TootSweet

TootSweet , 5 days ago

Not saying I disagree, but what specifically would you prefer? Gecko? Or is there something better? (Maybe I'm just engaging in wishful thinking asking if there's something better.)

TootSweet , 6 days ago

Regardless of 4chan's privacy situation, it's a total cesspool. Nothing worthwhile happens on 4chan.

TootSweet , 10 days ago

Speaking for myself, yes, mostly that.

TootSweet , 10 days ago

So, first off, none of what I'm about to say would, on its own, be enough to cause me to downvote something. But since you asked about the "mostly..."

Browsers are ridiculously bulky these days without adding plugins. On top of the bulkiness of the browser itself, "simple" web apps these days without adding to it. Animations use CPU and take time. Rounded corners and extra spaciousness use screen real-estate. I'm typing this on a Raspberry Pi 4. Chromium is unusable. Firefox is barely tolerable. And it doesn't have to be that way. I've got a more powerful box, but it's not what I'm using right now.

(Yes, GPTheme is only 34k. But it'd have to be negative in size for that to be an argument that would work on me.)

Plus, customizations like browser extensions require maintenance. One day OpenAI is going to update their markup and GPThemes is going to break. And if I was using GPThemes with ChatGPT I'd have to either uninstall it or go research whether there's an update for it. If I set up a new device anywhere, I'd need to either be happy with an inconsistent experience of ChatGPT across devices or make sure I installed GPThemes on all of my devices, which is another step I could leave out to save time.

Yes, this bit applies to all customizations. I don't have any aliases in my .bashrc. I honestly prefer to just memorize things. The only real "customization" I ever do to my machines is remapping caps lock to escape. I'm just the sort of person who is very selective about what kind of customizations I consider worth it.

Again, in the absense of my distaste for "AI" nonsense spilling over into non-AI-specific forums, none of this is a reason to downvote. Just a reason to scroll past. "Not my bag." And some folks love customizing in ways like this. I definitely don't have any problem with the fact that other folks' calculus is different than mine in that regard.

Since I've been so negative here, one thing I do like about GPTheme is the use of GPL-3.0 . I think copyleft is a hell of a good idea.

TootSweet , 14 days ago

Wait, is this about SQL injection? Are they admitting that If I paste a piece of paper that says '; drop table streets; -- over their street sign it'll fuck all their shit up?

If so, this is not a problem that should be fixed by changing the street signs.

Or is the problem that they've got people with limited technical skill manually constructing SQL queries to search these "geographical databases" and not knowing how to properly escape them?

Or did some intern developer neglect to use a parameterized query and something broke and the management chain at the North Yorkshire Council who don't even know what pebkac stands for heard "apostraphies are the problem?"

Maybe they've got some image recognition thing on their mail trucks and the apostrophies mess up the otherwise-monospace letter spacing?

Whatever the case, the whole idea of taking the apostrophies off the signs seems ridiculous to me.

TootSweet , 15 days ago

Only thing that's guaranteed is that you'll never actually get to the sexy goblin.

TootSweet , 21 days ago (edited 21 days ago)

As in, you can type in the password but when you submit it, the login page says it's the wrong password? Or as in you can't get the password box to accept foucs? Or as in when it has focus and you press a key, it doesn't add dots to the box indicating you've typed in a character.

The KDE Neon machine I have to use for work does the last of these. But I've got two monitors. My workaround is to go log in on the other monitor. And that works, somehow. Weird, and a bit of a pain, but it works for me.

If you meant the first of these, it's possible you've just entered the wrong password enough times that it locked you out for 10-ish minutes.

TootSweet , 21 days ago (edited 21 days ago)

Software cannot be Open Source and require royalties.

The word you're looking for is "source available", not "Open Source."

You should probably be talking to a lawyer, not Lemmy, let alone /c/opensource.

TootSweet , 22 days ago

Man. It must be nice not to be drowning in 30 unfinished projects with another 30 on your mind to start all the time.

Usually, if I learn a new language, it's because it seems like the right language for whatever project I'm wanting to undertake rather than "I want to learn a language; let's see if I can come up with a project to do in that language."

TootSweet , 24 days ago

That site's great.

The main thing I wish for is for ffmpeg to start supporting the wlroots screengrabbing api.

TootSweet , 24 days ago

Just some thoughts off the top of my head.

• Did you burn the image to the partition on the card or to the card? (You'll want to do the latter.)
• You might want to try booting from the card before expanding the partition to 2GB just to make sure the partitioning program isn't doing anything bad.
• Can you check and see if one of the partitions on the card is marked as a boot partition?
• Maybe just open the disk itself in a hex editor if you can and make sure whether the MBR seems to have bootloader code in it.

TootSweet , 24 days ago

I'm not familiar with the tool they talked about for burning the image to the SD card, but can you share a screen shot of the options you used when burning the image?

TootSweet , 24 days ago

Ah! SDHC.

So, SDHC cards are a little different than regular SD cards (the protocol used to communicate with the card is a little different) and often aren't supported by particular SD card readers like potentially the SD-to-IDE adapter you're using.

(I know back in the day, I hacked my Nintendo Wii, which involved loading a bunch of homebrew programs on an SD card, and at first it didn't support SDHC cards until there was a firmware update.)

Technically, I think any SD card can be SDHC, but almost always SDHC is only used by high-capacity cards. Also, I think they usually say "SDHC" physically on the card.

So, probably the next thing I'd try if I was you was to change out your SDHC card for a non-HC SD card. Any 8GB to 32GB card should be fine, I'd think. (If you have any that are smaller even than that, like 256MB, even, you could at least use it to confirm that's the issue. You just couldn't expand the partition sizes out to 2GB.)

TootSweet , 27 days ago

This might be an unusual answer, but OpenSCAD. OpenSCAD files are just so much easier to work with when you're doing 3d printing than some random .stl file that might be non-manifold (have holes, self-intersections, whatever) and is usually really hard to modify in reasonably precise ways.

If it's an organic shape (a human form or whatever), then it probably makes sense to share it as an .stl. But if it's a wall mount for some device or an enclosure for a Raspberry Pi or something, it'd be so much nicer if they'd made it in OpenSCAD rather than FreeCAD or TinkerCAD or whatever.

If it's not in OpenSCAD, it's honestly more often than not unusable. Even if I don't need to tweak the file. Unless it's an organic shape kind of art piece, I usually end up recreating the same shape from scratch in OpenSCAD.

TootSweet , 1 month ago

If you've got time to stack dice, you've got time to take notes.

TootSweet , 1 month ago

Maybe someone providing the same save data for free or someone doing save tampering for their own personal play experience wouldn't have been in violation of that 2019 act?

TootSweet , 1 month ago

https://suckless.org/ has left the chat.

TootSweet , 1 month ago

Some day I'll probably run Fate. I'm currently playing Fate as a player, but some day when that campaign's over I'll probably start a Fate game as a GM.

As to the "why haven't I run it yet", mostly because it wasn't really on my radar until recently. Once it was on my radar, I happened to stumble across someone else advertising to run a Fate game, so I focused my energies on getting into that game as a player.

TootSweet , 1 month ago

If you get caught, your professional life is over.

That seems hyperbolic. Maybe your workplace is super draconian and will immediately fire you in such a case. But different employers have different cultures. Where I work, there are running jokes among the employees about how hard it is to get fired. One of the few cases of a firing we know of involved someone who was so passed-out drunk at his desk that he couldn't be awoken. And that was after he was given multiple stern talkings to.

I've seen people play WOW and Counter Strike on their office computers in the office in very visible areas.

Lest you think "yeah, but no place where it's that hard to get fired is going to have a locked down firewall" this is the same place where I had to make a special request to have http://portswigger.net/ , the official site of Burp Suite Pro, the web application security tool, unblocked so I could evaluate it's suitability to replace the tool we were using previously. (From what I've seen, Burp Suite Pro is kindof the de facto tool for web app security among pen testers, or at least was at the time.) The reason given on the "this site is blocked" page the corporate proxy gave was because it had something to do with alcohol.

In my time here, I've gone to lengths to curcumvent corporate firewalls multiple times. Both for personal aims and because it was necessary to do my job. I've never once been repremanded for it.

OP knows their workplace. OP, be smart, but do if you can get away with it, go for it.

TootSweet , 1 month ago (edited 1 month ago)

I'd love a Cliff's Notes version of this draft.

The arbitration agreement seems really sketch, though.

TootSweet , 1 month ago

Open Source is sometimes described as "anyone can contribute", but that's an oversimplification. Open Source projects always have a gatekeeper or small community of gatekeepers who decide which contributions are actually incorporated into the project and which are rejected as not up to snuff or straight up bad ideas or whatever.

That's what you meant by your first question, right? Not "how do I hide the code of future changes" but "how do I retain control over what code is added to my repo", correct?

Even if you meant it the other way, you could theoretically do that. Open Source one version and then never release any newer versions.

TootSweet , 1 month ago

Ah! Yes. No reason why you couldn't. It would require making a new repo, copying the files into the new repo, and committing in one big commit before pushing to gitlab, but yeah. Definitely doable.

(I basically always do this myself. I don't start the Git repo until I want to Open Source it. So when I first Open Source it, it's a "complete" (or at least "minimum-viable-product") project and there's only one commit. Every commit I make and push thereafter is public, but there aren't any from before my first push/publish.)

TootSweet , 1 month ago

...if you hate anyone who might have a clone that they want to pull to later.

TootSweet , 1 month ago

The Open Source Iniative has a particular definition of "Open Source" that includes a lot more things than just "the source code is available." I'll admit that there is a certain extent to which the OSI's definiteion is implicit. For instance the OSI wouldn't consider a license that didn't allow recipients to sell the code for profit, but that bit's implicit under "6. No Discrimination Against Fields of Endeavor."

(I should mention that there's nothing in the Open Source definition indicating that Open Source software repositories can't have gatekeepers or anything. That's expected.)

I wouldn't use the term "Open Source" (and I kinda like to capitalize it to make it clear what definition I'm using... though I'm not 100% consistent about it; maybe I should start being so) to refer to any software that didn't meet the OSI's definition. So, for instance, I wouldn't refer to Louis Rossman's Grayjay (which disallows for instance sale and derivative works) or Meta's LLaMa as "Open Source" despite the fact that the source code is publicly available for no charge to anyone who cares to download it. (The term "source available" certainly fits applications like Grayjay and LLaMa's engine, though the term "Open Source" doesn't apply to LLM weights.)

And the distinction's important to me. I don't exclusively run Open Source (or Free/Libre) software, but there are a lot of specific contexts in which I do only use Open Source software. For instance, I don't run any proprietary (by which I mean "non-FLOSS") apps on my smartphone. And Grayjay doesn't count in my book, and until/unless it one day does (or I quit abandon that particular restriction), I wouldn't consider using it on my smart phone.

Your point that Open Source software contributions basically always have to be approved by somebody before the they get into "the" repository (the most canonical one that "everyone" pulls from, though you can totally make your own derivative work and publish it if it's truly Open Source).

TootSweet , 1 month ago

Jesus. Even Redis falling prey to enshittification.

This is why we should prefer copyleft-licensed software. It's a Ulysses pact with users.

TootSweet , 1 month ago

I think in *nix, shell-configured init systems came first and the non-shell config file init systems are a more recent development. The real question is why the non-shell-configured init systems decided to change it up.

TootSweet , 1 month ago

I use Sway exclusively on my personal systems. For work, I have to use Zoom, and you can't share your screen on Zoom if you're using Wayland. So I use xorg-server and i3.

Aside from Zoom, the only thing I wish would support Wayland better is ffmpeg. There are janky workarounds to make ffmpeg capture from Wayland, but they're... well, janky workarounds. If I abolutely have to capture video from my desktop, I switch to xorg-server/i3 long enough to do that then go back to Sway.

I'll switch to Wayland on my work machine when Zoom supports it. And I guess the ffmpeg thing, while unfortunate, isn't enough of a deal breaker to keep me from daily-driving Wayland.

TootSweet , 2 months ago

First off, IANAL. Not legal advice. Consult with a lawyer or at very least some place like the Software Freedom Conservancy if you want legal advice.

If you've got an employer who is willing to let you own the copyright on stuff you write as part of your job, that's pretty awesome. But if you don't have that in writing, it's probably still risky to move forward under the assumption that you own the copyright. If you haven't specifically had a conversation with your employer about this, I'd definitely say you need to before you conclude you're in the clear on that score.

But assuming you've got all of those i's dotted and t's crossed, the next question is "where do you live?" If you're in the U.S. this court case is probably relevant and (IANAL!) probably weighs in your favor.

TootSweet , 2 months ago (edited 2 months ago)

(Did I mention IANAL?)

Yeah, but at least in the U.S., the rules are that if you made something subject to copyright protections as part of your job, absent any specific agreement between you and your employer, it's "work for hire" and thus owned by your employer. That is, it doesn't require any specific agreement/contract to make it your employer's. It requires a specific agreement to make it yours and not your employer's.

(Unless you didn't write the "custom functionalities" as part of your job, which can be pretty dicey. If you did it during off hours but using your employer's computer, for instance, it becomes a difficult question to answer whether you wrote them specifically as part of your job. Even if you did it during off hours and on your own hardware with your own license for the proprietary software in question, it'd be difficut to decide whether it was work for hire or not.)

So, if you want to do things the right way, that involves making an agreement with your employer that you own the copyright on the code in question. If you moved forward with distributing the software you wrote without such an agreement that wouldn't be "doing things the right way." That would be "hoping you don't get caught." I don't think there'd really be any confusion, really, since it's pretty cut-and-dried that unless you've discussed this with your employer and made an agreement, you clearly don't have the right to distribute this software under any license (open source or otherwise.)

Now, even the step of making such an agreement would be kindof complex. Assuming your employer was open to the idea, you might assume you could make a contract transferring ownership of the work to you, but contracts require "consideration", meaning both parties (you and your employer) would have to benefit from it. You could potentially argue that by open sourcing it, your employer has the chance of benefitting from voluntary contributions by a community of Open Source developers, and that could likely (IANAL) fulfill the consideration requirement.

Another option, and I'm thinking probably the most straightforward, would be for your employer to retain the copyright and grant you permission (and I think it'd be good to get that permission in writing, though it wouldn't have to be on paper; an email would be fine, but you'd probably want to forward it to an email address you own and would retain if you ever left the company) to publish it as an open source project (and I believe the GPL would be fine for this) on their behalf as part of your job. Lots of companies do this. Netflix for instance.

And, again, IANAL and this isn't legal advice. I've done some research and I'm interested in these topics, but I'm not an expert and you'll get a lot more mileage from consulting a lawyer.

TootSweet , 2 months ago

The way I would look at it is:

• If you aren't sure you can trust your computer, you should probably cover your webcam.
• Your level of risk tolerance can vary, so what a person would consider trustworthy may differ from person to person. (For some, maybe any proprietary software makes the computer untrustworthy. For others, maybe they feel smart enough to make good decisions about what software is trustworthy and they just don't download anything that sets off their spidey sense. Or whatever.)
• If you're taking extreme measures to ensure your machine is trustworthy, you're probably going much further out of your way than covering your webcam anyway. If you've picked a lot of the higher branches clean anyway, you probably ought to go ahead and pick that remaining low-hanging fruit.
• Regarding Windows specifically, some would probably call Windows systems less trustworthy on some combination of that a) Microsoft is assholes that might themselves use webcam data in evil ways and/or b) Windows is more targeted by crackers and malware.

TootSweet , 2 months ago

They "opened an investigation with the allegation of fraud, but no criminal charges were brought." So, yeah. They at least had some reason to think he was doing this intentionally.

TootSweet , 2 months ago

I honestly don't know what you mean by any of these. What do you mean by "tabs"? What "tags" do usernames have on them? What do you mean by "the downvotes have disappeared?"

TootSweet , 2 months ago

Bean, stroganoff, and poop-holding cards when?

Also, Xavier: Renegade Angel. And... are acorns the new thing or am I missing something?

TootSweet , 3 months ago (edited 3 months ago)

I write a lot of my own software and open source it. And very few of those projects ever have/get any contributions from anyone else. In fact, most of the recent ones literally only have one commit out on Gitlab. And it's pretty rare that I contribute to existing open source projects.

Many years ago, I contributed as part of my job a fair amount to a some WYSIWYG documentation writing web app associated with the Gentoo project. I think that web app is long-since dead and gone. (Not my fault, I promise. Lol.)

Oh, also, I wrote a lot of code as part of the same job that I was always promised would be open sourced, but I kindof had to leave without pushing that issue and that code hasn't ever been open sourced. It's bullshit that still bothers me today, but there's nothing really that I can do about it now. The place is out of business. I could theoretically contact the guy who was in charge (he would have inherited all of that company's intellectual property and would have the right to open source it now), but that guy's the kind of person I'd much rather never have any contact with again. It's a whole thing.

Since then, nothing concrete I can think of.

TootSweet , 3 months ago

You don't mention any specific distro, but I'm guessing it's pretty similar across distros. And since Arch tends to have good documentation, I've focused mostly on Arch. (I use Arch BTW. Fight me. :wink:)

The differences are that a different set of configuration options were selected when building the Kernel. All differences in configuration were selected with security in mind.

Here is a full list with lots of details but just vaguely (in roughly the same order as they are on the Arch page):

• It takes some special memory management steps to mitigate buffer overflow and stack overflow kind of vulnerabilities that might exist in other programs on the system.
• It locks down access to some information about specific kernel processes to prevent malicious programs from accessing those kernel processes. (And the wiki page says specifically that this doesn't really help much unless you compile your own kernel, but yeah.)
• Locks down "BPF" which, honestly, I don't know much about. Has something to do with firewalls?
• Prevents one application from getting internal data about another application (like happens with programs like strace or gdb.)
• Hides other users' processes from your current user.
• Prevents loading of unsigned kernel modules.
• Turns off a feature that lets you replace a running kernel with a newer kernel version without restarting the whole computer.
• Enables "Kernel lockdown mode" which "strengthens the boundary between what the root user can access and kernel space.
• Enables "LKRG" which is kindof an "intrusion detection system for the Linux kernel."
• Disables the emergency shell that can otherwise be used to debug and recover when your system fails to boot. (But could also be used to do evil things if an adversary has physical access to the computer, I think?)

So, all fairly technical stuff, but just locks stuff down and locks down things to improve overall security at the expense of some functionality. Some applications just straight won't work with a hardened kernel. (skypeforlinux-stable-bin is an example of a program that the Arch page listed above gives that just won't work.)

TootSweet , 3 months ago

Even if it's just another scheme to further concentrate wealth (and it is at least that), that harms everyone but the 0.1%.

TootSweet , 3 months ago

Completely unrelated to anything my post said.

TootSweet , 3 months ago

You're hallucinating. (Pun intended.)

Neither Capt. Wolf nor I said a single thing about AI or Open Source. And the article didn't mention anything about Open Source.

TootSweet , 3 months ago

!lostlemmings ?

TootSweet , 3 months ago

Something no one else has mentioned is that it's at least theoretically feasible to recompile an entire Arch system from source with particular compiler flags using ABS. It's mentioned in passing here. I haven't been able to find any straightfoward guides or anything, but it seems like it's doable. (Might require some custom scripting to be reasonably easy to do, though.)

TootSweet , 3 months ago

Now I kinda want to do it. Lol.

TootSweet , 3 months ago

Ooo. Yes, I expect that'll be a battle. More power to you and I'd love updates if anything happens. (If you can, of course.)

I'm guessing you may already be familiar with a lot of this, but some things to read up on if you're not:

• The origins of OpenWrt which started from a demand to Linksys for GPL'd source code.
• The ongoing court case "Software Freedom Conservancy v. Visio" about forcing Visio to comply with the GPL with regard to its smart TVs.

Also I'd recommend watching everything on the SFC's YouTube Channel as well as looking around on their website and maybe also Bradley Kuhn's website. (Bradley Kuhn is "Policy Fellow and Hacker-in-Residence" at the SFC.)

Heck. You might even benefit from trying to message the SFC about it. They might well be able to give you some guidance.

Edit: Ah. I see from another post that you've already been in contact with the FSF. What's the "FSC?" Did you mean "SFC?"

TootSweet , 3 months ago

Raise your hand if part of your love of TTRPGs is still due to rebellion against fundie christian parents even many years later.

TootSweet , 3 months ago

Sorry to say I don't have any good answers about this. When midnight on-call calls became a fairly regular occurrence for me, I quit my job to go somewhere it wouldn't be any significant issue.

But if it helps, I've always gone back to bed after a call and laid there trying to fall asleep until either I fell asleep and got a little bit of extra sleep or my alarm went off and I had to work. I always felt like crap when I did, but I doubt I'd have felt any less bad had I stayed up instead. My theory was that even if staying up might be preferable at the time, going back to bed, even if I only got an hour of sleep, would be better for me (at least in terms of not shortening my lifespan as much) in the long run.

(Full disclosure, I'm a coder, not a sysadmin, but they were taking DevOps pretty seriously, so I was on call for the applications my team maintained.)

TootSweet , 3 months ago

I didn't intend for the "lifespan" bit to be an analogy. I meant that sleep deprivation will literally shorten one's life. Especially if it's a frequent occurrence. When it comes to things like 3:00am calls, I'll prioritize my health over my usefulness to the business any day.

TootSweet , 3 months ago (edited 3 months ago)

Of those three steps, step 2 is the illegal one. (Assuming we're talking about music and not software.) Even if you never do step 3.

(Not saying things should be that way. Nor that it's not difficult to enforce. Only that as the laws are today, even ripping a music CD to your hard drive without any intention to share the audio files or resell the CD, even if you never listen to the tracks from your computer, the act of making that "copy" infringes copyright.)

Edit: Oh, and I should mention this is the case for U.S. copyright. No idea about any other countries.

TootSweet , 3 months ago

Regular audio CDs don't have any DRM. (Unless it's a data CD filled with audio files that have DRM or some such. But regular standard audio CDs that work in any CD player, there's no DRM. The standard just doesn't allow for any DRM.) And so the DMCA's anticircumvention provisions wouldn't apply to CDs.

But as for the Sony case you're referencing, I'm not familiar with it, so I'll have to do more research on that.