Seirdy's recent activity
-
Comment on The limited utility of the phrase “GNU/Linux” in ~comp
-
The limited utility of the phrase “GNU/Linux”
6 votes -
Comment on i3-gaps has been merged into i3 in ~comp
Seirdy Yes, Sway is basically compatible with i3-gaps wherever possible. Been using it for years without issue.Yes, Sway is basically compatible with i3-gaps wherever possible. Been using it for years without issue.
-
Comment on Goodbye to the C++ Implementation of Zig in ~comp
Seirdy It's called "The Birth and Death of JavaScript" by Gary Bernhardt of Destroy All Software, at PyCon 2014. Here's a recording. WebAssembly did not exist at the time; the talk was about WASM's...It's called "The Birth and Death of JavaScript" by Gary Bernhardt of Destroy All Software, at PyCon 2014.
WebAssembly did not exist at the time; the talk was about WASM's precursor, Asm.js.
-
Comment on An experiment to test GitHub Copilot's legality in ~comp
-
Comment on An experiment to test GitHub Copilot's legality in ~comp
Seirdy I updated the post to clarify this. See the new "Update: on satire" section..I updated the post to clarify this. See the new "Update: on satire" section..
-
An experiment to test GitHub Copilot's legality
11 votes -
Comment on Does anybody have any experience with switching to pipewire? in ~comp
Seirdy Fedora switched to Pipewire and uses the pipewire-pulse compatibility layer. No issues on my end, only improvements.Fedora switched to Pipewire and uses the pipewire-pulse compatibility layer. No issues on my end, only improvements.
-
Comment on Abortion Search Noise Generator in ~tech
Seirdy When you search for abortion-related info, you may feel worried about being tracked. This tool allows others to make these searches randomly, increasing the likelihood of a false positive to...When you search for abortion-related info, you may feel worried about being tracked. This tool allows others to make these searches randomly, increasing the likelihood of a false positive to engines tracking these queries.
If one person wears a ski mask, they look suspicious and might get pulled aside. If 50 other people wear a ski mask...
-
Abortion Search Noise Generator
10 votes -
Two types of privacy
6 votes -
Comment on Abortion bans are going to hit us worse than we think in ~talk
Seirdy Thank you for sharing this. I always have a preference for elevating other voices, asking for opinions, offering domain-specific advice, or assistance when I can't speak personally about an issue.Thank you for sharing this. I always have a preference for elevating other voices, asking for opinions, offering domain-specific advice, or assistance when I can't speak personally about an issue.
-
Comment on The right thing for the wrong reasons: FLOSS doesn't imply security in ~comp
Seirdy Binary patching is harder and also more error prone, especially when certain build flags are used (binary-patching a program built with -fPIE -flto=thin -ffunction-sections -fdata-sections...Binary patching is harder and also more error prone, especially when certain build flags are used (binary-patching a program built with
-fPIE -flto=thin -ffunction-sections -fdata-sections -fno-semantic-interposition
is...not fun) or when the software uses binary obfuscation.Freedom is more than just understanding the software in question, though. Some vendors are quite hostile to reverse-engineering efforts, for instance.
I wrote two previous posts on how FLOSS is a necessary but insufficient requirement to achieve user freedom, linked near the top.
-
Comment on The right thing for the wrong reasons: FLOSS doesn't imply security in ~comp
Seirdy A detailed post on how security audits are pretty similar regardless of source model, and how vulnerabilities are typically found. I believe in supporting free software for the right reasons, not...A detailed post on how security audits are pretty similar regardless of source model, and how vulnerabilities are typically found.
I believe in supporting free software for the right reasons, not the wrong ones. I wrote this to address the wrong reasons.
-
The right thing for the wrong reasons: FLOSS doesn't imply security
7 votes -
Comment on What are your favorite Linux distributions to use for gaming and as a daily driver, and why? in ~comp
Seirdy I'd suggest Fedora. Fedora is semi-rolling: most packages roll while many are frozen. It also has frequent releases (every 6mo) so frozen packages don't get too out-of-date. Fedora's also ahead of...I'd suggest Fedora. Fedora is semi-rolling: most packages roll while many are frozen. It also has frequent releases (every 6mo) so frozen packages don't get too out-of-date.
Fedora's also ahead of most distros on the security front. Fedora Silverblue and Kinoite have immutable root filesystems whose changes can be tracked using ostree. Fedora's working on supplementing this with FS-Verity (coming around Fedora 37) and dm-verity (WIP). If you combine that with some form of user-controlled verified boot, you can achieve a reasonable level of confidence in your system's integrity. On top of that, Fedora has SELinux support by default (though the default policies are admittedly lax).
I don't like GNOME though; I use Fedora with Sway.
-
Comment on <deleted topic> in ~tech
Seirdy (sorry i'm late) Thanks for the shout-out! I just updated Qwant's info.(sorry i'm late) Thanks for the shout-out! I just updated Qwant's info.
-
Comment on Linux (In)security in ~comp
Seirdy I love using Linux on the desktop for many reasons despite its insecure architecture. This article from a Whonix developer and GrapheneOS contributor explains how Linux is behind when it comes to...I love using Linux on the desktop for many reasons despite its insecure architecture. This article from a Whonix developer and GrapheneOS contributor explains how Linux is behind when it comes to (mostly desktop-oriented) exploit mitigations.
Other articles worth checking out on madaidan's site take a critical look at Firefox and OpenBSD. He also has a good Linux hardening guide.
-
Linux (In)security
10 votes -
Comment on Coverage is not strongly correlated with test suite effectiveness in ~comp
Seirdy I felt this article misses the forest for the trees. Coverage isn't just for verifying correctness; it's useful for detecting API changes, eliminating dead code, and building a better...I felt this article misses the forest for the trees. Coverage isn't just for verifying correctness; it's useful for detecting API changes, eliminating dead code, and building a better understanding of program behavior.
From a comment I posted on lobste.rs:
I also find coverage extremely valuable for finding dead or unreachable code.
I frequently find that unreachable code should be unreachable, e.g. error-handling for a function that doesn’t error when provided with certain inputs; this unreachable-by-design error handling should be replaced with panics since reaching them implies a critical bug. Doing so combines well with fuzz-testing.
It’s also useful for discovering properties of inputs. Say I run a function isOdd that never returns true and thus never allows a certain branch to be covered. I therefore know that somehow all inputs are even; I can then investigate why this is and perhaps learn more about the algorithms or validation the program uses.
In other words, good coverage helps me design better programs; it’s not just a bug-finding tool.
This only holds true if I have a plethora of test cases (esp if I employ something like property testing) and if tests lean a little towards integration on the (contrived) “unit -> integration” test spectrum. I.e. only test user-facing parts and see what gets covered, and see how much code gets covered for each user-facing component.
I've seen people unironically insist that it should be called "GNU/Linux" to distinguish it from the likes of Android multiple times in the past week.
I was initially inspired to write this after reading this post: https://social.linux.pizza/@redstarfish/109467634692979081