Wasn’t France the one that started switching to Matrix and funded a bunch of improvements?

https://web.archive.org/web/20180426180007/https://matrix.org/blog/2018/04/26/matrix-and-riot-confirmed-as-the-basis-for-frances-secure-instant-messenger-app/

It’s great that Germany is doing the same, I just remember Matrix talking about money from France and helping the French government deploy Matrix for government use back in the day. A lot of the E2E encryption improvements were attributed to their collaboration with France at the time

That one’s especially egregious because the Direct Rendering Manager handles displaying things to the screen, where you might have Digital Rights Management involvement in the form of HDCP support, etc.

deleted by creator

Oracle happened to it

All the devs went to LibreOffice after that

I wasn’t trying to give a positive side, I was just explaining why Microsoft wants the feature

If the executable binary has to be signed with a key, similar to the module signing key, Microsoft could sign their binaries

This, along with secureboot, would prevent the owner of the machine from running eBPF programs Microsoft doesn’t want you to run, even with root

I agree, but the wording of that is imprecise…

Google reimplemented the same API (which should be legal) but “use” sounds like they called Oracle’s implementation of the function

Oracle tried to argue that writing your own virtual machine with the exact same same interface as theirs (even a clean room reimplementatio, or an improved version) was copyright infringement

If Oracle had won, it would likely have killed things like OpenJDK, WINE, Proton, Rosetta, etc. and would have made licensing around OpenGL/Vulkan very confusing (for a few examples)

Kind of seems like they simply installed this dude’s tarpit from a few months ago

https://zadzmo.org/code/nepenthes/

Where did Microsoft put an official announcement saying the statement from an official Microsoft employee, Jerry Nixon, speaking at an official Microsoft conference, Ignite, was incorrect?

Edit:

When reached for comment, [Microsoft] didn’t dismiss them at all

Recent comments at Ignite about Windows 10 are reflective of the way Windows will be delivered

https://www.theverge.com/2015/5/7/8568473/windows-10-last-version-of-windows

I agree, but unfortunately, this has become common since Heartbleed, and they seem to be able to sell their snake oil to CTOs…

I think the bigger complaint is that, when Galaxy was released, GOG said (back in 2015)

A Linux version of our client is planned eventually … Stay tuned for future announcements

Ten years is plenty of time to implement a launcher, or at least give a planned timeline

Sure, third parties have done it with Heroic, etc. but promising support and not delivering leaves a really bad taste to me

The article is a security company trying to hype their company with a theoretical attack that currently has no hypothetical way to be abused

The article has an update now fixing the wording to “hidden feature” but, spoilers, every BT device has vendor specific commands.

The documentation of the part just wasn’t complete and this companies “fuzzing” tool found some vendor commands that weren’t in the data sheet

The China part just came from OP

Sure, I just wasn’t sure if 2^9 has some historical significance in nazism or fascism

512 million seems just specific enough… is that a reference to something, or just a random large number?

FWIW, if you decide to go with KDE and manage to delete your panel, it’s

• right click on the desktop
• enter edit mode
• add panel
• default panel

😉

I’ve gone through and responded to the other top level comments as well, but another massive issue you could add to your edit is that servers can detect curl <URL> | sh rather than just curl <URL> and deliver a malicious payload only if it’s being piped directly to a shell.

There’s a proof-of-concept attack showing its efficacy here: https://github.com/Stijn-K/curlbash_detect

To add to OP’s concerns, the server can detect if you run curl <URL> | sh rather than just downloading the file, and deliver a malicious payload only in the piped to sh case where no one is viewing it

https://github.com/Stijn-K/curlbash_detect

You can detect server-side whether curl is piping the script to Bash and running it vs just downloading it, and inject malicious code only in the case no one is viewing it

https://github.com/Stijn-K/curlbash_detect

So that would at least be a minor improvement

My job is literally to make Linux distros using Yocto for various boards. I’m constantly writing new build scripts or updating build scripts, debugging the kernel/systemd/glibc and whatever libraries are on the system.

All of my work and personal desktops run some version of Fedora Atomic or a uBlue variant right now.

With distrobox/toybox/brew and using podman/docker/KVM+qemu, even as a tinkerer, it’s great

I constantly see people talking about playing things like Balatro on their deck that certainly doesn’t need more than 30fps.

Seems super useful for games like that on a flight