• 0 Posts
  • 34 Comments
Joined 9 months ago
Cake day: September 26th, 2023
  • ____@infosec.pubtoOpen Source@lemmy.mlGermany's Sovereign Tech Fund Now Supporting FFmpeg
    2·
    2 months ago

    It’s amazing how many companies rely on a crazy amount of FOSS libs, etc.

    In the relatively recent past, a boss who I had software PMd for across numerous years had the unmitigated gall to ask me for a list of licenses for “all the software we used.”

    I literally laughed in his face, explained open source and the rabbit hole such a question goes down, and he just couldn’t (wouldn’t) get it.

    Unfortunately, the biz side of the house doesn’t like “yeah, it’s all legal, but fuck you if you think I’m documenting every piece of code in every library in a ten plus year old code base, allllllll the way down.”

  • ____@infosec.pubtoFree and Open Source Software@beehaw.orgAre there any WYSIWYG html editors? just curious
    1·
    2 months ago

    Have made numerous mockups for devs, as a PM, that way.

    When you have one style sheet for users and admins, you get creative.

    At the time, building it wasn’t my problem. Explaining what needed to be built was, and the devs in question were not native speakers of same language I was.

    Show, not tell, works quite well IFF you recognize immediately when it’s needed.

    Copy the thing you want from where it is, paste it where it needs to be, and tweak the (easily recognisable by any human, cmon) verbiage.

    I’m not a particularly visual person, so dev tools was quite useful for that. “${foreach} state, ${foreach} county, ${foreach} postal code,” here is the expected UI both expanded and not, beats hell out of trying to spec out what amounts to the better part of an RFC, especially when I am not the one actually writing the code and also not the one who came up with the straight up crazy schema.

    Schema created years ago, and there’s only money to add this UI to replace an UPDATE WHERE that the boss decided he didn’t like because he didn’t “get it” and couldn’t personally do it if ever needed (literally no world where it would be needed, and boss didn’t understand the geo that made the whole thing necessary, but…. That’s life.)

    (Edit: created, not ‘creates’, and FreeMarker is brutal. Things that binary work/do not work belong in code, not templates. Templates should be as tolerant as is sane given a use case. Boss wouldn’t know HTML or a variable if I whacked him over the head with a variable (length walking staff))

  • ____@infosec.pubtoSelfhosted@lemmy.worldSelf-hosted website for posting web novel/fictionEnglish
    2·
    2 months ago

    Not aware of a FOSS 1:1, but that sounds like Ghost or your blogging platform of choice.

    Except WP, if self hosting, IMHO. Wordpress == PHP == trouble and risk. I don’t mean to malign WP specifically, but if you’re a noob, you want to avoid exposing PHP to the public internet - especially if there’s any possibility you’ll eventually forget about maintaining and upgrading.

    Just too damn easy for some threat actor to come along and exploit a vuln you missed, in the software or the web server or WP.

    That said, years of WP taught me that, roughly, you want “pages” linking to “posts” ( == chapters). In theory, the former is a permanent reference and the latter is dynamic to some degree.

    In reality, the existence of search engines before enshittification means the two have been conflated frequently.

    Pages would often get links in a sidebar or menu. Posts might get buried much farther down, but can also be linked to. They’re often, but not always, time—specific.

    “2023 NY [financial product] Guide” (page) might well link to a years-old post about subrogation regarding an attempted BBQ of a random wild animal that went wrong and caused a fire, because it’s a positively classic example of the same that makes a great deal of sense to most people, even if they don’t understand terms like subrogation.

    Post/page are distinctions that WP makes, but are abstractly relevant to setting up abs any CMS (which is what you want, Content Management System) so that you (ideally) never have to figure out how or where to link something, its just native. Changing the structure means changing the URLs which is annoying at best, and fraught with peril at worst.

    Above 2023 xxxx Guide page, would be https://example.org/NY-Xxxx-Guide and that way you DGAF about the sidebar links, for instance. Link it once, and then you only have to update 50 posts with the year and/or some change in the data, which can be done programmatically in the db as a trivial exercise. “UPDATE page SET title = (SELECT title FROM… WHERE ‘2022’ in title TO ‘2023’;”

    Disclaimer: do not run that query as copypasta, it’s meant to illustrate a point and not to exhibit valid SQL on any db (Not least because I intentionally left out at least one closing paren and simplified a bit. I’m a PG guy, and I am 100% certain it would fail as written, but fully expect anything approaching the standard to reject it. But you get the idea, update 50 states at once with a fairly simple query, once a year.

    Lots going on here, but go for a modern CMS and repeatable updates, not a legacy product with a bunch of tech debt accumulated. Build it clean, plan it out first, and know whatever DB is backing it fairly well.

  • ____@infosec.pubtoSelfhosted@lemmy.worldCustom Domain EmailEnglish
    5·
    3 months ago

    Migadu has been amazing. It “”just works,”and there’s no reason to deal with any of the crap that comes with hosting email.

    They are affordable, and provide exactly what they claim to provide.

    Email is not - IMHO - worth the trouble to self host. There are too many hard stops where email is required as login, etc to bother.

    I enjoy hosting and using a variety of services. But I’ve no desire to bother with something I can ship out to folks who live and breathe that particular service.

  • ____@infosec.pubtoPiracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ@lemmy.dbzer0.comHelp with wheelchair softwareEnglish
    10·
    4 months ago

    Open source wheelchairs; and a community of variously abled makers who can come together and build assemblies that are “not medical devices” but come together easily into something that could be used as such.

    Speaking strictly for the US, and as a non-lawyer - I’m inclined to think that an open source wheelchair would probably sail right through the 510k process, but… Still doesn’t make that process cheap by any means.

    I’ve had similar thoughts re: CPAP/APAP machines, neither the SW nor the HW is brutally complex / poorly understood. Pretty straightforward stuff mostly. But trying to distribute a thing like that even as plans is just asking for a C&D from the FDA, I’d expect.

  • ____@infosec.pubtoLinux@lemmy.ml*Permanently Deleted*
    28·
    4 months ago

    If the clock is off (bad CMOS battery, as others have noted); and there is a password “max age” setting that’s intended to be far, far, far in the future…

    Well, your clock being off by a few hundred years might well trigger the (intended never) expiration setting.

    Malware is a possibility, but I lean towards the date being the cause rather than an effect.

  • ____@infosec.pubtocybersecurity@infosec.pubGolden Corral restaurant chain data breach impacts 183,000 peopleEnglish
    2·
    4 months ago

    That was exactly my take.

    Regrettably, these folks are in no way equipped for a cyberwar.

    All the less so for their deps etc.

    I expect my - and anyone’s - employer to pay health insurance, and to keep that data safe. Customers are fine here as far as u can tell, but if you tell me that you’ll cover some amount of risk and then you reneg,were rightfully going to have a humdinger (see OCMS) of a war on that one.

    If you insure my health risk, fr where I sit, you also insure the risk of my data that I handed over so you could insure the risk, in the first place.

  • ____@infosec.pubtoProgramming@programming.dev*Permanently Deleted*
    1·
    4 months ago

    Appreciate you pointing out those examples - while one could argue errors in judgement, going with what one knows allows for getting stuff done NOW.

    Have to say, FB and G examples resonate most with me because while Java is hardly “rapid,” given a well-defined objective I can bang out PHP or Python to accomplish it quickly, and then iterate efficiently.

    That was doable long before the idea of iterating quickly / failing big / etc entered the public consciousness. Just not in Java…

  • ____@infosec.pubtoLinux@lemmy.mlI'm relatively unfamiliar with Linux. I'm getting a ThinkPad T460 and want to install Mint on it. Is there anything about the T460 I should know?
    5·
    4 months ago

    Yes - you’ll be well-served by the ThinkPad line in general. My first permanently dedicated Linux machine was a T430 and true to form things largely “just worked.”

    That was enough years ago that I might well have needed to seed the network drivers on the usb key, and that was the worst of it.

    They’re tanks, and the hw is generally easy and fairly intuitive to swap out the usual memory and HDD.

    IIRC my first distro on that was Debian, had plenty of docs about the intersection of the distro and ThinkPad line.

    Mint should be perfectly fine given that.

    I will say that I try not to do fresh installs on unfamiliar hardware w/o some other available form of connectivity, my phone mostly is quite sufficient for the purpose. It’s just easier not to risk putting myself in a difficult position in the first place.

    You’re in for some fun.