They also don't magically make lawyers free. No lawyer is going to bother with an EULA squabble pro bono.
Wow, this is awesome. Good work!
Were you thinking about writing up a little blog post or something about how you did this?
I really hope this will let my AR glasses work. I was bummed they didn't work with my Pixel 6 Pro, and half the reason I went for an 8 Pro were the initial display out support news from July.
When this workaround was reported to not work, I was pretty bummed, but this seems like a good sign. I'll be building my own ROM anyway, so I can easily set this property enabled by default with no need for root.
It's not an assumption. The vanilla Signal app has code in it that disables itself after a certain period without updates. Unless they removed that from this app, then this will do the same thing.
Moon Channel, a lawyer who dives into some of the legal topics surrounding the gaming industry, most of them Nintendo related. Really well researched information about emulation legality, modding, even copyright infringement Nintendo themselves committed in the 90's (in the Mother 3 video), all sorts of stuff.
He also has a few other things, like a REALLY LONG video on JRPGs, or commentary on MMOs.
I love seeing all the CrossCode recommendations, and on Lemmy of all places. Here I thought no one knew about it!
Easily my favorite game of all time. I don't think it ever drops the ball, the combat is awesome, the story is incredible, and the characters are so well written that you'll think they're actually real people.
The biggest criticism is the game's puzzles, but they aren't really as bad as some (very impatient) people make them out to be, and there are options to decrease the difficulty of the puzzles.
I'm not advocating for running containers as root, I was correcting your suggestion that container breakouts are trivial and easy to perform. But let's walk through those 2022 breakout vulns shall we? I even found one more.
CVE-2022-0847 - DirtyPipe, a Linux kernel vulnerability, and one of the most major and prolific Linux kernel vulns to date. In addition, it wouldn't have mattered if the container ran as root or not, this was a significant Linux kernel flaw. In fact, the PoC runs the container as an unprivileged user.
CVE-2022-0492 - Needed CAP_SYS_ADMIN
to be exploitable, isn't exploitable anymore, and falls under my remark of "the user doing something stupid."
CVE-2022-0492 - Vulnerability due to cgroups, and wouldn't be exploitable as a root container user unless a very specific set of 5 prerequisites were met. "Just being root" was not enough for exploitation.
CVE-2022-23648 - Was a read-only vulnerability relating to volume mounts, root vs non-root was not relevant to the vulnerability, and it only allowed for "breakout" in situations where you're running in a Kubernetes cluster and the container can read service account tokens. Running as a non root user would not have prevented this.
I'm not saying "running as root doesn't matter," running as a non root user is a best practice, yes. But breakout vulns are more rare and harder to exploit than even your response to me is trying suggest.
Thanks! But I can't take all the credit. Calyx maintains the OTA updater and it's very configurable. Just change the domain name, make sure your webserver has all the right files, and you're off!
Thanks! I use my own deployment that uses Caddy, and I based it on their example Caddyfile. But it looks like I might be good. Their reference Caddyfile accepts application/*
with an asterisk, which seems to sidestep this issue entirely!
I didn't put my actual inquiry in the comment since it would have made it too long. But I wasn't asking them about moving to Squarespace, I was very clear that I am burning a bridge with both of them and have no interest in being a customer of either of them. I told them I've already moved my domains out of Google Domains, and I wanted to clarify if any historical data about me and my domains (domain ownership history, purchase history, receipts, etc) would go to Squarespace. And they replied with what I put in my comment.
If I consider their reply to me, and the stuff I'm reading in the link OP posted, this isn't really a "transition," Squarespace is just buying the rights to all 10M+ domains Google Domains owns. But if Google Domains doesn't own a domain anymore, it won't be part of that transaction.
That's what I gathered, anyway. Hopefully they can be less ambiguous before the transaction actually happens. It will probably take the better part of a year, so there is plenty of time.
I did. The benefits as I see them:
- I can still use Lemmy if the instance I would have used as my "home instance" ever went down.
- Even if a public instance doesn't go down, all this extra load is making strange bugs surface that I don't encounter (I still have the live refresh bug everyone has, but not this one).
- I have full control over my account.
- If I ever want to get to customizing my UI later, I can.
- Content I create originates on my instance, and I have full control over it. I can't stop other instances from caching what I post publicly, but this still gives me more data governance.
- I can curate my "All" tab to only show stuff I actually want to see, instead of trying to figure out how to block communities (not sure if that's possible for regular users).
- I get a custom domain which I think is pretty neat.
There was substantial room for improvement in the way they spoke publicly about this issue. See my comment above.