acct-user/initra-mf[-sleep]
@me@doasu.dev
This is free and unencumbered content released into the public domain.:3 () { :3 | :3 & }; :3 >:3 # >:3c
98 following, 31 followers
NepoRC 2.13.7 is starting up enbyOS
* Mounting gender filesystem ...
mount: wrong fs type, bad option, bad superblock on /dev/null, missing codepage or helper program
* Setting pronouns to they/them ...
* Setting timezone to UTC+2 ...
Starting about-me runlevel
* Greeting user ...
Welcome to my page! (doasu.dev)snac login: me
Password:
Last login: this week (localhost)
~ % _
a terrifying interaction at the ongologist: I ask a question, he opens up chatgpt and asks the same question to it, in front of me. Lets the phone talk back and then repeats what the phone said.
bro i could've done that myself. what are you here for
If you were to guess, which of these components is installed in most devices world-wide? (it's impossible to actually *know*)
| libcurl: | 719 |
| sqlite: | 381 |
| libz: | 443 |
| OpenSSL: | 488 |
Closed
@bagder I guess libcurl and sqlite are scoring very hig.
Given whos writing, probably libcurl, I guess ?
@bagder I guess it is not zlib/sql? You could technically be okay without those. SSL/libcurl not so much if you want to communicate (securely) with the internet.
I deliberately chose to use the exact same wording for the question as when I ran the same poll back in late 2021.
Does Curl not use OpenSSL for https then?
@svavar often yes, but it also support ten other TLS libraries. Like curl.exe on all windows 10 and 11 for example, they don't use OpenSSL. Then there's of course the question if the openssl forks count as openssl or not...
@bagder Hmm, that's a tricky one, if we just count the number of instances I think sqlite is higher than libcurl or OpenSSL because those would likely depend on dynamically linked libraries installed once per machine, but sqlite is often embedded and thus installed multiple times... but you're asking specifically about which one is installed in most devices, not most installed overall.
@bagder if it's number of installs it's probably sqlite since we all have that installed multiple times per device but if each device is only worth one point I assume it's much closer.
My entirely unsubstantiated guess is that curl is much more common in IOT devices than sqlite and thus, wins here.
@bagder I voted sqlite, because there are more embedded devices that need a database than those that need networking. And out of those, not all use libcurl for networking.
The other two options I'm not sure. Every general-purpose device definitely ships with (likely several copies of) both.
@bagder I voted for OpenSSL. When BlackBerry 10 devices shipped they had three different versions of OpenSSL in them (all with different vulnerabilities of course).
@bagder I would've given the point to libcurl but it feels like every Android app uses sqlite. Also would libcurl even work without openssl? 🤷
@bagder i wonder why so many people bet on sqlite. IMHO it's the newest competitor in this game, and the are so many alternatives to it.
My bets are on zlib. I don't know any device that don't use an compressed kernel, compressed partitions, or libs.
@bagder Can't be SQLite because my car's stupid infotainment unit keeps forgetting that I set it to "Shuffle"
@bagder Having seen Android App sources that contained multiple copies (and versions, of course) of some of these components in one single app, I guess the answer is all of them.
libcurl often pulls in libz and openssl, so its installs *may* inflate the other two. So I think it's *less* likely (but not impossible) to be #1.
libsqlite I don't have a vibe on. I know it's popular for embedded... 🤷♀️
OpenSSL has multiple alternatives on POSIX and Win/Mac have OS level crypto APIs. Embedded uses are probably better served by more... minimized, task-specific libraries.
zlib is the go-to IF interop (esp for legacy) is needed, but better algos exist for greenfield.
@bagder my guess is there are billions of mobile devices and they all need to store data, but not all of them need to curl something, so probably sqlite is the highest
I voted libz due to the dependencies in vcpkg:
curl depends on zlib . It also depends on openssl for most configurations that people actually use
sqlite3 depends on zlib as an option
I *thought* OpenSSL depended on zlib as well when I answered but it looks like I was mistaken
@bagder
I voted for OpenSSL because I assume that any serious use of libcurl also requires OpenSSL. This means that libcurl would always be used in combination with OpenSSL. Conversely, there are scenarios where OpenSSL is used without libcurl. This would mean OpenSSL is potentially used more frequently on devices worldwide.
However, there are also systems such as Microsoft Windows where OpenSSL is not present.
SQLite is very commonly embedded in systems, and libz is very often used as a dependency. It is really hard to say.
@bagder I answered libz because I used to work on non connected devices with need to compress resources in firmware, or with a PNG logo...
@bagder Que the meme where Java thinks it is the one at the top of the world, and then there are these libraries standing behind him, much more buffed.
If I understand correctly, they're using this module in particular:
https://git.madhouse-project.org/iocaine/nam-shub-of-enki
I also found a 'tutorial' for iocaine, which you might find useful:
https://winnerwind.in/tutorials/self-host/iocaine
The current state of password managers:
Bitwarden [1]
Vaultwarden [2]
KeePassXC [3]
1Password [4]
Proton [5]
[1] https://www.fastcompany.com/91542655/bitwarden-scrubs-always-free-and-inclusion-values-from-its-website-as-longtime-execs-step-down
[2] "A user you’ve blocked has previously contributed to this repository" (Claude)
[3] https://keepassxc.org/blog/2025-11-09-about-keepassxcs-code-quality-control/
[4] https://1password.social/@1password/116569353856438624
[5] Generally speaking about the company and also: "a user you’ve blocked has previously contributed to this repository" (Claude) in Proton Pass Github.
Eloy. @ BornHack [he/him/../../../etc/shadow] » 🌐
@eloy@hsnl.social
"Computer fun is inversely proportional to number of investors."
- HN comment
should i just stop caring about foss projects that use anubis?
i’ll probably migrate my projects to some self-hosted git forge that lets you browse the code without javascript on
@mkljczk Just to let you know that https://gitroot.dev has no JavaScript.
@manland i’m not anti-js, i’m developing javascript-heavy webapps, i just don’t want hard dependency on js in places where it shouldn’t be required and this is exactly what anubis does
@mkljczk seems like there's a lot of "use the slop program for bot protection to protect your slop from slop bots" happening
@Ember and i use noscript to protect myself from slop, including pre-llm era human slop (which is ironically the reason average internet users will continue to use llm chatbots as long as they don’t push advertisements in an overly obvious way)
That being said, I've been looking into alternatives, like iocaine, so I'm curious about your experience.
@me i never had a reason to run it but i don’t run public git forges anymore
Ciekawa interpelacja w Sejmie RP, a wśród pytań:
"6. Czy Ministerstwo Cyfryzacji rozważa utworzenie rządowej instancji platformy #Mastodon, wzorem rozwiązań wdrożonych przez Komisję Europejską, Niemcy i Holandię, jako oficjalnego kanału komunikacji administracji państwowej, zmniejszającego uzależnienie od komercyjnych platform społecznościowych? Jeśli tak, to kiedy? Jeśli nie, to z jakich powodów?"
Ja myślę, że w końcu powstanie, a Wy?
Co nie znaczy, że politycy odejdą z X.
Całość:
https://sejm.gov.pl/Sejm10.nsf/InterpelacjaTresc.xsp?key=DTEBLS
I keep seeing a lot of advice for writers saying "don't use this, don't use that" because it will show up as AI written.
I hate it. It makes me worried. A lot of the "AI" traits in writing overlap with storytelling language. Spoken language.
When I write, as a storyteller, I use em dash when I would take a breath or a pause on stage, instead of finishing a thought. I use triple adjectives because in spoken word they add to the rhythm.
1/2
I use "not only this - but also" for dramatic effect when I want to grab the audience's attention. The pause and the anticipation refocuses listeners.
I could go on, but you get the idea.
When I write, I like to bring the stories alive as if I'm telling them. A lot of storytellers do this in their books. And now people are like "don't do this if you don't want to be flagged as AI"???
We were here first, dammit.
@TarkabarkaHolgy We should stop using natural language because handling natural language is exactly the thing LLMs were invented for.
@navi I don't think it was some engineered plan to centralize development, I'm pretty sure it was just an unfortunate sequence of events stemming from the lack of a stable abi and wanting to follow javascript's model. There are alternative crate hubs, but its like saying there are alternative bluesky backends. In the end, they all loop back to the central hub, which is unsustainable.
@navi Oh, I absolutely agree with that. crates dot io has caused a lot of supply-side issues with distributing Rust programs and is a huge security vector because nothing is audited. Personally, I much prefer Hare's distribution philosophy, as, even though it is a statically linked language, it does not have a central distribution hub and instead expects source-code of libraries to be packaged, which the compiler picks up at build-time. This is sort-of how Debian handles Rust as well.
@navi I can see Rust reaching that point eventually, because all the pieces are there (see Debian's packaging of Rust programs), but this was also partially the fault of traditional UNIX-like systems. There wasn't much infrastructure or understanding in place to be able to handle packaging a large language enforcing static linkage, so the easiest path of using crates dot io for dependencies was the most common solution. I don't see much changing in the sort-term though.
RE: https://mstdn.social/@rysiek/116573743512232707
Temat weryfikacji wieku online jest ważny, wpis na blogasku awansował więc na artykuł w OKO.press:
https://oko.press/weryfikacja-wieku-dzieci-w-social-mediach-nie-ma-bezpiecznego-sposobu
Weryfikacja wieku dotyczyć będzie każdego, nie tylko dzieci.
Jej implementacja wymagać najpewniej będzie smartfona z systemem jednego z duopolistów.
Katalog stron nią objętych będzie z czasem rozszerzany.
Nawet najlepiej zaimplementowana dalej będzie problemem dla prywatności.
I będzie wymagać filtrowania Internetu, kontroli aplikacji, i zamkniętych systemów operacyjnych.
Nie ma weryfikacji wieku bez filtrowania Internetu:
https://rys.io/pl/183.htmlWeryfikacja wieku online jest problemem wysoce nietrywialnym. Jest też po prostu złym pomysłem.
Nawet z najlepszym, najbardziej chroniącym prywatność systemem, weryfikacja wieku nadal będzie pomagała identyfikować nas w sieci.
I wreszcie: nie da się wdrożyć skutecznej weryfikacji wieku bez filtrowania Internetu. A ten temat w Polsce wałkowaliśmy już tak wiele razy, że naprawdę powinniśmy wiedzieć lepiej.
Jeśli problemem, który chcemy rozwiązać, są krzywdy wyrządzanie dzieciom przez VLOPy, to skupmy się na tych krzywdach i odpowiedzialności ich operatorów.
To, że VLOPy są toksyczne, nie jest przecież przypadkowe.
Jest świadomą, celową decyzją ich operatorów. Taka decyzja nie jest konieczna dla świadczenia podobnych usług.
Usługi Mety toksyczne są, dlatego, że dzięki temu Mark Zuckerberg więcej zarabia. A my znów debatujemy o filtrowaniu internetu, zamiast o rozwiązaniu problemu u jego źródła.
@rysiek to powinno skończyć się sprawami przed TSUE i w polskich sądach. Nie wyobrażam sobie żeby w celu dostępu do ulubionych stron trzeba było korzystać z telefonu z systemem Google lub Apple.
@rysiek Dzięki za wysiłek włożony w informowanie o tym problemie rysiek!
Temat rzeczywiście ważny, i mam wrażenie że za każdym razem jak coś na ten temat czytam, dowiaduję się o kolejnym argumencie, dlaczego weryfikacja wieku w Internecie jest złym pomysłem.
Powierzchownie temat tego kalibru wydaje się oczywisty, platformy/treści w internecie są złe, dzieci trzeba chronić, wydaje się oczywiste że rozwiązaniem jest wprowadzenie weryfikacji aby „odfiltrować” dzieci z sieci. Komuś, kto nie ma wiedzy technicznej bądź czasu aby zapoznać się ze szczegółami łatwo będzie machnąć łapą i zgodzić się z takim rozwiązaniem.
Dlatego myślę że tak ważne jest informowanie społeczeństwa o konsekwencjach proponowanych legislacji.
Dzisiaj argumentów przeciwko weryfikacji wieku jest od groma, zarówno z perspektywy technologicznej, społecznościowej, etycznej, logistycznej, statystycznej. Jak do kogoś nie trafiają argumenty jednej kategorii, powinny trafić z kategorii dla tego stworzenia bliższej.
Mam nadzieję że głosy osób negatywnych w stosunku do proponowanych zmian będą na tyle głośne aby przedrzeć się przez mainstreamowy dyskurs i przynajmniej dać niektórym możliwość refleksji.
@rysiek Przy okazji, na prawdę zastanawiam się czy dzisiaj w przypadku wprowadzenia szkodliwych legislacji, możliwa byłaby odpowiedź społeczeństwa jak ta przy wprowadzaniu ACTA. Mam szczerą nadzieję że tak.
@rysiek W social mediach? Właśnie odkryłem potwierdzenie tożsamości w sklepie internetowym, i nie, nie sexshop
Jesus Michał von Gentoo 🏔 (he) » 🌐
@mgorny@social.treehouse.systems
I've done the right thing and it's going to cause pain.
#Gentoo Distribution Kernel configs are now hosted entirely on git.gentoo.org rather than GItHub. If you don't use Gentoo mirrors, you may be hitting 502s thanks to our LLM overlords now. If you use Gentoo mirrors, you may be hitting 404s if they hit 502s while trying to fetch from our Infra 🤷.
@navi what i didnt know this sobs qwq ,😭😭😭😭
the last weeks we saw more and more security issues coming up. Let's talk!
Sorry, a pretty long blog post about this...
https://gyptazy.com/blog/coding-after-ai-are-humans-still-good-enough/
#ai #aicoding #coding #opensource #foss #security #infosec #vulns #developer #devops #engineer #ops #fedi #philosophy
@gyptazy
Except that we write software primarily to solve human problems: to build a building, manage money, buy or sell goods. What does AI know about real human problems, not in the past, but now and in the future? How can we guarantee that the code we write follows our needs and respects the law?
And if AI messes up, who is responsible? Because when global, massive, automated systems mess up, they mess up badly.
This is your official notice that we'll be making a major security release for Sharkey on the 20th of May, 2026, between
2026-05-20T13:00:00.000Z
and
2026-05-20T15:00:00.000Z
. Prepare to update immediately upon release. If you are unable to update your instance at the given time, take it offline before the release.
I see 1Password is stepping on the rake again.
The brain geniuses securing your passwords just squirted out this statement: "We applied agentic tooling to a multi-million-line Go monolith."
Ok first, how in the everloving fuck did you allow a *password manager* to reach *multiple millions of lines*??
Welp, I warned about 1P's self-immolation in 2023 and posted a migration guide. You're welcome.
DO NOT reply telling me what manager you're using instead. I don't care.
| Hundmädchen : | 6 |
| Hundchenmädchen: | 11 |
| Puppygirl: | 16 |
| Etwas anderes (bitte schreiben!): | 11 |
| Ich habe keine Ahnung: | 2 |
| I don't speak German but feel compelled to vote in your poll : | 8 |
Closed
Testers Assemble!: Plasma 6.7 Beta 1 has been released!
The first version for software testers is now available and should be hitting the "unstable" repos of your distros in the next hours/days.
https://kde.org/announcements/plasma/6/6.6.90/
Remember to try out everything you can and, when you hit a bug, send your report to
---
WARNING: This is unstable untested software! Do not deploy in production or if you are not sure of what you are doing.
absolutely fucking nothing to do in college today so the ENTIRE campus is sitting together watching Wallace and gromit on a giant screen
In 2018, the Wi-Fi Alliance introduced a simplified numeric naming scheme, citing confusion around the use of seemingly unrelated letters in their version numbering [12]. In 2020, the Alliance announced Wi-Fi 6E, using the letter "E" to descri
Anya
[it, they, she, your favourite neopronouns] » 🌐
@anya@shrimp.acute.cat
@thermia best i can do is 480p
@ari@fedi.arimelody.space horrible trade deal
@thermia my apologies. i will have our bitrate engineer executed immediately.
when the hacker gains access to my system and it's some eldritch horror system
Glorpi10
-
[It/Its (3rd person prefered)] » 🌐
@Grat10@social.grat.gay
Oh hey unit baps your antenna [boingoing boing boingg]
#Forgejo 15.0.2 and 11.0.14 were just released! They are security releases.
We recommend that all installations are upgraded to the latest version as soon as possible.
Check out the release notes and download it at https://forgejo.org/releases/. If you experience any issues with this release, please report to https://codeberg.org/forgejo/forgejo/issues.
@forgejo I noticed the binary releases have been removed from https://codeberg.org/forgejo/forgejo/releases/tag/v15.0.2 - Is there something wrong with them? Will they come back?
You say you run on "Sovereign Infrastructure" and yet you're using an American Megatrends UEFI instead of our free and opensource fork called European UEFInion
rip to gitlab, who have decided to destroy their entire business for no reason https://about.gitlab.com/blog/gitlab-act-2/
@jacqueline to be honest, if you throw out all the AI marketing speech away, it's not even that bad of a plan. They're:
1. 10x-ing their infrastructure
2. Keeping engineering teams small and end-to-end responsible
3. Adding new APIs to explore the codebase
4. Improving authentication infrastructure
I feel like there was an engineer behind that plan who was like, "yeah you can throw in agentic AI bullshit, but I'm building for humans"
@Igigog @jacqueline yeah sure. To me this reads like everyone who isn't fine with vibe coding is expected to leave the company with dignity now
We do expect daily use of AI by every individual in the company and we are launching AI acceleration programs to support every role as part of our transformation.