I must be missing something (I can see the community is not from lemmy.world but the guy is)
I must be missing something (I can see the community is not from lemmy.world but the guy is)
OK I got it, you are completely out of the loop here.
You do not grasp the idea of NoScript and other JS filtering extension. This is not about server code, your all arguments is baseless here.
By the way JS refered to Javascript and not NodeJS.
Anyway I got you whole company/business talk about “keeping the service available, secure, performant” and “GDPR […] bankrupting fine”… yeah lemmy.world.
Thanks for your answer.
First I don’t even grasp what a “service owner” is.
Second, for JS front-end openness there are already a bunch of app (web, android) that are open-source and secured. Everything has dependencies nowadays, this doesn’t prevent good security. Think all the python app and their dependencies, rust, android… even c\c++ packages are built with dependencies and security updates are necessary (bash had security issues).
I think with JS scripts it’s actually even easier to have good security because the app is ran in our web browser so the only possible attacker is the website we are visiting itself. If they are malicious then the close-sourced JS script is even worse. Unless you count 3rd party scripts embedded that bad dev uses in their website without even thinking about trusting them. That is also awful in both open or close source environment.
So even having imperfect security (which happens regardless to openness), who is the attacker here? I would rather run js script on my end if the code can be checked.
I believe you missed the point, I am not in defense of Security through obscurity
(https://en.wikipedia.org/wiki/Security_through_obscurity), quiet the opposite.
The point: “[…] risk for the service owner as it gives an easily parsable way for an attacker to check […]” is well known and not the discussion here. You can choose close source for ‘security’ this is opensource community so I am wondering about such a tool.
There’s no “open source” centralized website. You can’t know what the server is effectively running unless you have access to it. To me this makes no sense.
And C++, just checked the wiki and the 2 example of openssh’s heartbleed and sudo, both in C. Not C++. As expected.
I’m not sure why people keep pushing that myth on C++. It’s been a decade we have smart pointers. There’s no memory management to be done ever.
Using the old ‘new’ is like typing ‘unsafe’ in rust. Even arrays/vectors have safe accessor.
Am I missing something?
Are we codeberg yet?
NEDO is a big public institution for renewable energy research. The budget is ~500M$ a year and they bet a lot in hydrogen : https://www.nedo.go.jp/english/index.html (https://www.nedo.go.jp/english/activities/activities_ZZJP_100096.html)
Thank you for sharing this. I didn’t know this FS yet. It seems new and have some nice goals. I always have a grudge against zfs/btrfs because of the resource usage/performance.
I’ll keep an eye on this. I’d love to find some benchmarks.
I am so sorry, I am going to fix this. Also I am not one of the people who downvoted your comment. I like when people point at my mistakes. I am making a lot of those even in my native language.
I tried watching the video. I am genuinely interested but I couldn’t. The video is uncuted (edit: uncut*, my English is so bad) and very slow paced. After 10 minutes I gave up (50 minutes remaining).
Maybe an other time or with an other video.
I thought this also would need the next Nvidia driver version 555. Am I missing something?
it’s been at least 7 years now, I don’t have any hope.
Wine is fine so I guess proton would be.
Damned, this is so frustrating when you cannot switch yet. Not like Wayland is perfect anyway but I felt the same with pipewire where the new system as some needed improvement but the switch is harsh.
They list gitea but not forgejo. That’s not really advocating for FOSS. “all” (the ones I looked at) are startup products coined as open-source.
I really don’t like this website and this list, to me this is replacing bad solutions by other bad solutions (I am sorry for the people that like firebase and co).
I am sorry for the negativity but I really don’t enjoy this link and all it represents and all the people enjoying such content. I guess I/we should explicitly separate FOSS from open-source.
I may be out of touch and should be educated on why/how this is good.
You are right to share this, I was about to do so yesterday but I first wanted to watch it all. So far I have only watch the first half and it is very interesting.
It is rough to follow though, sometimes I am listening to stuff while working but for this video I will need to be in the right context and focus to correctly get it.
I had the idea that moderation is instance based in Lemmy, mods only moderate people on their instance.