I've provided the detailed description and clear steps previously, but it seems you need the content tailored directly for the submission form's fields. I will present the complete, professional,...
@fm_volker in this case it referred to a real file name in the curl source tree, used for the OS400 port - in which it uses strcpy(). And the fake function name was almost like one of the real one, but with different arguments...
"I've provided the detailed description and clear steps previously, but it seems you need the content tailored directly for the submission form's fields. I will present the complete, professional, and detailed response suitable for reporting a memory corruption vulnerability to a vendor or bug bounty program."
"but it seems you need the content tailored directly for the submission form's fields. I will present the complete, professional, and detailed response suitable for reporting a memory corruption vulnerability to a vendor or bug bounty program."
They couldn't even be bothered to tell the LLM where they were reporting the bug.
@scvalex I literally had to download that to my phone and had to airdrop it to my Mac to open…2 thoughts, not a stack trace unless you count scrolling back, and they need to move off VirtualBox (happy to be corrected on the latter)
everybody jokes about this, but it should be noted that the criminals who hit the Louvre did not subvert the password security. They bypassed the issue entirely by coming in through a high window using construction equipment. That password, silly and insecure as it was, actually did its job. Although my god, I hope they fix that with something better.
Finally got a chance to read @sundress's thoughtful post outlining the "Why" behind the state of accessibility on the web and it is spot on! If you haven't already, please give it a read: alice.boxhall.au/articles/a-th….
I am begging people on fedi to stop censoring potentially triggering words. Please. Word filters stop working when you put a random asterisk in a word, and it tanks readability for people that dont filter the words but do have a reading-related disability.
Gibt es eine Art kirchliche oder sonstwie alternative #Etherpad-Installation, wo man den Zugriff auf die Dokumente einschränken kann? Also, nicht nur "wer den Link weiß", sondern mit persönlicher Anfrage oder Passwort? Und nein: googledrive soll es nicht sein.
Dieses PlugIn setzt eine kleine Benutzerverwaltung vor die Instanz. Es können dann generell nur registrierte Personen zugreifen: npmjs.com/package/ep_mypads In den ersten Jahren der @onlinekirche@kirche.social haben wir die selbstgehostete #Etherpad-Instanz erfolgreich in dieser Weise genutzt.
Für eine #Cryptpad-Instanz können die Teilnehmenden sich registrieren und ein Team bilden. In der Dateiablage für das Team kannst du gemeinsam genutzte Dokumente ablegen. cryptpad.luki.org/teams/
Darauf wollte ich auch hinweisen. Wenn es möglich ist, dass sich die Mitglieder der Arbeitsgruppe registrieren, dann kann man den Zugriff entsprechend einstellen, z.B. im Screenshot anbei.
@talon Hey, I had a completely random request. Remember CHARM? What if it also had a mode for tracking network bandwidth usage, download and upload, as well? Probably with user-configurable expected bandwidth maxima, or obtained from speedtests, to map your percentage. Or a similar algorithm to that used for disk I/O. That'd be super useful to know when something in the background is doing telemetry, or when something is unexpectedly downloading an update or uploading a blob and pegging the wi-fi.
Here's a soundpack for CHARM that I made, by the way. Right now it's just called tones, unsure what else to call it. It's easier to listen to than default, and is made up of single-cycle waveforms. CPU is sine, RAM is absolute sine, and disk is the NVDA beep, 2x clipped sine. CPU base frequency is 3/2x the others so you have less frequency collision during idling. I chose the NVDA beep because triangle was just a bit too soft to hear at lower frequencies but I still wanted something relatively soft like the other two. dropbox.com/scl/fi/auqg1kk585b…
Something we, as a society, need to do is stop criticizing other people's eating habits. We need to stop criticizing how much someone eats. We need to stop criticizing what someone eats. We need to end this expectation that everyone wants to eat a lot, or likes to eat in public. And more than that, we need to stop comparing people's eating habits to other people's eating habits. All this does is create insecurity, shame, stress, and discomfort with someone's body and food choices. Eating is a sensitive subject for many people, either due to weight, taste/textural issues with food, social discomfort, whatever. How about, unless someone's diet and/or eating habits are genuinely harming them, we leave other people's food choices, needs, and the amount they choose to eat, and let everyone do their own personal thing with it? Erg.
Clarification: Previously I reported that Tesla China production in China was down 10%. That figure is quite different from sales. New data from China Passenger Car Association shows that Tesla’s sales dropped to 26,006 vehicles in October, their lowest level in three years. It represents a fall of 35.8% compared to the same period last year. Tesla’s share of China’s electric vehicle market dropped to 3.2% in October, down from 8.7% in September.
Alarmujúce čísla: Dôvera v slovenskú ekonomiku padá a v októbri dosiahla 15-mesačné minimum. Hlavné ťahúne, ako je automobilový priemysel, hlásia problémy
If you're traveling by train, buy some fucking headphones. I don't want to listen to your shitty music, hear a crappy American comedy, or listen to a conversation with your significant other who's a bigger twat than you.
In the #curl security team, we get to exercise deep protocol knowledge into the bits for many protocols including version variations and exploring funny quirks we have for adapting to many 3rd party libraries as well as a thorough understanding of the C language, how ABIs work, OS/platform variations and the occasional CPU peculiarity. Did I mention build systems?
And that's only for the issues we received this weekend.
as a regular viewer, I don't remember him sending harassment towards anyone. If anything, I remember him specifically (and seriously) telling people not to harass anyone, on multiple occasions.
I'm not happy about his comment section / community either, but let's at least not throw around such accusations.
@mks_h there is responsibility for owns viewers and community as well.
"do not harass anybody" means nothing in practice. Otherwise would it make bigots be non bigots if they just say it every video but their viewers constantly are transphobic/racist/etc..?
Harassment is allowed in the comment section, therefore it's also allowed elsewhere.
The people harassing our community are welcomed in his community with open arms, because apparently doing it there is better than.. not?
Víte Vy vůbec, že 10 listopadu 1991 (před 34 lety): Na dálnici D1 u Brna se kvůli námraze a špatné viditelnosti srazilo 150 aut? A víte, že 10 listopadu 2010 (před 15 lety): Automobilka Škoda Auto vyrobila poslední exemplář modelové řady Škoda Octavia první generace? Ne? Už ano
В один прекрасный день, слегка чуть не заснув на лекции, я увидела на доске это: мяРНК. Ну и я решила что вы тоже должны это увидеть, мне кажется весь мир должен знать, что в каждой нашей клетке есть мяРНК
Теперь надо понять что это такое) Короче говоря, разных РНК в нашем организме много, там большая классификация, мяРНК вот (первая картинка)
Малые ядерные РНК - это короткие молекулы РНК, которые постоянно находятся в ядре клетки и играют ключевую роль в процессе сплайсинга матричной РНК (мРНК)
Как много сложных слов В общем, сплайсинг это нарезка такая, когда из матричной рнк убирают «ненужные» места, и вот этот процесс и регулирует наша мяРНК Ну разумеется она это делает не одна, вместе веселее, легче и функциональнее: МяРНК соединяется с белками и они образуют сплайсосому, которая как раз и вырезает ненужные места По итогу у нас получается готовая мРНК*, которая готова отнести инфу куда надо
МяРНК — это просто до ужаса мило))) И да, спасибо вам, пожалуйста, пишите больше. Я в школе настолько увлекался биологией, что в последнем году меня учительница спросила, не собираюсь ли я на биолога. Но нет, ибо без зрения на биологии такое себе. Но интересно по-прежнему)
it's the tragedy of Windows having shit window management, and forcing everyone to implement it client side in their applications (rarely in their toolkit); this leads to brain worms that burrow deep, and come out when porting applications to Linux
Amazing uptime idea: 3-N machines connected in an ouroboros daisy chain via websocket forwarding a single message continuously in a circle. There should be a canary machine, who detects if the message hasn't come in a while, therefore one or more of the machines is down. Study this carefully
“Who cares if computers can make music? That’s not what music is,” says Wolinski. “The moving of the speakers to generate sound waves is such a tiny part of what gives music meaning. It’s all about the social relations around [it], the human dialogue between one person and another, even if they never meet. This is what art is — and it’s why generative AI completely misses the point.”
(Original title: 65daysofstatic’s new No Man’s Sky album searches for humanity in an AI-filled world)
Apparently I’m in a giving mood today. Just started sponsoring @NVAccess on GitHub. It was about time. #NVDA is an awesome gift, and looking at all the recent Jaws debates I'm truly grateful to have a free and opensource SR that is that flawless and awesome. I'm surprised how few people actually sponsor on GH, though I'm sure there are other means which are utilized more. github.com/sponsors/nvaccess?s…
Thanks Jonathan! We very much appreciate all the support! GitHub is newer than say sponsoring us via PayPal, so that might be why - and some see GitHub as being a platform for more highly tech-savvy folk (though that is only true if you want to read the code - we've had a lot of great feedback from people on how much easier our new GitHub template is to create issues for less-technical users). We are grateful to all our sponsors, however they find it easiest to contribute :)
I'd guess the donation mechanism on the website is more popular. I know that's the one I used when I set up my monthly donation years ago, because I could simply use Paypal and never have to think about it. At that time, I didn't even know Github let users sponsor.
not having any logs for the website, it is hard to figure out why curl.se returns 8.28 billion 301 responses/month but only 281 million 2xx responses. A factor of 295:1 !
It smells like a crazy amount of (bot) traffic trying (old) URLs that redirect - and then they don't get the directed-to URL.
I think that's enough to warrant actually having something to log these. At 8.28 billion responses a month, that's 3200 per second, so you really don't need much time observing the 301-requested URLs, do you? I'd be kind of worried about there being some circular redirect, and some less-than-smart clients hammering that as a result.
you should try poking at the Fastly observability features: docs.fastly.com/products/obser… . I think you can self-enable a 30 day trial, but you could also just ask someone to flip them on for you. I think the Insights page probably has enough built-in features for you to track this down. See the bit about the "HTTP Request Response Status" chart in the docs: fastly.com/documentation/guide…
BTW if you're looking for an open hardware, repairable laptop made by a small team in berlin with no venture capital, maybe MNT Reform Next could be interesting for you: crowdsupply.com/mnt/mnt-reform…
Are you looking for a cheap and easy to build Raspberry Pi handheld? Check out the Bumble Berry Pi project which focuses on affordability and simplicity, letting you quickly create a portable cyberdeck perfect for terminal work, scripting, coding, or gaming on the go. Ha! You can have 37 Watt-hour battery that that lasts all day long with with Raspberry Pi 3b+. github.com/samcervantes/bumble…
Einen #Desktop #PC habe ich mir vor ein paar Jahren zusammengebaut. Vielleicht hatte ich keine glückliche Hand bei der Auswahl von #CPU, #RAM und #Motherboard und das Zusammenspiel ist nicht optimal?
Er läuft sehr gut - bis auf unvermittelte Totalabstürtze ohne Logeinträge, die mir weiterhelfen konnten.
Irgendwann stolperte ich über ein #Gnome AdOn zur leichten Ampassung der CPU Leistung. Nach der Begrenzung der max. Frequenz via Multimedia-Mode lief er stabil.
Unter #ubuntu 24 funktioniert das AdOn nicht mehr und ich habe mir nun ein Script eingerichtet, welches nach dem Start die max. Frequenz begrenzt:
for cpu in /sys/devices/system/cpu/cpu[0-9]*; do
cpufreq-set -c "${cpu##*/cpu}" -u 4490000
done
Schrittweise habe ich die Frequenz von ca. 4,3 GHZ nach jedem Neustart erhöht, und habe so die Stufe herausbekommen, bis der er ohne Absturtz läuft.
Interessanteweise stürtze er nicht bei Operationen ab, bei denen man es erwartet hätte, z.B. der Transkodierung von #Video. Das letzte Mal rauschte er in die Tiefe, als ich lediglich mit #Firefox #GitHub aufgerufen hatte ... was auch immer da die Frequenz nach oben getrieben hat?
Es handlet sich um einen Intel® Core™ i7-9700. Dass ich die 4,7 GHz nicht zur Verfügung habe stört mich übrigens gar nicht. Jedenfalls bemerke ich keine langsamere Arbeitsumgebung durch die Begrenzung ... und Gnome ist offenbar seit den neuen Versionen stark optimiert worden, was die Geschwindigkeit angeht...
ich habe neulich die nosmt Option über grub aktiviert. Seitdem läuft irgendwie alles runder und die Prozessorauslastung ist auch minimiert. Aber ob es hier vielleicht negative Effekte beim transcodieren oder so gibt kann ich dir nicht sagen, aber nen Versuch ist es wert
fedi, I'm looking for German language word puzzles and games. I'll just write my own program to generste them if necessary but surely they're already out there, right? Browser or app both fine, but no ads if it's an app.
Kushal Das 🇸🇪
in reply to daniel:// stenberg:// • • •Kaito
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Kaito • • •Jonas Geiler
in reply to daniel:// stenberg:// • • •Volker Stolz
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Volker Stolz • • •Kevin
in reply to daniel:// stenberg:// • • •Fredrik Björeman
in reply to daniel:// stenberg:// • • •Christian Lauf
in reply to daniel:// stenberg:// • • •onor.io
in reply to daniel:// stenberg:// • • •"I've provided the detailed description and clear steps previously, but it seems you need the content tailored directly for the submission form's fields. I will present the complete, professional, and detailed response suitable for reporting a memory corruption vulnerability to a vendor or bug bounty program."
Wow--such AI!
Matt Lacey
in reply to daniel:// stenberg:// • • •"but it seems you need the content tailored directly for the submission form's fields. I will present the complete, professional, and detailed response suitable for reporting a memory corruption vulnerability to a vendor or bug bounty program."
They couldn't even be bothered to tell the LLM where they were reporting the bug.
onor.io
in reply to daniel:// stenberg:// • • •I am so tired of seeing the profession of software development degraded by this AI garbage.
This sort of garbage just reinforces the very misguided notion that software development is so easy it can be handled by LLM's.
They (the people banking on this) will learn one day, to their great distress, that this is a fallacy pure and simple.
scvalex
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to scvalex • • •Matt Birch
in reply to daniel:// stenberg:// • • •