In other news today...
-
@HardwareGeek I meant "sledgehammer". Pardon my lack of proper vocabulary. Can't say I ever cared to find out the technical details. I just saw it happening while engineers were loudly cursing about the situation. And obviously other people waiting for their train were giving their own ill-conceived conclusions. I'm sorry if anyone presumed I actually know how to operate a freight train.
Besides, it's how you repair almost any Soviet tech.
Also applies to "repairing" camels (and other stuff) in modern day Afghanistan, I hear
-
-
@dkf said in In other news today...:
I don't consider the JS sandboxing to be particularly strong, and that's despite it having had a really large amount of effort put into it. The fundamental problem is that it's still all a big linked ball of mud and identifying all the ways that trouble could be caused is so difficult.
That's why Chromium started (and Firefox follows the suit) to run each tab in a separate process to make sure they are really separate virtual machines.
Auditing all operations to see if they can be abused (whether on their own or in combination) is a pain, but it's really the only way to do it.
They are discovering new ways to do cross-site something all the time and patching them up with exceedingly more complicated http headers. And adding more features at the same time that drop more spanners in the works.
It's enormously easier if the language is designed to support doing such an audit, and to have exact visibility of what routes are open between the secured domain (the majority of the app) and the insecure code so they're just exactly those that need to be there and no more at all.
It's easier to do it at the operating system level as more thought went into process separation and the API is somewhat slimmer.
In Linux the
seccomp(SECCOMP_SET_MODE_STRICT)
will let the task, from that point on, only read and write already open file descriptors and exit at the end. Now it is task, so you can only set it for a thread, but that's pretty stupid, because as long as it shares memory and can corrupt it for a more privileged sibling thread it can get out, so it really really should be a process. Then you can only give it an IPC channel providing white-listed operations and do actually sensible audit. There is also an option to set a system call filter, but that is more tricky to make sure the allowed calls can't be abused.
-
@Bulb said in In other news today...:
C#
Did actually have a credible attempt at creating a secure sandbox (see: .NET as ActiveX controls, .NET Terrarium, ClickOnce, ASP.NET not-Full-Trust, CLR in SQL, Silverlight) which really did work for about 12 years. After that time, instead of fixing they went "well, we no longer consider it a security boundary, and don't support it on not-our-OS, so plz stop kthx."
@Bulb said in In other news today...:
But I don't know how far any Windows equivalent is.
Windows is absolutely capable of doing that, and some web browsers take advantage of it to limit the damage plugins and JS can do. However, most developers don't know about or don't have the resources to use these security features, and Microsoft can't turn them on by default because app compat.
-
@HardwareGeek said in In other news today...:
@Applied-Mediocrity said in In other news today...:
with a bludgeoning hammer.
Yes, it's a bludgeoning task.
-
@Applied-Mediocrity said in In other news today...:
I meant "sledgehammer". Pardon my lack of proper vocabulary.
Close enough. It's the idea of having to use a large hammer to release the brakes that earned the , not the word you used to describe the hammer.
-
@HardwareGeek said in In other news today...:
@Applied-Mediocrity said in In other news today...:
I meant "sledgehammer". Pardon my lack of proper vocabulary.
Close enough. It's the idea of having to use a large hammer to release the brakes that earned the , not the word you used to describe the hammer.
Tbf, lots of operations on full scale trains can involve sledgehammers, particularly in emergencies. You should consider how to print them. It's reasonable failure engineering for the use case.
-
on-demand print shop Spring refuses to print a z-function shirt
We completely understand your concerns about our keyword block. As you are aware, Zeta is a letter of the Greek Alphabet. The Greek alphabet is currently protected legally by the Affinity Client Services. Due to this ownership and the takedowns we have received, we must police our platform for content using 'Zeta.'
The Greek alphabet is currently protected legally by the Affinity Client Services
:enraged_godzilla:
-
@cabrito Are they the people naming all the SARS-CoV-2 variants?
-
@Kamil-Podlesak said in In other news today...:
Although... that's an interesting philosophical question for 21st century. If a bitcoin is mined
in completely isolated sandbox,does it make any value?
-
@topspin said in In other news today...:
this is a good way to commit suicide
Well death-by-copy might not be a thing so.... next best?
-
@Gribnit said in In other news today...:
@cvi said in In other news today...:
people using their laptop camera pointed straight up their nose should indeed consider plastic surgery, e.g. to rotate their whole face down by a few degrees. Well, either that, or start placing the camera in way that it doesn't point up their nose.
Some noses, no matter which way you look, you're staring right up them.
A truly impressive portrait. It's said the nostrils follow you around the room
-
@cabrito said in In other news today...:
on-demand print shop Spring refuses to print a z-function shirt
We completely understand your concerns about our keyword block. As you are aware, Zeta is a letter of the Greek Alphabet. The Greek alphabet is currently protected legally by the Affinity Client Services. Due to this ownership and the takedowns we have received, we must police our platform for content using 'Zeta.'
The Greek alphabet is currently protected legally by the Affinity Client Services
:enraged_godzilla:
And Michael Douglas is about to go all ballistic on them for hassling his wife.
-
@HardwareGeek said in In other news today...:
It's the idea of having to use a large hammer to release the brakes that earned the , not the word you used to describe the hammer.
There's no technical reason for the need for the hammer. But we're talking large-ish pieces of steel, hefty enough to withstand acting as emergency brakes for a train car. And they've been freshly shot by either spring or pneumatic power, causing amounts of grinding, heat and melding. and then they cooled down and settled while the train slowly rolled to a stop.
So it's not like the hammer is strictly required. But unless you're buff like Schwarzenegger in his prime, you're going to need either a power-assist or a hammer. And the hammer is cheaper. And since this is the emergency brakes we're talking about, it's not like they're used every day. So the hammer shall suffice.
-
Yeah, F no!
-
@Dragoon Weren't you looking for the Nope thread?
-
@acrow said in In other news today...:
There's no technical reason for the need for the hammer.
At first I thought you're responding to @topspin.
-
@Dragoon said in In other news today...:
Yeah, F no!
Is there also an extra-tight version to stop politicians from lying through their teeth?
-
@JBert said in In other news today...:
@Dragoon said in In other news today...:
Yeah, F no!
Is there also an extra-tight version to stop politicians from lying through their teeth?
The only way to do that is to knock all their teeth out — they'll still lie, but they won't be able to do it through their teeth any more.
-
Just when I start to think my home state isn't the hotbed of redneckism a lot of people make it out to be....
-
@da-Doctah said in In other news today...:
my home state
Oh, you're not in AZ anymore? Darn, was going to ask about how the rain was where you were...
-
-
Police are looking for somebody to go to a good home... and tow it away.
-
@da-Doctah said in In other news today...:
accidentally
s/accidentally/heroically
Apparently crusted vs uncrusted PBJ escalated to a 2nd amendment solution.
-
-
@JBert said in In other news today...:
@Dragoon said in In other news today...:
Yeah, F no!
Is there also an extra-tight version to stop politicians from lying through their teeth?
Even when they are forced to be ventriloquists, they'll still be lying.
Also when flatulating morse code.
-
-
@boomzilla "Hardened" is the key word....
-
-
-
Something is very amiss here. Traditionally solicitors drain us of blood.
-
-
Automated hiring software...incorrectly rejecting the candidates that American HR workers would otherwise...incorrectly reject!
-
@error @error_bot feature request: automatically reply with to posts in this thread.
-
@topspin We may need a :pikachu-shrug: emoji; Pikachu seems a bit tired of always looking surprised.
-
-
@Atazhaia ENOTNEW. Linux has always rebased topics onto next.
-
@Bulb said in In other news today...:
@topspin We may need a :pikachu-shrug: emoji; Pikachu seems a bit tired of always looking surprised.
:thousand-yard-pikachu:
-
@HardwareGeek said in In other news today...:
@Bulb said in In other news today...:
actually important screen sharing.
I thought we were talking about work meetings, which consist of somebody talking while everybody else in the meeting ignores that person and does unrelated stuff.
Wait. My camera is off right now. How did you know??? (0.5hr into a 1.5hr meeting - but it might be ending soon.)
edit: Duh. Of course you knew. I'm here.
-
@MrL said in In other news today...:
@HardwareGeek said in In other news today...:
The idea that 100k+ people would be employed to do this manually seems other-worldly.
Only some crossings are manned, of course.
Unions!
-
@dcon said in In other news today...:
@MrL said in In other news today...:
@HardwareGeek said in In other news today...:
The idea that 100k+ people would be employed to do this manually seems other-worldly.
Only some crossings are manned, of course.
Unions!
No... intersections.
-
-
-
-
@Boner said in In other news today...:
Two applications to demolish separate pubs were both approved, with the responses "incy wincy spider" and "why am I doing this am I the chosen one".
The prophesy! They arise!
-
@Boner said in In other news today...:
Okay, this is officially crazy.
In a sane country, or even Poland, reversing these would be a simple administrative action, that would cost essentially nothing.
-
@GOG said in In other news today...:
sane country
At this point, I'm pretty sure that's an oxymoron.
-
@GOG said in In other news today...:
@Boner said in In other news today...:
Okay, this is officially crazy.
In a sane country, or even Poland, reversing these would be a simple administrative action, that would cost essentially nothing.
It's local government, the peak of government efficiency.
-
@loopback0 said in In other news today...:
@GOG said in In other news today...:
@Boner said in In other news today...:
Okay, this is officially crazy.
In a sane country, or even Poland, reversing these would be a simple administrative action, that would cost essentially nothing.
It's local government, the peak of government efficiency.
Is this a consequence of the Home Rule principle in British law?
-
@loopback0 said in In other news today...:
@GOG said in In other news today...:
@Boner said in In other news today...:
Okay, this is officially crazy.
In a sane country, or even Poland, reversing these would be a simple administrative action, that would cost essentially nothing.
It's local government, the peak of government efficiency.
Not only that. Often government IT systems don't allow for manual correction. They didn't buy that feature; the process is perfect, so it wasn't needed.