AnyOldName3

Upstream Firefox doesn’t comply with FDroid’s rules (thanks to the ‘proprietary bits and telemetry’ Handles mentioned), so is only available from the Play Store or as a loose APK that won’t auto-update.

A big part of the reason was that Facebook offered game studios a big upfront sum if they made their games work on whatever headset they were selling at the time in standalone mode with no major caveats. The headset only had an anemic mobile GPU, so was only capable of as much as mobile games were doing at the time. A bunch of studios took them up on this offer, and cut back their projects’ scope to be viable under the hardware constraints, so nearly everything that got made was gimmicky mobile-style minigames, and obviously that’s not what makes people want to drop hundreds of dollars on hardware, as they can get their fill by borrowing someone else’s headset for an hour.

Mobile GPUs have improved, so standalone headsets aren’t as terrible now, but we missed the expensive toy for enthusiasts and arcades phase and soured most people’s opinions by making their first VR experience shovelware.

The vfs of MO2 isn’t the thing that’s hard to port. FUSE would make it fairly straightforward and the main reason USVFS is complicated in the first place is that there’s not a way to make a fast VFS under Windows due to the higher overhead of going back and forth between kernel and user mode, so it has to resort to hooking most of the multitude of functions in the Win32 and NT filesystem APIs instead of just providing about twenty callbacks like you’d do with FUSE.

A mod manager looks much simpler than it is as it looks like you’re just keeping track of lists of files, but mods come in the most insane packaging formats ever devised (e.g. with mad compression schemes and custom scripting languages) and mod managers need to selectively pretend to have all the bugs of every other mod manager as mods get made that rely on a particular bug in the mod manager their author used.

MO2 has a particular extra complexity when thinking about porting it to Linux in that it uses Win32 APIs in lots of places it doesn’t really need to, and also does so in a few places where it’s genuinely much more convenient that it does. It also uses a custom build system generator generator because its CMake and dependencies are too complicated for a human to practically deal with, so it would take loads of work to even build a completely unusable binary on Linux. We have people volunteer to do the work a few times a year and read a warning I write that looks like this comment and claim to have the willpower to do it anyway, but none of them have ever submitted a single commit.

As a counterpoint, I’ve had Ubuntu’s installer and grub’s updater overwrite and break Windows’ boot files several times, but never had the opposite happen (I’ve had both destroy themselves, though). Thankfully, I know how to rebuild the necessary parts of a Windows install, so it’s never been a catastrophe, but it’s irritating to see what’s always been the source of the problems I’ve had be held up as infallible. Possibly this is a problem unique to Ubuntu - I’m happy to blame Canonical - so maybe it could be entirely sidestepped with other distros.

I’m not arguing for anything in the post above, just pointing out that a broken (or badly repaired) insulin pump is genuinely more dangerous than having no insulin pump. That doesn’t have to count against the right to repair one, as if you’ve got the right to repair an insulin pump, and do so badly, it doesn’t mean you’re legally forced to use it afterwards, just like I’ve got the right to inject all the insulin in my fridge with an insulin pen back to back, but I’m not legally forced to do so.

I do think the right to repair should be universal, but as I think that medical stuff should be paid for by the state, NHS-style, that would end up meaning that the NHS could repair medical devices themselves if they deemed it more economical to do so and recertify things as safe than to get the manufacturer to repair or replace them. The NHS is buying the devices, and gets the right to repair them, and that saves the taxpayer money, as even if they don’t actually end up repairing anything, it stops manufacturers price gouging for repairs and replacements, and if the manufacturer goes bust or refuses to repair something, there’re still ways to keep things working. It doesn’t mean unqualified end users can’t use their new right to repair their medical devices and risk getting it wrong, but if you’ve got an option of a free repair/replacement, most people would choose the safe and certified repair over their own bodge.

If you’ve got a broken insulin pump, assuming you’re in a country with a functioning healthcare system, you should have been given a spare pump with the original, and probably some insulin pens, so when one breaks, you fall back to the spare, and get given a new one to be the new spare (or could get the broken one repaired). Using the spare is completely safe.

If you don’t have a spare, your sugars would go up over several hours, but you’d have a day or two to get to a hospital and potentially several days after that for someone to find you and get you to a hospital, so it’s not safe, but also not something you’d die from if you had any awareness that there was a problem.

If you’ve got an incorrectly-repaired pump, you could have it fail to give you enough insulin, and end up with higher sugars, notice the higher sugars, and then switch to the spare. That’d be inconvenient, but not a big deal. However, you could also have it dump its entire cartridge into you at once, and have your sugars plummet faster than you can eat. If you don’t have someone nearby, you could be dead in a couple of hours, or much less if you were, for example, driving. That’s much more dangerous than having no insulin at all.

Prosthetic legs don’t have a failure mode that kills you, so a bad repair can’t make them worse than not having them at all, but insulin pumps do, so a bad repair could.

Nuclear is even less killy than hydroelectric (dams sometimes burst and drown a bunch of people downriver) and wind (sometimes technicians fall off when fixing a turbine) per kilowatt hour, despite the potential for really scary failures, largely because it generates so much power when it’s working.

It’s easy to get pressured into thinking it’s your responsibility. There’s also the risk that an unhappy company will make a non-copyleft clone of your project, pump resources into it until it’s what everyone uses by default, and then add proprietary extensions so no one uses the open-source version anymore, which, if you believe in the ideals of Free Software, is a bad thing.

There was an EU-wide one that gota lot of its funding redirected to AI stuff recently that you might be thinking of.

No, that is an entirely unrelated bad decision. It being okay to not have a popup to opt out of secure boot when it does its one job and notices you’re about to run insecure code in kernel mode doesn’t make every other user-hostile thing Microsoft ever does magically okay.

It’s upstream GRUB that’s decided the older GRUB versions are insecure and not to be trusted. Microsoft just propagated that to machines running distros that weren’t shipping patched GRUB builds yet. Up-to-date Debian wouldn’t be affected provided that they downstreamed fixes quickly.

https://fedia.io/m/linux@lemmy.ml/t/1111595/-/comment/6916699 says that Debian’s GRUB wasn’t affected, but another part of the boot sequence was.

You can’t trust users to make informed decisions about cybersecurity as most users don’t have the necessary background knowledge, so won’t think beyond this popup is annoying me and has a button to make it go away and I am smart and therefore immune to malware. Microsoft don’t want Windows to have the reputation for being infested with malware like it used to have, and users don’t want their bank details stolen. If something’s potentially going to be a bad idea, it’s better to only give the decision to people capable of making it an informed decision. That’s why we don’t let children opt into surgery or decide whether to have ice cream for dinner, and have their parents decide instead.

The comment you’re quoting was replying to someone suggesting a warning popup, and saying it would be a bad idea, rather than suggesting the secure boot UEFI option should be taken away. You need at least a little bit more awareness of the problem to know to toggle that setting.

If you’re doing things properly, you’ll know your Microsoft account password or have it in a password manager (and maybe have other account recovery options available like getting a password reset email etc.), and have a separate password for the PC you’re locked out of, which would be the thing you’d forgotten. If someone isn’t computer-literate, it’s totally plausible that they’d forget both passwords, have no password manager, and not have set up a recovery email address, and they’d lose all their data if they couldn’t get into their machine.

Is that enough to mitigate how much worse bare Google is than it was ten years ago, back when they were winning against SEO bots? In my experience, it hasn’t been, but I’ve not done enough AI-aided web searches to have a good sample size.

If you give a chip more voltage, its transistors will switch faster, but they’ll degrade faster. Ideally, you want just barely enough voltage that everything’s reliably finished switching and all signals have propagated before it’s time for the next clock cycle, as that makes everything work and last as long as possible. When the degradation happens, at first it means things need more voltage to reach the same speed, and then they totally stop working. A little degradation over time is normal, but it’s not unreasonable to hope that it’ll take ten or twenty years to build up enough that a chip stops working at its default voltage.

The microcode bug they’ve identified and are fixing applies too much voltage to part of the chip under specific circumstances, so if an individual chip hasn’t experienced those circumstances very often, it could well have built up some degradation, but not enough that it’s stopped working reliably yet. That could range from having burned through a couple of days of lifetime, which won’t get noticed, to having a chip that’s in the condition you’d expect it to be in if it was twenty years old, which still could pass tests, but might keel over and die at any moment.

If they’re not doing a mass recall, and can’t come up with a test that says how affected an individual CPU has been without needing to be so damaged that it’s no longer reliable, then they’re betting that most people’s chips aren’t damaged enough to die until the after warranty expires. There’s still a big difference between the three years of their warranty and the ten to twenty years that people expect a CPU to function for, and customers whose parts die after thirty-seven months will lose out compared to what they thought they were buying.

It wasn’t me who you replied to originally - I agree that it’s most likely AMD are just being super cautious given historically how many times bad news for their competitors has been falsely equated by the press as equivalent to a minor issue they’ve had, and the delay moving things after the microcode update and therefore making launch-day benchmarking more favourable is just a bonus.

You’ve misunderstood. The original release date was set, then Intel announced the microcode update, which was after the original release date, then AMD announced that they’d be delaying the release date, and that new release date is after the microcode update.

They’re not supposed to have trust. That’s why they’re only allowed fully anonymised data under this scheme. They do pay the bills, though, so they can’t be completely banished until there’s an alternative source of money.

It’s at least common on forums as bots love making accounts with non-megacorp email addresses on PhpBB and MyBB forums. Typically, there aren’t people signing up the same services with business emails as personal ones, so if ones expecting not to be used by businesses want to fight spam, it’s generally pretty effective and consequence-free to block email providers not known to have effective anti-bot measures built in.

That would be annoying for people who work on files with a double extension for legitimate reasons, e.g. .tar.gz, and (this can’t be stressed strongly enough) Windows users do not pay attention to warning popups, so it wouldn’t actually help. Despite it being eighteen years since Windows Vista released, and therefore vanishing unlikely that any given software was written assuming that Windows didn’t have a permissions system, it’s still most people’s first troubleshooting step to try and run things as admin, and you still get loads of people (including ones who should know better, e.g. ones who also use Linux and would never log in as root) who disable UAC as one of the first things they do when setting up a windows install, and end up running everything as the equivalent of root just to suppress the mildly annoying pop-up when something asks for elevated permissions.

So, your proposed popup:

• would be annoying including for legitimate uses
• wouldn’t help as anyone who already ignores the smart screen popup that shows up when running a dodgy application will ignore the new popup, too
• would be disabled by huge swathes of users anyway