security."

Use the --dangerous flag, or use the SNAPPY_FORCE_CPI_URL root environment variable to switch the machine to a different store. Or what am I missing?

"Chromebooks only support changing the cert store at the user level. It won't work with your federally mandated content filter because we protect our users."

Then perhaps Google should be playing chicken with a national government as a means of showing that said government's communications policy is harmful to its citizens' well-being by weakening security. When Wikipedia played chicken in June 2015, censorship dropped.

It seems like, if anything, the developers don't trust the users

Given how prevalent PEBKAC is, it saves the support department money not to have to trust the users.

Woops. And also this. I set it all up so long ago I forgot the details. It Just Works(TM).

It's one plugin each for Chrome and Keepass to allow automatic entry of usernames and passwords into websites, plus one plugin for Keepass for database backup and synchronization.

http://forums.winamp.com/showt... mind you it was shoutcast related.

I remember when I figured out how to use wwwamp https://github.com/royrico/hal... and several .pls files to have automatic DJ source switching when it required custom solutions back then although never did write it up so can't remember off hand what I did.

Servers are available. Popular forks include MaNGOS and TrinityCore.

The regular graphical client is still closed, but somewhat moddable, and works well with the above servers. There's also a command-line player-assisted vanilla bot.

Servers are available. Popular forks include MaNGOS and TrinityCore.

The regular graphical client is still closed, but somewhat moddable, and works well with the above servers. There's also a command-line player-assisted vanilla bot.

Servers are available. Popular forks include MaNGOS and TrinityCore.

The regular graphical client is still closed, but somewhat moddable, and works well with the above servers. There's also a command-line player-assisted vanilla bot.

Machine language proper lacks variable and subroutine names, comments (which document each subroutine's preconditions), and the original data from which compressed level maps were generated. This is what an NES game's asm source code looks like:
Thwaite; RHDE

Machine language proper lacks variable and subroutine names, comments (which document each subroutine's preconditions), and the original data from which compressed level maps were generated. This is what an NES game's asm source code looks like:
Thwaite; RHDE

In VS Code, apparently, discard means "delete and purge all historical references --force"

Not according to the source.

It first displays the warning:

This will DELETE {0} untracked files!

When the user agrees, it performs git clean -f -q to discard untracked files. No committed history is lost.

Using a cross-platform framework does not save you from having to make some effort to support other platforms, whether it's C++ or Java or electron. For example, you have changes like this in Atom that are having to support specific platforms:
https://github.com/atom/atom/c...

And you have platform specific issues still:
https://github.com/atom/atom/i...
https://github.com/atom/atom/i...
https://github.com/atom/atom/i...

So the statement that electron saves you from having to make any effort to support other platforms is just wrong. We went through all of this when Java appeared on the scene, with the 'develop once run anywhere' and subsequent attempts at that vision have not fared that much better.

Sure with C++ you have to bother to build for each supported platform, but there do exist cross-platform APIs to target that are approximately the same amount of work to create and support as Electron and Java, which is not zero for any 'magic bullet' people want to claim...

Using a cross-platform framework does not save you from having to make some effort to support other platforms, whether it's C++ or Java or electron. For example, you have changes like this in Atom that are having to support specific platforms:
https://github.com/atom/atom/c...

And you have platform specific issues still:
https://github.com/atom/atom/i...
https://github.com/atom/atom/i...
https://github.com/atom/atom/i...

So the statement that electron saves you from having to make any effort to support other platforms is just wrong. We went through all of this when Java appeared on the scene, with the 'develop once run anywhere' and subsequent attempts at that vision have not fared that much better.

Sure with C++ you have to bother to build for each supported platform, but there do exist cross-platform APIs to target that are approximately the same amount of work to create and support as Electron and Java, which is not zero for any 'magic bullet' people want to claim...

Using a cross-platform framework does not save you from having to make some effort to support other platforms, whether it's C++ or Java or electron. For example, you have changes like this in Atom that are having to support specific platforms:
https://github.com/atom/atom/c...

And you have platform specific issues still:
https://github.com/atom/atom/i...
https://github.com/atom/atom/i...
https://github.com/atom/atom/i...

So the statement that electron saves you from having to make any effort to support other platforms is just wrong. We went through all of this when Java appeared on the scene, with the 'develop once run anywhere' and subsequent attempts at that vision have not fared that much better.

Sure with C++ you have to bother to build for each supported platform, but there do exist cross-platform APIs to target that are approximately the same amount of work to create and support as Electron and Java, which is not zero for any 'magic bullet' people want to claim...

Using a cross-platform framework does not save you from having to make some effort to support other platforms, whether it's C++ or Java or electron. For example, you have changes like this in Atom that are having to support specific platforms:
https://github.com/atom/atom/c...

And you have platform specific issues still:
https://github.com/atom/atom/i...
https://github.com/atom/atom/i...
https://github.com/atom/atom/i...

So the statement that electron saves you from having to make any effort to support other platforms is just wrong. We went through all of this when Java appeared on the scene, with the 'develop once run anywhere' and subsequent attempts at that vision have not fared that much better.

Sure with C++ you have to bother to build for each supported platform, but there do exist cross-platform APIs to target that are approximately the same amount of work to create and support as Electron and Java, which is not zero for any 'magic bullet' people want to claim...

Well, here's the bug report to it, since Microsofts Visual Studio is also programmed with Electron, one user of this found it: https://github.com/Microsoft/v...

This also showed up as an article in The Register: https://www.theregister.co.uk/...

It would require replicating the old internets host by host, since DNS directs trafic on the IP level. A quite ambitious project. For just HTTP this can be achieved in an easirer way by using a proxy such as Wayback Proxy Server or WARC viewer.

It would require replicating the old internets host by host, since DNS directs trafic on the IP level. A quite ambitious project. For just HTTP this can be achieved in an easirer way by using a proxy such as Wayback Proxy Server or WARC viewer.

Kilograms are mass; pounds are weight

This and quite a few comments below are wrong. Both kilograms and pounds measure mass. Weight is another name for force, which is measured in different units in both systems. There are force units which have similar names to their mass counter-parts (e.g., kilogram-force or pound-force). Conventionally, we talk about kilograms/pounds and mass/weight almost interchangeably, but this is technically wrong.

COMPLETELY-MOTIVATED SELF-ADVERTISEMENT: I have developed completely from scratch a quite comprehensive unit-parsing library in C# (converted to Java): UnitParser (first part of FlexibleParser). It is open source and the files dealing with basic unit classifications are quite user-friendly. For example, unit names in C# and Java.

Kilograms are mass; pounds are weight

This and quite a few comments below are wrong. Both kilograms and pounds measure mass. Weight is another name for force, which is measured in different units in both systems. There are force units which have similar names to their mass counter-parts (e.g., kilogram-force or pound-force). Conventionally, we talk about kilograms/pounds and mass/weight almost interchangeably, but this is technically wrong.

COMPLETELY-MOTIVATED SELF-ADVERTISEMENT: I have developed completely from scratch a quite comprehensive unit-parsing library in C# (converted to Java): UnitParser (first part of FlexibleParser). It is open source and the files dealing with basic unit classifications are quite user-friendly. For example, unit names in C# and Java.

GOATSEX

This is not surprising ! We discovered recently some "billion-laughs"-style DOS attacks that exploit vulnerabilities in Java, and ported some of them to .NET and Ruby. Details here: http://drops.dagstuhl.de/opus/... (paper, there is also an artefact to run attacks in a VM), and the source code is here: https://bitbucket.org/jensdiet... . We did have some problems porting this from Java to .NET but managed eventually. Interestingly, some of these problems were caused by a bug in .NET: a broken contract between equals and hashcode (see https://github.com/dotnet/core...) .

RUBE is 20 years old...

https://github.com/catseye/RUB...

Though if you want something that looks like art, there's also Piet:

http://www.dangermouse.net/eso...

=Smidge=

Now I'm wondering why Github didn't offer 2FA when I created my account.

Probably because you still need to generate a password in order to push.

Didn't we just have a (absolutely stupid) story about how password complexity rules are bad?

Why is this idiot at +5?

I wonder which one he is responsible for.

Tree Style Tab is planning on full functionality in FF57. You can track their progress here https://github.com/piroor/tree...

Check your facts before yelling that the sky is falling.

Probably not. Dieharder implements distinguishability tests for PRNG algorithms. For an entropy source you want min-entropy estimation algorithms.

The primary source of these algorithms is the SP800-90B draft spec. Unfortunately they don't work well. I submitted public comment to NIST detailing the failures of the tests against simple cases of biased and correlated data. https://github.com/dj-on-githu....