Slashdot Mirror

You seem really, really confused about the technical details. [AMP] isn't a cache. [...] A cache returns the thing cached [and a] proxy alters the data for each user [and] is not a cache at all.

It's always such a treasure to find someone who pokes fun at another user's technical knowledge only to absolutely fail at their own attempt at an explanation. Slashdot really is a mythical place, where users feel entitled to talk down to their fellow readers regarding topics they have absolutely no fundamental knowledge of.

First lets look deeper into your understanding of the most basic of terms: "cache" and "proxy". You do realize that a "cache" and a "proxy" aren't mutually exclusive, right? There are, in fact, proxy servers that also perform caching responsibilities (making such implementations both a "cache" and a "proxy"). It is entirely common for software to act in both compacities, or for two or more discrete services to work in tandem to provide said set of features. As it doesn't appear you have any first-hand experience working with this types of software, you may want to reference Wikipedia's articles on caches and proxies before taking another stab at commenting about AMP or any similar technologies.

Regarding AMP specifically, your statements are again incorrect. Don't take my word for it though, you can check all of the following resources to verify my assertions, if you feel so inclined: [1], [2], [3], [4], and [5]. To save you some time, here is a brief writeup from the developer documentation regarding the caching mechanics of AMP:

When a user requests an AMP document from the Google AMP Cache, the cache automatically requests updates in order to be able to serve fresh content for the next user once the content has been cached. With this model, updates to AMP documents propagate automatically and quickly; few users will see the non-updated version after your update. The cache follows a "stale-while-revalidate" model. It uses the origin's caching headers, such as Max-Age, as hints in deciding whether a particular document or resource is stale. When a user makes a request for something that is stale, that request causes a new copy to be fetched, so that the next user gets fresh content. To limit the amount of load it generates for publisher sites, the Google AMP Cache considers any document fresh for at least 15 seconds, and any resource fresh for at least 1 minute. Note that those numbers may change in the future, as we tune the cache for optimum balance between freshness and load on publisher sites.

-https://developers.google.com/amp/cache/overview#google-amp-cache-updates

It is important to note that AMP doesn't require use of Google's cache component. Those looking to implement the AMP specification have a broad array of choices regarding behavior of their content.

https://github.com/openstack/n...

That everyone can verify their votes are un-tampered, actually does tell us exactly that.

No, it only tells you that your vote is untampered and that nobody has complained. If a bloc of people complain, they may be trying to throw credibility concerns rather than reporting honestly.

we only allow you to prove you voted to others. Their are several proposals that have been discussed to do this. Where you can leave with your vote encrypted on paper, and you can provide any number of false keys to prove whatever you want anyone else to see, only if they were in the both with you could they get the real key.

A zero-knowledge proof. They're hard to set up. I've proposed a similar scheme for Internet voting; problem being that Internet voting is not observable and is thus incapable of providing any integrity at all, thus is not a viable method for public elections. (There are other concerns; most are coverable.)

You can't keep your real key if you're avoiding coercion or vote buying. Coercion would require you to show up with only one key, as they can't identify how many valid keys you created. You'd have to discard your real key and keep your false key; the possibility of doing so then makes it impossible to prove you haven't, so you can show up with any number of false keys and cannot prove which is real or if any is real.

The other option is to allow multiple votes, such that only the last one is counted

You'd have to identify who voted what, or identify single-person vote batches. This mimics a risk with ranked ballots: a specific pattern of voting can identify a voter. If you're only counting the last vote and identifying a person's batch, you have to identify which was actually counted, which gets you back where you started.

Exactly, that is why you allow everyone to validate their true ballot is cast. You also allow as many servers collecting results

I've suggested that--of course, with the results being after polling center counting. We don't plug voting machines into networks. That's a thing VVSG 1.1 allows; it's ludicrous.

with the same open source software.

Working on it, but this is really just a mess. I'm looking at architecture to get a feel for how to run this; in truth, I can't build this software. I'll have to hire programmers, and I only know a few who are actually cognizant of things like good architecture and design.

Prototyping helps me think.

You can verify and validate they all get the same results, if any official servers differ, or sufficient private servers differ to raise concern of a mass fraud, then you can re run all the ballots and find the difference. The states would have the keys for every machine in the state, and verify all machines reported in their results, and no extra machines reported extra results.

You've already failed.

I have suggested we can propagate results to anyone and everyone, and "recount" by all interested third-parties in real-time. In truth, even for ranked ballot elections, your public observers will be posting photos and results at each polling station to Twitter or New York Times or whatever. You can likely reverse a set of pairwise results to a set of ranked ballots (these are 1:1) in something like O(m*n^2*log(n)), although I haven't figured out the right algorithm yet. It's linear to combined sets, which means decoding two sets of 100 ballots takes twice as long as one set of 100 ballots, while one set of 200 ballots takes longer; because you can graph a necessarily-existing ballot or reduce the number of candidates in a subset of ballots, you're continuously shrinking the coefficients and so you get weird logarithmic stuff.

In any case, this all means we can not only validate the per-polling-place r

Oh yeah, should have said - it's GPLv3 code is here - https://github.com/tmrowco/ele...

Upgrade to Palemoon on your PC and to Brave on your Android devices.

I've seen them, and I hate them. I hated them from the first time I saw them. Actually, so much that I always (successfully) tried to avoid writing one. I think once I used a template.

Just look at this fuckery. I have to write the PID logic myself? Or I have to copy code? This is bullshit. I don't wan't to do this.

Once I've read a thread about X, and one comment said "If you have a UI, it's not Linux anymore!". Init scripts are for those people...

> Every rocket scientist/insert one of your choice knows that C makes it possible to exactly build what they want as precisely as possible.

Scientists avoid C every chance they get. Too much plumbing. They prefer Fortran, Julia, Python, MATLAB etc.

> than rely on some elegant high level construction that will clearly just not work on every piece of hardware.

Rust just leaves that to LLVM.

> The first rust implementation was not written in rust, but in C++ https://github.com/rust-lang/r...

Actually, it was first written in OCaml. This was before it hit GitHub.

> You need to learn a lot of things before you come here and start trashing other people about your made up knowledge on what C is and isn't.

And you need to read the online Rust book before you understand what Rust is. Right now you don't.

The first rust implementation was not written in rust, but in C++ https://github.com/rust-lang/r...

No, the first Rust compiler was written in OCaml, as someone already mentioned upthread. What you've linked to is the language runtime, needed in that form because the 2012 Rust was a very different language, with things like green threads and a garbage collector, and yes, that runtime was written in C++. The compiler was self-hosted by then, though.

Most of that should be obvious if one consults the readme file one level above the linked directory. So, why haven't you? If not seeking to wilfully misinform others, that level of carelessness doesn't instill confidence in your knowledge of the matter.

Don't worry. There's a Rust Verification working group aimed at developing formal verification methods for Rust. See also RustBelt.

Try a couple Pascal ones such as Toro or Ultibo. Or try a couple of Rust ones such as Redox or Nebulet. OSDev is a good resource for operating system starting points in various languages. You can take one of their bare bones OS examples and build from there.

The answer is in the initial text of GitHub issue 1633 for the project, words from user evocateur (Daniel Stockman) who is one of the project maintainers. Emphasis mine:

Second, I apologize for not enforcing the Code of Conduct in a consistent and timely fashion regarding the membership of James Kyle in the Lerna organization. Despite his numerous (and appreciated) contributions in the past, it has been very clear for quite some time now that he has decided to cease making constructive contributions to the Lerna codebase as well as actively and willfully disregarding the code of conduct that he himself added to the project.

(The last part of the final line is what makes this entire situation comic gold, but that's another discussion for another time.)

The individual jamiebuilds (James Kyle) in his initial PR stated:

... I have already spoken to @kittens and @evocateur about this privately, but I do need @kittens to give us permission to make this change. ...

The individual kittens (Sebastian McKenzie) responded while approving the PR:

I haven't been involved with Lerna since I first started it. None of the code blames to me so I'm happy to relinquish control and copyright to the existing maintainers. ...

However, the same individual in a later comment stated:

Just to clarify, I would not have personally made this change. I do however respect the existing maintainers of the projects decision to do so. I do not consider this project to be mine. ...

evocateur (Daniel Stockman) simply approved the PR without words. He explains that he made a bad mistake/judgement call in the portion of 1633 that I omitted for brevity.

In short: lerna is a great example of an open-source project where administrative maintenance/roles was/were a complete clusterfuck due to, at least in part, negligence. When your project consists of what appear to be apathetic "oh I'm no longer part of this thing any more" creators or contributors, it's only a matter of some before some shitlord comes along and submits a politically-tainted PR -- even if it's in violation of the rules (CoC) -- and that apathy results in "shrug, whatever sure that's fine, I'm busy with other things".

Proper OSS management involves only one thing: responsibility. If you're going to step away from the project (no matter what the reason), no problem -- if you own it (in GitHub) etc., try to pass control over to someone else who is willing to take it. Have your push/commit access removed. Have documentation updated to reflect who the current maintainer(s) are/is. Do the Right Thing(tm).

Matter of opinion, but what people should be taking away from this story is: if project maintainers are responsible, and committers + contributors alike focus just on the code/the technological aspects of the project itself (rather than sociopolitical matters, i.e. all the crap that these Webshit 2.0 millennials seem to be focused on via Twitter), then stuff like this doesn't happen. It's really simple, and summarised best by the No Code of Conduct rule set.

The answer is in the initial text of GitHub issue 1633 for the project, words from user evocateur (Daniel Stockman) who is one of the project maintainers. Emphasis mine:

Second, I apologize for not enforcing the Code of Conduct in a consistent and timely fashion regarding the membership of James Kyle in the Lerna organization. Despite his numerous (and appreciated) contributions in the past, it has been very clear for quite some time now that he has decided to cease making constructive contributions to the Lerna codebase as well as actively and willfully disregarding the code of conduct that he himself added to the project.

(The last part of the final line is what makes this entire situation comic gold, but that's another discussion for another time.)

The individual jamiebuilds (James Kyle) in his initial PR stated:

... I have already spoken to @kittens and @evocateur about this privately, but I do need @kittens to give us permission to make this change. ...

The individual kittens (Sebastian McKenzie) responded while approving the PR:

I haven't been involved with Lerna since I first started it. None of the code blames to me so I'm happy to relinquish control and copyright to the existing maintainers. ...

However, the same individual in a later comment stated:

Just to clarify, I would not have personally made this change. I do however respect the existing maintainers of the projects decision to do so. I do not consider this project to be mine. ...

evocateur (Daniel Stockman) simply approved the PR without words. He explains that he made a bad mistake/judgement call in the portion of 1633 that I omitted for brevity.

In short: lerna is a great example of an open-source project where administrative maintenance/roles was/were a complete clusterfuck due to, at least in part, negligence. When your project consists of what appear to be apathetic "oh I'm no longer part of this thing any more" creators or contributors, it's only a matter of some before some shitlord comes along and submits a politically-tainted PR -- even if it's in violation of the rules (CoC) -- and that apathy results in "shrug, whatever sure that's fine, I'm busy with other things".

Proper OSS management involves only one thing: responsibility. If you're going to step away from the project (no matter what the reason), no problem -- if you own it (in GitHub) etc., try to pass control over to someone else who is willing to take it. Have your push/commit access removed. Have documentation updated to reflect who the current maintainer(s) are/is. Do the Right Thing(tm).

Matter of opinion, but what people should be taking away from this story is: if project maintainers are responsible, and committers + contributors alike focus just on the code/the technological aspects of the project itself (rather than sociopolitical matters, i.e. all the crap that these Webshit 2.0 millennials seem to be focused on via Twitter), then stuff like this doesn't happen. It's really simple, and summarised best by the No Code of Conduct rule set.

The answer is in the initial text of GitHub issue 1633 for the project, words from user evocateur (Daniel Stockman) who is one of the project maintainers. Emphasis mine:

Second, I apologize for not enforcing the Code of Conduct in a consistent and timely fashion regarding the membership of James Kyle in the Lerna organization. Despite his numerous (and appreciated) contributions in the past, it has been very clear for quite some time now that he has decided to cease making constructive contributions to the Lerna codebase as well as actively and willfully disregarding the code of conduct that he himself added to the project.

(The last part of the final line is what makes this entire situation comic gold, but that's another discussion for another time.)

The individual jamiebuilds (James Kyle) in his initial PR stated:

... I have already spoken to @kittens and @evocateur about this privately, but I do need @kittens to give us permission to make this change. ...

The individual kittens (Sebastian McKenzie) responded while approving the PR:

I haven't been involved with Lerna since I first started it. None of the code blames to me so I'm happy to relinquish control and copyright to the existing maintainers. ...

However, the same individual in a later comment stated:

Just to clarify, I would not have personally made this change. I do however respect the existing maintainers of the projects decision to do so. I do not consider this project to be mine. ...

evocateur (Daniel Stockman) simply approved the PR without words. He explains that he made a bad mistake/judgement call in the portion of 1633 that I omitted for brevity.

In short: lerna is a great example of an open-source project where administrative maintenance/roles was/were a complete clusterfuck due to, at least in part, negligence. When your project consists of what appear to be apathetic "oh I'm no longer part of this thing any more" creators or contributors, it's only a matter of some before some shitlord comes along and submits a politically-tainted PR -- even if it's in violation of the rules (CoC) -- and that apathy results in "shrug, whatever sure that's fine, I'm busy with other things".

Proper OSS management involves only one thing: responsibility. If you're going to step away from the project (no matter what the reason), no problem -- if you own it (in GitHub) etc., try to pass control over to someone else who is willing to take it. Have your push/commit access removed. Have documentation updated to reflect who the current maintainer(s) are/is. Do the Right Thing(tm).

Matter of opinion, but what people should be taking away from this story is: if project maintainers are responsible, and committers + contributors alike focus just on the code/the technological aspects of the project itself (rather than sociopolitical matters, i.e. all the crap that these Webshit 2.0 millennials seem to be focused on via Twitter), then stuff like this doesn't happen. It's really simple, and summarised best by the No Code of Conduct rule set.

According to

https://github.com/lerna/lerna/pull/1633

He was removed for violating the Code Of Conduct that he himself created. The specific violations are listed here:

https://github.com/lerna/lerna/issues/1630

According to

https://github.com/lerna/lerna/pull/1633

He was removed for violating the Code Of Conduct that he himself created. The specific violations are listed here:

https://github.com/lerna/lerna/issues/1630

All the drama started when microsoft bought github. And I don't think you're right:
https://github.com/Microsoft/w... (from the same thread I linked that you apparently didn't read).

It wasn't even his software. Most of the commits were from another guy.

The same guy made a huge drama when Microsoft bought GitHub:
https://twitter.com/jamiebuild...
https://github.com/Microsoft/w...

Sample app with 'zero' permissions and still can access wifi mac (even when wifi is switched off) https://github.com/haninaguib/...

It does.
https://github.com/JuliaEditor...

If you are a Kotlin or TypeScript coder, Julia is not for you.
While it has all the general programming facilities, it is mainly a scientific programming language, not a web or app language.

If you don't have at least an undergrad in CS/Finance/Math/Physics/Engineering, you likely don't have a need for it and would be better off with Python or some other mainstream languages with numeric libraries for the occasional vector math that Julia primarily targets.

Western Civilization? Great? The same civilization that came up with the idea of the A-bomb, Tuskegee, napalm, and the Eugenics Movement? That Western Civilization? The same civilization who created thinkers like Locke and Kant who advanced theories of scientific racism that had incredibly harmful consequences? The civilization that took ideas of human freedom and individual rights and then held other human beings in bondage and proceeded to exterminate native populations? The civilization that was created and nurtured by old, racist, patriarchal white men?

Please tell me again about the bedrock Western values you're talking about, because nobody can make sense of the world salad you're writing. If anything it's refreshing to see Trump's honesty. Trump is the symptom, not the disease. https://github.com/dessalines/...

"If there is a country that has committed unspeakable atrocities in the world, it is the United States of America. They don't care for human beings."
-- Nelson Mandela

Probably needing the ftype=1 feature that enables d_type support which was not available until a few years ago and requires a fresh run of mkfs.xfs to enable. With d_type you can find out if a file is a directory, link, FIFO, regular file, etc. straight from readdir() without an extra stat() call for every file in the directory, but not all filesystems support it so falling back to stat() when d_type == DT_UNKNOWN is mandatory. I fixed a bug in dupd caused by assuming d_type always returned a good value, which failed on an XFS v4 volume and rendered the program unusable.

Without delving into the nitty details, both lsyncd* & the NextCloud/ownCloud clients use inotify to watch for file changes & kick off syncs, & I've never had an issue with either of them.

*I use lsyncd to maintain a rudimentary redundant mirror for one of my sites. Abstract from its readme:

Lsyncd watches a local directory trees event monitor interface (inotify or fsevents). It aggregates and combines events for a few seconds and then spawns one (or more) process(es) to synchronize the changes. By default this is rsync. Lsyncd is thus a light-weight live mirror solution that is comparatively easy to install not requiring new filesystems or block devices and does not hamper local filesystem performance.

Yes, Python is the current replacement.
However, Python is just not an array programming language by design.

https://github.com/malmaud/Ten...

Julia is Python + Numpy + Numba, without GIL, with metaprogramming features to make the code more symbolic than is possible with Python.
It's community also tries to work along side Python, rather than compete. There are packages to call both ways.

If you write only occasional linear algebra code, Julia is not worth the effort. But for those who write a lot more math code, it could be.

(How the heck do you develop on the web anyway? Unless he works exclusively in Javascript I don't see how that would work)

I've never used them and don't know how they work, but there are online IDEs for a variety of languages. https://github.com/styfle/awes...

I use a Chromebook. It is a HP. I run Debian on it using Crouton
That way I can easily find things I want and know, like terminals and bash and what not.
As an added bonus I can run it on an encrypted file and if somebody asks to look at my PC and I log in, there will be not much for them to see, unless they know to do CTRL-SHIFT-T, then shell (or pgdwn) and then "sudo startxfce4". And there I can use any browser that I desire with anything that I desire.

e.g. I use LastPass for logins, but not on the one on Chromebook. That user is not even the same as my 'normal' user that I use. I use Chromium and not Chrome on Linux.

The device is fast enough for browsing and the price is low enough to make it interesting. More here on various ones

If I would buy one now, I probably would go for the Acer. That said, I use it as a secondary PC and I absolutely need ssh to servers.

Proof of concept code here.

What smartmodem AT command unlocks a cellphone? And once it is supposedly unlocked though this magical AT command, there are other magical AT commands to emulate touch events?

LG smartphones. From the paper:

To demonstrate this attack, we combine AT commands to bypass the lock screen (AT%KEYLOCK=0), navigate to the settings menu using touchscreen automation, and allow USB debugging from our attacking machine (AT%USB=adb). The KEYLOCK AT command bypasses the lock screen even if a pattern or passcode is set. From there, arbitrary touch events can be sent to control the phone(*). Given that nearly 28% of users do not have a pin, pattern, or biometric lock, this attack would still be feasible even without the LG-specific KEYLOCK command

* Once these commands are patched, visit https://github.com/FICS/atcmd for an automated script and the required utilities

Samsung phones have AT commands for touch events, but no magic unlock command.

And more guns of course.

Well you can never have too many guns. If for no other reason that it triggers leftist assholes online. https://github.com/dsousadev/d...

Fuchsia's kernel is not Linux, but a real-time microkernel called Zircon. It's a fork of LK (Little Kernel) not under GPL.

https://github.com/littlekernel/lk/blob/master/LICENSE

Details are in the Github repo which is linked in the slashdot summary.

What are we talking about here, is it a full-blown x86 machine emulation with Windows 95 installed?

Yes, as explained on the README, it's based on https://github.com/copy/v86

Is the selling point of this just that it's easier to install than setting up a Windows 95 VM? ISTR someone already did a browser-based Win95 emulation years ago.

Yup, this basically takes the in-browser emulators written in JS (as you can find many of these to emulate older machine),
but instead of being a webpage you load into your browser, it uses Electron to make an app out of it.

Is it legal?

In theory Microsoft is still around and they still owns the copyright on Win95.
In practice, Microsoft probably barely gives a fuck about such an old OS that they have themselves deprecated so long ago,
and I'm quite sure that over the decades, you've probably ended up owning some license to run it legally (e.g.: as part of a pre-installed laptop, as some MSDN license through your university/your employer, whatever...)
Might even qualify under the "comedy" exception of whatever serves the equivalent of Fair use in your local jurisdiction.

Plus the whole thing is smaller than the giant katamari of javascript libraries loaded by any modern web page any way~~~

PS: looks like it is simply based on v86.js by Fabian Hemmer: https://github.com/copy/v86

Different people have different opinions on the philosophical question of what an operating system comprises. As long as defining "operating system" is hard, defining "native" will also be hard. These questions should help determine where one might draw the line:

Is an executable loader part of "the operating system"? In Linux, executable loaders are not part of the kernel except in the special case of a statically linked ELF. Everything else, such as Wine's PE format or an ELF that uses a shared library, goes through userspace. Dynamic ELF goes through ld-linux.so.2, whereas PE goes through the kernel's "binfmt_misc" mechanism, which launches Wine once that is configured.

Is Winelib "native"? Would Wine be native if executables shipped in ELF format linked to Winelib, as opposed to relying on binary compatibility with Windows PE format? And does the answer differ any for GNUstep?

People seem to be developing a comprehensive archive of Mozilla legacy extensions for continued use in Waterfox. Preserving comments and ratings is still important. Will people at Internet Archive and Software Heritage give their part of the larger task appropriate effort?

Waterfox, Its Legacy and Looking to the Future

Legacy Extensions Database #303

Waterfox the developer mentioned somewhere that he made a backup of the addons.

The featured article is about Steam. "Linux" in the context of Steam implies a userland environment that can run applications that use Steam Runtime. This means X11/Linux on an x86-64 desktop or laptop computer, not Android or router firmware or server operating systems.

All changes are upstreamed to the Wine project as they said in their FAQ, located here: https://store.steampowered.com... internally it's their packaged version with changes for Steam specific support but otherwise just Wine. Open source, and sources here: https://github.com/ValveSoftwa...

Two things keep me on Firefox 52:

1. Debian's preference for the oldest supported ESR version
2. The fact that Mozilla still hasn't fixed bug 1325692 that blocks WebExtension-based successors to Keybinder from being able to effectively unbind the Ctrl+Q=quit shortcut on Linux

Installer releases and latest betas

These are called New Moon builds. They are unsupported but I've tested them and work fine on Windows XP. Biggest advantage over outdated Firefox ESR versions: you can watch Youtube with the latest video codecs.

Shoot, that's a good question. I'm not too familiar with the third-party providers since I host my own DNS and simply wanted an easy way to renew without having to modify the processes connected to my main nameservers. I put my scripts on github, maybe they can still be useful: https://github.com/VirgoVentur...

âoeDevelopers essentially have no good alternative to the App Store on iOS. â What about the poor developers who have no alternative to Nintendoâ(TM)s eShop? Whereâ(TM)s their alternative?

Since iOS 8, which, IIRC, is about five years ago now, Developers have been able to Publish OSS iOS Apps, and MANY have:

https://github.com/dkhamsing/o...

That, and thanks to Cydia Impactor (which does NOT require a Mac), Devs. have also been able to Publish Precompiled .ipa App Files. There are several Aggregator sites, plus you can Publish those on your own Website.

https://iosninja.io/ipa-librar...

https://www.unlockboot.com/bes...

https://icydiageeks.com/free-i...

So, you were saying?

Every time I look, and it is a thing I look at with some regularity, it's a thing that doesn't work yet... so yes. If it dates back to ICS, then I should have seen it somewhere along I, J, K, L, M, N or O.

Besides, folks are re-implementing NTP in Android userspace on a per-application basis because the clock sucks on Android smartphones -- a thing that wouldn't ever happen if it didn't have to happen.

There are other hacks that work system-wide, but they require root since Android doesn't let usermode apps play with the system clock despite its extensive permissions system. (Because FUCK YOU, I think.)

I don't have root. (Wouldn't need it anyway if NTP was actually supported in the wild...)

But if I install the package at that last link, I can see that the offset is 1.4 seconds off from whatever instance of pool.ntp.org it found -- which is way, way outside the normal margins for modern networks and common NTP servers.

So no, Android doesn't use NTP.

Yes. Doom-emacs mode is supported.

https://github.com/hlissner/do...

Run your own map server locally (Sailfish server that works with multiple viewers, Android and iOS also have offline map solution, with MicroG providing several solutions for apps that require the Google Map API)

For the location service it self, you can have lots of replacement including offline too .

Fuck online companies.
( ^- that has actual very practical implications when you're abroad and have internet roaming or on a hike away from any connection services)

Ah yeah, kinda forget about that as I haven't used Windows in quite some time. Isn't Microsoft "ported" those spyware to Win7 and 8.x?

Yes, but you can remove it, let alone deactivate it.

Here's the code for the driver uses with Intel network gigabit network cards. Hardly anyone ever uses that, right? Only people with Intel motherboards or Intel network cards, and other companies network cards that use the Intel chip.

https://github.com/torvalds/li...

I see a couple hundred if statements in there. Maybe 20% of those will serve as a gadget. I bet you can find three or four bounds checks. In my other reply I showed you how to use a bounds check as a Spectre gadget.

Read and weep. C11 clearly shows basic_string implementations safely inserting characters into a string, as is required by spec. This is simply how iterators and allocators work in C++. Throws std::__throw_length_error when __capacity > max_size().

Eat your stupid lies. Pascal is a dead platform, ShortString is max 255 characters. lololololol

ZIP

The "language" consists of the compiler (the contents of src/), most of the standard library (base/), and some utilities (most of the rest of the files in this repository).

https://github.com/JuliaLang/j...

Probably someone watching Oracle asserting ownership of the Java base classes. Use was allowed, but not alterations or compatible implementations.

Explain the difference between a DDOS coming from, say, an IoT botnet, and one coming from 1000 people all actively posting crap to a comment submission system.

After Jeff Kao posted a screenshot of Regex101.com highlighting some generated comments, his analysis across the dataset, and the source code to reproduce his results, I'm pretty sure you can make a determination on whether it was humans posting those submissions.

I don't think anyone was personally trying to take down the comment site.** It was merely lots of parties trying to push their viewpoint, including: (a) Lots of pro-NN people, some of whom watch HBO; (b) a handful of con-NN people; (c) a few moderate pro-NN bots; (d) a few exceedingly aggressive con-NN bots.

** Except Pai himself, after the Jon Oliver segment.

In summary, your text editor works with text. Dropbox works with files on a very fundamental level. It stands to reason that they need to care about the underlying filesystem.

Dropbox reads and writes files using the same filesystem drivers as every other application. It reads and modifies file attributes through those drivers, as well. Anything it does at the filesystem level can be achieved with the mv, rm, cat, chmod, touch, and mkfifo commands.

there's actual technical reasons why a program like Dropbox needs to understand the abilities of the underlying filesystem and not treat it as a dumb pipe via some API.

No, not really. Look at OwnCloud's sync app as an example of how all of the things DropBox does can be done on any filesystem, on any OS, treating the filesystem as a dumb pipe via some API. Including notifying users via their file browser that files are in a certain state (done via OS-level APIs that may or may not exist at the filesystem level). On Windows, you do this via Overlay Handlers, you use Finder Sync Extensions on a Mac. On Linux, the method varies based on window manager (not filesystem) but there exists at least one library for that; the bonus is that it's cross-platform. Phantom downloads are easily done using named pipes and filesystem monitors, which are used by every realtime-scanning antivirus, exist at the OS level, and are filesystem independent. With a little creativity, I'm sure you can figure out how it's done. Here's a hint: the named pipes don't exist until you open the directory.

For damn good reason, most operating systems prevent direct-to-disk modification of a mounted filesystem (e.g. bypassing the driver for writes), which makes much of what Dropbox does simply impossible on those systems unless it's done via the filesystem driver APIs. Since you can't mount a filesystem twice, Dropbox accessing the filesystem directly would require the OS to unmount it and cede control to Dropbox; which would leave the OS (and thus the user) unable to access the files contained therein. As additional food for thought: if Dropbox were accessing the filesystem directly, think about it, it wouldn't work on a Mac at all, as Apple filesystems are proprietary, meaning that the Dropbox team would have no way of writing interface code for Apple's filesystems. Yet it works on a Mac.

In short, Dropbox is very much accessing files the same way your text editor does. It does a few things with those files that your text editor probably doesn't do, but it's not reading directly from, nor writing directly to, your disk.

Sorry, old link, this fork is working much better for me: https://github.com/abraunegg/o...