I didn’t mean for FOSS projects actually, I meant the bug bounties run by silicon valley giants lol.

FOSS bug reports are done either out of love or spite lmao.

I don’t want to shame the user, but there was a recent discussion thread on npmplus where someone was using a compose file generated by an LLM and was confused why the hallucinated env variables weren’t working.

The kicker is that npmplus literally gives you a comprehensive and complete compose file with every optional setting commented out with a brief description, so you can just copy and edit to your desire.

Which of course the LLM decided to ignore anyway and come up with its own config options lol.

On a somewhat related note, I feel like bug bounties these days have become sort of under subsidized for well developed applications. All the medium and lower findings payouts are pretty fair, but lots of the high/critical bounties seem a lot less than what I would expect, especially compared to some of the huge prize pools I’ve seen at some conventions (upwards of 50k USD).

I have no idea how much they fetch on the black market, but it seems weird to me that something like an RCE receives less than 10k, which could easily be utilized by some APT to net millions in a more sophisticated ransomware attack.

Ask IT to make their DCs public facing /s

Really holding out on Motorolla to add their announced GrapheneOS support because I want my funni flip phone lol

It depends whether or not they left the DNS setting unlocked, which is actually highly likely.

Would have to use a public server, but it should in theory work.

I’ve been trialing Vaultwarden for a while and while I do like the server sync setup and clean web access, the Bitwarden browser plugin is just okay despite being an “enterprise” solution. It misses probably about 20% of websites when creating a new account, forcing you to grab the password from the generator history and make a new entry manually.

KeepassXC is much better in that regard, and it’s almost as good as the default credential handler of Firefox, and it lets you set up a bunch of custom stuff to extend the functionality if you want. Plus it has some neat kbdx options aside from AES256.

Only downside is syncing, which I’m debating how I’ll deal with something better than syncthing on android (protocol is great, android makes it a PITA to have a background process if its not Google spyware).

I still haven’t figured out if Google’s flight search forwards view data similar to checking on the actual airline’s website because I’ve definitely seen price hikes occur in realtime, but I can’t tell if that’s because of constant rechecks close to the flight date, or just the static algorithm increasing the price as the flight date approaches.

Otherwise I’m kind of skeptical of how they allow Google to use such data and present it for free.

Right? I was like dang you’re already half way there lol.

The reason though is that they probably don’t want to discourage payments because I have seen businesses refuse to use Monero in ransomware attacks because their insurance agreement complicates payout on a fundamentally untraceable currency. Even if Bitcoin is technically decentralized, they can report the transaction and specific currency blocks to whatever federal agency is responsible for fraud.

Still, why not offer both and put a 5% discount on Monero.

Hah I actually remembered this too, and people were still hyping Elon Musk at the time as well.

TBF the researchers knew what they had could be scaled into something gamebreaking which is how we got ChatGPT-3, but OpenAI made it sound like they already had it nailed down several years before it actually blew up. I think their unreleased examples they gave were a newspaper and short story written by AI which they said was indistinguishable from human material.

Honestly they’d probably throw you on a list for not using the internet lol.

Man I can’t wait to upgrade my device/GPU with AV1 hardware support

AI slop bubble fart reverb sfx

I think Denuvo technically does a little bit of this.

I forgot the exact details, but one of the keys that’s used to unscramble the bytecode has to be downloaded from their registry server on first launch.

But after that, it’s not required.

Bans and heavy moderation of content.

I’m glad some of the reddit copy communities here like DankMemes died quickly because it was being run by the same loser mods from reddit.

So far I’ve only been banned from I think maybe 2 communities ever. The only one I remember is one of the NCD communities because the lead mod was a dumb dumb.

I don’t really care about complaints of specific instance users because unpopular opinions and comments deserve to be seen, otherwise you create an echo chamber.

So long as there is no brigading, it is much healthier to see everyone’s input.

Also I hope the r/Chodi crowd never finds lemmy lol.

They don’t have any lunar module in their package. Best bet would be to just burn back into LEO and dock with a competently designed spacecraft to rescue the crew.

Except NASA has a sore history of being in this exact scenario and they opted to go with “screw it” which led to the second shuttle disaster.

Fedora

OpenSUSE if you want something non American and not directly related to RedHat

You couldn’t pay me to attempt space travel in a Lockheed tincan.

Would not be surprised at all if NASA delays this to next year.

A pretty hefty amount of popular mobile games were actually rips of flash games with microtransaction added lol.

I have spent a great deal of time analyzing your feedback

Remember when a couple of critical CVEs went unnoticed and unpatched after disclosure because no one from Microsoft actually reads the insider hub lol.

I used to rule the world [Unregistered HyperCam 2]

The fact that CachyOS more or less successfully replaced Manjaro’s purpose I guess is evidence of Manjaro’s issues.

I forgot but I think Bazzite had similar complaints (due to its use of silverblue) in which case it was just more straightforward to use Fedora or OpenSUSE if you don’t want to work with the read only root system.

Downstream distros need to bring additional value to the table to be worth using, otherwise there’s really no need if you can make a package group that accomplishes the same thing in one go.