irotsoma

@irotsoma@lemmy.world

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨D-Link refuses to patch yet another security flaw, suggests users just buy new routers — D-Link told users to replace NAS last week⁩ ⁨⁨4⁩ ⁨hours⁩ ago⁩:
I mean this is pretty standard in all industries regardless of whether it’s a software flaw or a physical flaw in any other kind of product. What’s the likelihood of a vacuum manufacturer replacing a part in a 15 year old product that had a 1 year warrantee even if it’s a safety issue?
⁨Comment⁩ on ⁨Palworld Developer Reveals The Pokémon Patents Nintendo Claims It's Violating⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
They left it small so that it wouldn’t be worth it to fight in court and they’d either just settle for a license fee or pay the fine. But sounds like the best way would be to get the patents revoked, but that’s probably more expensive than just paying the fine due to the legal fees.
⁨Comment⁩ on ⁨This is a simple and satisfying way to fight Trump and Musk | It's time to delete X⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
Not give up. Just move away from corporate owned social media which generally has biases baked in and allows for easy manipulation by the company. The one we’re on right now is not one of those and there are lots of other alternatives. Not that they’re perfect, just that money and especially wealthy individuals aren’t able to easily and singlehandedly manipulate millions of people by purging factual but dissenting information.
⁨Comment⁩ on ⁨Sweden, Norway rethink plans for cashless societies over fears that fully digital payment systems would leave them vulnerable to Russian security threats⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
You have to put on a show that you are sticking to those processes, on paper. But the fines for data breaches are generally way less than they save on not having a fully funded IT department and using security products that someone got a kickback for rather than the best product.

“Hacking” isn’t some magical, intensely creative process for geniuses loke on TV. For the most part, it’s usually just finding the really common things that IT departments don’t do because they are underfunded and treat IT people like replaceable cogs. There is software out there to exploit those deficiencies. So they are forced to do things like use default or obvious admin passwords because who knows who is going to be there tomorrow to fix something and without the proper tools to store credentials, there’s no way to properly secure things.

And when a security vulnerability is found, there’s a reason why many don’t bother informing the company before going to the media. Those companies pour tons of money into lawyers to avoid admitting the fault, often getting the innocent person who found the problem arrested, and never fix the actual issue. Just ask any pro whitehat security researcher not hired by the company all the things they have to do to protect themselves from being sued or arrested for “hacking” when they notice a problem.

And government technical auditors are a rarity because the regulators are underfunded. So they might go through some small list of things during regular audits, but they don’t know to check if a DBMS system that contains backups and is stored “in the cloud” is using a default password or other common hacking targets. Hackers don’t go after the primary infrastructure most of the time. It’s not necessary because there are so many sloppy processes or left over insecure projects that “the last guy” was working on or that got defunded before it was completed, but only the primary infrastructure gets audited usually because that’s all there is time and money for.

As for going somewhere else, there often aren’t other places to go and when there are they usually have the same problem because there’s very little reason for any of them to compete with each other. Most industries have consolidated so much that there are only a handful of parent companies left so it’s easy to collude just because their leaders are often all in the same room at conferences and such.
⁨Comment⁩ on ⁨Sweden, Norway rethink plans for cashless societies over fears that fully digital payment systems would leave them vulnerable to Russian security threats⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Yeah, considering how bad banks and other financial institutions are at IT security and the fact that there’s no incentive for a capitalist financial institution to fix that problem, it’s not a good idea.
⁨Comment⁩ on ⁨Are any games using neural networks for better hard AI that doesn't cheat?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
The only issue with current systems is that the “AI” is tweaked to the specific game mechanics. You can easily enough build multiple algorithms for varying play styles and then have it adapt to counter the play style of the player. The problems is that the current way that many games are monetized is through expansions, gameplay tweaks, etc., as well as those being necessary when a game mechanic turns out to be really poorly implemented or just unpopular and the mechanics change. If the “AI” isn’t modified at the same time to rake advantage of the changes, then it becomes easy to beat. The other issue is that eventually a human can learn all of the play style algorithms and learn to counter them and then it becomes boring.

Unfortunately, generative “AI” is not a true learning model and thus not truly intelligent in any sense of the word. It requires that it is only “taught” with good information. So if it gets any data that includes even slight mistakes, it can end up making lots of those mistakes repeatedly. And if those mistakes aren’t corrected by a human, it doesn’t understand which things were mistakes and how they contributed to winning or losing. It can’t learn that they were mistakes or to not do them. It doesn’t truly understand how to decide something is wrong on its own, only that things are related and how often it should use those relationships over others. Which means manual training is required, which due to the sheer volume of information required to train a generative “AI”, is not possible in a complex game where the player has thousand of possible moves that each branch to thousands of possible combinations of moves, etc.
⁨Comment⁩ on ⁨How annoying is it to connect to VPN/use Tailscale instead of being able to access the service directly?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Depends on how secure the application and the security you use in front of the application such as reverse proxies, load balancers, etc. If you are exposing a web application with no SSL, no two factor with, or something in a beta state or if you can’t trust your ISP not to create man-in-the-middle attacks for advertising and collecting information to sell which also likely introduces security vulnerabilities, then that could be a problem and a VPN or similar might be a big help.
⁨Comment⁩ on ⁨A TikTok alternative called Loops is coming for the fediverse | Users own their content, and Loops doesn’t sell or provide videos to third-party advertisers or train AI on them. It will be open source⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
It’s not the format that is the problem. It’s that old rich people from the broadcast industry decided that since they couldn’t compete with the communications and community industry they’d instead turn the communications platforms into broadcast platforms and tear down all of the community aspects. It happened to all of social media including more long form media as well. So if this project can avoid selling out or being manipulated by spammers into becoming yet another broadcast platform, it might have a shot.
⁨Comment⁩ on ⁨SF ads call out tech firms for not paying for open source.⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I don’t want their money. Money means they’ll feel even more like they own it. I want them to contribute code to the projects and stop violating copyleft licenses and share the code they are creating.
⁨Comment⁩ on ⁨Arc Browser - Changing focus when the main product isn't even finished?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I stay away from proprietary stuff when there are great open source alternatives out there. A proprietary system will always be more driven by those funding it, than the needs of the user and nearly always turn users into products, selling their information.

I’ve been using Firefox variants for a while. I use LibreWolf on desktop and Mull on mobile and a self hosted sync server so it works seamlessly. There are a few sites here and there that I don’t have the choice not to use and don’t like the privacy features or don’t render properly, so I keep Chrome around for emergencies. But that’s rare, mostly government sites.
⁨Comment⁩ on ⁨Windows Recall is secretly installed on non-Copilot+PCs (Privacy Nightmare)⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Yeah I like work for a major company in healthcare and they don’t allow Windows 11 for several reasons. But also outside of the healthcare data issue, there’s the legal issue of retaining data. Our company doesn’t allow us to retain emails for more than 2 years and there are lots of other retention policies, and software to enforce them, that don’t require keeping data, but instead require deleting it. This is a common trend in major corporations right now. You can’t have data hacked or subpoenaed in a court case if it doesn’t exist. Recall is great for micromanagement of employees, but bad for just about all other parts of a company. I don’t get who is behind this and who they think they’re appeasing with it.
⁨Comment⁩ on ⁨REPORT: Arm is sensationally canceling the license that allowed Qualcomm to make Snapdragon chips which power everything from Microsoft's Copilot+ PCs to Samsung's Galaxy smartphones and tablets⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Yeah, making patents nontransferable would solve that. Ultimately, getting rid of most would be good, but if we have to keep them, then they should be dissolved if a company fails or is bought out because obviously the patent itself wasn’t enough to make a product that was viable. So everyone should get the chance to use the patent. The whole purpose of a patent vs keeping tech proprietary until the product is released was to benefit society once the patent expires. Otherwise, it makes more sense for companies to keep inventions secret if they aren’t just stockpiling them like they do now.
⁨Comment⁩ on ⁨REPORT: Arm is sensationally canceling the license that allowed Qualcomm to make Snapdragon chips which power everything from Microsoft's Copilot+ PCs to Samsung's Galaxy smartphones and tablets⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Tech patents are ridiculous. Let’s end them or reduce them to 1-3 years with no renewal. Then all that’s left is the specific copyright to the technology, not lingering webs of patents that don’t make any sense anyway to anyone with detailed knowledge of the tech. All they’re good for is big companies using legal methods to stop innovation and competition. Tech moves too fast for long patents and is too complex for patent examiners or courts to understand what is really patentable. So it comes down to who has the most money for lawyers.
⁨Comment⁩ on ⁨Concerns Raised Over Bitwarden Moving Further Away From Open-Source⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
DMCA is a tool for suppression of free information. It doesn’t require evidence that you’ve made a good faith effort to consider fair use or other legal complexity as it’s meant to take down the information before that is settled in court, but most commonly used to suppress information from a person or group who can’t afford to fight it in court. Microsoft’s Github has a history of delete first without risking their own necks to stand up for obviously fraudulent takedowns much less ones with unsettled law like APIs/SDKs.
⁨Comment⁩ on ⁨Concerns Raised Over Bitwarden Moving Further Away From Open-Source⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
They’re basically trying to get rid of vaultwarden and other open source forks. I expect they’ll get a cease and desist and be removed from github at some point in the not too distant future if they don’t make some changes. I have a vaultwarden instance and use the bit warden clients. Guess I’ll need to look for alternatives in case Bitwarden decides to get aggressive.
⁨Comment⁩ on ⁨Why does the PC gaming industry still use such deceptive pricing?⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
To get sorted to the top of the lists for biggest discount. To claim bigger losses in copyright infringement cases. And to increase the perceived immediacy to buy it to get a good deal. Plus rich people don’t care how much something costs, so you’ll get a few of them here and there buying it at full price.
⁨Comment⁩ on ⁨California will force companies to admit you don't own digital content⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Which is why this will be fleeting if it ever gets implemented at all. Companies won’t allow it until they can spin it to their satisfaction. For now if it’s just CA, they can say “oh crazy CA and their crazy regulations” just like they say about the cancer warnings which actually are quite useful in reducing your lifetime cumulative exposure even if the chemicals from a single product won’t kill you immediately.
⁨Comment⁩ on ⁨I tried to selfhost Nextcloud at work⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Docker automatically upgrades if you tell it to by specifying “latest” or not specifying a version number. But it only upgrades if you issue the pull command or the compose up command. There are ways to start without a pull like using start or restart. So yes, there was warning and something you did actively told it to upgrade.

And it’s really bad practice to update any software without testing, especially between breaking/major version numbers.

Finally, it’s not uncommon for a platform to release its update and then the plugins or addons to follow. Especially with major updates that require lots of testing before release. This allows plugin/add-on makers to fully test their software with the release version of the platform rather than all of the plugin makers having to wait for one that may be lagging behind.
⁨Comment⁩ on ⁨YouTube has found a new way to load ads | AdGuard Blog⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
In the past they have always said that they aren’t transmitting the content and so it’s the responsibility of the transmitter of the data. Now the content at least appears to be coming from youtube not the advertisers. So I’m curious if that’s enough to make it fall under section 230 which would require that they make a good faith effort to remove “objectionable” content.
⁨Comment⁩ on ⁨YouTube has found a new way to load ads | AdGuard Blog⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
So if YouTube is now serving up the ads directly to me, does that mean they’re finally liable for the content of those ads? Can we have them investigated for all the malware, phishing, illegal hate speech, etc.?
⁨Comment⁩ on ⁨Microsoft inks deal to restart Three Mile Island nuclear reactor to fuel its voracious AI ambitions⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
That’s for normal activity and it’s totally irrelevant. So these are some stats about ionizing radiation dosages:
- Average from all sources for an average person for 1 year: 4mSv
- Additional if living within 50 miles of a nuclear reactor for 1 year: 0.09 µSv
- Additional of living within 50 miles of a coal plant for 1 year: 0.3 µSv
- Living within 30 km of Chernobyl before evacuation (10 days): 3-150 mSv
- Maximum allowed dose for radiation workers over 1 year: 50mSv
- 10 minutes next to the Chernobyl reactor after the meltdown: 50Sv
So, yes, nuclear power plants and storage pools are designed to shield radiation and thus during normal operation release an insignificant amount of radiation so much so that even coal burning releases a heck of a lot more.

But both of those are extremely insignificant if you consider that living near a coal plant will only give you a tiny fraction of additional exposure as the amount of radiation you receive normally from natural sources.

The problem is that with nuclear fission waste, a tiny leak can cause fatal amounts of exposure in a very short time. If a storage pool cracks after the 100 years or so they’re designed to last, or if a flood happens and overflows a storage pool, or a tornado picks up that storage water, or any number of other catastrophic events happen within the 10,000-1,000,000 years before that waste is safe, depending on the type, the people living nearby will likely not survive very long and that area will be contaminated for many times longer than human life has existed.

Fukushima was a good example and had to rely on the vast Pacific ocean to disperse the radiation. Chernobyl will be unsafe for 10s of thousands of years even if the coffin is maintained for all that time.
⁨Comment⁩ on ⁨Stardew Valley 1.6 is Coming November 4th.⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
If you like this genre of games, then this is one of the best, so yes, play it. It’s a great, addictive, one more… kind of game with a ton of stuff to do, lots of goals short and long term.

I never really care for the dating sim portion of these kinds of games all that much, so I can’t comment on that part much, but the rest is great!
⁨Comment⁩ on ⁨Microsoft inks deal to restart Three Mile Island nuclear reactor to fuel its voracious AI ambitions⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Yeah, too bad there’s no long-term storage for the waste so it will mean more and more leaks polluting land for centuries since the power companies will just go bankrupt when it’s time to do anything about it like with most forms of pollution.
⁨Comment⁩ on ⁨United Nations wants to treat AI with same urgency as climate change⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
So none at all…
⁨Comment⁩ on ⁨Would you buy "self-hosted in a box" hardware?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Would only be worth it if you created a system for easily deploying applications on an already set up subnet with routing preconfigured.

Like set up a single server kubernetes distribution like microk8s or minikube on the server with metalLB and ingress already preconfigured on the server and router. You could also give instructions on how to install a GUI like Lens and how to use it to deploy a few things. Probably using workstation applications would be better than a web UI like Portainer to keep the server lighter, but either might work.
⁨Comment⁩ on ⁨Why my apps will soon be gone from the Google Play Store⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
They removed the requirement for a DUNS for individual developers, so I switched my account to individual from my previous LLC. My LLC has been inactive for a long time and I didn’t feel like changing my address with the IRS and all that. But all of my apps are free.

But the real issue is they keep making it more difficult to keep the app active. There are so many documentation requirements that I just didn’t have time for, so my apps which are really old got removed over one of those new requirements a while back. I fixed a few like making it an adults only app because it has a recipe for mulled wine. But it just wasn’t worth all the other stuff and I haven’t wanted to recompile in the newer SDK. If I could do it without making any changes to the code it would be fine, but there’s been too many changes. One of these days I’ll update it, but I’m one of the few people who even use my apps, so it’s not a big deal.
⁨Comment⁩ on ⁨Peloton to ruin the secondhand market by charging a $95 ‘used equipment activation fee’ | It doesn’t apply to refurbished models bought directly from the company⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
The whole reason the product is so expensive is the online services. And if the first person paid the price for that, then no one should be required to pay for just changing hands. Problem is that it was priced with the idea in mind that most people who bought the product would quit using it after a short time and that concept was the basis of their profit. It’s a bad, short term strategy designed to generate short term profit at the expense of long term profit which only benefits investors. And this leads to the main problem with the current system. The end-user is no longer considered the customer, investors are.
⁨Comment⁩ on ⁨In Leaked Audio, Amazon Cloud CEO Says AI Will Soon Make Human Programmers a Thing of the Past⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
And anyone who believes that should be fired, because they don’t understand the technology at all or what is involved in programming for that matter. At the very least it should make everyone question the company if its leadership doesn’t understand their own product.
⁨Comment⁩ on ⁨Why are so many leaders in tech evil?⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
Tech is just the most visible industry right now. Look at any other major corporations and you’ll find the same.
⁨Comment⁩ on ⁨Trump promotes family's new crypto platform, 'The Defiant Ones'⁩ ⁨⁨2⁩ ⁨months⁩ ago⁩:
But Trump believes that all executive branch employees are directly reportable to him and he forced out and refused to replace many employees. Also, there is Schedule F. Trump didn’t have enough time to fully implement it the first time. This removed employees are n “confidential, policy-determining, policy-making or policy-advocating” positions from the General Schedule. Meaning they were political appointees going forward. Biden rescinded it immediately so it never got used, but it will be reimplemented.

With that, he has the power to implement almost anything without oversight. When he implements his tariffs for example, and other countries retaliate with their own, the value of American goods will plummet since they’ll be way more expensive. This will reduce trade and thus the value of the currency. And no amount of tweaks to interest rates will stop that.

Sure he can’t print money, but the reliability ratings of US debt are already declining due to the fights over the debt ceiling, and Trump supports that fight and doesn’t believe that the US should have to pay those debts because of the investments we’ve made. Simply blocking those payments could tank the currency. There are tons of ways if there’s no legal consequences and most employees are replaced with his loyalists.