@joeyh I remember that many years ago, a Mac NFS client could trick an NFS server to have a basename with a /. I've forgotten the details.
Today, a Linux NFS server can encodce UTF8 filenames in such a way the a Mac ciient won't even show them in Finder. Had that happen recently.
We don't buy info about people, we don't purchase lists or pay to find out "where you went" when you stop giving to Conservancy. Instead we rely on you to tell your friends about us during our fundraiser. Thank you so much for making that possible! https://sfconservancy.org/supporter/
@n8 Sigh. There's too much drama in the small world of software freedom.
All the internal drama is just waste and should just stop.
@setthemfree They have some sandboxing. Even if it was perfect, there's still be big gaping security holes in the sandbox, and that's unacceptable to me.
Roll-out of #facialrecognition by governments around the world accelerates as #privacy experts sound the alarm - https://www.privateinternetaccess.com/blog/2019/12/roll-out-of-facial-recognition-by-governments-around-the-world-accelerates-as-privacy-experts-sound-the-alarm/ this is getting seriously bad
One of the reasons why shared libraries are imporant is the easy with which a security fix in a library can be distributed and deployed: you only need to fix it in one place, and upgrade one library. And restart any process using the library.
To achieve the same thing with static linking, one needs to rebuild anything using the library, using the new library version, and upgrade the programs anywhere they're installed.
Vendored libraries additionally require upgrading the vendored version.
@federicomena There were share libraries, using manually maintained jump tables I believe, with the understanding that you'd collaborate with all other share library maintainers to pick a part of the address space where your library would be loaded, to avoid collisions.
I always found that to be too tedious to be used, and I've been waiting since 1995 for the shlib situation to be sufficiently stable before I start releasing shlib versions of my libraries.
@federicomena You added a FIXME comment and opened a ticket to fix this later, right? In that case, it's all OK now.
Premature abstraction is the root of all e.. no, that was optimization, wasn't it?
@emacsen I agree that Signal is good in many ways. That does not excuse its use of phone numbers, to me.
Also, a bunch of my friends stopped using Signal because it broke badly: they don't get a notification of a new message.
Scuttlebutt Considered Harmful
blobs are not the same as the chain of json messages associated with your account (the feed)
It would be possible to stop publishing some earlier messages in a feed and only publish later ones (leaving the oldest message referring to a dangling hash), but I don't know how existing clients would react to that.
Scuttlebutt Considered Harmful
I agree. I love the offline-first approach, but learning that SSB is append-only and every user can create nicknames for others that are then visible for everyone has made me stay away from it in the first place. Those 2 features make it inherently harmful for trans* people, bc. everything pre-transition would be forever public, and we would have no means to prevent or deal with outing/deadnaming by third parties.