Wes's recent activity

  1. Comment on Star Trek San Diego Comic-Con (SDCC) 2021 teasers in ~tv

    Wes
    (edited )
    Link
    I had to look it up, so far anyone else curious SDCC stands for San Diego Comic-Con. edit: Seems the title has been updated to show this now.

    I had to look it up, so far anyone else curious SDCC stands for San Diego Comic-Con.

    edit: Seems the title has been updated to show this now.

    3 votes
  2. Comment on I am fighting back by switching this website from HTML to PDF in ~comp

    Wes
    Link Parent
    All the same, both Chromium and Firefox are open-source software with proven forks. Compare it to something like desktop operating systems and the web starts looking pretty healthy in comparison.

    All the same, both Chromium and Firefox are open-source software with proven forks. Compare it to something like desktop operating systems and the web starts looking pretty healthy in comparison.

    3 votes
  3. Comment on I am fighting back by switching this website from HTML to PDF in ~comp

    Wes
    Link
    There's about a thousand things I could point out about how flawed this is (performance, accessibility, indexability, caching, and so on), but I guess they're willing to make those tradeoffs. Viva...

    There's about a thousand things I could point out about how flawed this is (performance, accessibility, indexability, caching, and so on), but I guess they're willing to make those tradeoffs. Viva la open web, where things like this are possible.

    27 votes
  4. Comment on Remote code execution vulnerability in the cdnjs Javascript CDN run by Cloudflare, which could have enabled tampering with over 10% of all websites in ~comp

    Wes
    Link Parent
    I think if we looked at heatmaps for the most common distributions of JS libraries, there'd be a handful that have significantly more downloads than others. My example above was the latest jQuery...

    I think if we looked at heatmaps for the most common distributions of JS libraries, there'd be a handful that have significantly more downloads than others. My example above was the latest jQuery version of each branch (1.x, 2.x, 3.x), but another example is the version automatically bundled with WordPress sites (a modified 2.x if I'm not mistaken).

    I expect there's similarly often-bundled versions of jQueryUI, Modernizr, moment.js, and others. Bootstrap would be another good candidate (though more on the CSS side).

    I don't know how practical it would be for browsers to play favourites and have a special cache for these assets, but I've long felt there was room for optimization here.

    It could be argued as being leaky, but if they were vetted to be included on more than 10,000 sites, as an example, that really wouldn't tell you anything about where that user has been.

    Of course maybe that traffic is inconsequential in the grand scheme of things and this is all needless complexity. I'd be curious to know, honestly.

    2 votes
  5. Comment on Remote code execution vulnerability in the cdnjs Javascript CDN run by Cloudflare, which could have enabled tampering with over 10% of all websites in ~comp

    Wes
    (edited )
    Link Parent
    I wish it were a setting. I'd gladly take the performance boost of cross-site caching vs the rather niche concern of privacy leaks. Especially if it were turned on for common CDNs or even the...

    Cross-site caching of JavaScript, fonts, and other resources is now disabled to prevent privacy leaks, so there's no longer any performance benefit from this.

    I wish it were a setting. I'd gladly take the performance boost of cross-site caching vs the rather niche concern of privacy leaks. Especially if it were turned on for common CDNs or even the most-commonly-linked versions of files. I can only imagine how often the latest version of each major jQuery version is requested, or the top ten webfonts on Google Fonts.

    It feels like we're just throwing bits away.

    edit: I'd suggest installing the top Google Fonts locally to save network requests, but the generated CSS doesn't even prioritize a local lookup. It would take a browser extension to intercept the request to even make that work.

    3 votes
  6. Comment on What games have you been playing, and what's your opinion on them? in ~games

    Wes
    Link
    I've been playing Dark Messiah of Might & Magic and it's hecking amazing. I've always heard good things, and I had a feeling I'd enjoy it, but it's really surpassed my expectations. The combat is...

    I've been playing Dark Messiah of Might & Magic and it's hecking amazing. I've always heard good things, and I had a feeling I'd enjoy it, but it's really surpassed my expectations.

    The combat is fun and rewarding. Melee feels more meaty and methodical than even recent games. There's a lot of use of the environment, like cutting ropes to drop boxes on enemies, or kicking them into spikes. Spamming left mouse button is rarely the best way to approach a fight.

    The story is simple but enjoyable. It doesn't overstay its welcome. It's a tight linear experience rather than an expansive open-world, which I can appreciate once in a while. There's also many secrets to explore which are very rewarding. I'm sure I've missed a ton as well.

    The developers went on to make Dishonored, and I can see the similarities. In many ways that feels like a spiritual successor (though with a greater focus on stealth).

    Dark Messiah is an older title now and doesn't run perfectly on Windows 10. For some users (including me) there's rare crashes. I applied an x64 patch as well as a few compatibility flags which helped stabilize it. My only complaint now is the lack of borderless fullscreen, but I can cope with that.

    It's a fun game, and well worth putting a few sessions into. Give it a try some time!

    5 votes
  7. Comment on SGDQ (Summer Games Done Quick) 2021 starts today in ~games

    Wes
    Link Parent
    I really enjoyed the Sonic Adventure 2 run for the impressive technical skill of the runner. The co-commentators were also great. The GTA 3 run was a lot of fun due to the runner's personality....

    I really enjoyed the Sonic Adventure 2 run for the impressive technical skill of the runner. The co-commentators were also great.

    The GTA 3 run was a lot of fun due to the runner's personality. Upbeat and friendly without being over-the-top as some streamers are.

    I'll be checking out the Super Mario 64 stream; last year's was great. Thanks for mentioning it.

    2 votes
  8. Comment on Kaspersky Password Manager had multiple problems in its password-generator, resulting in its passwords being predictable and easily brute-forced in ~comp

    Wes
    Link Parent
    Targeted attacks are rare, of course. But if you were a person of interest, such a disclosure would be a problem.

    Targeted attacks are rare, of course. But if you were a person of interest, such a disclosure would be a problem.

    3 votes
  9. Comment on Kaspersky Password Manager had multiple problems in its password-generator, resulting in its passwords being predictable and easily brute-forced in ~comp

    Wes
    Link Parent
    That seems like bad advice. People struggle with passwords, and they would struggle even harder with password formulas. I expect most of them would be along the lines up: site name + my birthday +...

    That seems like bad advice. People struggle with passwords, and they would struggle even harder with password formulas. I expect most of them would be along the lines up: site name + my birthday + single special character. You still have the problem that any database leak exposes huge information about your system.

    Password managers work because they're one strong password. After that everything is unique, properly randomized, and uses secure methods (evidently except for the Kaspersky password manager). Even normal people can remember one good password.

    Security researchers continue to recommend password managers as the number one piece of advice for online security, and it's for good reason.

    6 votes
  10. Comment on Popular Audacity audio app dubbed ‘spyware’ by users over policy changes from new owner in ~tech

  11. Comment on SGDQ (Summer Games Done Quick) 2021 starts today in ~games

    Wes
    Link
    For others not suited to live streams, here are a list of the videos as they're recorded. I'm watching through Psychonauts currently and liking the laid back chemistry between speakers. Great game...

    For others not suited to live streams, here are a list of the videos as they're recorded. I'm watching through Psychonauts currently and liking the laid back chemistry between speakers. Great game too.

    I have to say, I really prefer the online approach to this event. The in-person events were always so boisterous.

    4 votes
  12. Comment on Windows 11 will create heaps of needless trash in ~tech

    Wes
    Link Parent
    I see it the other way around. Vista and Windows 8 were significant shifts in the underlying OS and design language. By comparison Windows 7 and 10 were minor updates. If we're omitting releases...

    I see it the other way around. Vista and Windows 8 were significant shifts in the underlying OS and design language. By comparison Windows 7 and 10 were minor updates. If we're omitting releases for being too small, those are the ones to skip.

    9 votes
  13. Comment on Final Fantasy V and VI disappear from Steam next month in ~games

    Wes
    (edited )
    Link Parent
    Here's an example from the Racial Justice bundle. It lists multiple titles that were made inaccessible after the bundle launched. The game Smile for Me was similarly removed from the Palestinian...

    Here's an example from the Racial Justice bundle. It lists multiple titles that were made inaccessible after the bundle launched.

    The game Smile for Me was similarly removed from the Palestinian Aid bundle. Those that specifically accessed the game's claim page were able to keep it, but simply buying the bundle wasn't enough. This was the result of developer error, but should show that the mechanism exists to remove games once purchased.

    A friend of mine ran into an issue with a dev pulling a game he purchased too, but I can't remember which one. I'll ask him for more details on that.

    edit: I've heard back now. It's an unusual title, but Consensual Torture Simulator was taken down after purchase. It seems developers can simply remove their hosted files to make their games inaccessible.

    2 votes
  14. Comment on Final Fantasy V and VI disappear from Steam next month in ~games

    Wes
    Link Parent
    There's platforms that don't offer that feature. Itch.io for example allows developers to revoke their games from bundles after they've been purchased. Amazon has pulled ebooks from people's...

    There's platforms that don't offer that feature. Itch.io for example allows developers to revoke their games from bundles after they've been purchased. Amazon has pulled ebooks from people's libraries (and all notes that were associated with them). Netflix has removed a show on me half-way through watching.

    In the case of Netflix, yes it was a subscription, but so are most examples of digital ownership. You're granted a license, not a product. Steam works this way too (for all I know they invented the idea), but they are relatively good about letting people keep items they've purchased compared to other services.

    2 votes
  15. Comment on WHO urges fully vaccinated people to continue to wear masks as delta Covid variant spreads in ~health.coronavirus

    Wes
    Link Parent
    I actually agree with you, and I think it's a real conversation we'll have to have as a society. I just don't like the idea of dismissing the consequences of lessening the restrictions. It will...
    • Exemplary

    At a certain point, we just have to accept a trade-off. We can debate where that trade-off should be, but we absolutely do have to accept a trade-off at some point

    I actually agree with you, and I think it's a real conversation we'll have to have as a society. I just don't like the idea of dismissing the consequences of lessening the restrictions. It will impact people, and I think that has to be a part of the conversation.

    As mentioned above, immunocompromised are one consideration. But we should also acknowledge that the vaccine is not 100% effective. For others the vaccine simply doesn't take at all. These people will all be affected.

    I'll also add that not all countries have finished their rollouts. I'm still waiting on my second dose, as are many I know.

    There is one other consideration I hesitantly mention. There are still a great many people that have been tricked into believing that vaccines are dangerous. They're not necessarily anti-vax, but are victims of the anti-vax campaigns. I've certainly known people like this, as I'm sure you have.

    It's easy to sum this up as malice, but it's really just ignorance of the science and the innate human fear that taking an action can be more hazardous than inaction. For many their uncertainty leads them to the path of least resistance (doing nothing). ​And unfortunately that means their children are remaining unvaccinated as well.

    I think it's very easy to dismiss these people out of hand ("they had their chance"), but I also think we can view this as a failing in science communication and education. For every bozo on Facebook spreading anti-vax memes, there's a handful of otherwise-good people that just can't make sense of it all. ​ I suspect it pays ​to have a little empathy for these people, even as we're frustrated with them for making the pandemic harder than it needs to be.

    ​> If a variant presents a credible risk to the vaccinated though, then of course we can implement safety measures again.

    I think that's what we're trying to figure out right now. There are still variants that we don't fully understand yet. If it turns out the current vaccines are effective for all known variants, then easing off restrictions does make more sense.

    My main concern is if they're not effective. Our initial response was slow enough that we allowed multiple more aggressive variants to emerge. Those strains may now evolve into something considerably worse, in which case we'll be back to square one. Imagine a new variant that is completely immune to our current vaccine.

    That's why I feel we should make a considerable effort to reduce the possibility of new strains emerging. The only way to do that is to reduce the number of cases. It seems we have the tools required for that now (working from home, flight limitations, mask acceptance, and the ability to rapidly develop and deploy vaccines). If we can push a little harder and get the numbers down to where a new variant emerging is unlikely, I think we may be saving ourselves a lot of hardship in the long run.

    10 votes
  16. Comment on WHO urges fully vaccinated people to continue to wear masks as delta Covid variant spreads in ~health.coronavirus

    Wes
    Link Parent
    Do you not go to grocery stores or gas stations? For many it's a necessity of living.

    outside of a small percentage of the immunocompromised who I would be baffled at their behavior to learn if they were out in public at the same places I am

    Do you not go to grocery stores or gas stations? For many it's a necessity of living.

    12 votes
  17. Comment on Reddit introduces CryptoSnoos NFTs in ~tech

    Wes
    Link
    These NFTs seem to be the modern adaption of I Am Rich. Buying items that do nothing simply for the status symbol of it. Digital opulence on display. I wouldn't mind if not for the absurd energy...

    These NFTs seem to be the modern adaption of I Am Rich. Buying items that do nothing simply for the status symbol of it. Digital opulence on display.

    I wouldn't mind if not for the absurd energy costs of some of these things.

    7 votes
  18. Comment on (option to) Mark comment reply notifications as read when clicking "link" or "parent" in ~tildes

    Wes
    Link
    Have you considered enabling "Automatically mark all notifications read when you view the Unread Notifications page", and then opening each notification in a new tab? That will allow them to be...

    Have you considered enabling "Automatically mark all notifications read when you view the Unread Notifications page", and then opening each notification in a new tab? That will allow them to be marked as read without any interaction.

    6 votes
  19. Comment on Tildes will be down for most of this weekend in ~tildes.official

    Wes
    Link
    Aye aye, captain! Thanks for the heads up and good luck.

    Aye aye, captain! Thanks for the heads up and good luck.

    9 votes
  20. Comment on Steam Summer Sale is live (June 24th - July 8th) in ~games

    Wes
    Link
    Most of the prices look to be updated at this time. And as a pleasant surprise, Steam's servers haven't fallen over like they usually do. If you're looking for recommendations, we create daily...

    Most of the prices look to be updated at this time. And as a pleasant surprise, Steam's servers haven't fallen over like they usually do.

    If you're looking for recommendations, we create daily threads in /r/GameDeals for the duration of the sale. The first day's post is available here.

    7 votes