Badabinski

Tbf, uranium is intensely toxic even if it’s not very radioactive. Shit’s like turbo lead, it’s a crazy heavy metal.

Yeah, I don’t run shell scripts unless I can review them first. I’m considered “the bash guy” at my job, and part of that means reviewing people’s scripts. I have referenced this wiki page hundreds of times because so many people don’t know how fucking shit Bash is as a language. My god, every time I see set -euo pipefail I want to scream until my lungs exit my body and then I leave a polite comment about how that might be a bad idea and link this page.

My BLE proxies keep picking up my neighbor’s toothbrush. I was briefly tempted to install the integration just to see what would happen. I didn’t because that’s creepy, but just… what a weird world we live in.

I’ll mirror what others have said. Arch is the most stable distro I’ve ever used over the long term. Even with heavy AUR use, I’ve been rocking the same installation for over a decade on one of my computers.

Sounds like they either used a boilerplate EULA or hired a lawyer who is unaware of the requirements imposed by the GPL. If it’s the latter then I hope they can get their money back.

EDIT: yeah, this looks like an unmodified GPL to me: https://github.com/layground/pockaw/blob/master/LICENSE.md

I dunno, I’d slow your roll on that. Hanlon’s razor came to notoriety in the field of computer science for a reason. I’ve done software dev professionally for over ten years now and you wouldn’t believe the stupid shit I’ve seen people write. The only thing that sucks more than a computer is the human writing software for it.

For those unfamiliar, here’s Hanlon’s razor:

Never attribute to malice that which is adequately explained by stupidity.

EDIT: After a quick look at the CVEs, this definitely sounds like a big ol’ fuckup. It sounds like there might be some unsafe defaults in polkit as well?

EDIT: Here’s the report from the actual researchers which is MUCH more cogent than OP’s article: https://www.openwall.com/lists/oss-security/2025/06/17/4

It’s chaining two separate oopsies together. This overview on GitHub also provides more details about the libblockdev side of things: https://github.com/advisories/GHSA-mpgj-hch9-5rvx

Specifically, this section:

However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.

That really doesn’t sound like something intentional to me. That sounds like a HUGE oopsy-woopsy fucky-wucky, to get technical about it.

This also sucks because the CSB produces really awesome videos ):

Pig. It was INCREDIBLY emotionally effective and made me cry SO HARD FOR LIKE 20 MINUTES. Holy shit what a good movie.

https://lemm.ee/post/65824884

Each VM can be sized appropriately for the demands of the container. With docker desktop, you can’t have a container use all of your system cores without making the VM have access to all of your cores all the time always. One of the biggest benefits (imo) of running containers on a Linux workstation is that if you don’t define a CPI limit, a container can use all the compute/memory on your system. You just can’t do that with Docker desktop. This also affects multi threaded container builds when you’re using buildkit.

Being able to spin up a vm to build a container with all cores accessible to it, and then run the actual container with a smaller number of cores would make container builds so much faster.

EDIT: I’ve looked, and it appears that podman desktop also does 1 big VM, rather than having 1 VM per container.

I’m not sure. To me, the most interesting thing is that each container gets its own VM. I don’t know if podman does that or not. I’d guess not, since CoreOS isn’t the lightest OS around (I’ve used CoreOS and Flatcar extensively at my job and it’s a lil chunky as far as immutable container host OSes go).

For people like me who didn’t know what this was:

Stremio offers a secure, modern and seamless entertainment experience. With its easy-to-use interface and diverse content library, including 4K HDR support, users can enjoy their favorite movies and TV shows across all their devices. And with its commitment to security, Stremio is the ultimate choice for a worry-free, high-quality streaming experience.

edit: honestly, that’s a shitty description. This one seems a bit better:

Stremio is a modern media center that gives you the freedom to watch everything you want.

Using the open source Containerization package, it runs a lightweight VM for each container that you create.

A big improvement over the stupid shit Docker Desktop did (running a bigass ugly VM for all containers). I’ll still stick with my Linux laptop ;)

There’s also ZZ 👉😎👉 Same caveats apply, smash that fukken esc key (for bonus points rebind caps lock as esc) then ZZ Top your way out of that shit.

I feel like bpf would be a decent solution for anticheat. I believe you can limit what an ebpf program can look at quite effectively.

I mean, systemd-networkd and systemd-timesyncd are both completely independent and are not required by systemd. I use connman and chronyd on my arch box and systemd gives not one fuck.

There’s still some totally valid concern to be had over how bundled a lot of this stuff is, but it’s not all one big blob.

pustulent troupe of gremlins in a human suit.

This is a rare and powerful insult and I’m stealing it.

I found it because some people on the alien site asked about it many years ago. It’s Watashi no Suki na Oji-san x Ore no Suki na Iede Shoujo Jou | My beloved Mister & My beloved Runaway Girl Chapter 3.

It’s very much porn.

Yep. Thankfully, the project is AGPL v3 licensed.

Probably some kind of autonomous thingy. Like, a drone with a Taser or some shit.