HackerTrans
TopNewTrendsCommentsPastAskShowJobs

DownrightNifty

no profile record

comments

DownrightNifty
·2 เดือนที่ผ่านมา·discuss
If you're gonna use Claude for writing in some capacity, this is definitely the way to do it. Thanks for not letting it write for you.
DownrightNifty
·4 เดือนที่ผ่านมา·discuss
> Many of those points reveal lack of knowledge about Windows administration capabilities.

Do those capabilities require a more expensive edition of Windows?
DownrightNifty
·5 เดือนที่ผ่านมา·discuss
In what ways does LineageOS trail behind AOSP in terms of security? I looked at the comparison chart you linked elsewhere and the privacy/security sections only seem to list advantages over OEM Android (not AOSP), with the exception of secure boot [1], but AOSP (not OEM Android) doesn't have that out-of-the-box either. Unless you are comparing Lineage with OEM Android?

[1] https://eylenburg.github.io/android_comparison.htm
DownrightNifty
·5 เดือนที่ผ่านมา·discuss
They do provide installation commands for every platform that aren't vulnerable to homograph attacks due to GitHub not allowing Unicode characters in user/repo names :)
DownrightNifty
·5 เดือนที่ผ่านมา·discuss
But as the title of the post says, browsers already solved this problem.

https://www.xudongz.com/blog/2017/idn-phishing/

It does make running commands from an untrusted website a little safer, which is nice. I imagine it's not uncommon to copy installation scripts from random StackOverflow comments or blog posts, for example. But that's still not safe even with this tool. Homograph attacks aside, how can you tell if a URL you're pasting into your terminal is the official source for something? It's trivial to create fake GitHub accounts or organizations.
DownrightNifty
·5 เดือนที่ผ่านมา·discuss
A simpler solution: examine the URL displayed in the browser window before copying terminal commands from the page. E.g. "starts with github.com" -> "trusted GitHub UI indicates the repo is the official one for this project" -> "URL points to the official project README" -> "terminal commands are most likely not malicious, and if they are, there's a bigger problem here".

Of course, more secure installation methods should be preferred, but those are not always available. I am simply comparing the provided solution to homograph attacks with another solution to the same problem.
DownrightNifty
·6 เดือนที่ผ่านมา·discuss
The linked article seems to imply that this remains a good design choice even today:

> The use of this rule can be seen for example in MacOS, which always places the menu bar on the top left edge of the screen instead of the current program's windowframe.

I guess now that the browser is the one app you probably spend the most amount of time in, it might make a little less sense? Android's lack of a menu bar system makes it make very little sense there.
DownrightNifty
·11 เดือนที่ผ่านมา·discuss
Wow, this is great. Would you mind if I reached out over email?
DownrightNifty
·ปีที่แล้ว·discuss
True, it's far from ideal, and not entirely without Apple's approval. You need an Apple ID, to accept Apple's EULA (which probably forbids such activities), to accept the risk of your Apple ID being banned [1], to accept the risk of Apple breaking things (intentionally or not), and to continue asking Apple's server for new signatures every week into the foreseeable future.

Still better than nothing, for those already fully immersed in the Apple ecosystem, with no hope of escape? (I still use and recommend Android, but I have a spare iPad to play around with, so I enjoy seeing stuff like this come out.)

[1] They recommend using a secondary Apple ID, which eliminates most of the risk: https://swiftpackageindex.com/xtool-org/xtool/1.10.1/documen...
DownrightNifty
·ปีที่แล้ว·discuss
Mega cool!

We should all be taking full advantage of the amazing capabilities of the pocket supercomputers we all carry around with us at all times (even if the companies who make them don't want us to or don't care about us). Anything less would be silly! Now Linux and Windows users (the majority of iPhone users) can do easily do so, and that's great.

To install your own personal homebrew apps without Apple's approval, use AltStore (Windows) or SideStore (Linux):

https://faq.altstore.io/altstore-classic/how-to-install-alts...

https://docs.sidestore.io/docs/installation/linux