7·
17 hours agoSpite > loyalty > ethics
We’ve finally seen what’s more powerful than their idolatry.
- 5 Posts
- 8.04K Comments
Joined 3 years ago
Cake day: June 12th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
25·17 hours agoRemoving access to safe healthcare will make people choose UNsafe healthcare.
Pre-medical cultures used a variety of toxins, for example, that when brewed wrong were extremely risky. That’s where the average American is going with Mercenary healthcare and prison for even mentioning a pregnancy.
If she goes down for it, then her co-conspirators go down too.
1·18 hours agoThat’s difficult. Openssh is coded in C, not js.
2·19 hours agoWhoa whoa whoa. Tell that to the faux-ristocracy in Canada first, please. Please? Our guys are super-dumb, so it should be easier.
standup
stand up
In another binary choice, who would you choose? Another trump, or harm reduction?
(Count the people for whom evolution is confusing)
The world-first part must be the wind-power thing.
We’ve had small offshore data centers for years, passively cooled but powered by nuclear energy.
(And if you’re still not getting the joke, let’s discuss how a nuke sub would cool its massive computing power. Big boats are like floating data centers; submarines even more advanced. )
1·1 day agono wine? miracle.
Metaphor for conspiracy.
dead friend? raise em up.
Metaphor for a friend leaving the cult and coning back. See “X is dead to me”
not enough food? miracle some up.
Metaphor for inciting wealth redistribution
get crucified?
Brother.
rise from the dead.
Metaphor for leaving cult, but coming back for transition when terms of separation were agreed.
people will just slowly move somewhere else
Moving house is only possible if one can afford to sell their current house for enough money to relocate. In Louisiana, that’s far from guaranteed.
I’m not sure everyone’s rebuilt after Katrina yet.
Unionized IT.
0800-1647 , and it’s generally firm; but we do take time to bottle and checkpoint our work if we didn’t get to it before then. Normally it’s 0800-1600 but the 0.47 hour is part of a 9x9 scheme where every second Friday is off because we already worked the hours for that pay-period.
OT needs a ticket and is charged out to the .1 hour. Standby has a shitty hourly rate, but at least there is one. They may not expect us to be sober/available otherwise.
till
'til
2·1 day agowhy avoid Flatpak? I get snap or AppImage,
Objectively, they all frustrate validation the same. When comparing with a SLSA3-compliant setup where every installed artifact has a signed checksum in a signed bundle from a signed resource on a signed repository, and the endpoint to this is readily available from something like authenticated SNMP into the single source of truth, they all tends to compare poorly.
The chart below completely ignores that Debs are consolidated into a single source of truth as well, and I feel violating SSoT should cost significantly because of dependency holes when artifact registry is incomplete, but SLSA doesn’t care about that part.
Ecosystem / Format Estimated SLSA Level Update Reliability / Model Trust Chain & Provenance Comments (withheld) 3–4 Very high; repo-based, transactional updates Strong: signed packages + signed repo metadata + central DB; distros enforce reproducible builds. OCI containers (hardened pipeline: cosign + Tekton/in-toto) 3 High if using automated CI/CD and policy enforcement Strong if you use signed images + non-falsifiable provenance; this is rare but achievable. DEB (distro repos) 2 High; repo-based, APT handles dependencies Medium: repo metadata signed, but per-package signatures not mandatory; weaker checksum chain. Flatpak runtimes (Flathub) 2 High; centralized runtimes, predictable updates Medium: signed OSTree commits; build infra more centralized, but not full end-to-end provenance. Flatpak apps 1–2 High; repo-based, automatic updates Mixed: OSTree signing helps, but build provenance varies by publisher; no uniform SLSA guarantees. Snap (strict confinement) 1–2 High; centralized store, auto-updates Centralized signing by Canonical, but opaque build pipelines; trust is “trust the store operator.” OCI containers (typical public images) 0–1 Medium; pull-latest model, tag drift common Usually unsigned; mutable tags; no guaranteed provenance—trust is mostly social and reputation-based. Snap (classic confinement) 1 High; same store/auto-update model Same store trust, but classic snaps bypass sandbox; even more reliance on publisher integrity. AppImage 0–1 Low–medium; ad-hoc self-update or manual downloads Almost no chain of custody; signatures optional; no central repo or provenance expectations. npm (JavaScript) 0–1 High frequency, but low reliability of safety; semver + lockfiles Registry accounts can publish arbitrary tarballs; no default signed provenance; transitive deps explode risk. PyPI / pip (Python) 0–1 Similar to npm; pip + requirements/lockfiles Tarballs/wheels from arbitrary maintainers; no mandatory signing; provenance work (e.g., PEP 740) is emerging but not standard. Composer / Packagist (PHP) 0–1 Good tooling, but same “trust the registry” model Packages pulled from Packagist/VCS; no mandatory signatures; dependency graph trust is social, not cryptographic. CPAN (Perl) 0–1 Mature ecosystem, but manual/legacy in many flows Historically minimal provenance; mirrors and authors are trusted by convention, not by SLSA-style attestations. Other language registries (RubyGems, crates.io, etc.) 0–1 Similar to npm/PyPI; lockfiles help reproducibility Central registries, but no default SLSA provenance; integrity is mostly TLS + registry operator trust.
The conflict of interest here is absolutely insane. That’s a conspiracy to defraud the government.
419·2 days agoI’ll downvote that too.
It seems to #bothsides an issue via a lot of hyperbole, and risks straw-manning one side just for a favourable comparison.
I don’t colour myself a tankie, but I do live in a more socialist country than America - low bar, such as it is. I sense I’m not in a position to properly understand how your argument can make sense, but the kneejerk comparison I feel needs some explanation before just throwing that smelly fish out there.
It’s not cut-and-dried, but presented as such. It’s not helpful and relevant by itself. Thus, downvote.
The rule is to always be richer than you are famous – for any value.
Thus, if I was Michael Jackson famous, I would need to be several-private-islands rich.
Of course, I wouldn’t have an island. But the bunker at the resort I own would be insane.
That’s the nokia hardware they installed win mobile on?
I was looking forward to a good nokia candybar phone, but gave up when they were bought and the hardware went under a win OS.
They tried; it must’ve been 4 times. But unless it’s a sure thing, they’ll give up.
I worry they don’t know how to compete on a level ground, slowly building trust and business on success after success.
shit got all fucked up because you added a third party repository
Dependency hell is always, always, self-inflicted.
aptis only SLSA1 or 2 anyway, so there’s a lot more wiggle room.
Quick: who’s got Mayor Mamdani on their team? THOSE guys seem to care about people.
Not in English. Not with that punctuation. You missing a tree? :-p
To be fair, the delimiting was lame, too, as it was missing the trailing delimiter; but in an objective guess where there was no (semi-)colon and the American Ghost Comma exists, that Ghost Comma is the likely case.