- Yes it was bit uncharitable, but I couldn't resist based on the way he phrased it. It was just a joke.
"Preventing" the vulnerability would indeed require going back to 1994. Since it is a vulnerability that has existed in every display server released since then.
- The way X11 developers ended up fixing this is by creating Wayland. This way privileged operations (like keylogging, screen capture, etc) require the cooperation and authentication through the display server.
- Microsoft is guilty of giving incompetent administrators enough rope to hang themselves.
- That shpool looks like a good idea.
- Modern science is derived from Christian Scholasticism from the middle ages so this way of talking and thinking about science as being divinely originated is only unusual in the past couple centuries or so.
It is from that era that they developed systems of rigorous debate, formal logic, and things like peered reviewed papers that we call "the scientific method".
As far as the history of these sorts of mathematical discussions the concept of negative numbers didn't exist until the 15 century. I am sure that each new concept was faced with some resistance and debate on its true nature before it became widely accepted.
So I am sure that somebody looking through the historical record could find all sorts of wild quotes from different theologians trying to grasp new concepts and reconcile them with existing mathmatical standards.
- I think that using the term 'application containers' to reference docker and 'system containers' to reference LXC is a bit of a meaningless distinction.
You can 100% host "systems containers" on Docker and you can host "applications" on LXC.
Like if I want a entire OS with it's own init system and users and so on and so forth I can do it it OCI images.
In fact I use it every single day with distrobox on top of Podman using OCI container images.
And it works a hell of a lot better then if I tried to do it on LXC.
- "Systems containers" are almost certainly isn't more secure since 'root' means things, even in a container.
Containers just leverage existing Linux namespace isolation techniques to isolate applications.
A good way to think about it is that they act like blinders on a horse. If applications can't "see stuff" or reference items outside of the container then they don't know it exists and don't know how to interact with it.
"application containers" can take advantage of more then just namespaces to isolate applications, such as running them as unprivileged users inside the container's context and thus limiting them from the sort of kernel features that get exposed inside the containers. Or cgroups to limit resource usage and other smaller things like that.
Regardless "Security" and "Containers" really shouldn't be written about in the same paragraph without MAC framework like SELinux in place or additional isolation techniques like VMs.
Although VMs are a lot more like containers then people realize.
- Copyright exists to protect publishers, not the people actually doing the work.
Copyright was created for the specific purpose of censorship.
- Generally speaking the cells that are welded on are designed to be welded on in the areas were you do the welding. Doing something other then welding on them properly is going to be more unsafe then welding.
The proper tools to do this are not that expensive anymore in the greater scheme of things. It is just a question of whether or not it is worth to do it at the scale you are doing it or pay somebody else to do it.
Of course if you buy cells that are designed to be bolted together then bolt them together.
Of course the bolts, or whatever else provides the threads, on those cells are welded on.
- Replace well known, fast, and efficient image to text algorithms that can happily run on my ancient Kindle with a gigantic black box of ML mush that requires tens of thousands of dollars of GPU to run?
Sign me up!
Might as well claim that computer science is obsolete now since LLMs exist while you are at it.
- Rabies anti-virus require very carefully handling and refrigeration and thus can be extremely expensive for hospitals to keep in stock.
And, yes, it needs to be applied before symptoms start to appear. Otherwise death is almost for certain.
I doubt this research will lead directly to a better vaccine, but having a better vaccine could save a lot of lives.
- One of the effects of ISG15 deficiency is a disease called "Type I interferonopathy".
Among the symptoms of this disease includes things like necrotic lesions and severe multi-systemic damages.
From what I gather the fact that these people are not more susceptible to viral infections was a surprise. Which probably relates to why the doctors in the parent article were investigating its possible anti-viral properties.
- AMDgpu is the driver for newer GPUs, radeon is for the older GPUs. This is like circa 7 or 10 years ago.
So it is both driver changes and architectural changes.
There is also AMDGPU-PRO, which is the proprietary version based on AMDGPU. Used to be you'd need it for ROCm, but that hasn't been true for a while not. There really isn't any reason to use the "pro" version anymore, unless you have a some special proprietary app that requires it.
Open source GPU drivers are based on Mesa stack. So they share a common code base and support for things like Vulkan.
So it is sorta similar to how DirectX works. With old-school OpenGL drivers each stack was proprietary to the GPU manufacturer so there was lots of quirks and extensions that applied to only one or another GPU. That is one of the reasons DirectX displaced OpenGL in gaming... Microsoft 'owned' DirectX/Direct3d stack.
Well the open source equivalent to that is Mesa. Mesa provides APi support in software and it is then ported to each GPU with "dri drivers".
For gaming things have improved tremendously with "Proton", which is essentially Wine with vastly improved Direct3D support.
This is accomplished with "DXVK", which is a Direct3D to Vulkan translator.
This way Linux essentially gets close to "native windows speed" for most games that support proton in one way or another.
Which means that most games run on Linux now. Probably over 75% that are available on Steam, although "running" doesn't mean it is perfect.
One of the biggest problems faced with Linux gaming nowadays is anti-cheat features for competitive online games. Most of the software anti-piracy and anti-cheating features games use can technically work on Linux, but it is really up to the game manufacturer to make it work and support it. Linux gamers can sometimes make it work, but also they get flagged and booted and even accounts locked for being suspected of cheating.
- Things have changed a lot since Steam deck. Especially in the last 3 or 4 years.
Mobile users suffer more problems then people with dedicated desktop GPUs, but it still gotten a lot better.
The one thing to be careful about AMD GPUs is that for most GPU OEMs AMD is just a after thought. So they get sub-par QA and heatsinks compared to their more popular Nvidia models.
It is best to go with card makers that only sell AMD GPUs, like Sapphire, PowerColor, and XFX. I am partial to Sapphire.
- With the advent of Steam deck and Valve putting time and effort into AMD GPU drivers the AMD GPU is really the best option for Linux when it comes to general desktop stuff and gaming.
The days of Nvidia proprietary drivers being a safe bet is long gone. Especially for any sort of Wayland desktop, but it still applies to X11.
Intel drivers should be good as well, since they use the same Mesa code base.
With the ROCm stuff no longer depending on AMD Pro then there is not going to be any reason to step away from the default GPU drivers provided by your distro, provided they are relatively new.
While I am sure that there are still going to be professional-grade proprietary apps that recommend Nvidia... for most of us the only reason to actually go and choose Nvidia on Linux is because of CUDA. And, personally, I would rather lease time on the cloud or have a second GPU work horse PC separate from my desktop for that.
Unfortunately Nvidia is, by far, the most popular option for Windows users. Over 4:1 ratio according to Steam statistics.
So most new Linux users are still going to have to suffer through dealing with their GPU drivers.
- There was a similar situation going on with Craigslist and a couple other websites. I don't remember the details.
But the basic gist is that people were selling illicit sex services on these websites, much of which was very unsavory. So there was a big push to make these websites liable for users engaging in that sort of communications.
It succeeded and these websites shutdown the services these people were using, which in turn destroyed or otherwise undermined numerous investigations going on all around the country to prosecute these criminals.
On a side note when people operate privaty-ran "to catch a predator" sting operations in the USA... One particularly successful group was asked why all their targets tend to be from more conservative leaning parts of the country. The non-obvious answer to that is that in many other places around they country they don't bother because they can't get the police to show up and arrest the people they find.
So when you have certain governments refusing to even investigate sexual crimes involving minors that they have happening in their own communities it seems to be a bit disingenuous when they claim they need to eliminate privacy to go after much more difficult targets on the internet.
- Water rights is a huge deal in Colorado. It is in the state constitution and there has been a lot of government corruption around the issue.
It is common for people to buy up land just for the water rights, then transfer that water rights to other property. So if you search for land in Colorado it isn't unusually to find one plot of land in the millions and then another one a few miles away that is almost free in comparison. This is often due to the water rights associated with that property. The expensive land can be used commercially for things like farming, the other cannot.
And there have been cases of governments using tax money to buy up property just so they can use the water rights to help out private ventures, like building suburbs or golf courses without the knowledge or consent of tax payers.
Also it is pretty normal anywhere in the country that local governments react poorly from aggressive demands from people, especially when they are not voters.
All in all it is a nasty business and making sure you know exactly where your water is coming from, how you are going to pay for it, and what your rights are to it, and what you are allowed to use it for all need to be factored in heavily when moving out to the desert there.
The deal here is that the only way to fix X11's security issues is by breaking all those types of workflows and forcing application rewrites to implement them in authenticated ways.
So if you are going have to go and break all that stuff, why not fix a crapload of other problems while you are at it?
Calling Wayland "X13" may have avoided a lot of misunderstandings, but it probably would of caused others.