![](https://beehaw.org/pictrs/image/352492b2-ac1a-46a4-b5b7-6be0f18cacb3.png)
![](https://beehaw.org/pictrs/image/1be75b15-2f18-429d-acf7-dcea8e512a4b.png)
You may already know this, but Xonotic was forked from Nexiuz after the original code owner sold the GPLed code to some publisher to make a for pay game.
You may already know this, but Xonotic was forked from Nexiuz after the original code owner sold the GPLed code to some publisher to make a for pay game.
It’s at least partially because the specification was designed to detect and thwart attempts to tee the video and audio data in order to bypass copy protection on DVDs and Blu-Rays, iirc.
Well, the problem is you don’t know what you don’t know. One of the first example tasks in the paper was regarding implementing a symmetric cipher. Using a weak cipher was recommended by AI tools sometimes, these developers didn’t know that some ciphers were weak. Additionally, even when the AI tool recommended a strong cipher, such as AES, it generated code that screwed up an implementation detail (failing to return the authentication tag), making the result insecure. And the user didn’t know it was wrong because they didn’t know it was incomplete.
There’s no substitution for domain specific knowledge. Users who were forced to use traditional tools got the answer correct significantly more often because they had to read, process, and understand the documentation for the libraries, which meant they understood why the symmetric cipher was the way it is, and what additional information needed to be reported and why.
It seemed obvious to me as well, but studies like this are important, so that I have something to point to other than vibes.
I think everyone else did as well. I know I have no fucking clue what you’re driving at. Can you please be more explicit?
It is. So not really that great, imo. Just another rent seeking behavior to force a current subscription.
Don’t get me wrong, I’m certain it scratches an itch many people have, just the fact they put it in the cloud is a hell of a lot of needless complexity and antiuser.
Although I also read and was influenced by The Cathedral and The Bazaar shortly after it was published, I find it difficult to recommend, given that ESR went off the deep end. The book is a good interesting read, just get a PDF of it and don’t go digging.
Not quite. Their “malicious” extension only got a few hundred installs. Using the data gathered by that extension and via other means they were able to locate other actually malicious extensions. Those total in the millions of installations.