[ home / rules / faq / search ] [ overboard / sfw / alt ] [ leftypol / edu / labor / siberia / lgbt / latam / hobby / tech / games / anime / music / draw / AKM ] [ meta ] [ wiki / shop / tv / tiktok / twitter / patreon ] [ GET / ref / marx / booru ]

/tech/ - Technology

"Technology reveals the active relation of man to nature" - Karl Marx
Name
Options
Subject
Comment
Flag
File
Embed
Password(For file deletion.)
What is 6 - 2?

Not reporting is bourgeois

| Catalog | Home
|

File: 1756309952917-0.png (323.89 KB, 677x453, ClipboardImage.png)

File: 1756309952918-1.png (405.14 KB, 1100x688, ClipboardImage.png)

 

How do you go about choosing variable names?
To me this seems to be the atom of abstraction.
So there should be a lot to talk about if we can overcome the scale.

Was recently reading some about DDD [^1] the basic idea being as follows:
- Use ubiquitous language: the language used in the business domain, in coordination with experts
- Divide the language into contexts which assign a unique meaning to each word.
Typically this means division into microservices or separate programs, but it might work okay with modular monoliths.

At a more basic level there is the division of variable names grammatically. [^2]
- transitive verb with direct object: function
- linking verb with predicative adjective: predicate
- transitive verb: method

- singular noun-phrase: non-boolean datum
Post too long. Click here to view the full text.
17 posts omitted.

>>30996
Think found an example of functional core, imperative shell in my ~/Software directory, metainfo.py in my torrent client.
Basically this object which maintains the overall state of the torrent (excluding the message handlers) is initialized by a set of twelve static method calls.
However, theoretically the object could be recreated every time its state would otherwise need to change and it could be frozen.

It still reads from disk and the network which means that it's not easily tested.
Wonder how the network and filesystem aware parts of the protocol could be implemented in such a way as to separate out the actual IO?
For example how do you test that a piece is properly received without performing the IO to write and receive a piece when there's state to be maintained for the connection etc.?
Should think some about a sans-io [^1] torrent client guess.

:[^1] https://sans-io.readthedocs.io/how-to-sans-io.html#how-to-write-i-o-free-protocol-implementations

>>31045
For reals, when you deconstruct a list, are the names
- h t (head, tail)
- a d (car, cdr)
- v vs (or a as, x xs, etc.)
or something else?

>>31053
Think prefer "x : xs" of these even though it's less descriptive than the other two (what is "x"?), it generalizes to arbitrary collections, and iterators better, and when used generically allows for more description, for example "for file in files".

>>31053
Looking at my imageboard arsvia's code it seems like there's room to pull validation logic into the data model and to factor out this functionality into static methods for testability. This could be done using SQLAlchemy validators [^1] or custom initializers.

:[^1] https://docs.sqlalchemy.org/en/20/orm/mapped_attributes.html#simple-validators

>>31056
>pull validation logic into the data model and to factor out this functionality into static methods for testability
This is actually really cool to me! Arsvia could have the service layer virtually deleted. The entire program can be written as rendering and object initialization/mutation with static IO free methods handling the bulk of init. There's probably some errors in the attached image, but the idea was applied to a scratch buffer with the image object. The init method acts as a imperative shell for the functional core of the static private methods.

>>31057
Obviously the stupid calls to the validation logic in __get_mime should be validators for the size and mime.



File: 1756188552063.png (323.68 KB, 1063x358, ClipboardImage.png)

 

First they made AOSP private, now they won't even let you install your own apps. Is this the end of Android?

https://arstechnica.com/gadgets/2025/08/google-will-block-sideloading-of-unverified-android-apps-starting-next-year/
4 posts omitted.

>>30981
if f-droid is using their own set of keys to sign your app, then google would have to revoke them explicitly through TOS violation, they can't technically enforce this policy as stated, I imagine they're just going to stop execution of unsigned apps through safety net, sort of how iOS does it

>>30980
>>30981
Google can require F-droid to take down apps they don't like (i.e. alternative front ends, adblockers, etc)

Linux phones need investment, so, thanks Google.

like this wont get broken in like a week lol

>>30979
>no excuses not to switch to a pinephone
^ not a serious person

it's also the exact same thing apple did and the eu outlawed it so they allowed side-loading again,so I assume even if it does happen the european parliament will say the playstore is a "monopoly" (consumer rights is the only good thing about the EU tbh)



 

Hi friends,

I joined this community because leftism seems to be categorically anti-harm. In other words, it was the most wholesome board I could find.

Are you aware of any image board sites that do not host pornography, nazi-stuff, and other pernicious, obnoxious, sinister things? Examples include philosophy, book reviews, hobbies, and so on. I am most interested in philosophy.

May you be well and happy, fellow internet user.
12 posts omitted.

>leftism seems to be categorically anti-harm
Uhhh… there’s lots of pernicious obnoxious stuff on here.

>>30950
Excuse me I want to know too because from what search engines found it means either anti-harassment or countering an AGM-88 HARM

>>30948
>categorically anti-harm
lol philosophytards

>categorically anti-harm
"There's never any excuse to be mean" wot if theyre bourgeois tho?

>>31046
Wonder if you could have this but for the ingroup only. Sounds kinda terrible, but there could be coordination among just the people who accept the terms.



File: 1755139966457.png (8.38 KB, 389x129, ClipboardImage.png)

 

The other thread hit bump limit and I'm addicted to talking about the birth of the ̶a̶l̶l̶-̶k̶n̶o̶w̶i̶n̶g̶ ̶c̶o̶m̶p̶u̶t̶e̶r̶ ̶g̶o̶d̶ the biggest financial bubble in history and the coming jobless eschaton, post your AI news here

Previous thread: >>27559
119 posts and 11 image replies omitted.


>>31041
We've got a thread on that too
>>16322
Enjoy!

>>31038
>muh china will make AI because they communist woowwww and america stinky capitalist ewwww

>>31021
>>31023

So….your argument is that instead of legitimate, practical benefits that come from what we have now and will continue to grow, if implemented correctly, the only "real" AI is magical fairy dust and that somehow any implementations that reach that level just don't count, because a bunch of people with vested interest marked that as the aspirational goal? That seems a bit like shitting on the concept of a space program because we're all not living in orbital ring stations across the solar system and on our way to building a Dyson sphere around the sun.
>When people, but particularly stakeholders, think of AI, they aren't really thinking of computer vision to help robot butlers navigate tables better, but the final solution that will solve the struggle between workers and capital holders, that is, the machine god that has grown so vast and enormous it's able to do every job ever.
I just don't think that most stakeholders, especially investors across the market or some other business deciding if they're going integrate AI with their business plan,l are thinking about this. They're thinking about how they won't need to hire Amazon Mechanical Turk workers in order to sort things because a LLM + OCR can do it. T They're thinking that they can avoid hiring a (probably offshored, and limited to reading off a decision tree which often has humans acting more and more like chatbots, than the other way around) low level customer service dept if they can get a performant model and bidirectional voice features to do the same thing. Those who are running "AI development and/or trying to sell AI service" companies, like so-called OpenAI, are going to wax poetic about AI solving all the problems so they keep getting investment to expand their platform, but pretty much everyone else is looking for what can be done with the technology in a practical manner. That's the crux of a lot of capitalism's problems after all, right? Planning for short term and direct ROI to the exclusion of other factors; why would it be any different here? This is not to say that every institution or individual interested in AI must fall into this category (there are many that do not, from individuals to university research departments aPost too long. Click here to view the full text.

>>31047
They didn't seem to be saying anything approximate to that.



File: 1751762900436.png (3.11 KB, 225x225, images.png)

 

>WireGuard
Written in C, so no.
>OpenVPN
Insecure (and written in C).
>Tailscore
Proprietary trash. Again, written in a lower level language.

When the fuck will somebody use Python to script a VPN protocol out of for a full tunnel client w/ access to iptables w/ default setting at "strict"? Plus run it on custom STUN servers, uses 10.8.0.53 instead of 8.8.8.8 (Google)/1.1.1.1 Cloudflare)/9.9.9.9 (Quad9) and blocks any connections to them for a fine-grained DNS control, and fully self-hosted w/ local only control. Everything else is too insecure. Oh, and also
>Tailscale leverages Google's OAuth2 for user authentication, allowing users to log in to Tailscale using their Google accounts
Lmao. The absolute state.
10 posts omitted.

>Written in C, so no.

This is what happens when people learn programming from internet memes instead of reading a book.

>written in a lower level language.
You want a VPN implemented through minecraft redstone? Lua?
I assumed your qualm with C was it wasn't rust / some other memory safe thing, now I have no idea your intent.

Anyone in this thread who thinks C to be inherently insecure should look at the security record of qmail, which is unmatched in the recent history of software engineering.

>>30455
Nobody tell him what the Python interpreter is written in.

Both Wireguard and OpenVPN are just protocols. What you're looking for is alternative implementations, OP.
There are user-space implementations of both protocols in languages like Rust, Go, or some other niche meme language you may worship. If you're persistent enough, there are probably some microkernel-based operating systems which can let you use these alternative implementations as low-level components of the OS - on par with original, C-based implementations.
I have to warn you though, that most original implementations of VPN protocols use C language for very good reasons:

1. Building a high-performance VPN daemon in user-space is an absolute pain in the ass on contemporary operating systems
2. Integrating higher-level languages into kernel code is pure fucking pain. The only operating system that does this correctly is NetBSD (as far as I'm aware) with their Lua modules.
3. If you're building a kernel module that's pretty much just a wrapper over a cryptographic protocol - memory safety isn't even your first concern. One of many reasons why you shouldn't roll out your own crypto, is that implementing cryptographic protocols in a way that's not susceptible to timing side channel attacks is absurdly difficult. In case of higher-level languages whose compilers/interpreters may introduce automatically generated optimizations for the resulting code - you can't really predict whether your program is going to contain timing side channels or not. Some langauges provide special constructs to explicitly allow secure cryptographic code to be written, but in most cases - it's safe to say we have far more experience with writing correct crypto code in C than in, let's say, Python.



File: 1750530833794.jpg (26.61 KB, 267x400, 1439096-2352438739.jpg)

 

Microsoft is the CIA. Pretty much all US big tech is. Windows is a global CIA mass surveillance program via monopoly capitalism. It’s completely impossible to make Windows secure, there’s no secret registry switch. The entire thing is compromised top to bottom, and under no circumstances should anyone consent to its use. Closed source spyware monopolies are a weapon of war against us by the bourgeois state.

Open source operating systems are software communism. If we’re not willing to build and use existing forms of technological sovereignty and anti-capitalism, then we’re probably not willing to do any other forms of communism either. I hate the “No ethical consumption under capitalism” mantra. How do we expect to get out of capitalism without building alternatives? I think a lot of leftists hope a revolution will happen then just magically replace all the corrupt and bourgeois components of consumerism, using the same uninvolved passive mechanisms.

Do we really believe a windows update will just drop after some election that restores our rights, trust, openness, privacy and dignity? It must be built and owned by the people.
34 posts and 5 image replies omitted.

>>30802
Your grandma could use Linux at this point.

Does the government actually spy on people via some secret backdoor in Windows? Do they even need to? They could just subpoena your ISP/VPN provider or come into your house and search your hard drive, what operating system you use isn't really that important, the more important consideration is whether or not you encrypted your files and you can do that on any OS.

>>30865
That is in large part the problem.
If you're doing something an idiot could do, Linux is fine. If you're doing server admin, Linux is fine. If you're an end user who likes to tinker a bit but using a graphical interface, you can get fucked - either give up and use the computer like granny, or learn the inane conventions of the unix-world's CLI.
Lesson 1: Everything is a file (and that file is fuckyou.txt)

>>30866
Even pretty old versions of Windows contained a thing called "_NSAKEY".
>https://en.wikipedia.org/wiki/NSAKEY
Another point is that modern versions of Windows contain Cortana, M$ Recall and Copilot. There AI agents can read your whole screen and (for example) they can be used to flag you as a person of interest.

>They could just subpoena your ISP/VPN provider or come into your house and search your hard drive,

That's true.

>what operating system you use isn't really that important

Yes it is, since there are other threats, too, because proprietary software usually also send analytics data to ad companies. And how exactly you can be sure what your proprietary operating system does in the background? You don't have any way to confirm it. This issue also affects file/disk encryption methods. I would never trust BitLocker.

>>30843
Labubuntu



File: 1752600034757.png (516.82 KB, 720x934, GooglepheneOS.png)

 

GrapheneOS cannot be fully trusted because it runs on Google's proprietary hardware stack, which remains a critical vulnerability. While GrapheneOS markets itself as a privacy-focused alternative, its security is undermined by the fact that it operates on devices like Google's Pixel smartphones—hardware designed and controlled entirely by Google. Unlike other OEMs, Google does not merely integrate off-the-shelf components; it designs its own processors (e.g., Tensor chips) and develops the closed-source firmware and software that power them. Other manufacturers receive binary blobs from chipmakers, which they cannot modify, but Google retains unilateral authority to embed hidden functionalities or surveillance mechanisms directly into the hardware-software ecosystem.

This means Google could inject malicious code into the processor’s firmware—code that operates independently of Android (and thus independently of GrapheneOS itself). Such malware would run at the hardware level, bypassing the operating system entirely and evading detection. If Google exploits this capability in its proprietary GApps, the same logic applies to the foundational software controlling its processors. Since GrapheneOS cannot audit or modify these closed-source components, users are left exposed to potential backdoors.

If you trust GrapheneOS on Pixel devices, you must also trust Google’s closed-source hardware stack—the very same infrastructure that could enable pervasive surveillance. In that case, there is no meaningful distinction between GrapheneOS and stock Android; both rely on Google’s opaque technology. Conversely, if you reject GApps and Google’s data harvesting, you cannot reconcile that distrust with reliance on Google’s hardware. To truly deGoogle, you must abandon devices where the manufacturer controls the silicon itself.
66 posts and 15 image replies omitted.

>>30907
Why not a pinephone
>uber
Don't they have a browser webapp?

>>30905
>massive anti-GOS shilling

Where? Go to Reddit, Youtube or any mainstream plattform, the, are all pro Gos. Mainstream media is promoting and advertising Gos on a massive scale: "These phones are so secure, police can't break them!"

I have to own a smartphone for my job and the software my company uses is only on IOS, therefore I must own an iPhone to continue being employed. I have already lost my right to choose which devices or software I will or won't use in my work life, does it really make any difference if I take some principled stand against proprietary software during my free hours? Is everybody in the world supposed to quit their jobs if their jobs force them to use proprietary software?

kinda seems like a privacy oriented OS on your voluntary government sponsored wiretipe is not a thing

There are issues with GrapheneOS worth discussion, but most of what someone seems to be posting in this thread is very badly misinformed.

Pixels, like the Nexus before them, were the "developer focused" phone that got AOSP and similar development for it primarily, instead of contesting with whatever bullshit Samsung wanted to drop atop it, or how Samsung or Verizon decided to stop updating your OS or firmware in a year or two etc.
>Pixel hardware
Pixel hardware is exactly as proprietary as the rest of mobile hardware. Do you think that a Qualcomm Snapdragon chip is magically FOSS top to bottom? Hell, most Tensor chips were basically Samsung Exynos which again were certain proprietary bits. Like all other phone SoC, there are licensed bits and proprietary hardware elements, as well as closed baseband firmware and the use of binary blobs etc. This is common with just about any device. Do I wish it was different? Absolutely and we should leverage Google, Qualcomm and others into shipping more open hardware if possible, but there's nothing magically more locked down or suspicious with the Pixel line vs other manufacturers.
>but uh what if its compromised, i don't have any evidence it is but if it was it could be reading everything and saving everything etc
There's literally more evidence that Chinese made smartphones from their major companies have vacuumed up tons of data vs those from other brands, yet you're worried about a hypothetical like this? There's more evidence for and wider hypothetical potential for a lot of the chinese devices using chinese chips made in chinese factories etc.

These are issues with GrapheneOS and Pixel that are worth critiquing fairly, but nothing like what is being discussed here.



 

Thread for questions that don't deserve their own thread.
I wanna buy some headphones to go outside i don't want to spend more than 100€ on them. I want them to be mostly durable and secondly to have good sound quality, also i don't want to look like a jackass while wearing them, any suggestions?
509 posts and 66 image replies omitted.

Does anyone have recommendations for learning threat modelling that's not corporate nonsense and not limited to cloud microservices and other web applications?

>>30698
Start with
https://www.schneier.com/
You'll have to dig through the archives a bit since he's gotten distracted by the new shiny toy, but it is all there

>>29869
I would choose Creative Commons Attribution-NonCommercial-ShareAlike.
https://creativecommons.org/licenses/by-nc-sa/4.0/

Need a new phone, I hate all the os that come preinstalled and just want lineage. Is the oneplus 9 pro still a good option for a few years or do i go with oneplus 11? 11 seems more expensive for less gain.

I'm looking for an old imageboard script that has two colors to the left of every reply, one for the post and one for reference. Is anyone aware of what this is? Just remember an esoteric screenshot from ages ago.



File: 1728030622672.jpg (105 KB, 820x1024, 53y3soh1e3981.jpg)

 

(Copypasted from a previous 4chin /g/ thread as a foundation to making these generals on leftypol)
Users of all levels are welcome to ask questions about GNU/Linux and share their experiences.

* Please be civil, notice the "Friendly" in every Friendly GNU/Linux Thread *

Before asking for help, please check our list of resources.

If you would like to try out GNU/Linux you can do one of the following:
0) Install a GNU/Linux distribution of your choice in a Virtual Machine.
1) Use a live image and to boot directly into the GNU/Linux distribution without installing anything.
2) Dual boot the GNU/Linux distribution of your choice along with Windows or macOS.
3) Go balls deep and replace everything with GNU/Linux.

Resources: Please spend at least a minute to check a web search engine with your question.
*Many free software projects have active mailing lists.
Post too long. Click here to view the full text.
188 posts and 17 image replies omitted.

>>30708
BSD Init has startup and shutdown scripts, which are kind of like the scripts runit uses to emulate sysv runlevels. Otherwise runit uses an entirely different service supervision model than BSD, which only has sysv-style init.d (rc.d in their case) and inittab.

AUR Chaos malware: an analysis
>https://www.mh4ckt3mh4ckt1c4s.xyz/blog/aur-chaos-malware-analysis/

* There were malicious packages in Arch User Repo that installed remote access tool (RAT).
* The known malware packages are: librewolf-fix-bin, firefox-patch-bin, zen-browser-patched-bin, minecraft-cracked, ttf-ms-fonts-all, vesktop-bin-patched, ttf-all-ms-fonts.
* There might be even more malware on the AUR!
* Be sure to always review all package PKGBUILD files, even when you are updating AUR packages that were previously to be known to be good.
* I suggest using rua or yay AUR helper because they can show diff views of AUR packages.


>>26557
I would just run FreeBSD if you want to use it. You could also use Slackware but I think FreeBSD or some more mainstream GNU/Linux distro is better, since package management is painful on Slackware.

>>30936
>Be sure to always review all package PKGBUILD files, even when you are updating AUR packages that were previously to be known to be good.
If they can pull malware directly from the PKGBUILD, they might as well go all the way and pull a legit-looking source from a compromised mirror. At this point you're better off getting the upstream source and handpicking any patches you need yourself.

Given that the distro refers to many AUR packages in its wiki and those especially would be maintained by relatively trusted community members, they should have made a PKGBUILD repository with barebones vetting already. Arch retardation syndrome strikes again!

>>30936
>>30937
Having read the article, the perpetrator seems to have been discovered very much because they were an amateur. As i already mentioned, a smart attacker could have inserted the suspect code directly into the program source, which could either fork unprivileged malware, like a miner, or try to gain root privileges through an install wizard invoking sudo or any privilege escalation 0day.

>>26557
It depends on what specific features of FreeBSD you are looking for in a Linux distro.

If you want a BSD init system, the only distro I know of that uses BSD init is CRUX; Arch used to use it, being originally based on CRUX, but has long since moved to systemd. The other init systems on Linux like SysV, openrc, and runit are all totally different systems from BSD init.

If you want ZFS, you can set up OpenZFS after the fact on any Linux distro, but if you want ZFS-on-root right out of the box then FreeBSD and Ubuntu are the only OSes I know of that provide that in their installers.

If you want jails, there's not really any equivalent to that on Linux, there's containerization and things like Docker but they work in a fundamentally different way than jails.

If you want a lightweight minimal OS that adheres to KISS principles and doesn't use systemd, there is Alpine Linux, Void, Gentoo, etc.



File: 1755099358255.gif (692.79 KB, 768x256, rain.gif)

 

Is there any reason to stick with jpg/png formats over things like webp/avif. Atleast for webp software support that once was not there now is. I'm not just talking about web, but in general bulk storage also.

AVIF is a mess from a technical standpoint. designed by committee. it doesn't just store a straight up image, no no no. it splits the image up into chunks, each of which can be stored using any codec supported by the format. this is a huge hassle for the internal data model for many project, for example ffmpeg
WebP is OK, but getting support for it everywhere seems to be slow going. I'm not convinced it's sufficiently better than cjpeg to justify widespread use. JPEG itself has many features that improve its compression that no one uses for some reason. like pyramidal coding

>>30836
to elaborate on this:
https://calendar.perfplanet.com/2014/mozjpeg-3-0/
>Mozilla has done a study of image formats and concluded that WebP and JPEG XR are not a big-enough improvement over well-optimized JPEG. In the study only HEVC (H.265) was significantly better, but it’s a patent-encumbered format, so it can’t be used freely (shhhh!)

>>30806
>>30836
webp seems ok to me. I guess avif is technically more fancier, but it has no support. both can do lossy and lossless so that's not an issue

It just werks™



Delete Post [ ]
[ home / rules / faq / search ] [ overboard / sfw / alt ] [ leftypol / edu / labor / siberia / lgbt / latam / hobby / tech / games / anime / music / draw / AKM ] [ meta ] [ wiki / shop / tv / tiktok / twitter / patreon ] [ GET / ref / marx / booru ]
Previous[ 1 /2 /3 /4 /5 /6 /7 /8 /9 /10 /11 /12 /13 /14 /15 /16 /17 /18 /19 /20 /21 /22 /23 /24 /25 /26 /27 /28 /29 /30 /31 /32 /33 /34 /35 /36 ]
| Catalog | Home