Show newer
Sven Slootweg (soft-deprecated)

(Corollary: packages that boast "zero dependencies" on average tend to contain far more bugs and even security issues than equivalent packages with transitive dependencies; which is not that surprising, when you consider that this means it'll be reinventing a lot of wheels inline)

Show thread
1
Sven Slootweg (soft-deprecated)

@nerkles Nah, there's a more specific name for it. Something to do with news coverage specifically, where uncommon events are always covered and therefore seem common, whereas common events are not worth reporting on and are therefore perceived as uncommon.

1+
Sven Slootweg (soft-deprecated)

As a bit of extra background: I've been professionally auditing (probably thousands of) FOSS dependencies for years now, in a high-risk environment, and *not once* have I run across deliberately malicious code, not even questionably broken code, really.

Every single issue so far has been a security issue, none that were likely to be disguised backdoors. Many of them very common security issues that most developers are likely to create themselves when reinventing wheels (eg. when avoiding dependencies out of a misguided fear of malicious code).

That's where the *real* risk is.

Show thread
1
Sven Slootweg (soft-deprecated)

This also feels like one of those cases of the metaphorical-law-I-forgot-the-name-of, where people perceive an uncommon event as being really common because it's so uncommon that it gets widely reported every time it happens, and therefore skews people's perception of its frequency

Show thread
1+
Sven Slootweg (soft-deprecated)

And no, it's not *just* security folks overestimating the threat level, tons of software developers do it too (and often at the same time overlook the things that are *actually* dangerous)

Show thread
1
Sven Slootweg (soft-deprecated)

I don't think computer people really realize just how little (relevant) malicious code actually exists on the anyone-can-upload package registries, and folks seem to consistently overestimate the actual threat level here

1+
Sven Slootweg (soft-deprecated)

re: Sovol SV06 update, long, 3D printing 

@neildarlow@mastodon.org.uk Unfortunately my issue is different - I'd already tried that (albeit with two drink cans), but running the levelling procedure just re-skewed the axis again. I think it's an issue with the actual probe itself.

(The reason the axis skewed in ModBot's case was probably a design flaw in the printer itself - the ribbon cable for the extruder gets in the way of the frame and so only one side of the Z axis actually reaches its end stop, the other side is held back by the cable)

0
Sven Slootweg (soft-deprecated)

Tired: who would ever buy these useless home shopping gadgets?

Wired: oh, the target demographic is disabled folks, not me, some of them turn out to be really useful though...

Inspired: wait, my ADHD motor control issues are a disability, and I *am* the target demographic

1
Sven Slootweg (soft-deprecated)

@f0x Link?

1
Sven Slootweg (soft-deprecated) boosted
Gwen Nova

Somebody should invent socks that don't disappear when you wash your clothes

1+
Sven Slootweg (soft-deprecated) boosted
Mike Lynch :yak_shaving:

Tech people using a language or API they don't like: ugh this is clunky

Tech people using their expensive mechanical keyboards: hell yeahhh clunkety clunk clunk clunk

0
Sven Slootweg (soft-deprecated) boosted
Alex Vranas

Pleroma TERFs & Nazis 

This is why I have a general distrust of Pleroma users. I don't care that it is "more lightweight" than Mastodon. I don't care that it has extra features and multiple frontends.

Its Nazis all the way down. Even the official Pleroma website recommends Nazi-friendly instances, and their devs are openly friendly with out-and-proud Nazis.

Show thread
1
Sven Slootweg (soft-deprecated)

@fack It's missing any and all intersectionality.

0
Sven Slootweg (soft-deprecated)

@determinerik Dit was voorheen Apotex, die was toen ook al failliet gegaan en dus doorgestart als InnoGenerics, blijkbaar

sleutelstad.nl/2020/08/11/door

1
Sven Slootweg (soft-deprecated) boosted
Determinerik :antifa: :bij1_flag: 🇵🇸

Fuck de markt
rtlnieuws.nl/nieuws/nederland/

1
Sven Slootweg (soft-deprecated) boosted
Andrew Plotkin

Quite a few games these days use chromatic aberration filters as a "wow, trippy" effect and I wish they wouldn't because with my glasses everything not directly in front of me already looks like that.

I've seen cases where something in the corner of the game screen was chromatic-aberrationy and my glasses reverse-aberranted it back to normal.

0
Sven Slootweg (soft-deprecated)

@Dee @schratze Not that today's spacebros are much different from that, of course

1
Sven Slootweg (soft-deprecated) boosted
Ding :verified:

#Security truths

1
Sven Slootweg (soft-deprecated) boosted
Chantzy

We need a positive PR campaign on masks. We need to rebrand them as a symbol of compassion & empowerment. Our leaders have tricked many into believing they are oppressive but we can turn this around. #Covid

0
Sven Slootweg (soft-deprecated) boosted
nerd teacher 🦇

I also love the presumed universal questions for topics in conversation, like "Did you believe in Santa when you were younger?"

Dude, I live in Slovakia. The *infant* Jesus (Ježiš) is the one bringing gifts according to tradition, lmao.

Show thread
1+
Show older
Pixietown

Small server part of the pixie.town infrastructure. Registration is closed.

Resources

Developers

What is Mastodon?

pixie.town

  • About
  • v3.5.19patch-2024-07-04

More…

v3.5.19patch-2024-07-04 · Privacy policy