Slashdot Mirror

Sony originally did this on the Xperia Play, a little-known gaming smartphone possibly inspired by the Nokia N-Gage. Where other phones might have a sliding keyboard, it has a sliding gamepad with two touch-sensitive circles standing in for analog sticks. A small number of games were released for the Xplay, at a few bucks a piece. All of them run on the same emulator, and simply consist of CD images bundled up with it. A tool PSXperia lets you convert your own titles, and the vast majority of games do work with some notably unfortunate exceptions like Wipeout XL. (That's almost as sad as Forgotten Worlds not playing on the Sega Nomad... but uh, I digress.)

Hopefully, they are continuing the strategy of using a general emulator, and even more hopefully, it will be readily hacked to accept other game images... and have link play. Or at least, that they will sell WOXL. Because let's face it, what is really wanted is being able to play WOXL over the internet...

I really will like to grab IBM Watson and tell him to code me an OS/2 Warp clone :) For the moment I'm just documentating the architecture on EDM/2 and storing OS/2 projects code on Github. http://www.github.com/os2world

You got me interested, and with efficiency you can never be sure until you time it, so I wrote a program to time it. Looping from zero to a billion, with an assignment inbetween. Then I recompiled and ran it again, this time going backwards to zero. Here are some times (in milliseconds):

Going up: 32453 / 32536 / 32232 / 32604
Going down: 32587 / 32416 / 32216 / 32466

There seems to be no difference at all in either direction. Code is here.

...and Docker is the new Solaris Zones. Err, okay?

The point isn't that node.js sucks (personal opinion - it kinda does when mishandled, just like PHP), it's that like any tool, you have to use it correctly and try not to make it do shit that it wasn't designed to do.

We see this shit in Puppet-land, where so-called DevOps people rely on external github (not puppetforge, but random github) modules to run their servers. They never pull a local copy, but instead use something like Librarian to pull it in dynamically... never realizing that if the guy maintaining $randomModule says 'fuck it' and pulls his project (or even just breaks his module), suddenly you're stuck with a broken model and a potential outage.

Part of a recent project has been to make an IoT-friendly really robust secure link from device to hub or Internet server, all liberally licensed and open:

https://github.com/DamonHD/Ope...

This runs happily on Arduino-UNO (and slower) class hardware purely in software, eg including an AES-GCM implementation:

https://github.com/opentrv/OTA...

So yes, is the answer.

We (OpenTRV) aim to get it on 400 million energy saving smart thermostatic radiator valves across Europe.

Rgds

Damon

Part of a recent project has been to make an IoT-friendly really robust secure link from device to hub or Internet server, all liberally licensed and open:

https://github.com/DamonHD/Ope...

This runs happily on Arduino-UNO (and slower) class hardware purely in software, eg including an AES-GCM implementation:

https://github.com/opentrv/OTA...

So yes, is the answer.

We (OpenTRV) aim to get it on 400 million energy saving smart thermostatic radiator valves across Europe.

Rgds

Damon

The Rust community criticizes C++ in exactly the same way.

They go on and on and on about how much better and safer than C++ that Rust is.

But the reality appears to be so much different.

They conveniently ignore that the safety of Rust depends fully on the Rust implementation working properly. Yet the Rust implementation is full of bugs!

Rust supporters will point out that GCC and Clang/LLVM have bugs, too, but they fail to realize that both of those systems are absolutely massive compared to Rust's implementation!

Rust's implementation is basically just a front end and a standard library for a single language. GCC and Clang/LLVM both include support for numerous programming languages, along with the more generic compiler backend systems.

Then there's the whole issue with the Rust implementation being the only Rust implementation. It's not like C++, which has numerous production-ready implementations from different projects/vendors available for use.

If the Rust implementation has a bug, you're fucked. If GCC's C++ compiler has a bug, you can at least try Clang, or the compilers from Intel, Microsoft, and others.

The Rust implementation also depends very heavily on C++ since it uses LLVM, and since its standard library calls out to C code.

Then there's the problem with Rust's semantics actually being far more awkward to use properly than C++'s are, and C++ isn't exactly an easy language to learn and use.

On top of that, Rust's standard library actually makes C++'s standard library look good, and C++'s standard library is often seen as very lacking.

And beyond even that, we find that the Rust supporters conveniently ignore how modern C++ techniques render moot so many of Rust's supposed advantages and safety.

C++ has proven itself many times over. UNIX, BSD and Linux have proven themselves many times over. Rust? It has given us nothing but extreme levels of hype, with very little to show.

Well yeah, you know, he actually has color on his single terminal. That's his graphics system. Cool OS (although until five days ago he had scrolling issues. Way to use the language to keep the bugs out).

Eternal moral vigilance, such as that provided by the Vigil language, is the only way to keep it that way.

The referenced paper says that to meet our energy needs through solar power alone we would need an area 92% of Nevada covered in solar cells. Nevada is 286,367 square kilometers in area. 92% of that is about 286,000 square kilometers. There are an estimated 1.7 billion buildings on planer Earth (see https://github.com/svendvn/sam...). If their combined area is less than the area needed for solar cells to power Earth then their average floor space area is less than 168 square metres each (about 1,700 square feet each). A 13 metre (43 foot) square building beats that. Sure, our power needs keep climbing as our population increases. So does the number of buildings required to house and service the extra people. Solar cells are too expensive to put on every roof today, but Moore's law applies. Standard roof tiles will one day come with some level of photovoltaic capability baked in.

vtwm is 26 years old, rock stable for more than 15 years, lightweight, handles virtual display space flawlessly to expand your workspace with only one monitor, and runs on every X based system since 1990. It's not in the major distros because it's too lightweight, fast, and stable for the Gnome and KDE and Wayland fanboys.

The tools to RPM package it for all RPM based releases are at https://github.com/nkadel/vtwm.... Enjoy!

Why are nearly all of the Rust contributors young white males? For a project that puts so much emphasis on diversity and tolerance and all of that, why is their community so uniform? Why do we see such a lack of diversity?

Have you actually tried Rust or Servo? I have, and in my opinion they are sad, pathetic jokes.

I think that Rust is hype, and nothing but hype. It sounds great, until you try it out and find yourself severely disappointed. Yeah, it's supposedly safer, if you trust those programmers building a Rust implementation to do it perfectly. But they sure have created a lot of bugs in Rust itself already! It's not like you can even use another implementation of it, because there's only one! Even if it were perfect, the language is still very painful to use. I think you're better off using modern C++ techniques, which give you just about as much safety without being hellish to use.

Servo is also an extreme disappointment to me. It's probably 10, if not 15 or 20, years behind the times. If they hope to catch up with Blink, WebKit, Edge and even Gecko, they will need to do an absolutely massive amount of work. I've tried Servo repeatedly over the course of many months, and I've seen very little real progress. So I am very doubtful that they'll be able to accomplish anything within a reasonable amount of time. It's not like their competitors are standing still, either. Being written in Rust doesn't help, either. Despite being written in Rust, which is supposed to make it harder to introduce bugs, Servo is full of bugs. Rust also probably drives away good volunteer developers, I think. In my view, good developers would realize that using Rust is a bad idea, and they would use a modern subset of C++ instead, so they don't bother with Servo.

I think that Rust and Servo are failures of the same type as Firefox OS was. Instead of just doing the smart thing, which would be to convert Gecko to a modern subset of C++ and undoing all of the stupid UI and other changes made to Firefox these past few years, we see Mozilla wasting more of their effort and resources on silly projects. It reminds me a lot of the big "Javagator" debacle from many years ago, actually. Rust and Servo could be history repeating itself.

Have you actually tried Rust or Servo? I have, and in my opinion they are sad, pathetic jokes.

I think that Rust is hype, and nothing but hype. It sounds great, until you try it out and find yourself severely disappointed. Yeah, it's supposedly safer, if you trust those programmers building a Rust implementation to do it perfectly. But they sure have created a lot of bugs in Rust itself already! It's not like you can even use another implementation of it, because there's only one! Even if it were perfect, the language is still very painful to use. I think you're better off using modern C++ techniques, which give you just about as much safety without being hellish to use.

Servo is also an extreme disappointment to me. It's probably 10, if not 15 or 20, years behind the times. If they hope to catch up with Blink, WebKit, Edge and even Gecko, they will need to do an absolutely massive amount of work. I've tried Servo repeatedly over the course of many months, and I've seen very little real progress. So I am very doubtful that they'll be able to accomplish anything within a reasonable amount of time. It's not like their competitors are standing still, either. Being written in Rust doesn't help, either. Despite being written in Rust, which is supposed to make it harder to introduce bugs, Servo is full of bugs. Rust also probably drives away good volunteer developers, I think. In my view, good developers would realize that using Rust is a bad idea, and they would use a modern subset of C++ instead, so they don't bother with Servo.

I think that Rust and Servo are failures of the same type as Firefox OS was. Instead of just doing the smart thing, which would be to convert Gecko to a modern subset of C++ and undoing all of the stupid UI and other changes made to Firefox these past few years, we see Mozilla wasting more of their effort and resources on silly projects. It reminds me a lot of the big "Javagator" debacle from many years ago, actually. Rust and Servo could be history repeating itself.

If you like pi pie, check out https://github.com/rubypanther...

Then in your Ruby code you can say PiPie.[unicode pi symbol not shown]

More pie in your pi! And more PI, too. (1m digits)

It also has PiPie.Feynman if you only need up to the Feynman Point.

Here's how you can manually "decouple" FDE and screen lock keys (different CM versions require slightly different syntax, try all the commands in an ABD shell):
https://github.com/nelenkov/cr...

As for the lenght of the key, the problem is that stock Android (on which CM is based) encrypts using AES 128 instead of 256, so it's pretty pointless to have enormously long passwords. Plus, randomization is achieved using a proper key derivation function (i.e., your password is not the actual encryption key, it's only one of the variables from which the key is derived).

I'm not sure whether are commands that would allow for AES 256 to be used instead of AES 128, however, then you would want to use a longer password and the GUI code should be changed too. Hopefully they will add this option soon, I also think Cyanogenmod should focus more on security.

Use an ACME client to obtain a domain-validated certificate without charge from the Let's Encrypt CA. If you have a VPS or bigger on its own IP address, you can install the official Let's Encrypt client. If you have shared hosting, you can install the sudo-less client, put the resulting ACME response page at the appropriate well-known URL (instead of running sudo python), grab the certificate, and then file a support ticket with your host to get the installed.

Obviously you haven't worked with compilers long enough to understand the "compiling to assembly code" is the defacto standard nomenclature (regardless of pedantry) even if you emit bytecode on the backend, or technically compile to Lithium, an IR (intermediate Representation) like you do in V8 in the latter case.
* http://www.mattzeunert.com/201...
* http://jayconrod.com/posts/51/...

Hell, even the V8 engine uses that terminology:
* https://github.com/v8/v8/blob/...

The animated gif at Github looks awful. It looks like they're going for a stupid, swiping, Gnome shell-like, Windows 10-like, touch-screen abomination of a graphical interface.

Firstly, thank you immensely for the positive changes recently instated to revive this noble community of intellectual exchange from a critical state. I am excited to see where things progress, but I feel compelled to bring up a related series of egregious architectual faults with the site design.

I speak of nonlibre Javascript software embedded into every page, a good deal of which is not even hosted on your own domain.

Slashdot unfortunately falls prey to the very same ills that plague nearly every modern website these days: a deep level of user tracking outsourced to thirdparty corporations. This is for any reason unethical, be it for financial gain or otherwise. That it happens on a technology enthusiast site with such a large quantity of intellectual commentary on the systemic ethical quandries inherent in mass surveillance is a tragic irony.

Using the GNU LibreJS extension for Firefox-based browsers to prevent falling into the Javascript trap is an eyeopener. This page alone currently has 79 unique pieces of Javascript code that is detected and blocked by LibreJS. Javascript can be an ethical way to extend website functionality only under the following conditions:

0) All Javascript code must be Free/Libre Software. 'AGPLv3 or later' preferred.

1) Javascript must NEVER be loaded from a server not under the site administrator's direct control.

2) Javascript code must not be doing something unethical, like user tracking without consent.

3) All pages must retain core functionality when Javascript is disabled.

Please respect these rules, as running software on our machines as a website administrator puts you in a very powerful position. That most site admins abuse this position of power through either malicious intent or neglect is why many of us choose to disable Javascript entirely. Right now none of these points are being met, so Slashdot has a lot of work to do to ethically implement Javascript functionality into the site. It is quite depressing that 2) even needs to be mentioned, but Google Analytics code is embedded directly into all Slashdot pages that allows 3rdparty tracking even for users who arent logged in.

As for point 0), you can follow the instructions here for an effective way to license all Javascripts code under a GPL-compatible license.

As for 1), there is no excuse for executing code on all of your users' machines that you are not even in control of. On this page alone, Javascript files are attempted to be loaded from googleadservices.com, cdn-social.janrain.com, cdn.taboola.com, s.ntv.io, googletagservices.com, google-analytics.com and rpxnow.com. Stop this immediately. And stop hosting images from thirdparty servers, as they can contain malicious exploits as well. This page loads images from gstatic.com, doubleclick.net, amazonaws.com, & scorecardresearch.com.

It displays an ineptitude in website administration on an embarassing level if admins cannot create and host all of the images, code, and css on their own website. Even advertisements, if they must exist, should be selfhosted (although accepting subscriptions & donations would be a great alternative!).

For point 3), we should at the very least be able to change our comment viewing threshold without logging in, post a comment as AC, and create accounts & login without Javascript. Please test the website with GNU LibreJS, NoScript, and uMatrix browser extentions to ensure functionality. This site has enough techsavy users who care and use some (or all) of these extensions. Please do not make our lives hardware to participate in making this community better.

And fina

completely new VM to run bytecode inside browser

It isn't a new VM. WebAssembly targets the existing JavaScript VM that's already there in your browser. You should do some reading on WebAssembly.

>

What I want is not a computer player that never wins, nor one that wins all the times. Those are EASY to program in comparison to one that CONVINCINGLY challenges you enough that you have to play slightly better each time in order to win, without trouncing you or letting you walk all over it.

Amen. I happened to be trying to tune the Pachi Go AI to something slightly better than my current level just last night. It's very frustrating -- one can control the number of cores and calculation time, and attempt to zero in from there, but each game takes long enough that (even on reduced-size boards) it's a slow process.

But the fact that only companies and labs have access to this technology can represent a threat. First of all, we cannot know how money driven companies are going to use this novel technology. Second, this monopole slows down Progress and Technology.

The GNU project should do a bit more background research before starting new projects. Here are some links to open source deep learning tools. These are the same tools and libraries used by those "money driven companies" in their projects, including AlphaGo:

Caffe, widely used C++ deep learning framework.

Theano, widely used Python deep learning framework.

Torch, the software used by Google, AlphaGo and Facebook.

TensorFlow, Google's large scale machine learning framework.

CNTK, Microsoft's deep learning toolkit.

Probbably something like this:
https://github.com/DanMcInerne...

Using wifi deauth packets.

[1]: Yes, people will say that "real men use a NAS". As of today, Macs can't do iSCSI. Macs can't do 10GigE. Macs can't do FC. The fastest I/O you are going to get is from the Apple-only M.2 wannabee SSD. Even a Thunderbolt drive barely performs better than a USB 3.0 drive.

1. GlobalSAN iSCSI Initiator allows iSCSI Targets. Or if you like F/OSS Solutions, iSCSIIntiator does it, too.

2. Sonnet has a TWIN 10GigE to Thunderbolt adapter. Pricey, yes; but I think that might be the case with 10GigE overall. And you didn't say "cheaply"...

3. Several companies, including Atto, have both Thunderbolt to FC (as well as TB to 10GigE) adapters. Promise has a TB to TWIN 16 Gig FC adapter, too.

Sure, some of these interfaces cost as much as a cheap used-car; but OTOH, the people that need this stuff are generally not just surfing the web and posting stuff on Facebook. And again, you stated flatly that it couldn't be done; NOT that it couldn't be done on a "beer" budget.

So you see, Apple's decision to throw their design-decisions behind Thunderbolt is (finally) beginning to pay-off. They simply don't have to have a pile of dedicated connectors (not to mention the hardware to support them) for them to be able to offer (mostly through 3rd party vendors) these relatively exotic interfaces, for those who need them.

Did they go too far with the new MacBook's "one connector to rule them all" approach? Hell, yeah! But, all-in-all, Apple has made a very wise decision with ThunderBolt, and the proof is that other computer manufacturers are (finally!) beginning to agree.

https://github.com/WindowsLies...

(full disclosure: I am a developer on the RTVS team)

It is a bit too early to make feature-by-feature comparisons, since you'd be comparing green apples to ripe oranges. RStudio has been out for several years; RTVS is in its first public pre-release, it's not even feature complete yet.

So, for the most part, RStudio can currently do more. But there are exceptions already. Some of it stems from piggy-backing on top of VS, such as multi-language support - you can have a .cpp file in your R project, and you will get the usual VS editing experience for it, with syntax highlighting, completion etc.

Some of it is product-specific features, such as Variable Explorer (in RStudio, the same thing is called Environment). Have a look at this video, starting from 2:12 on. Notice how you can drill down into children of values without limitation - in RStudio, you're limited to a single level. Or, in the same video, note how the REPL has syntax highlighting for R code.

More of both - more product-specific features and improvements, and better integration with the rest of VS and other languages in it (esp. C++) - will be coming in the future.

Our issue tracker is public, and you can see the things that are in the pipeline. Please take a look, and if you see anything you like, comment on it to let us know that there's user demand for it. And if there's anything that you would be interested in that is not there at all, feel free to file it.

It's rather different from the kinds of adventures one usually thinks of for ScummVM, but some years ago a lot of work was done on the Mohawk engine, variations of which run Myst and Riven. Things stalled without it being promoted to testing, so it didn't get exposure and testing and attract new developers. But recently a lot of additional work has been done and it looks like this may finally see some light in the next release! See recent work here.

For Myst, one can choose between a number of rereleases, but not so for Riven, and the original and versions on Steam have some buggy behaviors on new operating systems. With a scummvm engine one could hope any issues would eventually be fixed, while Cyan doesn't have much incentive to fix their own old stuff.

(It really is too bad Cyan didn't do a 1440x1080 rerender / "HD remaster" of Riven. Yeah, it'd have to be 4/3 since they can't redo all their shots, but if they have the art assets it would be a big boon to have an edition with over 2x the vertical resolution.)

SeaFile is OwnCloud (which are both basically DropBox), except, Sea is a play-on for C programming language (and some Python). So it's way fast. OwnCloud is written in PHP and you get what you pay for in performance as a result.
 
 

1. https://www.seafile.com/en/home/
2. https://github.com/haiwen/seafile
3. https://en.wikipedia.org/wiki/Seafile

"DCEPT (Domain Controller Enticing Password Tripwire) is a honeytoken-based tripwire for Microsoft's Active Directory." ref

The fail0verflow's GitHub repository contains the needed Radeon patches as well. Basically they only had to add the correct PCI ID into the driver to get started. It seems that further tweaks are needed to make it perfect though.

Eyebrowse is open source---at https://github.com/haystack/ey... --- and that we'd love your help making it better.

I'll also correct a few inaccuracies in the title of the post
* it won't let you rank or review sites (yet)
* Rather than unyieldingly "privacy preserving" our idea is to let *you* decide what parts of your web activity you want to share. Many people would like to have a more social experience on the web, for the same reason that people like to go outside, run into friends, and see where crowds are gathering. But we argue that you, rather than the tracking agencies, should be in charge of deciding which parts of your activity should be visible.

You and I seem to be in the minority on Slashdot. I'm not a CS major. I'm not a computer or software engineer. I'm a Mechanical engineer. Most people in my profession consider coding up there with alchemy and voodoo. I just see it as a tool to get a job done on par with a good hammer or wrench set.

I'm sure some CS guys would look at my code and say I did something wrong on improper, but at the end of the day if 20 minutes of code saved me 10 hours of messing around in Excel I count it as a win.

90% of the coding I do is just pattern recognition and figuring out how to do it in a loop. Freshmen year we were supposed to write our own linear regression tool. The teacher gave us bonus points if we extended it to x^3 and x^4, right off the bat I noticed the 'pattern' of going from x^2, x^3, x^4 and just made it x^n and left it. I have no problem calling myself lazy. I hate doing things twice, I'd rather find the pattern and be done with it. I've been converting a bunch of Matlab code to Jupyter Notebooks. After the first one I decided copy and pasting sucked and was time consuming, so ended up banging this script out in a hackathon. It's not perfect but it's saved me probably 3x as much time as it took to write.

I find it funny that all these guys (Slashdotters) that use coding to do their job can't see how coding can be used to do any other job. Every single article that talks about teaching kids coding has the exact same comments on how kids don't need to know how to code since they might not be interested in CS.

The one and only time I ever learned assembly was making a PID controller for 68k and learned enough that I never, ever want to do assembly ever again. Same with C. I do most of my 'coding' these days in Simulink which is exactly what most Slashdotters say will never work. A simple drag and drop way to make code.

As an open source developer for minetest, I've been really hoping that Fedora doesn't ship wayland yet.
Our game client simply isn't usable on wayland: https://github.com/minetest/mi...

And this isn't about minetest not being able to run natively, no its a bug with the abstraction layer, xwayland. I understand the underlying issue that the devs want to forbid pointer warping, this is one of the security features of wayland, but please find a way for legacy applications like minetest to still run. All I've seen is pointer locking and pointer confinement being discussed, but no warping specifically for applications that still use and rely on X.

And other games have this precise problem too.

Its okay if the devs need some time to develop a great successor for Xorg, that's fine, Its a very large task, and I welcome the concepts of wayland. But Fedora, a fairly stable distro, really shouldn't ship immature software to their users as the default option.

About that Ghostery...

https://www.google.com/search?...

I've long-since moved away and use uMatrix. It's completely open and, unless I'm missing something in the code (I've checked the source - I'm pretty sure), there's nothing amiss there. It's got a bit of a learning curve but it's slight and easily doable. If I can learn it, I'm sure you can. You can then get rid of anything and everything on a site. It's pure whitelist-based.

I like to describe it as being akin to an old-school software firewall except limited to just your browser. However, as you can import and export both rules and settings, it makes it very portable. It's really nice and means you don't need to use NoScript and all the rest. Basically, unless you intentionally change it then anything not explicitly allowed is blocked. Once configured, it makes a handy tool. I've given my settings and custom rules sets to people before to get them started. I have the backup/import process sort of automated and mirror copies to a couple of private places online.

It's the same guy that makes uBlock origin, I've emailed 'em a couple of times. They won't even accept donations, put it that way. You can see his GitHub page here:
https://github.com/gorhill/uMa...

You can actually do a lot of what you can do with uMatrix by just using uBlock. On top of that, he also makes another extension called HTTP Switchboard. For the most part, all three are very similar but have slightly different goals and slightly different interfaces. At this point, I've been quite happy with his work. Just to be on the safe side, I sometimes remember to grab copies of the source that way, if things go south, I've got a way to fork from before things went south or the option to keep using the older versions.

All-in-all, there are tools out there that you can place a degree of trust in. It may take some research. I've no idea why you'd take my word for it but, if you want, my word is given that I both trust the uMatrix and uBlock code and author, for the time being, and am happy with the results. The best thing is that you can not rely on my word and just check the source yourself.

I think it's important to note that I'm actually a bit skeptical. I can, and do, set up Wireshark or push things through a hardware firewall and check the logs for suspicious activity. I can say, with a reasonable degree of certainty, that I've never seen any unexpected or suspicious traffic which can be traced to either of those two applications. I have not examined or made much use of the third program, HTTP Switchboard, so I will not opine on it except to say that, at this point, I've no reason to distrust it because of having used his other applications and finding them performing as advertised and only as advertised.

Here's a link to the source for all of his projects:
https://github.com/gorhill

Again, I only offer much of an opinion on the two and, as always, I encourage others to research and find their own solutions. In the case of Ghostery, specifically, you'd probably be better served seeking an alternative. For that, and to replace NoScript as there's no reason to run both, I recommend uMatrix. It even does HTTP referrers and whatnot. You can utilize blocking via HOSTS file inclusions and import them from multiple sources. I find them both quite handy, reliable, and trustworthy.

About that Ghostery...

https://www.google.com/search?...

I've long-since moved away and use uMatrix. It's completely open and, unless I'm missing something in the code (I've checked the source - I'm pretty sure), there's nothing amiss there. It's got a bit of a learning curve but it's slight and easily doable. If I can learn it, I'm sure you can. You can then get rid of anything and everything on a site. It's pure whitelist-based.

I like to describe it as being akin to an old-school software firewall except limited to just your browser. However, as you can import and export both rules and settings, it makes it very portable. It's really nice and means you don't need to use NoScript and all the rest. Basically, unless you intentionally change it then anything not explicitly allowed is blocked. Once configured, it makes a handy tool. I've given my settings and custom rules sets to people before to get them started. I have the backup/import process sort of automated and mirror copies to a couple of private places online.

It's the same guy that makes uBlock origin, I've emailed 'em a couple of times. They won't even accept donations, put it that way. You can see his GitHub page here:
https://github.com/gorhill/uMa...

You can actually do a lot of what you can do with uMatrix by just using uBlock. On top of that, he also makes another extension called HTTP Switchboard. For the most part, all three are very similar but have slightly different goals and slightly different interfaces. At this point, I've been quite happy with his work. Just to be on the safe side, I sometimes remember to grab copies of the source that way, if things go south, I've got a way to fork from before things went south or the option to keep using the older versions.

All-in-all, there are tools out there that you can place a degree of trust in. It may take some research. I've no idea why you'd take my word for it but, if you want, my word is given that I both trust the uMatrix and uBlock code and author, for the time being, and am happy with the results. The best thing is that you can not rely on my word and just check the source yourself.

I think it's important to note that I'm actually a bit skeptical. I can, and do, set up Wireshark or push things through a hardware firewall and check the logs for suspicious activity. I can say, with a reasonable degree of certainty, that I've never seen any unexpected or suspicious traffic which can be traced to either of those two applications. I have not examined or made much use of the third program, HTTP Switchboard, so I will not opine on it except to say that, at this point, I've no reason to distrust it because of having used his other applications and finding them performing as advertised and only as advertised.

Here's a link to the source for all of his projects:
https://github.com/gorhill

Again, I only offer much of an opinion on the two and, as always, I encourage others to research and find their own solutions. In the case of Ghostery, specifically, you'd probably be better served seeking an alternative. For that, and to replace NoScript as there's no reason to run both, I recommend uMatrix. It even does HTTP referrers and whatnot. You can utilize blocking via HOSTS file inclusions and import them from multiple sources. I find them both quite handy, reliable, and trustworthy.

There is a list on github: https://github.com/mozilla/pdf...

You can run your own gateway, and P2P networks don't need central points of contact anymore. The most vulnerable aspect at the moment is the software, but since it's Open Source (on GitHub, GPLv2) and about as illegal as the Apache web server software, it would be difficult to make it disappear. Everything else that you need to know has been posted in comments to this story. The Play site, like many torrent sites before it, doesn't distribute the actual movies: It's just a directory of "magnet" URLs. With a modern torrent client, you don't need a tracker anymore, so there's no single point of failure there either. I guess the downside is that this is all in the clear: Neither ZeroNet nor the torrent client hide what you're doing, so if linking to illegal torrents or downloading (and sharing) movies through torrents is illegal where you are, you shouldn't use that site. But you're not a single point of failure in that system, so the point stands.

Then, how do I recompile a custom kernel and with UEFI Boot and Secure Boot run it?

Depends on how your distro of choice has implemented Secure Boot.

All of the distros with official support are using a shim derived from Red Hat's. That shim is a very simple bootloader which maintains compliance with Secure Boot by only chaining on to verified binaries, but it allows the use of an additional public key which has been compiled in to the binary. Anyone who finds it worth the $99 can have their build signed by Microsoft and will then be able to boot anything signed with the associated private key on top of anything signed with the Microsoft keys the system has built in. It also provides a method to pass the public key down the chain so the next stage bootloader, kernel, and beyond can verify with it as well.

Fedora and Ubuntu stop here. Fedora signs GRUB2 with their key which then verifies the kernel, which then verifies the modules. ( http://mjg59.dreamwidth.org/12... ) Ubuntu jumped on a loophole in the wording of the Secure Boot spec to just use their key to sign a bootloader which will then happily launch an unsigned kernel. ( https://lists.ubuntu.com/archi... )

Suse took things a step further and expanded the shim to support a local key list in the UEFI configuration area. ( https://www.suse.com/communiti... ). Now even a system that lacks the ability to add keys to the firmware's verification process can run a fully signed boot process with custom keys.

Finally one of the main original developers on the shim who has since left Red Hat took Suse's key management code, mixed it with his own continued tinkering, and added a user interface that comes up if you attempt to boot a signed binary that doesn't match an approved key, allowing the user to browse for a key on any accessible storage and add it to the system. ( http://mjg59.dreamwidth.org/20... )

---

So the answer depends on your distro. If you're running Ubuntu, you just compile your new kernel and go have fun because Ubuntu's not yet verifying the kernel (this is apparently becoming optional in 16.04). If you're running Suse, you use whatever tool they offer to add a key to their shim's list. If you're running Fedora, you replace their shim with one of the other variants and either add a key of your own or just go Ubuntu-style and drop it at the kernel.

Of course this is all assuming your system doesn't allow you to change the keys, which I know is a valid theoretical possibility but I still haven't encountered in the real world.

A central point that will be argued is whether a work that relies substantially on the interfaces of the Linux kernel is a derivative work. Though I haven't researched it deeply, my impression is, that's a pretty solid yes.

That would mean that pretty much any software that operates directly with the kernel would constitute a derivative work which is exactly what the preamble in the kernel COPYING file serves to prevent.

NOTE! This copyright does *not* cover user programs that use kernel services by normal system calls - this is merely considered normal use of the kernel, and does *not* fall under the heading of "derived work".

It is very clear.

Most people run Lua on the ESP8266 and there are no Adruino compatible environments for it.

Oh yes there is. I run Arduino on ESP 8266-12E.

And since you didn't bother to google, I'll do it for you just to ruin AC's reputation and trolling attempt:

https://github.com/esp8266/Ard...
And a neato working Instructables to show you how to do this with no additional Arduino needed:
http://makezine.com/2015/04/01...>

Oh...and I even run a server on an ESP8266-12E and I used only the Arduino Sketch interface to upload directly to the ESP8266 like so many before me.

That is where uBlock Origin comes in. ;) I wonder how long that will last until we move to the next ad blocker!

I would hope such a code of conduct would have my back.

It doesn't. There's no such thing as "reverse-isms" in their world, and since their definition of racism is "power+privlidge" you're fucked.

The C# implementation of the whole .NET framework is fully open source. https://github.com/dotnet/core... Xamarin was chargin to use it and it was one of the few possibility to be able to write app that work on iOS. My best guess it will be free with Microsoft so dev can write app that works everywhere.

I think the row is about the Open Code of Conduct that GitHub claims to support, not its terms of service.

The Open Code of Conduct, for the most part, is a reasonable document. If I had a project I cared to implement it for, I would implement v1.0 sans this excerpt (not fixing the UTF for /.):

Our open source community prioritizes marginalized peopleâ(TM)s safety over privileged peopleâ(TM)s comfort. We will not act on complaints regarding:

- âReverseâ(TM) -isms, including âreverse racism,â(TM) âreverse sexism,â(TM) and âcisphobiaâ(TM)
- Reasonable communication of boundaries, such as âoeleave me alone,â âoego away,â or âoeIâ(TM)m not discussing this with youâ
- Refusal to explain or debate social justice concepts
- Communicating in a âtoneâ(TM) you donâ(TM)t find congenial
- Criticizing racist, sexist, cissexist, or otherwise oppressive behavior or assumptions

That part of the document makes no sense to me and seems to throw the rest of the document out the window. This is little different from the hostile environment I encountered at Grand Valley State University in Michigan, USA around the turn of the century.

The first point is the bombshell. Sexism and racism are not allowed except for the sexism and racism that are allowed. The second and fourth points are acceptable; not everybody is a good communicator (not saying I am). The fifth point I'm ambivalent about. The third point is the detonator cap because it shuts down dialog; combined with the first point, we have a real can of worms.

If I have a disagreement with a womyn-born-womyn who is sending me hateful messages, am I allowed to pull out my trans status so that I can make a complaint that will be heard? Who determines whether I'm eligible to be part of either/both the female demographic or the transgender demographic? What if I get shouted down for having male privilege? Will my trans status protect me from that or does it count as protected reverse sexism? Nobody knows.

This is the danger of statements like the quoted excerpt. Somebody wrote, "All people are equal." Then the social justice crowd came around and scribbled beneath, "Except some people are more equal than others."

I really think the social justice crowd does not know what it is actually like to face systematic, institutional discrimination. I do. It's not nice. I have no intention to ever again allow myself to be subjected to institutional discrimination again. I am an individual. I am not accountable for the actions of others. My individuality will either be recognized, or I will go elsewhere.

The social justice crowd seems hell bent on holding the wrong people accountable for the career choices of womyn-born-womyn and for the sexual harassment that gaslighting asshole managers pour on women. Yes, it bothers the hell out of me when womyn-born-womyn $x holds me accountable for womyn-born-womyn $y's decision that being a mother and a wife is more important to her than pursuing a career. It bothers the hell out of me when womyn-born-womyn $z uses sexist language (a plumber is always a he, a doctor is always a he, a nurse is always a she, etc) and it bothers the hell out of me even more when $x holds me accountable for $z's internalized misogyny.

In that scenario, all that $x has accomplished is convincing me that having a tech career is just too toxic. S/he hasn't created a single womyn-born-womyn programmer. Since I can never be certain who's a TERF and who isn't and when I'm more equal due to being trans or less equal due to assignment to the male gender at birth, I'll just leave tech. Nobody cares about the gender situation of somebody who's flipping burgers and whether or not they might secretly have male privilege.

There needs to be dialog about these things. Shutting down dialog is the first sign of a hostile environment.

(That's a 50 DKP minus if you respond to me again as though I'm a man who regularly sexually abuses women.)

What I'm confused about is the lack of diversity we so often see there. Let's take the Rust programming language project as an example. It's a heavy user of GitHub, and it's no secret that the Rust project is very supportive of social justice. It's really gung ho about codes of conduct and it even has a team of mods. But when we look at Rust's contributors we see that they are nearly all young white males. So despite supposedly being one of the most welcoming communities that most encourages diversity, why do we see a near total lack of diversity? Why I have I seen so much more diversity in every other programming language or computing community I've ever dealt with over the past several decades, where they weren't at all obsessed with social justice and diversity?

And they release quite a bit of open source code too...

We have adopted the Open Code of Conduct for the open source projects that we maintain, including Atom, Electron, Git LFS, and many others. The Open Code of Conduct does not apply to all activity on GitHub, and it does not alter GitHub's Terms of Service.

https://github.com/blog/2039-a...

Can you point to some specific issues with the Terms of Service?

We have adopted the Open Code of Conduct for the open source projects that we maintain, including Atom, Electron, Git LFS, and many others. The Open Code of Conduct does not apply to all activity on GitHub, and it does not alter GitHub's Terms of Service.

https://github.com/blog/2039-a...

Can you point to some specific issues with the Terms of Service?

The parent comment shouldn't have been modded down.

The use of "social justice" as an online weapon of sorts is actually a very serious issue for many of who have considered using GitHub.

There's the whole Open Code of Conduct debacle. On that very page, under the "What companies or communities support or use the Open Code of Conduct?" section, it clearly states "GitHub".

I encourage everyone to read the code of conduct for themselves. It's just absurd how detailed and controlling that code of conduct actually is.

But it's even crazier when it comes to stuff like its "reverse -isms" clause, which basically makes discrimination against certain groups of people mandatory!

You can read some of the comments supporting the code of conduct. It's unbelievable how hypocritical, contradictory and just outright hateful so many of the Open Code of Conduct's supporters are.

Code of conducts like that, and the people who support them, aren't there to foster a friendly, open community. They're there to brutally control others, and to force their views and opinions on others through censorship and harassment, even while claiming that such behavior is wrong!

I want absolutely nothing to do with those people, their twisted ideas, their rampant hypocrisy, and their atrocious codes of conduct. That's why I can't bring myself to use GitHub.