undefined
@mattblaze @dalfen @violetmadder @mkb @Bandersnatch @DemocracyMattersALot Commercial software comes with a support model, and competent support is expensive. Competent support with massive demand for a few days a year is even more expensive.
You might want source availability, verifiable builds and more, but the economics of “anyone can use it” that comes with Open Source (tm) is a very very hard tradeoff.
@static in what way is it an elegant solution?
@huitema @mattblaze In precisely the same way that its UI decided that me banging on the keyboard for swear characters was a superscript!
@huitema @mattblaze That doesn't actually solve the problem, which is that I was responding to a private message, and ... something in the UI made my post a public one. I discovered that when someone not mentioned fave'd it.
I assume the same UI would have &*() me either way.
Goddamn "private mention" is hard to use safely.
@mcc Real pros — like me — — — put mdashes around their mdashes.
@SteveBellovin @usenixassociation Your tweet raises a lot of questions answered by my paper "Building practical security sandboxes for untrusted python code" which reviewer 2 called "Overly practical and lacking in LaTeX flair." Reviewer 3 said it "needed more math" and questioned "It works in practice, but does it work in theory?"
@vkc Oops, thought you were implying that if they didn't keep the blocklists private... sorry!
@vkc When you say “do I trust” I’m pretty sure they’re public; they’re aggregated on https://clearsky.app/.
@natashenka I don't know that a single click matters, unless you design it well. See also https://infosec.exchange/@adamshostack/115884932482637376
Holy cow fake QR codes in the wild! Stop the hacklore @boblord ! :)
https://vancouversun.com/news/whistler-fraudulent-qr-codes-parking-payment-scam
I know there's a long academic literature on the question of "do programmers make similar mistakes." Has that work been extended to security? Do programmers make the same sorts of security mistakes when writing similar programs?
@codinghorror I think the word you’re looking for is “doubleplus good” 😇
We have always been at war with Venezuela.