@kbal@fedia.io avatar

kbal

@[email protected]

I'd appreciate it if everyone could just stop burning fossil fuels, please. Thank you for your cooperation.

This profile is from a federated server and may be incomplete. View on remote instance

@kbal@fedia.io avatar kbal , to Showerthoughts French

The main reason not to drive in the snow is the way other people drive in the snow.

SaveTheTuaHawk ,

Heavy cars slide sooner and longer.

Ajen ,

It doesn't really make a difference which wheels are driven seeing as the truck was braking, not accelerating. And having all of the weight in the front makes sense if the bed is actually used for hauling stuff.

@kbal@fedia.io avatar kbal , to Showerthoughts

In terms of popular baby names, how long before "Rudolph" makes a comeback?

CodingCarpenter ,

Anyone who reads the Dresden files would never...

Adderbox76 ,

Probably around the same time that Adolph makes a comeback.

@kbal@fedia.io avatar kbal , to Rust

estimated audit backlog: 67560 lines

I started learning rust. Worried about trusting all the various code that gets pulled in from the interwebs to compile the first example project in the book (which depends only on "rand" to get random numbers, which requires 8 different libraries), I installed "cargo vet" so that I'd at least know about it if I accidentally added things that haven't been vetted by anyone at all.

Doing this installed a further 200 crates, with no indication as to whether they have themselves been vetted by anyone or not, and tells me that half the ones I already had just from adding "rand" have not been vetted by anyone.

Anyway, I'm learning rust.

BB_C ,

less likely to be insecure

Evidenced by?

requires reviewing all source code

This is exactly the la-la-land view of what distributors do I was dispelling with facts and reality checks. No one is reviewing all source code of anything, except for cases where a distro developer and an upstream member are the same person. And even then, this may not be the case depending on the upstream project, its size, and the distro developer's role within that project.

to make sure it meets interoperability

Doesn't mean anything other than "it builds" and "API is not broken" (e.g. withing the same .so version), and "seems to work".

These considerations happen to hardly exist with the good tooling provided by cargo.

and open-source standards.

Doesn't mean anything outside of licensing (for code and assets), and "seems to work".

Your argument that crates.io is a known organization therefore we should trust the packages distributed is undermined by your acknowledgement that crates.io does not produce any code. Instead we are relying on the individual crate developers, who can be as anonymous as they want.

Largely correct. But that was me comparing middle-man vs. middle-man. That is if crates.io operators can be described as middle-men, since their responsibilities (and consequently, attack vectors) are much smaller.

Barring organizational attacks from within, with crates.io, you have one presumably competent/knowledgable, possibly anonymous, source, and operators that don't do much. With a binary distro, you have that, AND another "middle-man" source, possibly anonymous, and with competence and applicable knowledge <= upstream (charitable), yet put in a position to decide what to do with what upstream provides, or rather, provided.. X years ago, if we are talking about the claimed "stable" release channel.

The middle man pulls sources from places like crates.io anyway. So applying trivial "logic"/"maths", it can't be "better", in the context being discussed.

Software doesn't get depended on out of thin air. You are either first in line directly depending on a library, and thus you would naturally at least make the minimum effort to make sure it's minimally "fit for purpose". Or you are an indirect dependant, and thus looking at your direct dependencies, and maybe "trusting" them with the "trickle down".

More processes, especially automated ones, are always welcome to help catch "stuff" early. But it is no surprise that the "success stories" concern crates with fat ZERO dependants.

Processes that help dependants share their knowledge about their dependencies (a la cargo vet) are unquestionably good additions. They sure trump the dogmatic blind faith in distros doing something they simply don't have the knowledge or resources to do, or the slightly less dogmatic faith in some library being "trustable" if packaged by X or XX distros, assuming at least someone knowledgable/competent must have given a thorough look (this has a rough equivalent in the number of dependants anyway).

This is all obvious, and doesn't take much thought from anyone active from the inside (upstreams or distros), instead of the surface "knowledge" that leaks, and possibly gets manipulated, in route to the outside.

jasory ,

You're correct in your assessment of the worst-case of distro maintainers, however many distro developers/maintainers do contribute to the upstream ( Debian policy explicitly encourages it, I only speak for Debian because that's the only project I've worked in) and do vet and understand the software.

"It can't be better". Except distro maintainers can block it from being included if they find errors. As noted above they also often file pull requests against the upstream. This happens a fair amount actually.

@kbal@fedia.io avatar kbal , to Wikipedia
Plum Mod ,
@Plum@lemmy.world avatar

Butter.

Taco2112 ,

Butter is a gel.

It makes sense but I’ve never thought about it before.

@kbal@fedia.io avatar kbal , to Fuck Cars

Hard times for the Canadian auto sector, so they say.

When things are unsustainable they cannot be sustained forever. The share of our economic activity that's been devoted to building cars, digging up the materials to build cars, selling cars, financing cars, building roads, maintaining roads, maintaining cars, driving cars, repairing cars, insuring cars, recycling cars, fuelling cars, and sitting in traffic jams breathing exhaust fumes has been increasingly excessive for the past 60 years.

Doug Ford says that since it's been going on for so long, it will go on forever. He is wrong.

@kbal@fedia.io avatar kbal , to Showerthoughts

Tune up. Drop in. Turn on.

godfish ,

Tune in. Freak out. Get beaten.

Bonus , (edited )
@Bonus@fedia.io avatar
@kbal@fedia.io avatar kbal , to Skyrim Mods

In my continuing mission to play every big quest mod in Skyrim I'm doing Maids II: Deception.

I was thinking I'd finish it this weekend but I've just glanced at this wiki and the long list of locations I haven't seen yet suggests I'm not even half way to the end. It's already surprised me at least twice previously by being way more ambitious than it looked at first. Sometimes the narrative style reminds me of Vicn's big mods, other times there is a fair bit of weird "maid" stuff going on. 79 voice actors, 13000 lines of dialogue. For me it's one of those idiosyncratic creations that takes some effort to understand the conventions and ideas its author wants the player to accept. So far it's been quite something. I don't know why it took me so long to get around to trying it.

https://breezewiki.com/tes-mods/wiki/Maids_II:_Deception

kbal OP ,
@kbal@fedia.io avatar

Five weeks and forty hours of Skyrim later, I got to the end of Maids II: Deception.

It starts off slow, but once it gets going it's really good. Not as polished and cohesive as the original game's main quest, but just as big and for the most part really good writing. I found myself actually caring about some of the characters, the voice acting was great, and there's some really impressive quest and level design. Many surprisingly cool things to discover in there. It does get pretty confusing at some points — deliberately so. Things are revealed only gradually in the course of a long and complicated plot line.

I'll probably do it again some day, just to see what happens if I approach it differently. Maybe in a year or two.

@kbal@fedia.io avatar kbal , to Showerthoughts

Nobody I know uses the word "numptious" any more.

elephantium ,
@elephantium@lemmy.world avatar

Joke's on you, I never used that word at all.

elephantium ,
@elephantium@lemmy.world avatar

Thanks, I hate it.

@kbal@fedia.io avatar kbal , to Showerthoughts

In light of certain recent government regulations redefining "child" to mean anyone under the age of 18, I would like to propose that we should adjust other terms for people of specific ages to match this new and increasingly popular language regime:

Child: Ages 13-17
Toddler: Ages 9-12
Infant: Ages 5-8
Newborn: Age 2-4
Foetus: Under 2 years old

thermal_shock ,

A fetus is unborn, not a child at all.

Kalcifer ,
@Kalcifer@sh.itjust.works avatar

Thank you! 😊

@kbal@fedia.io avatar kbal , to Dull Men's Club

I have cut my hair. It was a little bit overdue.

rouxdoo ,
@rouxdoo@lemmy.world avatar

Covid hit right when I was due for a mop-chop and since I'm customer-facing I got a little panicky so had a really nice trimmer with guards shipped out. I haven't been to a barber since and frankly, I think I do a better job. My wife has to even out the back of my neck though.

trijste ,

I’m booked in tomorrow

@kbal@fedia.io avatar kbal , to Showerthoughts

Cyberastrology: The theory that if you know the exact network conditions at the time someone first connected to the Internet, such as ping times to the major servers of the cyberzodiac, you can predict their future.

Mothra ,
@Mothra@mander.xyz avatar

Love this showerthought

not_woody_shaw ,

Legba would like to know already knows your location.

@kbal@fedia.io avatar kbal , to Dull Men's Club

My thumb is itchy.

Rrrurboatlibad ,

Been messing with anything fiberglass lately?

kbal OP ,
@kbal@fedia.io avatar

I don't think so but I can report that whatever did cause it, it stopped after an hour or so.

@kbal@fedia.io avatar kbal , to Showerthoughts

30 years ago somebody told me their opinion about "Changes" but I didn't know what Changes was. I just remembered to look it up, and according to Wikipedia it could've been any of about 50 things.

GiantRobotTRex ,

I feel unhappy
I feel so sad
I lost the best friend
That I ever had

She was my woman
I loved her so
But it's too late now
I've let her go

I'm going through changes
I'm going through changes

We shared the years
We shared each day
In love together
We found a way

But soon the world
Had its evil way
My heart was blinded
Love went astray

I'm going through changes
I'm going through changes

It took so long
To realize
And I can still hear
Her last goodbyes

Now all my days
Are filled with tears
Wish I could go back
And change these years

I'm going through changes
I'm going through changes

GiantRobotTRex ,

I'm a fan of the Black Sabbath original but I also want to give a shout out to this incredible cover by Charles Bradley

@kbal@fedia.io avatar kbal , to Librewolf

Browsers should probably just stop sending user-agent header at all, ideally.

If anyone else was wondering why some websites and the "Alternate Player for Twitch.tv" extension stopped working in the latest Librewolf update, it's because they changed the userAgent string from Firefox to LibreWolf and way too much shitty code is confused by it looking like firefox but then not being firefox.

kbal OP ,
@kbal@fedia.io avatar

According to @librewolf it's still a problem in the current build if you have resist fingerprinting turned off.

dirtycrow ,

Browsers have gotten too complicated.

@kbal@fedia.io avatar kbal , to The Elder Scrolls

I am enjoying the Oblivion remaster except for one thing: Lockpicking. I was good at the old Oblivion lock picking. There was a clear audio cue, I have good ears I guess, and it was both easy and satisfying. Many found it impossible, but I had the gift.

In the remaster they've removed that audio cue and now there is only the visual motion of the tumblers to react to. I do not have fast eyes, only fast ears as it turns out. I am bad at the new lockpicking. Curse your laziness, anonymous Virtuos programmer who chose to take that shortcut.