I’ve been making reference to the much discussed “replication crisis” in academia. They are factious comments meant to be jovial, entertaining, and thought provoking.
Data Science
I’ve been making reference to the much discussed “replication crisis” in academia. They are factious comments meant to be jovial, entertaining, and thought provoking.
Apparently most of them.
Reproducing a recipe is something scientists struggle with, so it must be impressive when you succeed 😉
Mp3 is a proprietary format on copyright. Some idiot ceo can came and change the rules, let’s add an ads mandatory for each decoder.
This is not true. Copyright is not relevant to an encoding standard. The standard has been unchanged for 26 years and all legal claims of patent rights related to implimentations of the standard have expired before May 2017.
@swooosh@lemmy.world you should probably know about this as well.
I’m going to need some time to process this.
I’m very confused about what your requirements are based on reading your post and some of your responses to comments, but I’m going to suggest that you look into Quarto
You can use this as an opportunity to have a conversation about what it is about those movies that she likes. This could open up to a larger conversation where you can connect and grow your relationship as mother and child. Or she might just say something vague and simple and you can ignore the movies while they sit in a separate library.
It’s strange to me people refer to the awk
command rather than the AWK language.
That doesn’t seem to clear up anything other than indicating that the fork was motivated by wanting to do things differently for the sake of being able to do things differently.
Which is fine, I do this often enough. But I don’t expect to get a lot of others to follow suit on that basis alone.
It seems Poettering is convinced doas
, while decreasing attack surface, depends on SUID binary implementation which is a concern in its own right. Poettering is trying to eliminate that dependency in his `run0’ implementation to reduce the attack surface even further.
The relevant excerpt from the long chain of posts from Poettering’s mastodon.social account is copied below:
… led various people to revisit the problem and come up with alternatives: most prominently there’s probably OpenBSD’s sudo replacement called “doas”. While it greatly simplifies the tool and removes much of the attack surface, it doesn’t change one key thing: it’s still a SUID binary.
I personally think that the biggest problem with sudo is the fact it’s a SUID binary though – the big attack surface, the plugins, network access and so on that come after it it just make the key problem… … worse, but are not in themselves the main issue with sudo.
SUID processes are weird concepts: they are invoked by unprivileged code and inherit the execution context intended for and controlled by unprivileged code. By execution context I mean the myriad of properties that a process has on Linux these days, from environment variables, process scheduling properties, cgroup assignments, security contexts, file descriptors passed, and so on and so on. A few of these settings the kernel is nice…
… enough to clean up automatically when a SUID binary is invoked, but much of it has to be cleaned up by the invoked suid binary. This has to be done very very carefully, and history has shown that SUID binaries are generally pretty shit at that.
So, in my ideal world, we’d have an OS entirely without SUID. Let’s throw out the concept of SUID on the dump of UNIX’ bad ideas. An execution context for privileged code that is half under the control of unprivileged code and that needs careful, … … manual clean-up is just not how security engineering should be done in 2024 anymore.
With systemd v256 we are going one step towards this. There’s a new tool in systemd, called “run0”. Or actually, it’s not a new tool, it’s actually the long existing tool “systemd-run”, but when invoked under the “run0” name (via a symlink) it behaves a lot like a sudo clone. But with one key difference: it’s not in fact SUID. Instead it just asks the service manager to invoke a command or shell under…
… the target user’s UID. It allocates a new PTY for that, and then shovels data back and forth from the originating TTY and this PTY.
Or in other words: the target command is invoked in an isolated exec context, freshly forked off PID 1, without inheriting any context from the client (well, admittedly, we do propagate $TERM, but that’s an explicit exception, i.e. allowlist rather than denylist).
One could say, “run0” is closer to behaviour of “ssh” than to “sudo”, in many ways. Except that…
it doesn’t bother with encryption or cryptographic authentication, key management and stuff, but instead relies on the kernel’s local identification mechanisms.
run0 doesn’t implement a configuration language of its own btw (i.e. no equivalent of /etc/sudoers). Instead, it just uses polkit for that, i.e. how we these days usually let unpriv local clients be authorized by priv servers.
By isolating the contexts and the resources of client and target we remove some other classes of attacks…
… entirely, for example this stuff:
https://ruderich.org/simon/notes/su-sudo-from-root-tty-hijacking
But enough about all that security blabla. The tool is also a lot more fun to use than sudo.
Read the rest where he explains run0
’s use and functionality beyond the design logic.
Why do you say that? It seems that Poettering’s reasoning for avoiding SUID binaries is sound.
I guess it depends on what you’re planning doing with NixOS or Aux. I wouldn’t use it for anything new and critical. I’d figure out a mitigation strategy if I were relying on it for something critical.
But for experimental purposes, neither option seems like a bad call.
It’s great to see that TUXEDO is having success with their European market for Linux pre-installed computers
ChatGPT doesn’t know anything, don’t trust it.
I try to be positive here on programming.dev but someone gave you an incredibly thoughtful reply and you returned the favor with absolute disrespect. I think the only positive outcome here would be for me to simply block you and encourage others to do the same.
I’m going to throw this out there not being sure how true it is, but I find it interesting to think about.
XMPP is much more widely used than Matrix if you count WhatsApp (Meta/Facebook). ActivityPub is much more widely used than AT Protocol and nostr combined if you count Threads (Meta/Facebook). So reasons why people aren’t talking about XMPP include not wanting to recognize that Meta is hugely influential in this space and that most people don’t talk about the underlying protocols of the services and tools they’re use at all leaving a self selected group of people looking for alternatives with traction that don’t depend on Meta. Outside of WhatsApp, there’s not a lot of traction with any particular XMPP implementation. And none of the XMPP implementations have a Discord-ish organization of chat rooms that’s popular and familiar right now. Matrix has both right now (although I don’t think it will ever be more than a small niche in the mobile messaging space).
I’m fine with using Matrix for what it is. There are programming language communities that have been very helpful for me and a number of Lemmy related communities that have been nice to be a part of.
Ask on the original post, I’m not the person who is asking.
From my understanding Redis hasn’t been libre software since 2018 so the new competition from Microsoft might be a driver for the licensing decision.
The presentation was apparently from years ago (some time before the switch to ‘main’ from ‘master’ in git). I’m guessing about 5 years ago.
RISC V seems inevitable