/tech/ - Technology

Cleaned up the CSS a little more. Need a solution to dynamically make the groups take up less of the screen.
Something to do with flexboxes no doubt.

>>29831
>Something to do with flexboxes no doubt.
Had the idea that when clicking the expand also expanding horizontally to fill the width of the body; so implemented this.
Also setup the flexbox stuff, so if the screen is small it takes full, otherwise it attempts to divide into thirds and flex-grow: 1;
Next up are the SVG icons, Websocket scripts, (backend) group specific calendar, (backend) combined groups calendar, and (optional) trash can.

>>29867
Got the SVGs dialed in and then decided it was better off with simple text buttons.
It seems to look best in landscape on mobile atm, though in general mobile is not entirely well supported.
Namely there are issues with the menu button overlapping the content and making it inaccessible.
Not sure about the best way to go about fixing that is.

Also wrote some checks to see if the user is a member of a group before displaying it to them.
And also to add them automatically to a group if they're creating it.
And another set of checks to make sure only the creator of a group can edit it.
And to make sure there aren't duplicate members or subgroups.

wish could have thought of something more interesting to make than a calendar forum.
Might have much more motivation to complete it if this was the case…

>>29873
Had several ideas for something like https://memex.garden (before knew of it), a microEmacs, an RCS chat.
Probably a skill issue that what was implemented was only a calendar and forum in python.

I find the fact that this same thread topic keeps popping up over and over with OP always having the exact same opinion very suspicious.

>>29800
Most of the AI threads are negative and/or express something different don't they?

>>29801
Not recently (post-4chan shutdown).

It is oversold and used in use cases it is a bad fit for. A good example would be AI upscaling where instead of artifacts from algorithmic upscaling, the visuals dive right into the uncanny valley even with professional AI upscale jobs like the Aliens 4k upscale where mouths melt in and out of existence as the AI slaps on body parts on objects it can identify.

>>29757
I hate AI because…

>Capitalism leads to layoffs whenever they can replace real workers with AI or robots. But the capitalistic system is not going anywhere because of AI or robots.
>Some people are too reliant on it and they can't think independently. Too many mistakenly think that AI doesn't have biases
>LLMs can be used to generate spam or disinfo.
>According to some studies, LLMs can be more persuasive than many people realize, even thought it could hallucinate wrong or inaccurate things.

>>29735
Mhm, such individual adventures oftenly result in a silent punishment and being forgotten. If Luigi's act was seen as heroic for some, we'd have more of CEO's getting assasinated.. only at rare moments in the history we had a revolutionary ethos being present in the society.

comrades… you needn't be so narrow minded.

i'm at least going to share secret research with the org im in (not saying which rn) to help with our analysis and publications. already looked into the legal ramifications based on my jurisdiction and worst case scenario i could tank it.

now i'm just thinking of how far i could take it. there's at least a couple of OAuth-secured WAN-facing systems which host most of the reports and data they produce, but the real juicy stuff is internal investment controls and confidential company disclosures gated behind higher levels of authorization. like my bosses' boss or one of the business senior leadership. obviously getting someone else's credentials would make this a lot more serious and punishable but if i pulled it off i could give others access without compromising myself.

i realized the token in old log file idea wouldn't work but if the Oauth does succeed it gives a long-lived refreshing cookie which is what id really want. i cant push any code that would go through VCS but i might be able to get a compiled test version of an app sent to someone, with something baked in that would quietly copy all the headers i need to a drive where i could get it before anyone notices.

there might be easier ways. people around the office leave computers unlocked unattended sometimes. support and various people pass around scripts they don't look at. getting access to someone's email higher up would be interesting too but not sure how i would do that. i'm wondering if any of you have other creative ideas or advice

why don't you just introduce some kind of "bug" that ignores bullshit bank charges to make it stop stealing money from poor people?

>>29735
This. Even worse than Luigi. Luigi at least killed a mega porky. This would do nothing.
>>29751
I'd really advise against this. You already have access to investment info, no? This is already worth quite a lot. Why jeopardize it by doing something like this?

>>29752
It would be very hard to introduce something persistent like that into production systems. Anything that directly hits their money will be a one time thing they might revert. Also I'm closer to the institutional clients side, other huge corps, not retail which is like regular customers. But idk I'll need to think more

>>29754
Because I know I can do more. Why are you guys being such boring pussies about it? I just need to talk to a leftist actually knowledgeable in cybersecurity

>>27788
>the only thing that matters is that
the only thing that matters is that communication through cock.li is objectively more secure than riseup

>>27788
>don't you think that using a service that is more popular draws less heat to (You) individually?
Absolutely not.
German law enforcement requested the totality of Riseup donators infos to the payment processor back in 2017.
Cockli is under 'attack' because they are big and popular.
Windows get more CVE per year because they are more popular

>there is no difference to the user if their PGP encrypted messages are stored in plain text or encrypted, you shouldn't trust your security to a third party if you can avoid it
I agree
But why are you saying "the cock.li TOS is "don't do crime" and they won't ever know you're committing crime since the e-mails are encrypted" in the same post lmao?
They both do. You should use GPG on both.

>BUT, from a purely functional perspective, cock.li is objectively superior to riseup when it comes to protecting your privacy, if you're serious about security i'm sure you'll understand why it's preferable to lock your door with an ugly key rather than keep it open
Again, I don't think you understand who's using riseup. Hint: Not internet schizos who think the CIA will target them specifically like 99% of cockli users (the other 1% are doing cybercrime or CSAM)

Post too long. Click here to view the full text.

>>27802
>cock.li is being threatened with closure by glowies
<riseup continues to operate with absolutely no pressure from the powers that be
this was supposed to be a dig at cock.li? if riseup actually threatened them like cock.li they wouldn't be this comfortable, plus the fact that they want to crack down on cock.li shows that it's a service that serves your privacy well, otherwise they would attempt to infiltrate and subvert rather than shut down
i rest my case

>>27803
They are not threatening Cockli with closure. Vince wants to close it if they try anything. Not the same thing.
It's understandable but some people would prefer to keep being reachable as it wont change anything for them (GPG use + metadata being already spied on anyway) and they may need it as it's their only mean of communication with some people (like a journalist and his source, just for example).
And it may not even be true at all, for all we know maybe Vince is just trying to grab a few $. I hope not but it's a possibility.

>riseup continues to operate with absolutely no pressure from the powers that be
They were under 2 FBI gag orders a few years ago. Idk but that's some pressure.
Now they have onions, end to end encryption (irrc) and still push people to use GPG and keep ransomware operator at bay with their invite only system, that may explain why they have less pressure.

Again, please stop acting like you don't understand that. I think, I hope (as you said you work in infosec), you are just -acting- stupid.

Could I get a code too?
[email protected]

>>29719
Migrating passwords also means the only thing not on my Linux box are my notes (for now).
Think this is all pretty basic OPSEC; not sure what a more serious dedication might look like.

>>29720
>not sure what a more serious dedication might look like.
Basically separating a public persona (billing), from disjoint private personas.
Obviously the disjoint aspect is what's most tricky about setting this up.
Browser fingerprinting and IP logs means this effectively requires onions.

>>29716
In the imperial core your baseline threat model always consists of automated data collection and the real-world places it feeds back into. This means you can either give up and hope you're median enough to effectively fly under the radar or always apply your best to remain private, anything else puts you at an unnecessary risk. Compromises, especially concerning financial services, are natural, but privacy should never be given up lightly.

I save all my passwords on an encrypted partition btw, this is my generator script:

#!/bin/rc
if(~ $#* 1) {
	c='A-Za-z0-9$~&%[{}(=*)+]!#`;:,<.>''"@^/?\|\-_'
	k=$1
}
if not if(~ $#* 0) {
	c='A-Za-z0-9$~&%[{}(=*)+]!#`;:,<.>''"@^/?\|\-_'
	k=32
}
if not {
	c=$1
	k=$2
}
dd -if /dev/random|tr -cd $c|dd -count $k -bs 1

>>29727
>median enough to effectively fly under the radar or always apply your best to remain private
Am not doing this currently, to fix it would require onions in a chroot as was suggested to me.

>this is my generator script:
Shell is alien to me, but the lack of libraries and terseness is nice.

>>29742
you can easily adapt the script to posix shell, just change the argument checking and replace plan9 dd with anything else

>>29503
It does seem like an excellent client, and was thinking even KurobaEx-beta was pretty good.

>>29505
Just saw the chan for the app is hella crazy

>>29502
Using this for few weeks. It is good; albeit the absence of good themes

>>29709
>>29502
Forgot pic

>>29502
Nice find. It will take time for me to adjust but this is awesome to see a whole new app to post on mobile.

>>29596
>If you can work a computer you can make art
i know thanks to ai :^)

>>29550
techfags: here you go, free GPL shit, free compilers, free editors, free mail clients, free web servers, the entire infrastructure of the internet for free, use it, modify it, share it, build a community around it

artfags: nooooooo!!! this doodle is (c) me, you can't SEE it without MY PERMISSION!! you can't download it!!! HELP! DMCA! POLITICIANS!

>>29705
Those aren't techfags, those are developers. Techfags are the idiots who think computer will do everything for them. It's possible to be both but generally people who actually understand how the tech works are not techfags because they know its limits.

>>29594
I mean all the most successful games have been gameplay-focused and usually are innovative in terms of programming in some way. Space Invaders, Pac-Man, Doom, Super Mario Bros, Minecraft, etc.
Minecraft's graphics are literally programmer art made by an amateur.
Hell even art-focused games like Undertale can have "bad" art (flawed on a technical level) if they're executed right. It's the human creative element that makes it work, generative AI would never be able to make something like that.

>>29705
>equating open source developers and government projects with silicon valley vampires
oh anon… no… no no no no

>>29185
this was a cool aesthetic but for all purposes OLEDS are cheaper and multicolored so theres no reason to use them any more

I'm with you, OP. That shit is awesome. I used to go to this kid's house when we were in middle school and his dad's computer had a screen like that. We played some shitty Kung Fu game on it with the keyboard and he got mad that we were messing with it.
We had a regular VGA color monitor but the computer before that had a tape deck and hooked up to a black and white TV. Fucking thing never worked. But I was 7 and none of us knew what we were doing. By the time I was 13 I could get around ms-dos and play games and connect to BBS.

When was a young lad watched Hak5 and the predecessor to Level1Tech.

>>29645
Will definitely look into it. I have started taking compsci subjects seriously now as I don't intend to be a soydev my entire life.

>>29647
Nope, I can't. Or it ends up getting escalated.

>>29648
ada is a meme, never take anything the tor poster says at face value

>>29649
>ada is a meme
The existing standards with multiple implementations say otherwise (rust in comparison is embarassing with it's "standard follows reference implementation" attitude and truly deserving of being called a meme). You might not see Ada much outside specific niches, that doesn't mean it isn't an exceptional tool, maybe not the best to learn about compsci admittedly.
>>29648
Ada as a language can be daunting, not because it requires compsci knowledge, but because it's type system forces many (good) restrictions you need to code around. You also won't find it in any curriculum, most use python, java or formerly lisp.

>>29650
If they can't update some shitty dependencies they certainly won't rewrite it in a language that nobody at the company knows.

>>29648
Can't you work during the meeting?