Show newer

for the first time ever i've had ffmpeg fuck up creating a flac, so I had to get the official flac tools

Dusty :blahaj: boosted
Dusty :blahaj: boosted

putting a pronoun picker in your game is not only the right thing to do it makes the worst people in humanity have huge meltdowns basically for free so i can only say i recommend it highly

Dusty :blahaj: boosted

In this house, we stan a girlboss who doesn't gatekeep 🦊💻

#linux #xenia

this is a slow game with deliberately clunky controls, and playing with the controller helps with that. It gets way too easy on PC.

Show thread

let me tell you, the original wii u version of zombi is so good, it uses the fact that you need to take your eyes off the game to look at the gamepad to great effect - inventory management makes you look away from the game, letting your guard down, a zombie could sneak up on you, and there's also your map and radar on there

Dusty :blahaj: boosted

It's like the opposite of the "when all you have is a hammer, everything looks like a nail" problem.

We've invented a few hammers that are just too good at doing everything, so we no longer need screwdrivers or drills or table saws.

So the toolbox got smaller and more boring. It's mostly just the same few tools over and over again.

Show thread

hey look i published some analysis of an adware downloader from 2018 that's part of a network that's still active today - and the domain names are very funny

Show thread

i really need to start publishing my malware analysis on my site or something, it's hard to convince people that I can be trusted with access to tools without any proof that I would use it for intended purposes...

Dusty :blahaj: boosted
Here is a hopefully-useful notice about Linux kernel security issues, as it seems like this knowledge isn't distributed very widely based on the number of emails I get on a weekly basis:

- The kernel security team does not have any "early notice"
announcement list for security fixes for anyone, as that would only
make things more insecure for everyone.

- The kernel community does not assign CVEs, nor do we deal with them
at all. This is documented in the kernel's security policy, yet we
still have a number of people asking for CVE numbers even after
reading that policy. See my longer "CVEs are dead..." talk for full
details about how the CVE process is broken for projects like Linux:

- You HAVE to take all of the stable/LTS releases in order to have a
secure and stable system. If you attempt to cherry-pick random
patches you will NOT fix all of the known, and unknown, problems,
but rather you will end up with a potentially more insecure system,
and one that contains known bugs. Reliance on an "enterprise"
distribution to provide this for your systems is up to you, discuss
it with them as to how they achieve this result as this is what you
are paying for. If you aren't paying for it, just use Debian, they
know what they are doing and track the stable kernels and have a
larger installed base than any other Linux distro. For embedded,
use Yocto, they track the stable releases, or keep your own
buildroot-based system up to date with the new releases.

- Test all stable/LTS releases on your workload and hardware before
putting the kernel into "production" as everyone runs a different %
of the kernel source code from everyone else (servers run about
1.5mil lines of code, embedded runs about 3.5mil lines of code, your
mileage will vary). If you can't test releases before moving them
into production, you might want to solve that problem first.

- A fix for a known bug is better than the potential of a fix causing a
future problem as future problems, when found, will be fixed then.

I think I need to give another talk about this issue to go into the above in more detail. So much for me giving a technical talk at Kernel Recipes this year...
Dusty :blahaj: boosted

i just got the best pop up I've ever received on a website, on @stefan 's website

Dusty :blahaj: boosted

the hacker news people are NOT HAPPY that the demo video for my ffmpeg project is Richard Spencer getting punched in the face.

Richard Spencer getting punched in the face is the new Lenna!

Dusty :blahaj: boosted

I am stepping back from the #Tusky project with immediate effect.

I discovered severe lapses in how the Tusky project's donations (received via #OpenCollective) were being handled. When I reported those to the project's private "Tusky Contributors" Matrix channel the financial admins tone policed the feedback, refused to engage with the concerns I and others raised, and demanded the discussion be stopped.

There is too much detail for a thread, so please read

Dusty :blahaj: boosted

Hot take: packaging open source software is actual work (and is sometimes what we demurely call 'non-trivial' in this field). I say this as a sysadmin who has sometimes had to deal with the results of not packaging software and then not keeping up with the state of the software we didn't package but installed anyway.

(Sure, sometimes you get lucky and the packaging instructions are easy to write (Debian rules, RPM specfiles, whatever Arch uses, etc). And sometimes they aren't.)

Dusty :blahaj: boosted
Dusty :blahaj: boosted

This is nice to see..

A student can't afford to pay the $8 per month for #Obsidian sync, so builds a #FOSS alternative. Then posts to HN and says "I probably violate ToS, so will take down the repo if asked".

Then the Obsidian CEO replies. Explains they aren't VC-funded and the $8 bucks subscription keeps the light on. Applauds the work of the student, points to other open ways that content sync can be handled and gives advice "if you rename, there's no ToS problem". 👍

Dusty :blahaj: boosted


Commissioned this from SYLKYS0F7 on twitter and gosh I just love being a big fat kitty 🐱💜✨

Dusty :blahaj: boosted

This is possibly the dumbest thing that has ever been on the main page of English Wikipedia but it makes me laugh every time I remember it (from April Fools Day 2005)

Dusty :blahaj: boosted

i submitted a false positive to microsoft and they just classified it as a different virus 💀

Show older
Fuzzy Systems Masto

Instance run by a non-profit association, with a mission to encourage an open internet, welcoming to everyone.