Correct 👍

This is a, “it’s turtles all the way down!” problem. An application has to be able to store its encryption keys somewhere. You can encrypt your encryption keys but then where do you store that key? Ultimately any application will need access to the plaintext key in order to function.

On servers the best practice is to store the encryption keys somewhere that isn’t on the server itself. Such as a networked Hardware Security Module (HSM) but literally any location that isn’t physically on/in the server itself is good enough. Some Raspberry Pi attached to the network in the corner of the data center would be nearly as good because the attack you’re protecting against with this kind of encryption is someone walking out of the data center with your server (and then decrypting the data).

With a device like a phone you can’t use a networked HSM since your phone will be carried around with you everywhere. You could store your encryption keys out on the Internet somewhere but that actually increases the attack surface. As such, the encryption keys get stored on the phone itself.

Phone OSes include tools like encrypted storage locations for things like encryption keys but realistically they’re no more secure than storing the keys as plaintext in the application’s app-specific store (which is encrypted on Android by default; not sure about iOS). Only that app and the OS itself have access to that storage location so it’s basically exactly the same as the special “secure” storage features… Except easier to use and less likely to be targeted, exploited, and ultimately compromised because again, it’s a smaller attack surface.

If an attacker gets physical access to your device you must assume they’ll have access to everything on it unless the data is encrypted and the key for that isn’t on the phone itself (e.g. it uses a hash generated from your thumbprint or your PIN). In that case your effective encryption key is your thumb(s) and/or PIN. Because the Signal app’s encryption keys are already encrypted on the filesystem.

Going full circle: You can always further encrypt something or add an extra step to accessing encrypted data but that just adds inconvenience and doesn’t really buy you any more security (realistically). It’s turtles all the way down.

For pair programming it works well with Vigor 👍

TAR LAZER!

Removed by mod

It doesn’t run today’s Windows applications 👍

I’m failing to see the problem. As long as one of the languages isn’t PHP they’re still probably better off 🤷

SD3 not being free would be so sad! OMG. It solves all my major issues with Stable Diffusion (which are pretty much the same with all the major competitors).

I just want to have reliable text generation and better control over where subjects are! (Without having to delve into the depths of ControlNet)

Though I suppose if history is a guide, if Stability AI doesn’t release SD3 someone else will release an equivalent… After a delay. The problem is the cost of research in this area is quite prohibitive so that delay could be years 😞

Don’t be too fearful of this kind of thing. Companies have had much worse circumstances with even greater losses of employees/executives and come out stronger as a result.

Example: Apple.

So we can expect a number of bad leaders after this, eventually getting someone with a French accent to take over, run the company further into the ground, then the founder(s) will return (like the prophecy always said) and take over the world for like a decade.

Wow: I always use red arrows with Spectacle but having seen these green ones I think I’m going to switch! 🔝🔚

Docker containers aren’t running in a virtual machine. They’re running what amounts to a fancy chroot jail… It’s just an isolated environment that takes advantage of several kernel security features to make software running inside the environment think everything is normal despite being locked down.

This is a very important distinction because it means that docker containers are very light weight compared to a VM. They use but a fraction of the resources a VM would and can be brought up and down in milliseconds since there’s no hardware to emulate.

Sunshine‽ The KDE icon set from 22 years ago?

https://store.kde.org/p/1120084

Talk about staying power!

I remember trying it out back then but it wasn’t for me (daaaaamn I feel old now).

Don’t think of it like that. Think of it like, “next quarter’s profits”.

It takes a lot of effort for non-technical people to switch to a new OS. Microsoft can capitalize on that to rake in egregious profits for probably five years or more before businesses finish sincere efforts at supporting Linux.

This is why I want to be a billionaire: So I can fly my private (electric, hopefully) jet to places like this and be like, “yes, I love KDE!” and hand over a great big check to this dedicated volunteer.

I’d have “my people” bring a mini red carpet and a fancy looking “FOSS is best” backdrop so I could get a photo op with this cool guy, shaking his hand and smiling at the camera while we both held up one of those over-sized fake checks showing the absurd amount of money he just earned by being awesome.

It’s a configurable option in Klipper (which is the process that’s handling the clipboard in this video). You can access klipper in your system tray and if you right click on it one of the options lets you open up the settings (it’s also somewhere in system settings I think but I always just get there via the system tray icon).

You can also configure how many entries it’ll remember, whether it should pop up at the mouse cursor position, and set up regular expressions to recognize certain types of text (e.g. URLs) to perform specific actions.

This is nonsense. I–and a great many other Linux users–don’t have a Windows partition on any of their computers.

My kids were given Windows laptops for school but that’s the only Windows in the house. For work I just login to a virtual Windows desktop (though honestly I’d work much more efficiently if I had a Linux desktop) 🤷

Then afterwards you can summon the archmage to fix things 👍

Oh please… Real Linux users know how to ESC in any situation. Even vim!

You’re expected to know how to program microcontrollers to mainframes to fucking VCRs and knowing every programming language ever created since electronic computers exist as well as networking and cloud technology and databases, etc. AND you have to be certified in all these things to prove you know them on top of your degree.

So there’s a problem even worse than this: When you have all those skills and more (I do 👍) employers expect to pay you the salary of someone who knows just one of those things.

Like, I was a professional hacker, a systems administrator (both Unix/Linux and Windows), I know networking, have administered/maintained databases, I’m also an award-winning web developer (I know the usual web stuff plus Python, Rust, and a few other things), an embedded developer (C, C++, and Rust), and I can even engineer, design, and program an entire product from scratch that didn’t exist before (see: https://youtu.be/iv6Rh8UNWlI?si=dG15yQlQpfNGCDal ). That includes designing/engineering the circuit board.

Do I get paid for knowing all these things? No. If I apply for any job you know what employers say when they reject me?

Overqualified

You’re damned if you do and you’re damned if you don’t!