• 0 Posts
  • 23 Comments
Joined 1 year ago
cake
Cake day: August 13th, 2023

help-circle





  • The massive negative outcry over this fairly uninteresting change certainly seems oddly overblown, almost as if there are parties trying to turn it into a big political issue to paint Russia as a victim. But idk, nerds freak out over stuff all the time completely on their own.

    Giving them the benefit of the doubt, I think the Linux Foundation has a hard time being clear on the matter because it just isn’t clear. These are new laws and a global open source cooperation run by a non-profit is likely a corner case that the lawmakers did not think about at all when making them.


  • Yes, the sanctions against Russia, as mentioned by Linus. The change also said the maintainers “can come back in the future if sufficient documentation is provided”.

    My guess is that the Linux Foundation must ensure that none of the people they work with are in any way associated with any organisation, person or activity on the sanctions list. And that they preemptively removed all maintainers that might risk violating the sanctions while they work with them to establish whether they might be covered by the sanctions or not.

    Regardless of what you or they think of the sanctions, they are the law, and I don’t think anyone wants the Linux Foundation to have to spend their money on lawyers and fines because they had a maintainer who also worked on a research project funded by a sanctioned entity. (If that is how it works, IANAL)


  • I’d say the “exchanges” they had with Estonia, Latvia, Lithuania, Poland, Finland etc. were quite unequal. Expanding your territory through force is the purest form of imperialism, no matter what color your flag is.

    That declaration wasn’t worth the paper it was written on, as the USSR immediately turned around and tried to forcefully annex these newly independent states (and when it failed tried again some years later).

    Yes Finland joined forces with the nazis after the winter war, but the USSR started the winter war attempting to conquer Finland. To blame them for joining forces with the enemy of their enemy after being invaded and losing territory is just wild.

    So the argument is that the USSR was so scared of Poland joining the nazis that they made a deal with the nazis to invade it together and divide it between them? How does that make any sense?

    The USSR didn’t withdraw their troops from the baltic states until the 90s, a good 45 years after the end of WWII.

    The Molotov-Ribbentrop pact was a deal between the USSR and nazi Germany detailing who would get what parts of eastern Europe. The existence of other deals and treaties that you think are worse does not change that reality.

    If the USSR had been the staunch defender of the slavic peoples from nazis aggression that you claim they were, they would have entered into a defensive pact with the eastern states, not invaded them.

    Talk of freedom and brotherhood means nothing when cooperation is gained at the barrel of a gun.


  • kattfisk@lemmy.dbzer0.comtoMemes@lemmy.mlI'm beginning to notice a pattern
    link
    fedilink
    arrow-up
    4
    arrow-down
    12
    ·
    edit-2
    29 days ago

    So you are straight up denying the existence of the Molotov-Ribbentrop pact?

    To be clear I don’t fault them for signing a NAP, I fault them for invading a bunch of eastern European countries with whom they had no quarrel because they wanted to do imperialism.

    But I guess the fact that you dodged the question and immediately started spewing whataboutism proves that you’re not really interested in a discussion.


  • It’s an ironic title. Like saying “A benefit of loosing your legs is that you don’t need to buy shoes anymore. I mean I can’t get down the stairs to leave my apartment, but at least I never have to shop for shoes again!”.

    The benefit is real, but it’s also clearly not in proportion to the drawbacks presented, so focusing on the benefit is a joke.




  • I honestly kind of like the title and the angle of being brutally honest about the fact that the author (like most who are well off) actually benefit a lot from world hunger. That’s an important point, not because we should support world hunger, but because if we are to tackle it we must be willing to lower our standard of living.


  • To quote the article in question (highlight is my own):

    “[H]ow many of us would sell our services so cheaply if it were not for the threat of hunger? When we sell our services cheaply, we enrich others, those who own the factories, the machines and the lands, and ultimately own the people who work for them. For those who depend on the availability of cheap labour, hunger is the foundation of their wealth.




  • But that post is Mozilla clearly speaking out against SREN because they do not want to be compelled to block certain sites.

    Are you then talking about Google Safe Browsing? Which is enabled by default in Firefox, but which does not “monitor your activities”. It compares the site you are about to visit to a downloaded list of known bad ones and warns you if it’s on the list. Hardly an Orwellian nightmare. Just turn it off or ignore the warning if you do not want it. I keep it on because I’ve never seen a false positive on that list and I understand that even I’m vulnerable to attack.

    We should be free to customize programs, free to block what we don’t need

    And you are. If you don’t want to use safe browsing, turn it off, is right there in the menu. They have given you a default that’s best for most people and the option to customize.

    Further, since it’s free software there’s really no limit to your power to customize or get rid of what you don’t need. (I understand that this is not possible for most people, but that’s why you have the menu options, this is just a final line of defense.)


  • Security for the user is obviously what we are talking about. Regular people do not have the knowledge or patience to make informed decisions regarding their technical security; any model that relies on that is going to fail because people will click whatever they need to make stuff work. Even people who do understand the technology do stuff like disabling SSL verification, rather than going through the effort of adding the new CA to their cert list.

    Firefox is not doing the same as Chrome. Firefox is adding a feature to disable unverified add-ons on particular domains to stop attacks from malicious add-ons. Chrome is adding a feature that tracks the sites you visit and shares them with other sites to improve ad tracking.

    How are these features comparable at all?


  • That’s interesting. The first site on the list is the self-service login page for Banco do Brasil. Doing a little bit of digging suggests that attacking the users local environment to steal money via self-service is a widespread problem in Brazil. That would explain the need to block all add-ons that are not known safe for a page like this so they can’t swap that login QR-code. Here’s an (old) article detailing some of these types of attacks https://securelist.com/attacks-against-boletos/66591/

    I wish Mozilla would be more transparent about this, but I speculate that they might be provided these domains under NDA from the Brazilian CERT or police.

    TBH I think malicious add-ons are the new frontier of cybercrime. Most classic attacks methods are well mitigated these days, but browser add-ons are unaffected by pretty much all protections and all the sensitive business happens in the browser anyway.

    remotely monitored their browsing real-time

    it’s kind of inevitable that sometimes they have to support that giant

    What more specifically are you talking about here? The functionality we are talking about can not be used for remote monitoring. Are you saying Mozilla added this feature under duress from Google?