douglasg14b
@douglasg14b@lemmy.world
- Comment on The new Chinese owner of the popular Polyfill JS project injects malware into more than 100 thousand sites 15 hours ago:
I’m not sure if this is just a rhetorical question or a real one?
Because I didn’t claim it isn’t negligence. It is negligent, however, it is not a problem solvable by just pointing fingers. It’s a problem that solvable through more strict regulation and compliance.
Cyber security is almost exactly the same as safety in other industries. It takes the same mindset, it manifests in the same ways under the same conditions, it tends to only be resolved and enforced through regulations…etc
And we all know that safety is not something solvable by pointing fingers, and saying “Well Joe Smo shouldn’t have had his hand in there then”. You develop processes to avoid predictable outcomes.
That’s the key word here, predictable outcomes, these are predictable situations with predictable consequences.
These are abstract problems that affect “someone else”. This is the standard state of mind that most development teams and companies have when it comes to security.
By default everything you produce is going to be insecure and less you have professionals there to get in your way and ensure you are meeting compliance.
By default most companies and especially startups are going to write insecure software. Because the consequences don’t really matter at this point, all that matters is shipping the product and getting it to market for growth opportunity. And gambling on the BET that there won’t be any security breaches.
- Comment on The new Chinese owner of the popular Polyfill JS project injects malware into more than 100 thousand sites 2 days ago:
That’s not how systemic problems work.
This is probably one of the most security ignorant takes on here.
People will ALWAYS fuck up. The world we craft for ourselves must take the “human factor” into account.
And the majority of industries that actually have immediate and potentially fatal consequences do exactly this, and have been for more than a generation now.
- Comment on Mozilla roll out first AI features in Firefox Nightly 3 days ago:
Now we just need accessibility tools for the cognitively impaired that can’t seem to read the damn article.
- Comment on Rabbit data breach: all r1 responses ever given can be downloaded 3 days ago:
Typical security negligence of startups.
Your data is essentially never secure if it’s sitting with a startup. It’s an atrocious world for security out there.
- Comment on So is Israel just going to finish Palestine off? 4 days ago:
Literally the first thing you do on NoStupidQuestions is attack the person asking the question.
Cmon, that’s not acceptable behavior here.
- Comment on Apple limits third-party browser engine work to EU devices 5 weeks ago:
Yep, and Google does the same shit.
On Pixel phones you have the search bar at the bottom, which you cannot remove, replace, resize, or configure.
In the EU you can configure it to change your default search engine. In North America you cannot.
And on Google forums anyone who complains gets attacked by a wave of simps saying “Then just don’t buy a pixel then, go somewhere else if you don’t like it”.
So tired of this shit.
- Comment on Joe Biden spreads more insane Zionist propaganda at a graduation speech 5 weeks ago:
As is typical for MAGAs
They hallucinate more than LLMs
- Comment on 1000+ Firefox for Android extensions now available – Mozilla Add-ons Community Blog 1 month ago:
I mean, that’s not surprising though is it? If a FOSS tool I made has an additional feature that requires my own backend to support, then there has to be a backend to support it.
The FE that uses it is still FOSS, and one could always build their own API to the specs outlined by the client.
They could OSS their server side code ofc, that’d be cool. But that also takes sometimes double the effort to do well, and keep custom tweaks and changes either separate and proprietary, or build out a complex way for them to be dynamically injected. So I don’t really blame them on that one tbh.
- Comment on 1000+ Firefox for Android extensions now available – Mozilla Add-ons Community Blog 1 month ago:
Can you list some of those, I’m curious.
- Comment on Google employees question execs over 'decline in morale' after blowout earnings 1 month ago:
For real, we need unions. It’s a slow boil now, knowledge workers are the next factory workers.
Soon to be displaced as corporations gobble up another chunk of worker wealth.
- Comment on Kagi silently removed all references to Google's index from their website 1 month ago:
… Contacting someone makes you an: “unhinged fucking freak who does not respect personal boundaries”?
More people need to go touch grass, this is insane.
- Comment on Kagi silently removed all references to Google's index from their website 1 month ago:
It’s really disingenuous to mud sling people with a different view by implying they themselves don’t exist/are astroturfing/are bots.
I’m a real human who decided to use their service for kicks and actually like some of the benefits and control over the results compared to other search engines.
Especially when I’m doing research, which is usually half of all my time searching anyways.
Enough that I decided to pay for the service.
Are you saying that because I liked a service that I can’t seem to get anywhere else I’m now the bad guy?
- Comment on Why data centers want to have their own nuclear reactors 1 month ago:
That’s… Not how internet infrastructure works.
And cables are not in straight lines between you and the destination.
- Comment on Why data centers want to have their own nuclear reactors 1 month ago:
The US has an ideal location for it.
Unfortunately State politics and news fear mongering are preventing it from being developed and utilized.
Just more footgunning.
- Comment on After 16 years, Ecobee is shutting down support for the original smart thermostat 1 month ago:
I’m in my house right now with a perfectly working thermostat that’s 70 years old.
And given the mechanism of action it will continue working in another 70 years.
16 years for hardware used inside of homes is a ridiculously, absurdly, short lifetime. Even for a vehicle that would be pushing the edge of “too short”.
- Comment on 30% of Children Ages 5-7 Are on TikTok 1 month ago:
Imagine not realizing that people have to work for a living…
- Comment on 30% of Children Ages 5-7 Are on TikTok 1 month ago:
What a great way to dismiss an entire problems based that affects our society. It’s easier to just hand wave it away as someone else’s problem than to actually consider it…
When a problem becomes systematic it’s now a societal and cultural problem and not an individual responsibility problem. Individual responsibility isn’t working so it’s now down to the society this is occurring in to solve the systematic problem in a systematic way.
That’s how almost everything works
- Comment on How to Escape From the Iron Age? 2 months ago:
That’s… Not how steel production works.
Coal is a significant component in the production of steel to impregnate it with carbon.
I wonder if we can move more towards charcoals, but even then I wonder if that’s just much less effective.
- Comment on Reddit Is Taking Over Google 2 months ago:
Making it extremely hard to actually find professional content because Reddit tends to cater to the lowest common denominator and most professional subs tend to corrupt over time.
- Comment on In search of software for managing like a helpdesk but in a lite format 2 months ago:
Damn, that’s just cancerous
- Comment on YouTube’s ad blocker crackdown now includes third-party apps 2 months ago:
Garlic gross misunderstanding of software development, especially in large organizations.
Ignorant opinions only speedrun.
- Comment on Toki - A C# Fediverse server. 2 months ago:
I love this.
Especially being written in a language like C#. Which makes it incredibly accessible to work on, performant, and long-lasting.
- Comment on Welcome to the Golden Age of User Hostility 2 months ago:
I fail to see the claim that the article is false and misleading?
It sounds like what it states is what it is. Replace the phrase “currently has” with “didn’t” and your issue evaporates.
Which seems like unfair criticism given that the present or past tensing of an article’s statements are dependent on when it was written and is a rather fluid and interpretable thing. It’s a reasonable expectation that readers can understand and adjust their perspective of past vs present tense without failing to understand what the article is conveying…
- Comment on Microsoft won't update your Windows 11 PC if it has these apps 2 months ago:
Mac OS is Apple to oranges against windows when it comes to OS support?
Conveniently skipped that part and focused on Debian…
- Comment on Google’s expanded Find My Device network might arrive in a few days 2 months ago:
Depends on what country you’re in.
- Comment on Opera is testing letting you download LLMs for local use, a first for a major browser 2 months ago:
It doesn’t just require 20GB of RAM, it requires that in VRAM. Which is a much higher barrier to entry.
- Comment on Microsoft's Collapse in the Web Server Space Continued This Month 2 months ago:
I’m not sure that IIs is the relevant point here is it?
I build using Microsoft technologies, and haven’t touched IIs for more than 8 years. I almost entirely use OSS projects, on linux.
From writing, to testing, to IaC, to the runtime, the server OS, the webserver, the proxy…etc is all FOSS projects these days.
The only proprietary things I used is the hosting provider itself and their services, and my IDE.
- Comment on Court Bans Use of 'AI-Enhanced' Video Evidence Because That's Not How AI Works 2 months ago:
Of course, not everyone is technology literate enough to understand how it works.
That should be the default assumption, that something should be explained so that others understand it and can make better, informed, decisions. .
- Comment on Database-Based Operating System 'DBOS' Does Things Linux Can't 3 months ago:
With services written in typescript
That is a hard nope from me. In no world do I want any core part of any operating system I use directly or indirectly relying on the JavaScript ecosystem.
Aside from the performance concerns the security and longevity problems are through the roof.
- Comment on Proton Pass breaks prowlarr on firefox since today 3 months ago:
The error posted in the app is from the website itself. It’s likely that the password manager is injecting something into the page which is causing errors.
There are many ways for this to go wrong, it has nothing to do with the web service itself.