Free real estate 😂

I think so, assuming these malicious packages are all primitive enough to just look for the single file in a user’s home folder lol. The only downside here is needing to provide the keyfile location to ssh every time you want to connect… Although a system search would pretty much defeat that instantly as you mention

SSH keyfiles can be encrypted, which requires a password entry each time you connect to a SSH server. Most linux distros that I’ve used automatically decrypt the SSH keyfile for you when you log in to a remote machine (using the user keyring db), or ask you for the keyfile password once and remember it for the next hour or so (using the ssh-agent program in the background).

On Windows you can do something similar with Cygwin and ssh-agent, however it is a little bit of a hassle to set up. If you use WSL i’d expect the auto keyfile decryption to work comparably to Linux, without needing to configure anything

I think they would start obfuscating the relevant code to get around it

Many ad networks and AABs do something similar (especially Admiral) in an attempt to evade ad blocking extensions

For me it’s the ability to set up a shared instance with the base request URL, and set headers for things like the user’s token, allowing all requests made with that shared Axios instance to be sent to the right path with the token without needing to define them for each individual request.

To be honest though something similar can be done with spread syntax in the Fetch API’s options parameter

it’s got telemetry on by default.

Very, very hard pass. Might even blow out my suspension doing so

A lot of jQuery’s features are now available in native JS - would also suggest just using native JS anyway because jQuery won’t throw any errors into the console if a selector matches no elements etc.

The only additional library I’ve needed recently for (personal work) is Axios for requests - easier than working with the Fetch API in some cases

Free google play credit, I usually get an email every year for it

But I do pay for Plex, despite Jellyfin being a thing. If I like something and it’s worth it to me personally, why not 🤷‍♂️… but you will never find me defending their kinda crappy decisions like the new Discover feature, removal of “All Songs” from the plex apps in favor of moving people to Plexamp, removing the Gallery sync a few years ago etc.

Some people want their software to be 100% FOSS all-eyes-on-the-codebase, others just do a balancing act based on their personal values.

I value my software to be “transparent enough” in how it operates, “just work”, and hackable to some extent - if I really wanted to I can swap out the ffmpeg binary that Plex uses for transcoding to something else (doesn’t remove the Plex Pass limitation for those curious), I can hook into the server API to change ambient lighting colour based on the cover/background of whatever media is playing, I can create speakers running a Linux board to cast Plex media to, etc. But once that hackable ship sails, then I will look to FOSS alternatives.

For Niagara, everything “just worked”. No noticeable bugs, fast search, consistent feel and design, useful contextual info (e.g. next calendar event shows under the clock), and gestures that made sense for its overall UX. Using it felt less like you were using a “launcher”. The yearly sub was cheap enough that I wouldn’t mind covering for it if I didn’t get credits, and having a single person working on software usually comes with a high level of attention to detail (particularly in performance and UX) but it does have the downside that the experience may be more opinionated and closed compared to if it was a community-driven FOSS project instead IMO.

Alas, google didn’t send credits this year, Niagara made less sense for value/worth-it compared to Kvaesitso, so I abandoned it.

For me, Kvaesitso does everything in a slightly different, much more customizable way, and being FOSS was one of the things that made it particularly attractive as a replacement

I’ve had my FP3 for a few years now, no hardware issues apart from the vibration sensor going kaput - extremely quick fix though after ordering the part and I’m back in business 💪

Stock camera app is absolute poo, if you want usable quality I’ve found it’s easier to just use GCam, or hop into OpenCamera and tweak the iso/shutter speed manually.

Thanks for sharing your experiences though, nice to know the phone can take a bit of misuse despite the lack of water resistance, and still keep going!

The SaaS or the Flathub one, or both?

Just checked the Flathub one and its accompanying repo, and could not find any mention of tracking or proprietary components…

Compared to Plexamp or Spotify on Flathub, where there is a prominent warning box notifying you about it being proprietary

Yikes, that is embarassing.

Is opencart written in PHP? Bcrypt has been a thing for decades now, and is literally a drop in replacement that handles salting et al. If the developer was hesitant to implement that, I’d rather go use Magento or shudder Shopify

Dbrand has a really strong case here IMO, since they pretty heavily edit the internals and add a few easter eggs, which are still visible in Casetify’s final designs

Dbrand discovered Casetify allegedly copied 117 different designs, down to the many digital manipulations it made to the images. Dbrand says it holds registered copyrights for each of these products, all of which were registered before Casetify’s product launch.

Also, TIL:

Disclosure: The Verge recently collaborated with Dbrand on a series of skins and cases

I was under the impression that only thumbnails/lower res copies were federated, rather than the full high-res original - if that’s changed then that’s great 👌

The content shouldn’t be gone as long as that server was federated with somewhere?

It will be more difficult to get to IMO - you’ll have to either use a search engine, or query the lemmy resolve object (rs) api method on random instances until you hit one that has the federated content AFAICT.

Images are definitely lost though unless they’re uploaded to a third party that is still operational

My response might be a hot take 🥲

Personally:

• OSS: source available
• FOSS: Free (freedom) open source, copyleft

I just learned today about “Grayjay,” a video streaming service client app created by Louis Rossmann. Various aticles out there are billing it as “Open Source” or “FOSS”. It’s not. Grayjay’s license doesn’t allowe commercial redistribution or derivative works. Its source code is available to the general public, but that’s far from sufficient to qualify as “Open Source.” (That article even claims “GrayJay is an open-source app, which means that users are free to alter it to meet their specific needs,” but Grayjay’s license grants no license to create modified versions at all.)

I had a look through the license at launch, and also watched the entirety of Louis’ video, in both of which I didn’t come across any restrictions imposed on an end user to modify the app for their own needs or redistribution - just no commercial redistribution or redistribution with ill intent. I keep seeing the restrictions mentioned though and genuinely cannot find anything to back them up…

In the original launch video Louis does explicitly state that the app is not free, but he does erroneously refer to it as open source. Mainstream tech outlets conflating foss/source-available is likely down to journalists just not aware of the distinction, or just taking his word for it

IMO since the app is Louis’ project that is primarily being financed by donating his personal money to FUTO (AFAICT) it would be immediately obvious to a follower of his that the app is not going to be open source as per the OSI definition. Looking at what happened with NewPipe clones when he mentioned it on his channel, and bad actors in local governments sabotaging his attempts to get a bulletproof R2R passed in many states, his overall trust level is probably pretty low - the last thing someone like that would want on a personal project is loads of strangers contributing, bad actors ripping it off trying to make a quick buck, or even worse redistributing it with malware.

Leaving the OSS conflation aspect for a second, Grayjay is a very big and complex app, with integrated dev tools and a comprehensive plugin system (each are individually GPL licensed if i’m not mistaken). IMO chances are if someone wants to modify the app, they should be looking at a GPL plugin to introduce their functionality in, rather than modifying the source - as would be required with something like NewPipe. They have a whole youtube video going through how to develop a plugin, and how it’s architected.

If/when Grayjay is transitioned to FOSS, I imagine it’ll be difficult for the community to maintain it due to the complexity… It’ll probably need to be broken down into several smaller manageable parts, such as projects like Home Assistant, LibreOffice, and Node-Red. Something like NewPipe, which is literally just the Android app and extractor library, would be much easier for unpaid volunteer contributors to maintain IMO.

I personally disagree slightly with the current definition of “open source”, because it hides so much nuance that isn’t readily evident to someone unfamiliar with the community. A lot of people do not make the connection of “open source” = OSI, they think “open source” = source is out in the open. FOSS and FLOSS are way more explicit in meaning from my perspective

[email protected]

Also try to avoid polyester fabrics

How comes? My polyester sportswear is so comfy, not too sure what other comparable materials are available for breathability and stuff

In cold and dry climates you don’t necessarily get as smelly

This 100%, for me at least

Probably one of the porn instances blocked by almost everyone, either lemmynsfw or pornlemmy

Wouldn’t be possible afaict, the encryption masks the xz archive which contains the checksum metadata. If the data is modified, decryption & extraction will simply fail.

The data will be undecipherable to a mitm anyway since it’s encrypted, the only real risk imo would be someone modifying the encrypted data in transit to attempt a zero day targeting the decryption process… chances of which are probably really low lol

Has there been a scenario where the technology itself is to blame? The contamination aspect of nuclear waste is well known and preventable, if costs are being cut on radioactive waste disposal (or in the case of a certain Japanese power company, ignoring warnings from the government on how to reduce ocean contamination in the event of an earthquake) a nuclear installation’s fate is sealed…

As far as I can see, the only downsides with nuclear IMO is that it takes multiple decades to decommission a single plant, the environmental impact on that plant’s land in the interim, and the initial cost to build the plant.

In comparison to Solar it sounds awful, but before solar, nuclear honestly would have made a lot of sense. I think it may even still be worth it in places that have a high demand for constant power generation, since Solar only generates while the sun’s about, and then you’re looking at overnight energy storage with lithium-based batteries, which have their own environmental and humanitarian challenges