NPM allows for code to be executed while you install the package which is different from maven or nuget and allows for easy exploitation paths

This is the winner. Combine that with a vastly bigger group of inexperienced developers (and I’m willing to die on that hill), and you have a lot of people running node / npm as an admin / root user, who have close to zero idea what they are doing, hitting their project with third party dependencies left and right for no particular reason (left-pad, is-number, ansi console and similar useless crap), and then your dependency management allows for code execution. Also, from my personal feeling, it seems that npm simply cannot properly audit the packages due to the sheer mass. From a technical standpoint it’s close to trivial to put your malware onto npm, and then you just need to get someone to install your package, which is way simpler than in other package managers

haven’t actually proven to be effective at stopping cheaters

This is what OP said, and it’s completely correct. It’s not that much impact in comparison to “regular” anti cheat systems. And both of those only detect either cheap/bad or known hacks.

Server-sided and data based anti cheats is what would actually be a huge step up. You’re running a 8 K/D in a game where the best players are between 1-2? Banned. You just flicked two enemies within 100ms? Banned. Suspicious activity that’s not that blatant needs to be reviewed.

The thing is - that’s fucking expensive, complicated and needs to be done one a per-game basis, and since its just cheaper to throw you under the bus with a kernel anticheat and claim it’s the best one, that’s being done.

Read up on the dangers.

Anything is beatable, hackable and abusable given the time and resources, and it shouldn’t be my system because some idiotic management took the decision to enforce ring0 access anti cheat to ban some percent more hackers.

No one said that anti cheat efforts do not make an impact, but the impact of ring0 anti cheats is massively overrated

Right, completely forgot that locking exists in SVN, and I guess it definitely makes sense if you’re collaboratively editing unmergeable files.

Thanks!

Serious question, why do they use SVN, as in what does SVN better than Git for the department using it?

It’s not surprising per se, but it’s something that people should be more aware of. And a lot of this consumption is not providing global services (like the Google search or workspace suite) but the whole AI hype.

I didn’t find numbers for Google or Microsoft specifically, but training ChatGPT 4 consumed 50 GWh on its own. The daily estimates for queries are estimated between 1-5 GWh.

Given that the extrapolation is an overestimate and calculating the actual consumption is pretty much impossible, it’s still probably a lot of energy wasted for a product that people do not want (e.g. Google AI “search”, Bing and Copilot being stuffed into everything).

Please don’t take personal offense, but you have merely a project scaffold with an unrealistic goal that will be blocked and C&D’d into the ground, without any other projects created.

It doesn’t matter how hard you’re working on your anonymity, this project will be ripped apart by a horde of lawyers in seconds. You’re not only doing something questionable or against ToS, you’re directly attacking and sabotaging their monetization. This will not be taken lightly by the legal team of reddit.

You want to provide a better, cooler, more robust and other random buzzwords API than the own of reddit. So, you alone, want to provide a better API than the whole team of reddit does for their absolute core product, all by scraping. This is simply not realistic.

While we’re at the topic of monetization, scraping, ETL into your own model and providing the API - for the amount of content that reddit has (quantity, not quality) this will be a highly resource intensive task. How do you plan to fund that, since your API will be better than the official one, I can expect at least the same performance as well, right?

And also, most importantly, even if you magically achieve working around all that and get that working - why? Who is your expected user group? Pretty much every software using reddit moved away from reddit or simply has died. AI gen content is rampant, and most discussions seem like bots talking to bots. There is literally nothing to gain from an API to reddit - so why would anyone bother using it?

So, the “license to kill” is fine, as long it’s non US citizens?

Your definition of democracy and basic human rights is fucking unhinged.

It might be, but to be fair, that’s what the glorified autocompletion is actually good for, if it’s actually used a supporting tool, and not to pump out quantity over quality.

Man, the disclaimer at the bottom that Business Insider is partnered with OpenAI to allow them to train on their articles is really the cherry on top.

Or you can just use vscodium.

Yeah, and yet I’m on PC using Steam. If I’d wanted PSN, I’d bought a Playstation. The same secondary account bullshit applies to Ubisoft, Origin, and all of their buddies. Honestly, Steam should simply refuse to list games that require that, since they could simply use your account, but yeah, money.

And so be mad at Sony specifically? But they are okay with Steam having their data and selling it? Do they also not use a smart phone? Do they drive a car made in the last 4 years? Do they use credit cards? Loyalty cards? The outrage over their data use by Sony specifically is ridiculous when everything else is also siphoning the same information for no benefit to them.

Damn, you only missed the chance for the if you got nothing to hide argument.

If I buy a smartphone, and choose to use Android and Google, I get the benefit of all the stuff Google provides me, by my choice. I can cancel my account, and buy an iPhone next. That’s fine for me, because I chose to do that to use the benefits. If I use a credit card for all my purchases comfortably in one place, then it’s my choice. I can swap to another payment method or bank anytime. That’s fine for me, because I chose to do that to use the benefits.

If I’m forced to create an account that does absolutely nothing for me, then I’d be pissed. Not to speak about people in countries without PSN. Where’s that written, and why did they happily sell the game to people they knew they’ll lock out? Where’s the announcement that a refund policy will be implemented for such cases?

There’s a HUGE fucking difference between your Sony bootlicking arguments you post in every thread about this, and the actual impact of Sonys actions.

The account link was optional, but somewhere they have written that the PSN account will be required at a later stage, seemingly due to issues at launch. Now, people who are living in a country where PSN is not available (which are quite a lot actually) will no longer be able to play, neither to refund, since the launch is months ago.

So it’s way more than just having yet another account, which is especially ridiculous in the case of PSN for Steam PC games.

If you use a dockerized environment, that will only work better on Linux. .NET8 is AFAIK natively supported on Linux, so there shouldn’t be too much of an issue apart from the usual clunkyness. Visual Studio will probably be more of a problem. The “easiest” way would probably be to switch to jet brains or vscode. If you are hardstuck on VS for whatever reasons, you probably should be able to do some voodoo with running it in docker and using the container as a remote desktop, but this will be PITA to setup and maintain.

Because lowering the amount they’re charging or increasing the amount of aid will cost more than measly 25 million and doesn’t make such good headlines.

The Hamas-led murderous rampage into southern Israel was the deadliest terror attack in Israel’s history, killing at least 1,200 people and abducting more than 250 others. Israeli attacks on Gaza have since killed at least 33,634 Palestinians and injured another 76,214 people, according to the Ministry of Health there.

Jesus fuck, Germany is paying symbolic money to roughly as many genocide survivors in Israel as people have been murdered and injured by Israel committing genocide.

The current German government is an absolute fucking joke, and they are doing everything to actually show it.

Again, you may quote the FSF, but there are too many users of open source, as well as developers, who got into it for the reasons I stated. I can assure you that they are not doing it so that corporations can profit off their software without giving back.

If you are developing open source, you are not necessarily developing FOSS. If you are developing FOSS, you are also developing open source.

FOSS is well defined by the FSF, and it has been for ages, and to be frank, therefore no one cares for anyone’s personal definition of it.

What I am against is having the cake and eating it, as it’s being proposed with this licensing. Either you do FOSS, or you don’t. Either you do open source, or you don’t. Either you do proprietary software, or you don’t. It’s really that simple, because depending on your project, you take the terms that you see fitting and live with the consequences. The whole goal of this proposal was to be taken more serious as open source developers and projects, and to ensure funding for further development. Cherry picking the best parts of every model, and making irrational demands does not achieve that.

As I said, I’m absolutely on board that open source licensing and open source development being taken for profit by corpos absolutely sucks, and the usual licensing models have not aged well with the much wider adoption and usage of open source, and there is a need for change - as it’s being done e.g. by elastic, redis and others with their dual licensing.

It doesn’t matter how hard you want to call it FOSS, but with this licensing terms you describe it is not FOSS, period. And to be honest, you calling out various people for not getting what FOSS is, while you fully ignore the agreed on definition by people who are actually doing FOSS is you discrediting yourself.

You haven’t found a license like this, because your model is flawed: A licensing like this will disqualify you from any kind of usage in an actual FOSS licensed environment. Personal users, which will not be providing revenue, will not be really affected by this, and are irrelevant for your point. Corporate users, which you will mostly target by this new license probably won’t be able to use your funky new license because they will need to check with legal, and your software will need to have a lot of USPs for someone to bother with that. A 1% corpo-richness-tax will not be approved by any kind of bigger company, because it’s a ridiculous amount from the perspective of your potential customers.

You’re taking yourself way to important. Open source software is not replaceable as a whole, but individual projects are. If you want to earn money with your project, that’s good on you, license it accordingly, but do not try to upsell it as FOSS.

And I fully get your point, and I’m currently working on the same problem in my in-development project, and I’m not sure yet whether to dual-license it, for similar reasons you stated, and live with the consequences of providing OSS, but non-FOSS software, or do FOSS and provide it for actually free.

Edit: Also, the xz backdoor has nothing to do with funding. Any long time maintainer (as in not just a random person contributing pull requests) going rogue can happen in funded scenarios as well.

https://github.com/LemmyNet/lemmy/issues/2977

According to the lemmy devs, deleting your account also overwrites and purges your comments and posts. This deletion is being federated - but other servers may choose to ignore it, be buggy, down or whatever, and therefore not fully deleting your content there.

Since lemmy is decentralized, that’s as close to a full deletion as you’ll get, and to quote your rationale, that’ll be the only bridge you’ll be able to burn.

Side note: Why are several of you so aggressive on a simple question? If they want to leave the platform and delete their content, why shouldn’t they, especially since that is absolutely non-trivial on a decentralized platform?