ldd /usr/lib/git-core/git-remote-https
?
ldd /usr/lib/git-core/git-remote-https
?
I like btdu which is essentially ncdu, but works in a way that is useful even if advanced btrfs features (CoW, compression etc.) are used.
I am afraid you are still a bit misled; WireGuard is exactly what they use for the demo video. In general the underlying protocol does not matter, since the vulnerability is about telling the system to direct the packages to the attacker, completely bypassing the VPN.
I can personally say that I got super excited by the new release from the Ori devs at first, though later became disinterested because the game is so different. The Ori games weren’t obscure by any means, so I am not surprised other people got excited too.
I really need to try out Mercury one day. When we did a project in Prolog at uni, it felt cool, but also incredibly dynamic in a bad way. There were a few times when we misspelled some clause, which normally would be an error, but in our case it just meant falsehood. We then spent waaay to much time searching for these. I can’t help but think that Mercury would be as fun as Prolog, but less annoying.
I actually use from time to time the Bower email client, which is written in Mercury.
My understanding is that all issues are patched in the mentioned releases, the config flag is not needed for that.
The config flag has been added because supporting clients with different endianness is undertested and most people will never use it. So if it is going to generate vulnerabilities, it makes sense to be able to disable it easily, and to disable it by default on next major release. Indeed XWayland had it disabled by default already, so only the fourth issue (ProcRenderAddGlyphs
) is relevant there if that default is not changed.
Ultimately you can configure these however you want. On my 5600X, I easily got one full execution of scrypt to last 34.6 seconds (--logN 27 -r 1 -p 1
in the example CLI), and one full execution of bcrypt to last 47.5 seconds (rounds=20
and the bcrypt
Python library).
This kind of configuration (ok, not this long, but definitely around 1 second per execution) is very common in things like password managers or full disk encryption.
I’m betting there’s probably something that generates the key from a vastly smaller player input, i.e what gameobjects you interacted with, in what order, or what did you press/place somwhere. But that also means that the entropy is probably in the bruteforcable range, and once you find the function that decrypts the secrets, it should be pretty easy to find the function that generates the key, and the inputs it takes.
When handling passwords, it is standard practice to use an intentionally costly (in CPU, memory, or both) algorithm to derive the encryption key from the password. Maybe the dev can reuse this? The resulting delay could easily be masked with some animation.
I got curious and decided to check this out. This value was set to the current one in 2009: https://github.com/torvalds/linux/commit/341c87bf346f57748230628c5ad6ee69219250e8 The reasoning makes sense, but I guess is not really relevant to our situation, and according to the newest version of the comment 2^16 is not a hard limit anymore.
Regarding /etc/skel
being an empty directory, note that it is one of the few places outside /home
where you can actually expect hidden files :) On my Arch it contains Bash dotfiles, for example.
Have you tried etckeeper? I haven’t, but it’s supposed to be an improvement over just using git in this usecase.
Interesting. I looked this up and I think that in Poland, the wait time in let’s say Warsaw peaked at like 2 months during pandemic, but is around 2 weeks now.
Many people living in big cities will have their exams in smaller WORDs anyway, as the pass rates tend to be higher there (not a surprise, less traffic means an easier exam). Apparently in some WORDs you can even get a new attempt the same day after failing one.
In Poland:
I really love watching ARAMSE and Brian Quan, they have a lot of knowledge about coffee and are very entertaining at the same time.
I also enjoy watching The Real Sprometheus. He is more focused on espresso hardware, which is a topic that doesn’t really interest me that much, but I still find his videos interesting.
Phoenotopia: Awakening – an amazing metroidvania-related game. Relatively more popular than the other games I list, but is honestly one of my favorite games of all time.
Vision: Soft Reset – a metroidvania, but you can travel backwards and forwards in time and this really matters for gameplay.
Bombe – Minesweeper, but instead of solving the puzzles manually, you create rules (“if there is a cell with the number N and there are N empty cells around it, mark them all as mines”) which the game applies automatically.
SOLAS 128 – a puzzle game where you redirect signals in a huge machine, just a great experience if you like puzzle games.
As a data point, I have a Green Cell battery in my X220. I have bought the battery on July 24, 2022 and I have been using my X220 regularly but lightly. The battery was marketed as 6600 mAh at 10.8 V. As of writing, the OS reports design capacity of 73.26 Wh and current capacity of 60.6 Wh:
POWER_SUPPLY_NAME=BAT0
POWER_SUPPLY_TYPE=Battery
POWER_SUPPLY_STATUS=Discharging
POWER_SUPPLY_PRESENT=1
POWER_SUPPLY_TECHNOLOGY=Li-ion
POWER_SUPPLY_CYCLE_COUNT=0
POWER_SUPPLY_VOLTAGE_MIN_DESIGN=11100000
POWER_SUPPLY_VOLTAGE_NOW=11783000
POWER_SUPPLY_POWER_NOW=28726000
POWER_SUPPLY_ENERGY_FULL_DESIGN=73260000
POWER_SUPPLY_ENERGY_FULL=60600000
POWER_SUPPLY_ENERGY_NOW=54960000
POWER_SUPPLY_CAPACITY=90
POWER_SUPPLY_CAPACITY_LEVEL=Normal
POWER_SUPPLY_MODEL_NAME=45N1023
POWER_SUPPLY_MANUFACTURER=SANYO
POWER_SUPPLY_SERIAL_NUMBER= 9001
The bootloader is stored unencrypted on your disk. Therefore it is trivial to modify, the other person just needs to power down your PC, take the hard drive out, mount it on their own PC and modify stuff. This is the Evil Maid attack the other person talked about.
If I understand correctly, the study looked at people over time, so what is investigated is the behavior of mentally healthy people and what happens to them in the future.
It’s still not perfect, since they used a date of diagnosis as a proxy for people becoming depressed. This is actually mentioned as one of the limitations in the study (in the second to last paragraph of the Discussion section).
I am no cryptographer, but I understand that in the SSH protocol, the keys are only used for signing anyway: that is, the user is authenticated by saying “I want to authenticate with some key, and here’s some data signed by this key”, and this is completely separate to encryption. It also seems that GitHub encourages using separate keys for commit signing and general SSH access, which might alleviate some of the ickyness.
You are really not wrong though, I feel like people only started using SSH for this because it kinda worked and they already have been familiar with it.
That command will produce a list of (dynamic) libraries that are being used by that helper. It will look somewhat like this (this is copied from my Arch instalation):
It might be a good idea actually to try running this both when it works and when it doesn’t, maybe there is some difference?