HackerTrans
TopNewTrendsCommentsPastAskShowJobs

bmandale

no profile record

comments

bmandale
·el mes pasado·discuss
It requires the claim to be made with "willful disregard for the truth". Notifying someone, especially with a cease-and-desist on fancy letterhead, makes it legally clear that they know better, and thereafter would be definitely libelling you (assuming the claims are in fact untrue and harmful). But you can still sue them for the claim prior to the notice, you just have to prove they should have known better prior to making the claim.
bmandale
·el mes pasado·discuss
A lot of these style of reframings seem to completely lack a theory behind them, as if reframing things will magically solve a problem. In this case, further vilifying or antagonizing drivers will do absolutely nothing to increase road safety. How would it? These memes won't reach the majority of drivers. Those it does, rather than feeling mollified, will feel accused, and hence will be more likely to drive recklessly around cyclists.

A reframing that would have the power to lower collisions between cars and bikes would be to blame the road design, or even the car design. These are things that can be easily changed for a large number of people if enough political will exists.
bmandale
·el mes pasado·discuss
People misunderstood your original reply. Correcting you is not pedantry.
bmandale
·hace 2 meses·discuss
Language is a communication tool. If you misuse language you will be badly understood. The solution is to use the correct word for what you mean, not to accuse others of sophistry.
bmandale
·hace 2 meses·discuss
Having assets under management doesn't mean you have that money. You don't own it, you are just taking care of it for somebody. When describing a company as an $X billion company, conventionally this is referring to the market cap. You could use it to describe other things they possess if you wanted to, but assets they manage will never be something they possess.
bmandale
·hace 2 meses·discuss
> One of our developers was compromised by a recent supply-chain compromise on Tanstack

...which in turn was caused by bad design of github's CI pipeline. Funny how it all comes back around like that.
bmandale
·hace 2 meses·discuss
Interestingly fails as well, in two ways. First:

> The string may begin with an arbitrary amount of whitespace (as determined by isspace(3))

Second is that it only applies to signed long long, not unsigned.
bmandale
·hace 2 meses·discuss
Some people would set up tooling to look for compromises the moment they get published. What's neat about this is that as an attacker you have no way to determine beforehand whether you'll get caught by this. So you would run your attack, it would lead to a compromised package being published, then the world would get a chance to look at it and see if they can detect the issue with it. This would of course lead to attackers being a lot sneakier. But I think due to the opaque nature of what checks people are running against packages and what they might notice, a much smaller number of attacks would make it through. Of course the ones that did by definition would be the ones that were impossible to detect and would thus stick around a lot longer.
bmandale
·hace 2 meses·discuss
open source does not mean open community. you can just throw tarballs over the wall
bmandale
·hace 2 meses·discuss
Missed the original. That seems like a reasonable way to highlight software that you believe is fundamentally insecure. Obviously you can't be on the hook to fix deep architectural issues yourself, but just submitting a single PR will be treated as "problem solved". Since most of any software contains some vulnerability, just saying "this software has an RCE" isn't actually a disclosure at all. The real issue is that the given vulnerability was (supposedly) easy to find, which if true is not something that will be fixed by targeting just that exploit chain, and needs deep changes to fix.
bmandale
·hace 2 meses·discuss
There are no "defaults that work for everyone". Well designed tooling acknowledges that and makes it easy to tune the software to your preference.
bmandale
·hace 3 meses·discuss
Politics are generally off topic and tend to be flagged.
bmandale
·hace 3 meses·discuss
>How do they get money for free?

market power

>What is stopping everyone else from doing the same?

see above
bmandale
·hace 4 meses·discuss
That's protection money, though trump so far hasn't demonstrated to be particularly worried about honoring those payments.
bmandale
·hace 4 meses·discuss
> tabs and spaces being mixed in the code

Python banned this in python3. Problem solved.
bmandale
·hace 4 meses·discuss
Clearer for the computer, but not for the human. Many errors, some severe, have been caused by a human only looking at the indentation and not realizing the braces don't match.
bmandale
·hace 4 meses·discuss
> I would love to see a language try to implement a rule where only an indented line is considered part of the previous expression.

After python, it seems like every language decided that making parsing depend on indents was a bad idea. A shame, because humans pretty much only go by indents. An example I've frequently run into is where I forget a closing curly brace. The error is reported at the end of the file, and gives me no advice on where to go looking for the typo. The location should be obvious, as it's at exactly the point where the indentation stops matching the braces. But the parser doesn't look at indents at all, so it can't tell me that.
bmandale
·hace 4 meses·discuss


  $ base64 -d <<< SW50ZXJlc3RpbmchIFBsZWFzZSB0ZWxsIHVzIG1vcmUh
  Interesting! Please tell us more!
bmandale
·hace 4 meses·discuss
>Remove all ASCII tab or newline from input.

the title is referring to inside html attributes, where they will be removed hence not affect where the link points.
bmandale
·hace 5 meses·discuss
Instead of making a sarcastic response, just state plainly what you mean. This prevents you having to get into dumb arguments that don't mean anything to people who don't already know what you're trying to say.