- Joined
- Jun 11, 2024
Explains why games like Battlefield 6 are enforcing Secure Boot, so those unsigned cheater drivers can't be loaded.
Open Source Software Community - it's about ethics in Code of Conducts
- Thread starter CrunkLord420
- Start date
-
Want to keep track of this thread?
Accounts can bookmark posts, watch threads for updates, and jump back to where you stopped reading.
Create account
- Joined
- Mar 27, 2025
Battlefield 6 already has a huge cheating problem and it hasn't even launched yet.
- Joined
- Oct 19, 2023
this happens sometimes but you can always switch to something else until the troon crashout reaches its final stages and somebody else unfucks the project
guix actually does have a (contributor-covenant-derived) coc but nobody cares because it is under the protection of the immense autism field that rms projects over the entire gnu project
definitely better than nix every time i hear about nix it's some terrible shit (every time i hear about guix it's because they managed to bootstrap another entire software ecosystem from their 300 byte hex assembler)
the only thing stupider than cargo or npm is probably gradle
there are other accepted java build tools though such as ant (basically make but the makefiles are in xml because it's a java tool and they have that xml fetish)
you also technically can use rustc like gcc but nobody does since everything under the sun has to be a "crate"
the rust compiler is just a frontend for llvm
brillant language
- Joined
- Feb 26, 2024
As far as I know, you can use
rustc to compile standalone Rust files. Cargo is just a frontend for way too many rustc calls.
Ed Special
kiwifarms.net
- Joined
- Mar 10, 2021
This is why I don't even bother with PvP shooters anymore. The anticheats keep getting more and more invasive, while the cheaters get more and more pervasive.
Eternal Spirit of Darknes
kiwifarms.net
- Joined
- Aug 2, 2025
Every day is a good day.
- Joined
- Oct 6, 2016
There's this project to port "The Cargo Experience" to C++ and the tutorial page on how to use it is a beyond parody length of textwall.
Anyway, I really need to go work on my "suckless" wrapper for make that blasts horrible fetish material into the console.
You can customise pronouns or whatever by changing the defs and recompiling. Its' a single c file.
No, wait. It's a "header only" library that you have to #include <> into an empty .c file and then compile that.
- Joined
- Jan 29, 2024
Here's a fun article from Tom's Hardware: Battlefield 6 open beta says it won't run if you have Valorant also running [...]
Kernel-level anticheats are starting turf wars over syscalls. Can't wait for one of them to get an RCE found, so Microsoft kills the concept entirely.
- Joined
- Mar 23, 2020
Its really fun having everything live in one config, I'll tell you that. And it also has a surprisingly large amount of packages in the base repos, and even more in nonguix (non-100% FOSS code repos).
- Joined
- Oct 6, 2016
Microsoft is going to "kill" the concept by opening an approved path via their "Pluton" functionality in all new CPUs.
Can't wait until Netflix, Youtube and your bank block you for running a configuration that they haven't blessed.
- Joined
- Oct 19, 2023
i have heard of this thing called conan and this other shit called vcpkg but as far as i know nobody actually uses that shit
so not only are they gay, they are also like the 9th project to try this
good god this is horrible what the fuck
yes this is called ./configure && make you fucking NIGGERShorrible complexity addicts said:
haha i love seeing a malware fight break out
just pit the kernel rootkits against each other and watch them duke it out, but make sure to save your work first because the poor nt kernel might get unstable
"trusted computing" is a quite dangerous attack against freedom, but thankfully a lot of useful things don't fucking care what you're running as long as it runs javascript
you already have to install some mysterious proprietary blobs on your system (and then run many more through javascript) just to watch netflix anyway, and that's been like that for quite a while
- Joined
- Nov 21, 2020
Much of the time you need to run autoconf from git these days or cmake. It's really too bad there's no standardized way of naming a file so you can READ it first, or maybe something telling you how to BUILD the code.
- Joined
- Sep 15, 2021
https://rdrama.net/post/387105/introducing-undeleterdramanet-replacement-for-undeletepullpushio
I don't know if anyone posted this before recently but the admin of rDrama.net made his own fork of PullPush.io to access deleted reddit comments and archives.
I don't know if anyone posted this before recently but the admin of rDrama.net made his own fork of PullPush.io to access deleted reddit comments and archives.
HootersMcBoobies
kiwifarms.net
- Joined
- Jan 7, 2019
Gradle is the only sane build tool in the entire JDK ecosystem that follows the Maven directory structure. And the only good thing that survived Maven (a god terrible tool) is that directory structure (src/main/<lang>). Ant is ancient and I guess I can see people liking it if they want full control of the entire build structure. But I'm fine with the maven layout.
I assume you probably hate the maven layout itself. If you think Gradle is bad, you really need to look at the source code for sbt (Scala built tool that uses the maven layout). It looks fine at first glance, but you start digging into the code and it's a lot of man made horrors under there. I've known people who've wanted to contribute and fix things, but it's a pain in the ass to wrap your head around a lot of the internals (and not just because it's Scala, although the language lends itself to people who have a PhD in category theory and aren't afraid to use it).
snotang
kiwifarms.net
- Joined
- Jul 29, 2024
The frustrating thing is that truly Open trusted computing could be so good. It basically represents the possibility of artificially creating a trusted third party that is completely impartial - it serves everyone. The only requirement is that it needs to be possible to always delete the keys the device uses in all cases of attempted tampering or exfiltration. If you can achieve that and pair it with a bunch of sensors, you have a forensic camera / microphone / etc whose signed output can be trusted by arbitrary parties.
If you and some others then use your forensic camera to record the transparent, in-the-open construction of more open trusted computing devices, you can start forming a trusted computing Web of Trust along the lines of GPG. Eventually you end up with a graph rooted in millions of trusted computing devices, and successfully creating a compromised device requires every single one of those already be compromised. Since the devices were all built in the open, anybody can try their best to compromise them, and the ensuing arms race will result in more and more robust mechanisms for securing the devices. Eventually, like with cryptography, this will result in devices that can be reasonably assumed to be secure.
Think about how many problems can be trivially solved with a third party that people actually have reason to trust.
But no, instead they put proprietary black boxes in consumer hardware to keep the cattle from getting too uppity.
And now anybody who would actually be interested in putting trusted computing toward good use will instinctively recoil whenever the words "trusted computing" are mentioned.
Ed Special
kiwifarms.net
- Joined
- Mar 10, 2021
Netflix and your bank, sure. JewTube, no, that would Thanos Snap away the third of their userbase that consists of impoverished poojeets and literal children... which is, coincidentally, the third of their userbase least likely to use adblockers to begin with.
Last edited:
- Joined
- Oct 19, 2023
>build tool known for downloading a bunch of random shit for no reason
>arguably worse than cargo about this
>gradlew
yeah sure buddy
- Joined
- Feb 8, 2021
Trusted computing is a logical impossibility unless the user doesn't control the hardware, which is why all attempts at it involve sneakily stealing hardware control away from him, be that in the form of cloud computing (other people's hardware) or sabotage (mandatory mystery chip that doesn't do what the user wants, making the computer no longer a general purpose computer; your scheme is this). It's no wonder its consequences are good because you're starting with a contradiction.
Your "only" requirement is a perfect tampering detector, and also a way of observing the construction of computers that is perfectly deception-proof, and a way to get the initial key on the device without someone covertly weakening or copying the one thing that'd instantly subvert the new trusted computing world order in favor of whoever pulls this feat off.
This is complete science fiction, so enter the cop-out of "reasonably secure" protection. But then it suffices to silently compromise a few devices, which is easy. You have essentially reinvented certificate authorities (~= hardware makers) at this point, and you can look at the Windows driver code signing debacle to see how effective that is.
This entire thing is nerd wank. Worse, it's the type of nerd wank that normalizes increasingly widespread computer sabotage. "The idea is sound, if only the good guys were in control... Any day now..."
Enjoy the Microsoft™ SafeComputing™ chip, child.
- Joined
- Mar 23, 2020
Safe/Trusted Computing should never, ever be a thing, and in fact, "safety" as normgroids or corporate djinns put it should not be a thing either. Neither the world nor the Internet are a safe place, nor should they be. Overabundant """"safety"""" fosters learned helplessness and makes everyone involved more submissive and retarded. No wonder every government in the world is pushing for this shit right now, niggercattleiffication in full swing. Sad!
snotang
kiwifarms.net
- Joined
- Jul 29, 2024
A "third party" that can be mindcontrolled into doing anything another party wants should obviously not be trusted. What part of "serves everyone" do you not understand? No shit it's not a general purpose computer, did you miss the part where I pointed out that putting this in consumer hardware was the worst possible application?
When you have the luxury of failing closed instead of open, this becomes far more feasible. You don't need to have perfect accuracy - deleting the key material on false positives is always an option. Likewise, you don't need a way to observe the construction of arbitrary computers, you need a way to observe specially-prepared construction processes for certain computers designed from the ground up to be transparent. These, too, can be conservative approximations (e.g. "Brad's elbow was covering it for a second, start over").
These design choices are possible precisely because it's not a general-purpose consumer computer. It's fine to throw away the keys if the temperature gets above a certain threshold, or an impact of a certain intensity is detected, or internal sonar senses a change, or the air pressure changes, or the internal atmosphere of the device changes, or electromagnetic radiation beyond a certain intensity is detected, or backup power is about to be lost, etc - the user just has to know to not trigger these conditions.
The obvious solution is to use hardware-based RNG so that the key can be generated after the device is assembled, and the public key is sent outside after that. Also, compromising the key for one device compromises only that device: this is the entire point of having a web of trust instead of a linked list.
The point of mentioning "can be reasonably assumed to be secure" is that any security mechanism that nobody has tried breaking can't be reasonably assumed to be secure. This is why I specifically wrote "reasonably assumed to be secure", not "assumed to be reasonably secure". AES256 is not "reasonably secure", it is very secure, and this can be reasonably assumed after extensive effort has been given to breaking it.
And again, creating a falsified creation record requires that every device upstream of it is compromised. If a single person with an independent, uncompromised device shows up to record the creation of this device - which should be a public event - it can't be compromised without it being made known.
To recap: in my previous post, I said that "Trusted Computing" being associated with proprietary black boxes shoved in consumer hardware to exert control over the user would cause people to recoil at the mention of the phrase.Enjoy the Microsoft™ SafeComputing™ chip, child.
You proceeded to go on about how akshyually trusted computing is always bad because if you put a
Should I be exasperated by you immediately proving me correct, or reassured?
Open, transparent, and secure crafting of devices is Hard. Most people, even in the free software world, don't bother worrying about software bootstrapping, and that's software. It also doesn't give special control to any particular party, which is one reason those with the financial and technical resources to create such devices aren't very interested in them, preferring instead to take the low-hanging fruit of doing as you say: sabotaging general-purpose computers with proprietary black boxes for the interests of third parties.
But I do believe it's possible. Disagree all you want, but don't toss the idea aside with the most shallow "it's exactly like what is already widespread" assumptions. Your pessimism bores me. Be pessimistic in creative, intelligent ways.