IANAL nor intelligent, but after skimming the text of the directive I felt like the definition of damage is very limited. In particular, if I understand correctly:

our business to lose this giant contract

would not be covered by this directive, this directive is only about a human being hurt in some way,

thousands of consumers left with bricked devices

would be covered in case of “your game installs a kernel-level anticheat and the anticheat breaks PCs”, but not in the case of “you uploaded an upgrade to a firmware of the washing machine you produced and it bricked the machines”; the directive is not about a product breaking, but about the product breaking your health, other property or data,

my washing machine to eat my dog

is basically the exact case this directive covers.

Same in Python, Rust, Haskell and probably many others.

But apparently JS does work that way, that is its filter always iterates over everything and returns a new array and not some iterator object.

It seems OP wanted to pass the file name to -k, but this parameter takes the password itself and not a filename:

       -k password
           The password to derive the key from. This is for compatibility with previous versions of OpenSSL. Superseded by the -pass argument.

So, as I understand, the password would be not the first line of /etc/ssl/private/etcBackup.key, but the string /etc/ssl/private/etcBackup.key itself. It seems that -kfile /etc/ssl/private/etcBackup.key or -pass file:/etc/ssl/private/etcBackup.key is what OP wanted to use.

Oracle trilateration refers to an attack on apps that have filters like “only show users closer than 5 km”. In case of the vulnerable apps, this was very accurate, so the attacker could change their position from the victim (which does not require physical movement, the application has to trust your device on this, so the position can be spoofed) until the victim disappeared from the list, and end up a point that is almost exactly 5 km from the victim.

Like if it said the user is 5km away, that is still going to give a pretty big area if someone were to trilateral it because the line of the circle would have to include 4.5-5.5km away.

This does not help, since the attacker can find a point where it switches between 4 km and 5 km, and then this point (in the simplest case) is exactly 4.5 km from the victim. The paper refers to this as rounded distance trilateration.

This looks suspiciously similar to what LTeX produces for me. Are you sure that this is not the true origin of the error? If this is indeed LTeX, you will see it in :LspInfo.

If so, here is some info about changing the language of LTeX: https://valentjn.github.io/ltex/advanced-usage.html In short, you could try \usepackage[french]{babel}, or % LTeX: language=fr-FR.

I like btdu which is essentially ncdu, but works in a way that is useful even if advanced btrfs features (CoW, compression etc.) are used.

I looked at material.nvim randomly, and they use vim.api.nvim_set_hl to set their colors. It seems that the equivalent of the above command is :lua vim.api.nvim_set_hl(0, "Normal", {}).

:highlight Normal guifg=0 guibg=0 worked for me, at least when run interactively in a nvim -u NORC session.

I really need to try out Mercury one day. When we did a project in Prolog at uni, it felt cool, but also incredibly dynamic in a bad way. There were a few times when we misspelled some clause, which normally would be an error, but in our case it just meant falsehood. We then spent waaay to much time searching for these. I can’t help but think that Mercury would be as fun as Prolog, but less annoying.

I actually use from time to time the Bower email client, which is written in Mercury.

Not a Fedora user, but according to https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems/ adding a new fstab entry with the correct option should just work. They even give changing the size of /tmp as an example usecase :)

Edit: Actually, I thought about it, and I don’t think clang’s behavior is wrong in the examples he cites. Basically, you’re using an uninitialized variable, and choosing to use compiler settings which make that legal, and the compiler is saying “Okay, you didn’t give me a value for this variable, so I’m just going to pick one that’s convenient for me and do my optimizations according to the value I picked.” Is that the best thing for it to do? Maybe not; it certainly violates the principle of least surprise. But, it’s hard for me to say it’s the compiler’s fault that you constructed a program that does something surprising when uninitialized variables you’re using happen to have certain values.

You got it correct in this edit. But the important part is that gcc will also do this, and they both are kinda expected to do so. The article cites some standard committee discussions: somebody suggested ensuring that signed integer overflow in C++20 will not UB, and the committee decided against it. Also, somebody suggested not allowing to optimize out the infinite loops like 13 years ago, and then the committee decided that it should be allowed. Therefore, these optimisations are clearly seen as features.

And these are not theoretical issues by any means, there has been this vulnerability in the kernel for instance: https://lwn.net/Articles/342330/ which happened because the compiler just removed a null pointer check.

You could make an argument that not using banking apps decreases your security, since most banks use either SMS or those apps as the second factor while confirming the operations. It is true that the apps are of varying quality, but SMS is not really a serious alternative. Some banks do have apps that are limited to confirming operations, and one bank where I live did recently start accepting U2F, which is amazing news.

It might be helpful to elaborate on what permissions mean for directories. As always, this is well explained on the Arch Wiki: https://wiki.archlinux.org/title/File_permissions_and_attributes#Viewing_permissions

The short version is that, when it comes to permissions for directories:

• r is what allows you to see what files are in the directory, for instance by ls directory,
• x is what allows you to operate on the contents of the file, for instance by cat directory/file or by echo something > directory/file,
• w (together with x, in case of directories it is meaningless without x) is what allows you to create new files, delete existing or otherwise modify the directory itself, for instance by cp directory/file directory/new_file.

Note that these are completely separate from the file permissions, which govern the contents of the file. For instance, if I have only x permission for the directory, but I have rw permission for a file of that directory, I can write to the file and read from it. However, I wouldn’t be able to remove it. On the other hand, if I have wx permission for a directory and I have no permissions for a file of that directory, I cannot write nor read from the file, but I can remove the file.

In spite of above, you will find all users have rwx permissions for /tmp, but they can only remove their own files. This is due to the sticky bit, which is marked by the output of ls -l having drwxrwxrwt instead of drwxrwxrwx. This means that the system will only allow the other users to rename or remove the file if they actually own it.

A common(ish) usecase for splitting r and x on permissions is when teachers want to collect the work of the students. They might have their home directory permissions set to rwx--x--x to ensure other people can’t see their files (and of course they still should make sure that the individual files have the correct permissions). However then they can create a directory /home/teacher/work and set its permissions to rwxrwxrwt. Then for a student, ls /home/teacher will fail, but ls /home/teacher/work and cp my_work.tar.gz /home/teacher/work will succeed.

It seems that I can’t see the link from 0.18.3 instances somehow. Maybe one of these will work: https://math.stackexchange.com/a/18347 https://math.stackexchange.com/a/18347 https://math.stackexchange.com/a/18347

Imagine a soccer ball. The most traditional design consists of white hexagons and black pentagons. If you count them, you will find that there are 12 pentagons and 20 hexagons.

Now imagine you tried to cover the entire Earth in the same way, using similar size hexagons and pentagons (hopefully the rules are intuitive). How many pentagons would be there? Intuitively, you would think that the number of both shapes would be similar, just like on the soccer ball. So, there would be a lot of hexagons and a lot of pentagons. But actually, along with many hexagons, you would still have exactly 12 pentagons, not one less, not one more. This comes from the Euler’s formula, and there is a nice sketch of the proof here: .

Every prime larger than 3 is either of form 6k+1, or 6k+5; the other four possibilities are either divisible by 2 or by 3 (or by both). Now (6k+1)² − 1 = 6k(6k+2) = 12k(3k+1) and at least one of k and 3k+1 must be even. Also (6k+5)² − 1 = (6k+4)(6k+6) = 12(3k+2)(k+1) and at least one of 3k+2 and k+1 must be even.

Isn’t this the point though? Like, if you spot that (let’s concretize) the trash is starting to overflow, you can either take it out right now which will take you 2 minutes and (hopefully) barely interrupt your day, or you can add it to your list of things to do. And so you get that list of 59 things by ignoring the 2-minute rule, not by applying it.

That’s because all the audio drama focused on PulseAudio.

Same for Polish. One funny thing I’ve noticed is that in one of the examples, the person tries to stay at a hotel, and the price is clearly in the old currency, which has not been used since 1997.

No RSS for now

Feed is here: https://dotfyle.com/this-week-in-neovim/rss.xml