Crestwave's recent activity

  1. Comment on Investigating corrupt Winamp skins in ~tech

    Crestwave
    (edited )
    Link Parent
    The general advice is to use Windows Defender as an active antivirus and manually invoke Malwarebytes for full disk scans when you feel like something is up. The free version of MB does this well...

    The general advice is to use Windows Defender as an active antivirus and manually invoke Malwarebytes for full disk scans when you feel like something is up. The free version of MB does this well and non-intrusively, and I've caught adware that wasn't detected by WD in family and friends' devices with it. Additionally, if you have a single file or website that you think is particularly suspicious, you can check it with VirusTotal.

    Running both as an active antivirus is not recommended. Third-party antivirus are often intrusive, resource-heavy (especially when both compete for resources and file locks), and function as an added threat vectors to your computer (see the CrowdStrike debacle, for instance).

    Browsers or browser extensions from AV vendors tend to be particularly bad; if you want to protect your browsing experience, the single best thing you can do is probably to install uBlock Origin. But of course, do evaluate your own threat model to make decisions as you see fit.

    3 votes

  2. Comment on Google now only search engine allowed to provide results from Reddit in ~tech

    Crestwave
    Link Parent
    That's probably next to go. You already can't access NSFW posts anonymously on new Reddit and I'm sure they'll keep adding more roadblocks to force people to log in and use their app for...

    Ultimately if you allow anonymous access to content, it can be crawled and you can't stop it.

    That's probably next to go. You already can't access NSFW posts anonymously on new Reddit and I'm sure they'll keep adding more roadblocks to force people to log in and use their app for "engagement" a la Twitter.

    6 votes

  3. Comment on Google confirms Play Store mass app deletion based on new quality standards—now just six weeks away in ~tech

    Crestwave
    Link Parent
    I installed one such app a couple weeks ago—Ruler, which was last updated 8 years ago and developed by a university research group. And yet, it worked perfectly and was straight to the point with...

    apps whose last commit is older than this website

    I installed one such app a couple weeks ago—Ruler, which was last updated 8 years ago and developed by a university research group. And yet, it worked perfectly and was straight to the point with no permissions used. There was also a more recent fork, but I didn't need any of the added features—I wanted a ruler, I searched for "ruler", I installed Ruler.

    "Garbage" on the Play Store, on the other hand, uses a plethora of permissions and pushes ads and IAPs. Even apps that are highly-rated and well-regarded in there do this, since it's pretty much accepted as part of mobile apps these days.

    For more complicated apps like file managers or launchers where you would want all the extra features and nuances between each one, I find it better to search online for input so I can get high-quality reviews and not people saying "nice app" and "don't work".

    30 votes

  4. Comment on eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee in ~comp

  5. Comment on Tildes Game Giveaway: June/July 2024 in ~games

    Crestwave
    Link Parent
    What a unique list of games! Going to save this entire list. Would love Carto, The Rewinder and Firework if they're available.

    What a unique list of games! Going to save this entire list. Would love Carto, The Rewinder and Firework if they're available.

  6. Comment on Tildes Game Giveaway: June/July 2024 in ~games

    Crestwave
    Link Parent
    I'd love to try The Long Dark and This War of Mine, thank you!

    I'd love to try The Long Dark and This War of Mine, thank you!

    1 vote

  7. Comment on Tildes Game Giveaway: June/July 2024 in ~games

    Crestwave
    Link Parent
    1x Cultist Simulator 2x Monster Train 1x Vampire Survivors 1x Ziggurat Thank you, as always, and get well soon!

    1x Cultist Simulator
    2x Monster Train
    1x Vampire Survivors
    1x Ziggurat

    Thank you, as always, and get well soon!

    1 vote

  8. Comment on NASA employee creates Pride flag using NASA images in ~lgbt

    Crestwave
    Link
    I personally have not been a fan of the progress pride flag aesthetically; it's quite a clashing mess compared to the original pride flag, which had a consistent theme and represented "everyone"...

    I personally have not been a fan of the progress pride flag aesthetically; it's quite a clashing mess compared to the original pride flag, which had a consistent theme and represented "everyone" using the rainbow's colors. This looks awesome, though! The warmer colors and textures in the photos really make a difference, somehow everything comes together perfectly.

    10 votes

  9. Comment on Rubbing your eyes is way more harmful than you think in ~health

    Crestwave
    Link
    I completely stopped rubbing my eyes at a young age; breaking the habit made my eyes way less itchy and the thought of doing it now seems very horrifying and gross. As someone with perpetual...

    I completely stopped rubbing my eyes at a young age; breaking the habit made my eyes way less itchy and the thought of doing it now seems very horrifying and gross. As someone with perpetual allergies, I now use antihistamines and routinely dab my eye with a bit of water after washing my hands. When something gets stuck in my eye, I splash it some water, blink a bunch, close my eyes then stroke from the caruncle towards the other end of the eye with the tip of my finger.

    10 votes

  10. Comment on Microsoft confirms Windows 11 Recall AI hardware requirements in ~tech

    Crestwave
    Link
    Interesting to see this now, after I found out an entire genre of similar projects just a month ago when Windrecorder released. If anyone is interested in the concept but not the dystopian-esque...

    Interesting to see this now, after I found out an entire genre of similar projects just a month ago when Windrecorder released. If anyone is interested in the concept but not the dystopian-esque execution, do check out these open source projects! Some of these just index the screenshots with OCR'd text, while others also implement LLM capabilities if that's your thing.

    Windrecorder (Windows)
    rem (macOS)
    Memento (Linux)
    ActivityWatch (cross-platform)

    3 votes

  11. Comment on ‘TunnelVision’ attack leaves nearly all VPNs vulnerable to spying in ~tech

    Crestwave
    Link Parent
    This attack completely circumvents the VPN by forcing your traffic to be routed to its DHCP server. So essentially, if a malicious actor is in control of the network*, your threat model is pretty...

    This attack completely circumvents the VPN by forcing your traffic to be routed to its DHCP server. So essentially, if a malicious actor is in control of the network*, your threat model is pretty much the same as using a public WiFi without a VPN—HTTPS still protects you, HTTP is completely naked, and routing DNS queries is possible but not required (you can still sniff the IP of HTTPS connections and reverse look up its domain).

    * And you're using a vulnerable system, which is apparently everything except Linux with mitigations/Android according to the article.

    6 votes

  12. Comment on ‘TunnelVision’ attack leaves nearly all VPNs vulnerable to spying in ~tech

    Crestwave
    Link Parent
    It's not quite that dramatic since nearly all websites are encrypted with HTTPS (especially banking apps) nowadays. However, it's still a pretty major flaw since public networks are one of the...

    It's not quite that dramatic since nearly all websites are encrypted with HTTPS (especially banking apps) nowadays. However, it's still a pretty major flaw since public networks are one of the main use-cases for VPNs. And circumventing the VPN does let them check what websites you connect to, even if the contents are encrypted.

    4 votes

  13. Comment on Wizard of Legend 2 | Combat trailer in ~games

    Crestwave
    Link
    Apparently this sequel is made by a different game studio, Dead Mage. But they had some great pixel art in Children of Morta, so I'm not sure why they decided to change to a 3D style. The focus on...

    Apparently this sequel is made by a different game studio, Dead Mage. But they had some great pixel art in Children of Morta, so I'm not sure why they decided to change to a 3D style. The focus on multiplayer elements looks like a potential selling point, though!

    3 votes

  14. Comment on Riot’s Vanguard comes to League in ~games

    Crestwave
    Link
    I think it's interesting how much sense this article makes; it's not just a technical report, but a story. They're handling one of the most popular video games in the world and the move makes...

    I think it's interesting how much sense this article makes; it's not just a technical report, but a story. They're handling one of the most popular video games in the world and the move makes total sense. If I was in their shoes, I would probably do the same. And yet, I would definitely not install this on my computer. It's a tiny bit dystopian that way. :P

    Realistically, nothing much will probably come from this. It would just continue the downward trend towards normalizing increasingly closed computer environments. Or maybe we're on that rare timeline where a bug or vulnerability gets out and we get something spicier. Who knows.

    8 votes

  15. Comment on Riot’s Vanguard comes to League in ~games

    Crestwave
    Link Parent
    From what I've seen, most of the criticisms revolving around Vanguard isn't necessarily that it's kernel-level*, but that 1) it loads the driver on boot; 2) it does not support Linux; 3) it uses...

    From what I've seen, most of the criticisms revolving around Vanguard isn't necessarily that it's kernel-level*, but that 1) it loads the driver on boot; 2) it does not support Linux; 3) it uses TPM 2.0; and 4) it is/was significantly more invasive than other anti-cheats.

    The article does address some of these points, but not necessarily to a satisfactory level. For example, it says that it is not running all the time because it doesn't make network requests unless a Riot game is running. But while I'm sure that it has plenty of security measures to keep itself safe, it seems to me that it would still be theoretically be possible for it to be compromised by an attack or to crash your computer from a buggy update.

    The article also mentions that there were only 800 Linux users yesterday. This seems a bit disingenuous, given that they apparently announced the Vanguard implementation months back and thus, nearly everyone would have already dropped it by then. Although it's probably still a pretty small community compared to their total player base at full size.

    Their response for TPM 2.0 makes sense, since W11 apparently soft-requires it and considers TPM-less installations to be in an unsupported state. Still, it's a privacy issue that some people are understandably worried about.

    Finally, while I haven't been keeping up with the latest news, Vanguard has gone under fire before for straight-up preventing people from running applications like Core Temp, without any notification or warning. This source mentions that Riot has shifted their mitigation strategy to prevent this from happening again, but it's completely understandable to me for people to be wary when it has a history of invasive, always-on procedures just to play a game.

    The article isn't necessarily encouraging, either:

    They used cheating software for another game, and Vanguard unfortunately picked it up.
    With hardware-level cheating, we can't always tell which game you intended to cheat on, so it's our firm recommendation that you just not cheat on any game.

    Does this mean that you could get banned for "cheating" on a single-player game while Riot games aren't running? What if you're using debuggers for development? Does that count as "cheating software"?

    * I believe EAC/BattlEye are kernel-level and do not have the other issues I mentioned.

    10 votes

  16. Comment on Apple opens the App Store to retro game emulators in ~games

    Crestwave
    Link
    The exact wording is: which seems to imply that users will not be able to use their own ROMs. Rather, this seems to be targeted towards publishers who want to make their own games available.

    The exact wording is:

    Apps may offer certain software that is not embedded in the binary, specifically HTML5 mini apps and mini games, streaming games, chatbots, and plug-ins. Additionally, retro game console emulator apps can offer to download games. You are responsible for all such software offered in your app, including ensuring that such software complies with these Guidelines and all applicable laws. Software that does not comply with one or more guidelines will lead to the rejection of your app. You must also ensure that the software adheres to the additional rules that follow in 4.7.1 and 4.7.5. These additional rules are important to preserve the experience that App Store customers expect, and to help ensure user safety.

    which seems to imply that users will not be able to use their own ROMs. Rather, this seems to be targeted towards publishers who want to make their own games available.

    7 votes

  18. Comment on Does Linux From Scratch actually teach you anything? in ~comp

    Crestwave
    Link
    LFS is great for learning about the system-level workings of a Linux distro. If you're interested in sysadmin stuff and build systems (packaging/porting/tinkering with software), then it could be...

    LFS is great for learning about the system-level workings of a Linux distro. If you're interested in sysadmin stuff and build systems (packaging/porting/tinkering with software), then it could be a good fit for you. I know it was for me.

    If you're interested in user-level stuff, then its teachings will likely just bounce off and prove not to be relevant.

    If you're interested in programming-level stuff (how do I make an OS?), then LFS probably won't provide you much, either—just a very basic overview of the possible layers of a complete OS.

    6 votes

  19. Comment on Day 4: Scratchcards in ~comp.advent_of_code

    Crestwave
    Link
    Feels more like a proper day 4 than the previous days did; simple and fun. I went the efficient route, although from @Crespyl's comment I'm guessing that it can be brute forced as well. Part 1...

    Feels more like a proper day 4 than the previous days did; simple and fun. I went the efficient route, although from @Crespyl's comment I'm guessing that it can be brute forced as well.

    Part 1 
    #!/usr/bin/awk -f
{
	sub(/Card[ ]*[0-9]*: /, "")
	split($0, card, "|")
	card[2] = card[2] " "
	$0 = card[1]
	num = 0

	for (i = 1; i <= NF; ++i)
		if (match(card[2], "[^0-9]+" $i "[^0-9]+"))
			num = num ? num * 2 : 1

	total += num
}

END { print total }
    Part 2

    Due to past experience from Lanternfish and other exponential problems in the past, I decided to simply save their multipliers in a table instead of making actual copies of the cards.

    #!/usr/bin/awk -f
{
	mult[NR] += 1
	sub(/Card[ ]*[0-9]*: /, "")
	split($0, card, "|")
	card[2] = card[2] " "
	$0 = card[1]
	num = 0

	for (i = 1; i <= NF; ++i)
		if (match(card[2], "[^0-9]+" $i "[^0-9]+"))
			++num

	for (i = 1; i <= num; ++i)
		mult[NR + i] += 1 * mult[NR]

	total += mult[NR]
}

END { print total }
    1 vote

  20. Comment on Day 3: Gear Ratios in ~comp.advent_of_code

    Crestwave
    Link
    Longer day 3 than expected; might be because it's a weekend. Part 2 was pretty simple, at least. Part 1 POSIX AWK doesn't seem to have a way to handle multiple matches so I had to manually...

    Longer day 3 than expected; might be because it's a weekend. Part 2 was pretty simple, at least.

    Part 1

    POSIX AWK doesn't seem to have a way to handle multiple matches so I had to manually implement it. Overall went pretty smoothly other than a couple off-by-one errors.

    #!/usr/bin/awk -f
{
	str = $0
	len = 0
	while (length(str) > 0) {
		i = match(str, /[0-9]+/)
		if (i == 0)
			break
		grid[i + len, NR] = substr(str, i, RLENGTH)
		len += i + RLENGTH - 1
		str = substr(str, i + RLENGTH)
	}

	str = $0
	len = 0
	while (length(str) > 0) {
		i = match(str, /[^0-9.]/)
		if (i == 0)
			break
		sym[i + len, NR] = substr(str, i, 1)
		len += i + RLENGTH - 1
		str = substr(str, i + RLENGTH)
	}
}

END {
	for (k in grid) {
		split(k, xy, SUBSEP)
		for (x = xy[1] - 1; x <= xy[1] + length(grid[k]); ++x)
			for (y = xy[2] - 1; y <= xy[2] + 1; ++y)
				if (sym[x, y])
					total += grid[k]
	}

	print(total)
}
    Part 2

    Very minor changes. The instructions specified "adjacent to exactly two part numbers", but I didn't have any that were more than two in my input so ¯\_(ツ)_/¯

    #!/usr/bin/awk -f
{
	str = $0
	len = 0
	while (length(str) > 0) {
		i = match(str, /[0-9]+/)
		if (i == 0)
			break
		grid[i + len, NR] = substr(str, i, RLENGTH)
		len += i + RLENGTH - 1
		str = substr(str, i + RLENGTH)
	}

	str = $0
	len = 0
	while (length(str) > 0) {
		i = match(str, /[^0-9.]/)
		if (i == 0)
			break
		sym[i + len, NR] = substr(str, i, 1)
		len += i + RLENGTH - 1
		str = substr(str, i + RLENGTH)
	}
}

END {
	for (k in grid) {
		split(k, xy, SUBSEP)
		for (x = xy[1] - 1; x <= xy[1] + length(grid[k]); ++x)
			for (y = xy[2] - 1; y <= xy[2] + 1; ++y)
				if (sym[x, y] == "*")
					if (gear[x, y])
						total += gear[x, y] * grid[k]
					else
						gear[x, y] = grid[k]
	}

	print(total)
}
    1 vote