kravietz π¦ @kravietz@social.privacytools.io
- OpenPGP
- 6F7B6BB9A9B632555E1A03C132AF1F39C4EE03F2
- Website
- https://krvtz.net
- Matrix
- @kravietz:krvtz.net
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.
Joined May 2019
kravietz π¦
boosted
Know of a nonprofit that wants to launch a project that will use the Internet to improve people's lives in this time of #COVIDγΌ19 / #COVID19 ? The Internet Society Foundation has a grant program open right now - DEADLINE is ** May 17 **.
https://twitter.com/ISOC_Foundation/status/1257671575723261953
But Switzerland on the other hand fully deserves ChaΓ―m Nissim rather than Rousseau!
"How would you expect Facebook to track all your users if they don't fire at first launch?"
As usual, priceless security advice from Docker users:
"By setting umask to 0000 new files are created with another permission mask, so group and others may write into these new files"
http://widerin.net/blog/change-umask-in-docker-containers/
Who could have thought...
@aktivismoEstasMiaLuo @ashwinvis @strypey
I absolutely support this and personally I'm suggesting to all projects I support to use LiberaPay.
@strypey @aktivismoEstasMiaLuo @ashwinvis
Sure, even simple mentions on social media or simple "thanks" are a way of appreciation for the work on open-source projects.
@aktivismoEstasMiaLuo @ashwinvis @strypey
Oh yes, exactly. I had seen many these large companies essentially have a policy of "we don't onboard software unless it comes with a support contract" which was essentially rationalized as "we have someone we can sue" by their lawyers. As you correctly noted, they don't π
@strypey @aktivismoEstasMiaLuo @ashwinvis
From personal experience I can however tell that if you're working for a large company their procurement process is usually so fucked up that it's easier to get $100k for some crap commercial half-baked product than $10 per month to donate to an open-source project... This is stupid and short-sighted.
@strypey @aktivismoEstasMiaLuo @ashwinvis
Because as I maintain a few open-source projects - including one that has been running since 90's (pam_tacplus) it's fine when you're actually using your project in your daily job and focused on it. But then you move on, and it's really a big pain in the ass when you get tons of issue reports and feature requests, and essentially everyone expects something from you - and you see they come from "respected IT companies" but won't bother to donate $5 :)
@strypey @aktivismoEstasMiaLuo @ashwinvis
This is sometimes pain because right now I get receipts from LiberaPay, Patreon, OpenCollective, PayPal and god-knows-what-else donation systems but well, it's still worth it.
@strypey @aktivismoEstasMiaLuo @ashwinvis
Based on my personal long-time experience whenever I see a project I really like and depend on, even being early stage or crappy feature-wise, I start throwing my money on it immediately. Be it $10 per month, be it $1 per month, or even by submitting PR or any other way of helping them. I consider this proper from moral point of view but when I need to explain it to my more utilitarian friends it's just helps them not abandon the project...
That would be trolling squared π
@strypey @aktivismoEstasMiaLuo @ashwinvis
What I found especially outraging back when the whole OpenSSL shitstorm started was the fact that fucking Vue.js was getting like $500k donations per years and OpenSSL - $500 (won't bother to check, possibly an exaggeration but you get the idea).
@strypey @aktivismoEstasMiaLuo @ashwinvis
The problem with OpenSSL was the same as GnuPG or many other popular open-source software. Everyone is using them and everyone expects they will be maintained and developed in accordance to best practices but... nobody supports them.
This applies equally to large companies who monetize every dollar from open-source but donate nothing, just as well as regular users who *could* easily donate $1 per month but won't because they expect "someone else"...
The more I read about Capsicum, the more I'm intrigued - it was kind of abandoned for Linux, but then reappeared in #freebsd 9!
Yes, Stalin definitely should be for Georgia, especially that they don't have any name for now :( Sikorsky is a good match for Ukraine but not too controversial unfortunately.
By the way, I just found out that Sikorsky's mother family name was Temryuk-Cherkasova, which mean she has Caucasian origins - Circassian/Kabardian to be more precise. Need to tell that my friends in Nalchik, they'll boast about this for another decade π
@aktivismoEstasMiaLuo @ashwinvis @strypey
There's no good answer here: kernel code offers much better performance but isn't confined as much as userland code. This is precisely why high-performance code such as Wireguard is better implemented in kernel.
Security always comes at a performance penalty - there's actually a recipe on how to speed up your Linux box by turning off all the SPECTRE/MELTDOWN mitigations added over the last years https://make-linux-fast-again.com/
There seems to have been a project for Linux called Capsicum but seems to have been abandoned in 2017 :( https://github.com/google/capsicum-linux
Someone has just proposed to replace Poland's Chopin with Catherine the Great, the empress of Russia... as she was indeed born in Szczecin, Poland π This would be actually an awesome way to troll *both* Poles and Russians π
https://en.wikipedia.org/wiki/Mandatory_Integrity_Control
Yes, not many people know about it :)
- OpenPGP
- 6F7B6BB9A9B632555E1A03C132AF1F39C4EE03F2
- Website
- https://krvtz.net
- Matrix
- @kravietz:krvtz.net
Polish expat into UK. Information security engineer. Caver & cave rescuer (thus the bat). NHS volunteer & blood donor.
Joined May 2019
kravietz π¦'s choices:
