In other news today...
-
-
@boomzilla Florida ancestors?
-
@boomzilla said in In other news today...:
And now here I am, wondering whether this is, in fact, not only sane, but even rather clever...
-
I like the first line of the article:
Andy Warhol once said, “Art is anything you can get away with.”
-
Silly world records are nothing new, but it's "interesting" how people keep going for the potentially life-threatening ones...
-
Never insult bears while playing games; they might come for your computer:
-
Today in bitcoin is not a great place for illegal activities.
-
@DogsB said in In other news today...:
Today inbitcoin is not a great placefor illegal activities., but that's a different thread.
-
Good Christ could they have hired better make up people? He actually looks like an cheap android now. They're a billion dollar company surely someone looked the video over before publishing it and asked if they were sure?
*edit not suprised by the name but I thought they would have waited a month or two to let the current shit storm blow over.
-
-
@DogsB that’s about as relevant as Google changing its name to Alphabet, i.e. something nobody will ever say, except maybe accompanied with the parenthetical (the holding that owns Google).
-
@loopback0 said in In other news today...:
From the comment section else where
I never Meta a tech billionaire I liked... and the new name really Zucks !
-
Feeling depressed because you
catchedcaught Covid?Good news !!!
-
@TimeBandit said in In other news today...:
catched
-
@HardwareGeek said in In other news today...:
-
@DogsB but what they're building... fucking hell. He genuinely seems to believe they're building The Matrix 1.0 or something.
-
Live NatWest triples profit despite money laundering charge - live updates
Today in just reading the headlines... I very much expect it was the money laundering that got them the triple profits.
-
@Bulb said in In other news today...:
The attack targets the developer machines.
Does it? Honestly, I must admit, I could not follow the descriptions of the issue. But that was my impression, too, so I wondered why that should be such big an issue, and how such numbers of quadzillions of downloads could arise if it was not an issue of end-users browsing the internet. I am still confused.
-
@Bulb said in In other news today...:
and given some power
: Here's a wall socket. Just plug your devices in, it should provide enough power for you.
-
@DogsB said in In other news today...:
He actually looks like an cheap android now.
That is, the difference between his looks and the reality has disappeared?
-
@HardwareGeek said in In other news today...:
@TimeBandit said in In other news today...:
catched
cought?
-
@BernieTheBernie said in In other news today...:
@Bulb said in In other news today...:
The attack targets the developer machines.
Does it? Honestly, I must admit, I could not follow the descriptions of the issue. But that was my impression, too, so I wondered why that should be such big an issue, and how such numbers of quadzillions of downloads could arise if it was not an issue of end-users browsing the internet. I am still confused.
End users browsing internet don't run
npm
, so they can't cause downloads. Only the devs can.I think the quadzillions of downloads are mostly continuous integration. Most dev companies do use that these days. And because most of the build agents clean up everything, or at least the working directory, between builds, every build does a
npm i
ornpm ci
at the start and that downloads the package again. And because Angular templates include Karma for testing, and Karma depends on ua-parser-js, it gets pulled into a lot of projects. Fortunately Karma depends onua-parser-js=0.7.28
, so projects that use it just that way were not affected.
-
@Applied-Mediocrity said in In other news today...:
@HardwareGeek said in In other news today...:
@TimeBandit said in In other news today...:
catched
cought?
"Coughed"? Has he coughed the 'rona?
-
@BernieTheBernie said in In other news today...:
@Applied-Mediocrity said in In other news today...:
@HardwareGeek said in In other news today...:
@TimeBandit said in In other news today...:
catched
cought?
"Coughed"? Has he coughed the 'rona?
-
Mainly just for the headline...
-
@PJH said in In other news today...:
Mainly just for the headline...
cocaine hippos will never stop being funny.
Well, look who has come crawling out of the woodwork. Zuck's paid for poodle. Someone who once alledged he had scruples but can't hear them over the sound of all the Facefuck money.
-
@DogsB he stopped having scruples before that. Right around the time he decided to be the bottom to David Cameron.
-
@JBert said in In other news today...:
Never insult bears while playing games; they might come for your computer:
And not a single pun in the article. Not even "bear with me". I'm impressed.
-
@DogsB said in In other news today...:
scruples
It's a very common word in Polish but it's the first time I've ever seen it in English. And this spelling bothers me.
-
@Gąska said in In other news today...:
And this spelling bothers me.
Not nearly as much as the Metaberg empire bothers me.
-
the Droogs from Stanley Kubrick's 1971 film, A Clockwork Orange are there cheering from the sidelines right alongside the flying monkeys from The Wizard of Oz.
I know I'm late to the party but
-
It just work™
-
@TimeBandit said in In other news today...:
It just work™
Well, I'm safe. Mine's so old (2012) that it can't even update to BigSur.
-
Uh oh, I hope my new work laptop is already on Monterey then...
-
So, somebody discovered the bidi-unicode sequence that we've all known about for years, and decided to write a paper on it, and market is as one of those super hyped vulnerabilities:
Syntax highlighting kinda already reveals what's going on (even on Github, who seem to have additionally added a warning). FWIW, they have examples in a number of programming languages.
But, ultimately:
*laughs in vim*
Not to mention the unused-variable warning on
isAdmin
in this specific example.
-
I take it this is a new thing in GitHub:
Addendum:
I take this is a new buggy thing in GitHub, which won't always showmea culpa. This isn't the work of bidirectional characters:I can see how homoglyph functions could be a problem, because it's not like you can just ctrl-click the function to see where it is defined, right?
Fake edit:
-
@Zecc said in In other news today...:
I take it this is a new thing in GitHub:
Addendum: I take this is a new buggy thing in GitHub, which won't always show:
Well, they show the warning for bidirectional, and that source does not have bidirectional. It has mixed scripts. They didn't add any warning for mixed scripts (yet?). Rust did though.
-
@Bulb Fair enough. I didn't look much into what they were doing. I guess I assumed they were only using bidi chars for their shenanigans.
-
@Zecc “homoglyphs” mean glyphs that are different codepoints, but look the same (or look the same in most fonts). For example a and а.
This is actually the most reliable way to cause confusion in languages that support non-ASCII identifiers. The bidirectional characters are defeated by editors ignoring them or by working highlighting, and zero-width joiners (the third way they use) are often not permitted in identifiers, but Latin and Cyrillic (and capital Greek) have a lot of characters that look the same and won't unify even under compatibility normalization.
-
@Bulb These are things I know and I'm aware of after I've had my coffee.
-
@cvi We keep our code mostly 7-bit clean (there are 1 or 2 violations in the PHP code for
»
). I should fix those and add a code quality check on it.
-
@TimeBandit said in In other news today...:
It just work™
Your files are right were you left them.
You can't access them anymore. But they're here.
-
@PleegWat said in In other news today...:
@cvi We keep our code mostly 7-bit clean (there are 1 or 2 violations in the PHP code for
»
). I should fix those and add a code quality check on it.I think I have some "raw" unicode in a few strings and in some comments. The former could likely be eliminated. The latter is kinda useful - it's mainly using some of the mathy symbols to format equations a bit neater. E.g. multiline parentheses for matrices, sums & integrals, ...
-
@Bulb said in In other news today...:
For example a and а.
were long ago exploited by phisher men with web domains like deutschebank.de
-
@BernieTheBernie It's part of the reason why
.cz
domain never allowed the internationalized domain names even though it would obviously make sense for the language.edit: they are actually enabled, and there is a test domain for them, but requests for registration are not accepted.
-
@dcon said in In other news today...:
@TimeBandit said in In other news today...:
It just work™
Well, I'm safe. Mine's so old (2012) that it can't even update to BigSur.
As long as there's no bricking bug with High Sierra I should be safe If I ever get around to updating
-
@Gąska said in In other news today...:
@DogsB said in In other news today...:
scruples
It's a very common word in Polish but it's the first time I've ever seen it in English. And this spelling bothers me.
Does it have the same meaning in Polish?
-
@hungrier said in In other news today...:
@dcon said in In other news today...:
@TimeBandit said in In other news today...:
It just work™
Well, I'm safe. Mine's so old (2012) that it can't even update to BigSur.
As long as there's no bricking bug with High Sierra I should be safe If I ever get around to updating
Well, I do have the problem that every time there is a security patch, it reboots, "about a minute" (forever!), hard boot, and then the install will happen (after another reboot).
I do need a new mac... this thing is so gawdawful slow now... Figure maybe getting an Air when the sales start...
-
-
@TimeBandit said in In other news today...:
And here I had hope that the Charmin "bathroom assistant" commercial was merely fiction.