There’s nothing wrong with OCI Images. If you’re concerned about the security of Docker (which, imo, you should be) there are other container runtimes that don’t have its security tradeoffs (e.g. podman).
The short version is that the creators of this API are doing something more secure than what the client wants to do.
A reasonable analogy would be trying to access a building locked by a biometric scanner vs. a guard looking for a piece of paper with a password on it. In the first case, only people entered into the scanner can get in (this is the cookie scenario). In the second case, anyone with a piece of paper with the right password on it will be let in (this is the Bearer token scenario).
More technical version: the API is made more secure because the “HttpOnly” cookie - which, basically, means the cookie’s contents can’t be read with JavaScript in the browser - is used to hold the credentials the server is looking for.
By allowing a third party to access the application, this means you have to allow methods that can be set “client-side” (e.g. via JavaScript in a browser). The most common method is in the “Authorization” HTTP Header - headers are metadata sent along with a request, they include things like the page you’re coming from and cookies associated with the domain. A “Bearer” token is one of the methods specified by the “Authorization” header. It’s usually implemented via passing the authorization credentials prefixed with the word “Bearer” (hence the name) and, often, are static, password-like text.
Basically, because this header has to be settable by a script, that means an attacker/hacker could possibly inject malicious code to steal the tokens because they must, at some point, be accessible.
In this thread, everyone getting caught up on the first toot and not the second where he clarifies his point.
If you step past the initial investment of buying a house, the analogy makes perfect sense. When you rent an apartment, your landlord (the provider) takes care of all the maintenance; you just live there and you get what you get. When you own a home, you take care of all of the maintenance, but you get to set the place up however you like. This isn’t that different from a lot of FOSS out there.
This misunderstands the premise. You cannot intuit someone’s subjective experience of reality because it is impossible for you to experience their experience of reality. You have only what they’re able to explain to you.
To come at this from the other direction, if a friend says to you “I’m having a good day” and does not appear obviously distressed, how could you judge the relative goodness of their day or if it was actually good at all?
Just think of how much back and forth must have happened for this person to be so fed up as to include this with a request for publication
Possibly controversial opinion, the left needs a Fox News. A station that just unapologetically pushes liberal talking points and pays newsworthiness the same lip service that Fox does. Fuck this holier than thou bullshit we’ve got going on; fight propaganda with better propaganda.
Getting repeatedly beaten in competitive multiplayer games is just kinda par for the course if you haven’t learned the meta, strategies, etc. If you lack game knowledge and your opponents have that game knowledge, you will mostly lose.
If winning in the game is the only way you find enjoyment in them, then those kinds of games require significant investments of time and energy to “git good”.
I say this as someone who is repeatedly shit on in every game of CoD I’ve ever played and will play in the future. That said, I don’t gain particular enjoyment from winning alone - not that it isn’t fun to win, just that I get just as much enjoyment from other aspects of the game.
It sounds to me, mostly, that these games just don’t really appeal to your idea of what’s fun.
I would fully expect Linux content on any community dedicated to technology (i.e. programmerhumor); the rest is totally understandable. Though, I have to agree with @CarbonIceDragon, I really don’t see as much Linux content as you seem to - granted I use kbin, not lemmy.
I’ve read that Lemmy is a bit more personally curated than kbin, is it possible you’ve just accidentally built yourself a Linux bubble?
I won’t lie. I mostly don’t engage with content I see here. I didn’t do that when I was on Reddit either and mostly for the same reason: I don’t really have much to say and, even when I do have an opinion, I don’t usually want to engage in what’s often a protracted debate about something that will probably just end up being frustrating.
That’s not to say I haven’t had positive experiences on the Fediverse - I’ve had more here than anywhere else - I’m just not particularly motivated most of the time.
Israeli settlers have, for years now, been slowly encroaching into territory officially recognized as Palestinian lands. These people absolutely have the choice to move back out of those areas and into lands officially recognized as belonging to Israelis. On the other hand, very few people can “just move, lol” and I wouldn’t be surprised if Israel specifically chose settlers that would be burdened economically if they attempted to leave.
To be clear, Israel has continuously acted in bad faith against Palestinians and, along with its allies, destroyed the peaceful (or, at least, less militant) groups that sought to unite the Palestinians. This is absolutely a problem of their own making and I would be surprised if there was a peaceful path forward with the current political climate in the region.
If you really want to make everyone mad, it’s not “gif” or “jif” it’s “jyfe”
Parade raining time: https://feddit.de/comment/3373323
- I believe flags are sorted alphabetically by how they are internally represented. All flags are a combination of two special letter-symbols. For the UK flag, these two symbols are “GB”, therefore the UK flag should be much earlier.
- 🇺🇸 (Flag of the USA [code: US]) ≠ 🇺🇲 (Flag of the US Outlying Islands [code: UM])
Yes, the first US flag, which most people pick, is actually the flag of the US Outlying Islands. Whenever you see someone use the US flag emoji, check whether they accidentally used the " wrong" one.
For me, it has a picture where it specifies a “polypropylene container”.
There’s also this bit from near the end of the abstract:
Additionally, the polyethylene-based food pouch released more particles than polypropylene-based plastic containers. Exposure modeling results suggested that the highest estimated daily intake was 20.3 ng/kg·day for infants drinking microwaved water and 22.1 ng/kg·day for toddlers consuming microwaved dairy products from polypropylene containers.
So, they’re, at least, discussing polypropylene and polyethylene.
I don’t find Atheism and Spiritualism to be, necessarily, incompatible with each other. One can believe in something beyond our material existence and also believe that there are no gods.
Yes, that is how it works. Lockheed Martin isn’t a governmental body within the United States and is not bound by our Constitution in any way.
Regardless of our opinions on the matter, those are both private companies with their own rights that are not bound like a government under our current laws. People forget that because “corporations are people” they also get Constitutional protections. Our rights end where their rights start and vice versa.
My (limited) understanding of ActivityPub is that it functions on a publish-subscribe model. If you and I both ran instances and federated with each other, every time a message was posted to my instance I’d send a message to you and vice-versa. Now, let’s say a new person comes along with their own instance and they want to federate with us, but they have 1000x more users than we do. If we federate with this new instance, we now both have to handle 1000x more traffic.
This is effectively a Denial Of Service attack.
Threads currently (supposedly) has 70 million users. If only 0.001% of those users are interacting with federated content every second, that’s still 1000 messages every second. Smaller instances are likely not configured or tuned to handle this level of traffic on top of their existing traffic.
Honestly, I feel like the bigger issue is the immense flood of content that’s going to pour out of Threads. I’m not sure if many of the self-hosted instances will be able to federate with it and continue to function.
It’s far more likely that Google, AWS, and Microsoft are using tape for high-volume, long-term storage.
According to diskprices.com, these are the approximate cost of a few different storage media (assuming one is attempting to optimize for cost):
“Incitement” is a long-standing, widely-accepted exception to the first amendment not mentioned in the amendment itself. Just because the literal text of the document does not include an exception does not mean our legal system can not invent one. While I generally agree that speech should not be regulated outside of extreme circumstance, this is a very common human thing to want.
No argument on the second amendment. I do believe that more needs to be done here, but banning firearms - effectively or otherwise - is simply not an option in the States.
Your freedoms stop where another’s begin. I don’t see this as a reduction in freedom, it’s a protection of the freedoms of those who are being protested against. Defending against violence is not, strictly, an attack on freedoms.
See previous point. Religious freedom must end where another’s life and liberty begin. While I generally agree that individuals and religious institutions should be allowed to freely practice their religion, this must be tempered by the individual rights of others. With specific respect to the LGBTQ+ community, many religious groups actively dehumanize and some actively promote violence against them.
I would argue that this situation ultimately boils down to a lack of understanding of authoritarian rule and the damage that can occur because of it. The American education system is largely gutted when it comes to history - our own and otherwise - and I believe this trend toward authoritarianism is largely due to that - and persistent class warfare by the Capitalist class, but that’s a different conversation, I think.
People don’t really learn about what happened in Nazi Germany, or Fascist Italy, or Imperial Japan, or the Soviet Union, or Communist China, or British India, or probably dozens of other examples I can’t think of off the top of my head.