cypherpunks

joined 3 years ago
MODERATOR OF
[–] [email protected] 10 points 8 hours ago* (last edited 7 hours ago)

Great article, BTW

I disagree, the headline is clickbaity and implies that there is some ongoing conflict. The fact that the Fedora flatpak package maintainer pushed an update marking it EOL, with "The Fedora Flatpak build of obs-studio may have limited functionality compared to other sources. Please do not report bugs to the OBS Studio project about this build." in the end-of-life metadata field the day before this article was written is not mentioned until the second-to-last sentence of it. (And the OBS maintainer has since said "For the moment, the EOL notice is sufficient enough to distance ourselves from the package that a full rebrand is not necessary at this time, as we would rather you focus efforts on the long-term goal and understand what that is.")

The article also doesn't answer lots of questions such as:

  • Why is the official OBS flatpak using an EOL'd runtime?
  • Why did Fedora bother to maintain both their own flatpak and an RPM package of OBS?
  • What (and why) are the problems (or missing functionality) in the Fedora Flatpak, anyway? (there is some discussion of that here... but it's still not clear to me)
  • What is the expected user experience going to be for users who have the Fedora flatpak installed, now that it is marked EOL? Will it be obvious to them that they can/should use the flathub version, or will the EOL'd package in the Fedora flatpak repo continue to "outweigh" it?

Note again that OBS's official flathub flatpak is also marked EOL currently, due to depending on an EOL runtime. Also, from the discussion here it is clear that simply removing the package (as the OBS dev actually requested) instead of marking it EOL (as they did) would leave current users continuing to use it and unwittingly missing all future updates. (I think that may also be the outcome of marking it EOL too? it seems like flatpak maybe needs to get some way to signal to users that they should uninstall an EOL package at update time, and/or inform them of a different package which replaces one they have installed.)

TLDR: this is all a mess, but, contrary to what the article might lead people to believe, the OBS devs and Fedora devs appear to be working together in good faith to do the best thing for their users. The legal threat (which was just in an issue comment, not sent formally by lawyers) was only made because Fedora was initially non-responsive, but they became responsive prior to this article being written.

[–] [email protected] 79 points 2 days ago* (last edited 1 day ago)
[–] [email protected] 2 points 1 week ago

🥛🤝🦆

[–] [email protected] 3 points 1 week ago* (last edited 1 week ago)

While USAID definitely funds/funded many ridiculous things (such as this) they also provide much-needed food and medicine to a lot of people - for cynical politically-motivated soft-power reasons, but still. It seems very likely that abruptly cutting off those programs will cause some people to die. I really hope someone (the PRC seems likely) will step in and replace some of those programs!

[–] [email protected] 20 points 1 week ago* (last edited 1 week ago) (1 children)

i don't usually cross-post my comments but I think this one from a cross-post of this meme in programmerhumor is worth sharing here:

The statement in this meme is false. There are many programming languages which can be written by humans but which are intended primarily to be generated by other programs (such as compilers for higher-level languages).

The distinction can sometimes be missed even by people who are successfully writing code in these languages; this comment from Jeffrey Friedl (author of the book Mastering Regular Expressions) stuck with me:

I’ve written full-fledged applications in PostScript – it can be done – but it’s important to remember that PostScript has been designed for machine-generated scripts. A human does not normally code in PostScript directly, but rather, they write a program in another language that produces PostScript to do what they want. (I realized this after having written said applications :-)) —Jeffrey

(there is a lot of fascinating history in that thread on his blog...)

[–] [email protected] 44 points 1 week ago* (last edited 1 week ago)

The statement in this meme is false. There are many programming languages which can be written by humans but which are intended primarily to be generated by other programs (such as compilers for higher-level languages).

The distinction can sometimes be missed even by people who are successfully writing code in these languages; this comment from Jeffrey Friedl (author of the book Mastering Regular Expressions) stuck with me:

I’ve written full-fledged applications in PostScript – it can be done – but it’s important to remember that PostScript has been designed for machine-generated scripts. A human does not normally code in PostScript directly, but rather, they write a program in another language that produces PostScript to do what they want. (I realized this after having written said applications :-)) —Jeffrey

(there is a lot of fascinating history in that thread on his blog...)

[–] [email protected] 10 points 1 week ago* (last edited 1 week ago)
59
submitted 1 week ago* (last edited 1 week ago) by [email protected] to c/[email protected]
[–] [email protected] 6 points 1 week ago

please put a link to the source in your post description!

(in this case, it's https://existentialcomics.com/comic/418 )

[–] [email protected] 48 points 1 week ago (1 children)
 

for readers missing the significance of the number 4 in the proof of concept: to demonstrate this vulnerability the researchers created a microcode update which replaces the "hardware" random number generator behind the RDRAND instruction with an implementation of xkcd#221 😭

view more: next ›