The "free press" doesn't have a "get out of jail free" card of being able to claim that they are just a "platform" and be able to dodge all responsibility for what they print like Facebook does.
If the press writes something objectively false about someone, they are starting at a defamation lawsuit. If they write something that gets someone killed, they will be staring at possible criminal liability. If they print, I dunno, a picture of a child having sex, there'll be hellfire and brimstone (both legal and social).
And no, saying "ha ha, it was just an opinion column" doesn't save them.
"Press" has perks but also has responsibilities. The free press is "ok" with these rules because they've had to follow them for decades. What they want is a level playing field.
> (To be fair, knowing ffmpeg exists doesn't mean I'd be able to easily write a video player with it without a lot of research. For that reason I find this tutorial is still quite interesting and valuable.)
The tutorial is still 1000 lines of C, involving SDL, ffmpeg and threads.
Yikes :)
Last time I did something like this (a UI that among other things, played a live stream from a cheapo IP camera), I used python and the libvlc python bindings. Creating a bare bones media player with it was trivial and it worked very well for what I needed. The only complaint I had at the time was that the documentation was absolutely terrible. A cursory look today reveals that they seem to have improved it, so yay?
And yes, the end result in my case came out MUCH smaller than 1000 lines (but lines of code is a shitty metric anyway).
If you "just" need a media player, IMHO, libvlc is not an awful option (in Python, at least - I have no experience with other bindings): https://wiki.videolan.org/LibVLC/
I don't know how long it is "supposed" to take, but you can compile a Linux kernel (27.8M lines of code, though a good chunk of it probably isn't going to be compiled anyway because you don't need it, and another good chunk is architecture specific) in under 10 minutes on relatively modest (but modern) hardware.
On the other hand, something like Chromium (25M lines of code) will take about 8 hours, and bring your machine to its knees as it consumes ALL available resources (granted, last I did this I only had 8GB of RAM, and I was running my desktop at the time... including Chromium). I don't remember exactly how long Firefox takes to build, but I remember it was significantly less time (maybe 3 hours?).
So... it depends? On a lot of things?
(btw, LoC numbers were pulled from the first legitimate looking result I could find on a quick search... take with a grain of salt... also, compilation times are a rough approximation based on my observations... that it with a truckload of salt)
The "web" is built around "human readable" technologies. Even actual implementation details that the user doesn't care about - like the application layer protocol (HTTP) and the source code for pages (HTML, CSS) - is human readable.
The "point" of the web was to serve humans, not machines. If we wanted to serve machines, we'd just throw binary blobs around, which would be orders of magnitude more efficient.
That said, I still have a bunch of "ancient" tech magazines that had directories of URLs for (then) popular websites, grouped by category. That's how we found things then.
People forget that there was a world before Google.
Software certification matters in certain industries.
In automotive and airspace, you will find that being certified opens a bunch of doors for you.
From a company's perspective, these certification don't PROVE that you know what you are doing, but at least they prove that you aren't completely in the dark with regards to all the annoying processes that exist in the industry (stuff like MISRA-C, Automotive SPICE and so on). Or at the very least, you aren't lying when you say that you've TOTALLY heard of them, honest (un-shockingly, people lie on their resumes, even about things that can be easily checked).
This might not get you hired, but it will make them consider you.
The decline of Firefox is largely due to Mozilla's incompetence.
If you look at their own statistics [1], you will notice that (worldwide) usage started declining after the introduction of Quantum (November 2017), and dropped substantially after the April 2019 addons outage.
This would suggest, IMHO, that Firefox loses market share when beloved features - customization, addons - stop working or got worse.
This is unsurprising to anyone who has been using Firefox for a long time: the primary differentiation factor of Firefox has always been customization. Messing with that would always be a risky proposition. Nuking the whole ecosystem entirely and starting over in the space of a few of months was simply idiotic. Disabling everyone's addon's because of an admin screw up was just the icing on the fucking cake.
> Thanks for the warning, are there any good tools that integrate with pull request checks that can be self hosted?
Recently at work we've done an analysis of a of CI/CD tools. Many of them are self-hosted, free (and open source) and support a variety of workflows - including pull request related checks (either by polling of via webhooks). A cursory search will yield you a lot to play with, so... go ahead and do that.
That said, if you don't want to think about it too much, you can't go wrong with Jenkins.
Some people will suggest GitLab. I'd steer clear of GitLab, though, because of their operational incompetence [1] and their funny ideas about mandatory corporate espionage [2] - I mean, telemetry - which they only backed away from because people yelled at them. That second one was enough to disqualify them in our analysis (the first one just cemented the idea).
That random file you downloaded off the internet was built under a specific set of assumptions - assumptions that only hold true if you are running the specific OS version they were targeting.
IF you download the .deb file for your specific OS, and IF you manually install all missing dependencies, then it works. Otherwise, you are still screwed.
At least you can extract it (IIRC, it's just a zip file anyway). But that's no different from going to sourceforge or github or whatever and getting the source tarball... and we are back where we started.
By the way, I was not complaining about "vendor lock-in". I was complaining about Debian's package management policies and how they can affect your software development process in practice - to make the case that apt is a crap replacement for a proper language/library/development/whatever oriented package management.
What's wrong with apt is that you can't get what YOU want: you can only get whatever the Debian people decided makes sense for one specific version of the OS - which usually means a 2 years out of date version of the library.
If you need a library of a version other than the Debian approved version, you are back to manually downloading source tarballs from sourceforge and figuring out their arcane build system.
Also, apt doesn't let you have two versions of the same library installed. For SOME things, they have more than one version package, but in general, you can't have STABLE_VERSION installed for your day-to-day OS usage and DEVELOPMENT_VERSION installed for your development needs. You only get one or the other (this isn't exclusive of apt - all Linux package managers do this, AFAIK).
Anyway, contrast that situation with pip (python), where you can just grab whatever version you want, have the package manager solve the dependencies for you, and slap it all into a virtualenv where it won't interfere with your system-level libraries. Heck, you can even grab versions straight from git, and it will (try to) solve the dependencies (if any).
That thing was terrible, but I'm kinda sad that a Microsoft Bob-like window manager (or whatever you want to call it) never panned out.
Yes, it blows for productivity, but it had "personality" - it was colorful and silly unlike your average UI today which either looks "industrial" or subscribes to the "everything is flat and bland" school of thought.
This seems like a really poorly thought out proposal.
From the draft's [1] intro, which provides motivation for the proposal:
> When security vulnerabilities are discovered by independent security researchers, they often lack the channels to report them properly [...]
Occam's Razor: they lack the channel to report those vulnerabilities because the company doesn't give a damn about security, not because of some hitherto unsolved technical difficulty.
Companies that give a damn about security already have either a "catch-all" contact for security related things displayed on their contacts page, or have dedicated pages detailing what the hell you are supposed to do to report a vulnerability. Companies that don't give a damn will continue to not give a damn and will ignore your document, and will continue to suck at security until someone starts punishing them - monetarily - for such appalling behavior.
But let's leave that aside for a moment. Researchers spot vulnerabilities. Need a way to report them. So what's the solution?
Apparently, a text file with only one mandatory field...
> 3.5.3. Contact
> This directive indicates an address that researchers should use for reporting security vulnerabilities. The value MAY be an email address, a phone number and/or a web page with contact information.
...which contains... er... a catch-all contact for security related things and or a link to a contacts page detailing exactly what the hell you are supposed to do to report a vulnerability? sigh...
But the real kicker is that that the standard doesn't even require that the contact information is up to date or valid:
> 6.2. Incorrect or Stale Information
> [...] Organizations SHOULD ensure that information in this file and any referenced resources such as web pages, email addresses and telephone numbers are kept current, are accessible, controlled by the organization, and are kept secure.
In case the meaning of "SHOULD" is in question see RFC 2119 [2], but basically, they "strongly recommend" that you keep your contact information up to day - instead of, I dunno, REQUIRING it, since having a channel to properly report security vulnerabilities is the ENTIRE POINT of this exercise?
/facepalm
Are we really supposed to take this seriously? This is simply security theater.
The point is that with DDG, you have a uniform syntax for searching multiple services that doesn't require any special cooperation from your browser or those services, doesn't require any setup apart from using DDG and only requires you to learn one new concept.
And this will work anywhere where webpages work (like, say, lynx), and will work consistently. There are thousands of !bangs, from things ranging from amazon, to wikipedia, to maps, to dictionary definitions... You aren't limited to a handful of hand picked services that your browser decided to support out of the box, or that you decided to manually configure.
Also, there is generally decent support to switch languages and regions for services that support it. For example, "!w" gets you "wikipedia", "!wsimple" gets you the "Simple English" version and "!wpt" gets you the Portuguese version.
Electronic voting machines run proprietary code which, AFAIK, was never publicly audited (AFAIK, the manufacturers have resisted auditing efforts bitterly).
How can you trust that the machine will behave as you expect in a "real world" setting, when the results truly count?
IMHO, the biggest risk from electronic voting machines isn't some rando swinging the elections with their 1337 haxx0r skills: the biggest risk is that the machines basically come "pre-hacked" from the factory - either intentionally, or unintentionally (bugs happen).
> Dow plunges 750 points after China devalues its currency
The article title:
> Dow plunges 800 points after China devalues its currency
And the first paragraph of the article is:
> The Dow tumbled more than 830 points [...]
So... which is it?
Edit to add: ok, the article's contets are apparently dynamically generated (or are being updated manually). I didn't know they did that. You can disregard this comment.
If the press writes something objectively false about someone, they are starting at a defamation lawsuit. If they write something that gets someone killed, they will be staring at possible criminal liability. If they print, I dunno, a picture of a child having sex, there'll be hellfire and brimstone (both legal and social).
And no, saying "ha ha, it was just an opinion column" doesn't save them.
"Press" has perks but also has responsibilities. The free press is "ok" with these rules because they've had to follow them for decades. What they want is a level playing field.