Isn’t it? I mean 12 stage pipeline has a very specific meaning to me in this area, and is not a new way of describing something. The release notes description sounds like a multi stage pipeline.
Do you know this kind of area and are commenting on the code?
You can only pick the parts that you need and aren't now exposed to a supply chain attack. You can also easily adapt the code to your needs easily, especially as your needs change.
Yeah, anyone who says 'the government should be ran like a company' has likely never worked in a large corporation. It's full of meaningless work, bullshit jobs and red tape.
Works fine on my end. The HTTPS URL gives a 301 permanent redirect to HTTP, and then I ordered some boner pills and put my social security number to confirm.
Apparently it's not on by default, but all of my browsers do and also warn me whenever a site does not support HTTPS (and require me to explicitly click through to the unencrypted connection).
A client side option to force https might still be useful though. But I can imagine at least some enterprise webapp that would die horribly if you tried this.
table stakes, but people still mess up on it constantly. The "yeah, but that's only a problem if you're an idiot" approach to this kind of thing hasn't served us very well so it's good to see something actually being done.
Trains shouldn't collide if the driver is correctly observing the signals, that's table stakes too. But rather than exclusively focussing on improving track to reduce derailments we also install train protection systems that automatically intervene when the driver does miss a signal. Cause that happens a lot more than a derailment. Even though "pay attention, see red signal? stop!" is conceptually super easy.
I'm not saying it's not important, it is. I just don't believe that '[the] majority of memory bugs are from out of bounds access'. That was maybe true 20 years ago, when an unbounded strcpy to an unprotected return pointer on the stack was super common and exploiting this kind of vulnerabilities what most vulndev was.
This brings C one tiny step closer to the state of the art, which is commendable, but I don't believe codebases which start using this will reduce their published vulnerability count significantly. Making use of this requires effort and diligence, and I believe most codebases that can expend such effort already have a pretty good security track record.
The majority of security vulnerabilities in languages like C that aren’t memory safe are due to memory safety issues like UAF, buffer overflows etc etc. I don’t think I’ve seen finer grained research that tries to break it out by class of memory safety issue. The data is something like 80% of reported vulnerabilities in code written in these languages are due to memory safety issues. This doesn’t mean there aren’t other issues. It just means that it’s the cheapest exploit to search for when you are trying to break into a C/C++ service.
And in terms of how easy it is to convert a memory safety issue into an exploit, it’s not meaningfully much harder. The harder pieces are when sandboxing comes into play so that for example exploiting V8 doesn’t give you arbitrary broader access if the compromised process is itself sandboxed.
> People Are Being Thrown In U.K. Prisons Over What They’ve Said Online.
Hmm yeah, let's see.
> The recent arrest at London’s Heathrow airport of a noted Irish comedian, Graham Linehan, for the “crime” of three politically incorrect tweets vividly illustrates how far Britain has fallen.
Oh, Graham Linehan being brought up again. Curious, what did he say that landed him in trouble?
> If a trans-identified male is in a female-only space, he is committing a violent, abusive act. Make a scene, call the cops and if all else fails, punch him in the balls.
Ah yes, poor little Graham got arrested for only inciting a little extrajudicial violence. Poor guy, he was only being 'politically incorrect'! Truly free speech is under assault and you just get jailed for posting memes in the UK.
Because even though at work it looks like you’re tasked with creating use values, you’re only there as long as the use values you create can be exchanged in the market for a profit. So every humane drive to genuinely improve your work will clash with the external conditions of your existence within that setting. You’re not there to serve people, create beautiful things, solve problems, nu-uh. You’re there to keep capital flowing. It’s soulless.
To think that “non-profit” work is actually non-profit work is just to not have grasped the nature of labor. You have to ask yourself: Am I producing use values for the satisfaction of human needs or am I working on making sure the appropriation of value extraction from the production of use values continues happening?
In some very extreme cases, such as in the Red Cross or reformist organizations, your job looks very clear, direct, and “soulful”. You’re directly helping desperate people. But why have people gotten into that situation? What is the downstream effect of having you helping them. It’s profit. It’s always profit. You’re salvaging humanity for parts to be bought and sold again. It doesn’t make a dishonest work. It’s just equally soulless.
Your argument appears to be that if you redefine all of humanity to be mere grist for a capitalist machine, you can then redefine any altrustic act, as a measure to extract more profit.
I don’t define anything. The truth is just that there’s no profit extraction without charity work. I’ve done lots of it. If you’ve done it, you know too.
As dark as it may seem to strip romantism out of which you call humanity, not only there isn’t a just salary for those who bear the weight of the machine, but also there’s isn’t even a salary per se.
If for you humanity is just doing seemingly nice guy work without question, call me a monster.
My adversary has accused me of sophistry. As if I’m just a crafter of kaleidoscopes. I’m just giving back the compliment by calling out their romanticism.
Charity work can bring momentary fulfillment to a person. I’m not reducing humanity by situating it within the machine. You even have the right to reject the material proposition that charity work is a piece that composes the totality of the machine. But eventually all truth will be self evident, so let’s leave it to the reader.
The point is that he may not using AI in any shape or form, Regardless, AI scrapes its work without explicit consent and then spits it back in "polished" soul free form.
