43
[-] chaospatterns@lemmy.world 20 points 2 weeks ago

Here's a good reason why you should pin to specific sha hashes, not just release versions.

57
28
19
30
40
[-] chaospatterns@lemmy.world 29 points 1 month ago

On Windows the system wakes up when connected or disconnected from an AC adapter. On Linux the system will momentarily wake up but immediately go back into suspend.

I get why this could be a source of bugs, but if I unplug my laptop while its asleep why would I want it to turn on?

37
[-] chaospatterns@lemmy.world 39 points 3 months ago

I'm recovering from burnout after working at a big tech company for 10 years. I think this article tries to focus on how just giving people the right work will prevent burnout, but I think the causes are very complex and vary for different people. But it's important to catch it before it's bad. For me, I had difficult to please managers, or projects that went nowhere, or passion projects that were not invested in, or lack of strong non-work relationships, or even just looking at the company I worked at slowly lose all culture and turn into something that started to abuse customers and focus on profits.

68
Burnout ≠ Working Too Much (terriblesoftware.org)
[-] chaospatterns@lemmy.world 21 points 3 months ago

Monthly active users. A metric to show the number of users who are considered active at least once per month.

[-] chaospatterns@lemmy.world 19 points 3 months ago

The spec mandating its as a single string isn't that crazy. It's good to have a consistent response format so a basic deserializer can deserialize any error response object and get something out.

If you have different providers. One that returns error: { code: string } and another does something else, you end up with the same problem this post talks about-- Inconsistency.

As far as I can tell, the spec doesn't limit you to just the one field and you can add other optional fields to the top level to the response that the caller can optionally decide to handle. But if you know there's going to be a field called error that is a string. You always get at least something out of that to present.

139
Dear OAuth Providers (pilcrowonpaper.com)
788

Announcement by the creator: https://forum.syncthing.net/t/discontinuing-syncthing-android/23002

Unfortunately I don’t have good news on the state of the android app: I am retiring it. The last release on Github and F-Droid will happen with the December 2024 Syncthing version.

Reason is a combination of Google making Play publishing something between hard and impossible and no active maintenance. The app saw no significant development for a long time and without Play releases I do no longer see enough benefit and/or have enough motivation to keep up the ongoing maintenance an app requires even without doing much, if any, changes.

Thanks a lot to everyone who ever contributed to this app!

80

I'm excited to see this as I'm pretty much only use Z-Wave. Also interesting is they are developing their own dongle

[-] chaospatterns@lemmy.world 81 points 6 months ago

The alternative is to let certain countries de facto claim a region because others are too afraid to call them on their BS

[-] chaospatterns@lemmy.world 24 points 7 months ago

.net core is the future but Mono is still important for running legacy .net framework applications like ones that use WinForms or WPF. That's pretty much it. Anything new should go straight to .net core.

79

Windows and macOS have similar clients (Hass.Agent for Windows and Home Assistant for macOS).

I've found these kinds of clients useful because I can remotely wake-up or sleep computers, track how long they are turned on for, and automatically pause my lights and music when my webcam turns on.

[-] chaospatterns@lemmy.world 50 points 8 months ago

For those who aren't aware. This is talking about when cell phones roam into other networks, they now encrypt the traffic back to the home provider which means law enforcement struggle to tap it (legally or illegally).

PET is privacy enhancing technologies

[-] chaospatterns@lemmy.world 44 points 1 year ago

Fears raised over ‘Chinese spy cranes’ in US ports

There are concerns that the machines are effectively Trojan Horses for Beijing and could be used to sabotage sensitive logistics

Unexplained communications equipment has been found in Chinese-made cranes in US ports that could be used for spying and potentially “devastate” the American economy, according to a new congressional investigation.

The finding, first reported by The Wall Street Journal (WSJ), will stoke American concerns that the cranes are effectively Trojan Horses for Beijing to gain access to, or even sabotage, sensitive logistics.

The probe by the House Committee on Homeland Security and the House select committee on China found over a dozen pre-installed cellular modems, that can be remotely accessed, in just one port.

Many of the devices did not seem to have a clear function or were not documented in any contract between US ports and crane maker ZPMC, a Chinese state-owned company that accounts for nearly 80 per cent of ship-to-shore cranes in use in America, according to the WSJ.

The modems were found “on more than one occasion” on the ZPMC cranes, a congressional aide said.

“Our committees’ investigation found vulnerabilities in cranes at US ports that could allow the CCP [Chinese Communist Party] to not only undercut trade competitors through espionage, but disrupt supply chains and the movement of cargo, devastating our nation’s economy,” Mark Green, the Republican chair of the House Homeland Security Committee, told CNN.

The Chinese government is “looking for every opportunity to collect valuable intelligence and position themselves to exploit vulnerabilities by systematically burrowing into America’s critical infrastructure,” he told the WSJ, adding that the US had overlooked the threat for too long.

The Telegraph has contacted ZPMC for comment.

‘The new Huawei’

A spokesman for the Chinese embassy in Washington DC said claims that Chinese-made cranes pose a security risk are “entirely paranoia.”

The US investigation began last year amid Pentagon fears that sophisticated sensors on large ship-to-shore cranes could register and track containers, offering valuable information to Beijing about the movement of cargo supporting US military operations around the world.

At the time, Bill Evanina, a former top US counterintelligence official, said: “Cranes can be the new Huawei.”

“It’s the perfect combination of legitimate business that can also masquerade as clandestine intelligence collection,” he told the WSJ.

In recent years, a handful of Chinese crane companies have grown into major players in the global automated ports industry, working with Microsoft and other companies to connect equipment and analyse data in real-time.

[-] chaospatterns@lemmy.world 34 points 1 year ago

Also, the law requires that publicly traded companies be greedy

The law doesn't actually state you need screw over your customers and maximize profit. It says that executives have a fiduciary duty, which means they must act in the best interest of the shareholder, not themselves.

That does not mean they have to suck out every single dollar of profit. Executives have some leeway in this and can very easily explain that napkins lead to happier customers and longer term retention which means long term profits.

It's purely a short-term, wall street driven, behavior also driven by executive pay being also based in stock so they're incentivized to drive up the price over the next quarter so they can cash out.

[-] chaospatterns@lemmy.world 44 points 1 year ago

It's true that Mozilla does collect telemetry and that Mozilla Corp is for profit, however Mozilla Corp is owned by Mozilla Foundation. That ownership structure is either a way to get around limitations on non profits, or its an opportunity for the Foundation to directly influence the Corp to be better.

However, I'll still use Firefox/Thunderbird because: Usage stats such as number of accounts or filters is in no way comparable to my username and password. One is basic metadata and stats, the other is a massive risk. You can opt out of the telemetry, the only way to opt out of sharing your password is to not use the new Outlook.

I take a more pragmatic approach to privacy based on my trust. I understand the value of telemetry, but change it depending on the company. Big Tech I have less trust in, Mozilla, while they have issues, are on average far better for privacy vs big tech.

As a developer, I understand the value of telemetry and the risks that come with collecting any data. I pick Firefox because it challenges the homogeney of Google's influence and it looks like I'm going to pick Thunderbird because I' haven't seen a better option.

view more: next ›

chaospatterns

joined 2 years ago