groet

@groet@feddit.org

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨‘Baldur’s Gate 3’ Maker Promises ‘Divinity’ Will Be ‘Next Level’⁩ ⁨⁨13⁩ ⁨hours⁩ ago⁩:
For smaller (indie) studios it can make sense. If the game costs more money to developed than the developer has, preordering is indistinguishable from crowdsourcing like kickstarter. It removes the need for the developer to take a loan and investors, possibly giving up creative freedom.

Anything backed by a (big-ish) publisher should never be preordered!
⁨Comment⁩ on ⁨My culture also loves music, dancing and telling stories⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Lots of Germans defending German cuisine, so as another German: you are absolutely right!

Germany has some great food and some Germans love making good food but German culture is absolutely not about food. The food culture we have is a development of the last ~40 years. Traditional German food is supposed to make you sated so you can go back to the fields and work! And the go to the army and fight! And then go to the ruins and rebuild!

Tasty and awesome food? Yes! A culture that tells you it loves food? No!
⁨Comment⁩ on ⁨Woke up this morning pondering THIS question⁩ ⁨⁨3⁩ ⁨days⁩ ago⁩:
I seem to remember a similar story of a zoo where the beavers built a damm in a dry concrete room. They later found out the area was above a waterpipe and the beavers were just way more sensitive to the sound/vibrations.

Couldn’t find it with 1min of DDG so might be wrong
⁨Comment⁩ on ⁨Are all dinosaur fossils 'replicas'?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Not sure if there are tar pits with dinosaur bones but there are bones (not petrified bones) of post-dinosaur megafauna like sabertooths in the La Break tar pit in Los Angeles. There probably exists a real dinosaur bone somewhere on the planet.
⁨Comment⁩ on ⁨Is it even feasebal to find 12 people who have not been screwed over by insurance for the Luigi trial?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Both of those are screwed over by the healthcare system and the companies perpetrating it. If you cant afford healthcare or don’t understand it because it is to convoluted, that is a result of the policies of healthcare providers.
⁨Comment⁩ on ⁨Decreasing Certificate Lifetimes to 45 Days⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Terminology: revoked means the issuer of the certificate has decided that the certificate should not be trusted anymore even though it is still valid.

If a attacker gets access to a certificates key, they can impersonate the server until the validity period of the cert runs out or it is revoked by the CA. However … revocation doesn’t work. The revocation lists arent checked by most clients so a stolen cert will be accepted potentially for a very long time.

The second argument for shorter certs is adoption of new technology so certs with bad cryptographic algorithms are circled out quicker.

And third argument is: if the validity is so short you don’t want to change the certs manually and automate the process, you can never forget and let your certs expire.

We will probably get to a point of single day certs or even one cert per connection eventually and every step will be saver than before (until we get to single use certs which will probably fuck over privacy)
⁨Comment⁩ on ⁨Decreasing Certificate Lifetimes to 45 Days⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
One reason for the short certs is to push faster adoption of new technology. Yes that’s about new cryptography in the certs but if you still change all your certs by hand maybe you need to be forced …
⁨Comment⁩ on ⁨I highly recommend journalctl-desktop-notification⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
You don’t need something ever. Sometimes you just want something because the alternative is realy bad. I don’t need to eat. I want to eat because I don’t want to starve.

I want to watch a movie with my partner at the agrees time because otherwise they will be mad. I want to access my digitalized documents to send a letter in time because otherwise I will have to pay late fees. I want to access my gameserver because that’s the one time a week I get to have fun with my friends from my college time.

There are many situations where I’d rather do the thing I want instead of doing maintenance.
⁨Comment⁩ on ⁨I highly recommend journalctl-desktop-notification⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
There is still a good reason to know about problems early. Without any monitoring you will find out about problems exactly in that moment when you what to use the service that doesn’t work. Sometimes you need something quick and you don’t have time to debug and fix in that moment. If you get an alert early you can decide to fix it right away or in a few hours or tomorrow.
⁨Comment⁩ on ⁨A cool feature/mechanic you want to see in games again⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
But that is also the worst part of boarderlands
⁨Comment⁩ on ⁨We've done it, boys⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Linux is famously both American and Corporate /s

But yeah sytsem76 and valve are both american and valve is corporate. And around Lemmy you would think they are the only ones responsible for the Linux boom.
⁨Comment⁩ on ⁨Is it completely impossible to do age verification without compromising privacy?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
The verifier does not have the information which sites you use. That’s the point of the setup. All communication goes through you, never the site to the verifier directly. You only pass cryptographic values between them that does not include identifiable information (neither about you to the website, nor about the website to the verifier). The verifier knows who you are, the website knows that you are old enough. Nothing else.
⁨Comment⁩ on ⁨Is it completely impossible to do age verification without compromising privacy?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
There is no system in the world that can fully prevent an authorized user to grant access to an unauthorized user. Even with an all time on camera and screensharing I can still find ways to have someone else control my computer while I “authorize” the connection with my face in the camera
⁨Comment⁩ on ⁨Is it completely impossible to do age verification without compromising privacy?⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Super easy. Technology has existed for quite some time and was already used in the encrpytion of web traffic.

Basically: you sign up with your “age verification institution” (ideally a service of your government because they have your ID anyway and no profit motive). This involves createing a private key (reaaaaaaaaaaly long password that is saved in a file on your device) and saving the public key with that institution. They also check your ID to ensure your identity and your age.

When you want to visit a 18+ website, the website sends you a nonce (loooooong random number). You take that nonce and send it to the verifier, along with a signature of your private key (and the age they want you verified against). The verifier verifies your signature using your public key. They then sign the nonce with their own private key, thereby verifying, that you, the owner of your private key (whos identity and age they have verified) are above the asked age theshould. You then send the signed nonce back to the 18+ website and they can verifiy the signature to confirm that a trusted age verifier has verified your age.

The site never has access to your identity and the verifier never knows which site you visited, only that you wanted to visit a website that wants to know if you are of a certain age.

(The corresponding technology was used for OCSP Stapling in TLS verification … and has been discontinued last year because nobody was using it …)
⁨Comment⁩ on ⁨Obama's got jokes⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Honestly, the next Democratic president might actually deserve one if they stop the active fashist takeover of democracy. Even if they do nothing else and continue all current wars etc. Not being Trump could probably save thousands if not millions of lives.
⁨Comment⁩ on ⁨Elon Musk Had Grok Rewrite Wikipedia. It Calls Hitler “The Führer.”⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
You can read right?

Führer = Hitler
Something-Führer / Führer-Something = not Hitler
⁨Comment⁩ on ⁨Elon Musk Had Grok Rewrite Wikipedia. It Calls Hitler “The Führer.”⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
The word Führer is 99% used for Hitler. There are many variants that are OK to use though. Most notably Anführer (if Führer is leader, Anführer would be “the one who leads ahead”) which is the common word to use for leader. Others are composites like Bergführer (mountain guide).

The swastica also existed before the nazis but is now forever tainted.
⁨Comment⁩ on ⁨Amazing⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Thats because the US is used to MM DD YY thats why the US talks like MM DD YY thats why its intuitive to you to use DD MM YY thats why …

There is no inherent “intuitiveness” to it. Its intuitive if you grew up with it and you use it. It is unintuitive if you didn’t.
⁨Comment⁩ on ⁨Amazing⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Its intuitive to people used to MM DD YY people and unintuitive to everyone else.

Today is the 24th of November.
⁨Comment⁩ on ⁨Gaming Pet Peeves⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Skyrim has a collectible item that is found in a main story area that is only accessible once. Its a very early mission and in one of the last thief’s guild quests they will tell you to get that item. That might be 200h after you did that main quest …

Good thing modding exists
⁨Comment⁩ on ⁨Gaming Pet Peeves⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I think in cyberpunk its because cars use a separate control set that can/has to be separately rebound. Its so you can use a joystick for driving and a gamepad for walking
⁨Comment⁩ on ⁨challenge⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Every broken doorhinge can be bypassed in two ways. Fix it. Or break it more.
⁨Comment⁩ on ⁨It's all relative⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Meth is an excellent weight loss food.
⁨Comment⁩ on ⁨Cloudflare blames massive internet outage on 'latent bug'⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

You don’t get hacking protection from bots

I disagree. I don’t know the details of cloudflares bot detecion, but there are many automated vulnerability scanners that this could protect against.

I said that instead of crashing the system they should have something that takes an intentional decision and informs properly about what’s happening.

I agree. Every crash is a failure by the designers. Instead it should be caught by the program and result in a useful error state. They probably have something like that but it didn’t work because the crash was to severe.

What’s the point of your complaint if you do agree?

I am not complaining. I am informing you that you are missing an angle in your consideration. You can never prevent every crash ever. So when designing your product you have to consider what should happen if every safeguard fails and you get an uncontrolled crash. In that case you have to design for “fail open” or “fail closed”. Cloudflare fucked up. The crash should not have happened and if it did it should have been caught. They didn’t. They fucked up. But, i agree with the result of the fuck up causing a fail closed state.
⁨Comment⁩ on ⁨Cloudflare blames massive internet outage on 'latent bug'⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

it shouldn’t crash the whole thing: if the bot detection module crahses, control it, fire an alert but accept the request until fixed.

Fail open vs fail closed. Bot detection is a security feature. If the security feature fails, do you disable it and allow unchecked access to the client data? Or do you value Integrity over Availability

Imagine the opposite: they disable the feature and during that timeframe some customers get hacked. The hacks could have been prevented by the Bot detection (that the customer is paying for).

Yes, bot detection is not the most critical security feature and probably not the reason someone gets hacked but having “fail closed” as the default for all security features is absolutely a valid policy. Changing this policy should not be the lesson from this disasters.
⁨Comment⁩ on ⁨Cloudflare blames massive internet outage on 'latent bug'⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Yes but no. If you use a different service for the same purpose as you would use cloudflare you will be just as offline if they make a mistake. The difference is just that with a centralized player, everyone is offline at the same time. For the individual websites that does not matter.
⁨Comment⁩ on ⁨Game marketing company takes down blog post bragging about how good it is at astroturfing Reddit after Reddit finds the post⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:

Bots will simply join the biggest instances. The only solution would be to defederate the main instances and have everyone pretty much host their own server.

the user base will consolidate to fewer and fewer popular instances that are able to address the spam.

You spin me right round, baby, right round 🎶🎶
⁨Comment⁩ on ⁨Game marketing company takes down blog post bragging about how good it is at astroturfing Reddit after Reddit finds the post⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
And if everybody hosts their own server, than so will the advertisers and everybody will have to defederate then individually making the problem of moderation even worse.
⁨Comment⁩ on ⁨owo⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Thats what discrete means (in an mathematical context)
⁨Comment⁩ on ⁨⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Not like the whole video goes from 1080p to 720p or something but single bits of the drive will fails over time. If that bit is part of your video file, one pixel of one frame will be the wrong color/black. If multiple bits close to each other fail you might get a video stutter. If even more fail your video player will not play the video at all (or just stop playing at the place of the errors).