That is the discussion. Microsoft is pretending by making it the upgrade path for two products which actually are local, and hoping users won't notice.

Ask yourself, in three years from now will you be thinking "it's so nice how Meta lets me follow and interact with their enormous userbase for free, without advertising, using my own open source server and frontend"?

Remember that's the basic expectation today for a participant in the fediverse. If this feels implausible, doing anything else is very incompatible with the fediverse's existing values.

The problem isn't just that it's Meta, it's any situation where a much larger actor comes in with different motivations. Today we have a small number of users whose servers are almost exclusively run on a "community service" model. Meta is an advertising business. They are much bigger and will define the fediverse if allowed in. If we allow them to connect, it should be much later after organic growth which means we can assimilate them properly and deflect any bad behaviour.

What might happen if Meta throws their weight around? I can predict at least three outcomes

• Proprietary variations to ActivityPub, probably starting with something that seems "understandable" like moderation reasons.
• Certain new features get centralised on Meta's servers only (e.g. search) claiming that it's for efficiency in the distributed environment.
• Claiming spam problems, require individual instance operators or their users to verify themselves with Meta to enable federation.

The question in my mind is whether their intention is to destroy the competition, or keep the fediverse alive as a way to claim that they are not a technical monopoly that needs to be broken up by regulators, in the same way that Google provides most of the funding for Firefox.

Continued not to show me anything AI-related

Not necessarily in the fediverse world. If server costs are being covered by donations from 4% of users, a volunteer admin will probably be quite happy whereas a commercial operator will undoubtedly think "damn I have 96% freeloaders, that's leaving money on the table".

AFAICT this is super mundane. Devs added some checks that when run will drop .hdrtest files all over the source tree when you do a normal build. This is really unclean and has practical ramifications even if you gitignore them as Linus points out. Pretty much any lead developer would be upset if someone tried to merge something like this in a software project, and it has essentially nothing to do with the particular drivers or code functionality.

The security concerns are often overblown. The bigger problem for me is I don't know what kind of mess it's going to make or whether I can undo it. If it's a .deb or even a tarball to extract in /usr/local then I know how to uninstall.

I will still use them sometimes but for things I know and understand - e.g. rustup will put things in ~/.rustup and update the PATH in my shell profile and because I know that's what it does I'm happy to use the automation on a new system.

Sitting there watching with satisfaction as MSDOS 6.22 DEFRAG.EXE did its thing.

I loved the slow pace, even by Severance standards, accentuating the vibe of an isolated and abandoned company town. Felt almost like Koyaanisqatsi with all the scenic shots.

What's the deal with the Google ad that shows a legit URL but takes users to another? That seems like the biggest issue here and the article just rolls past it like that's totally normal.

Honestly I'm glad they highlighted the telemetry. I went through the local report about what's included and while it's not an upsetting level of detail, it's more comprehensive than I would have opted in to if asked.

Still, as sibling points out it's in a completely different league from slurping up your IMAP creds, something which has always been local-only data. This is the second time I know of recently where MS has trampled on this kind of local-only expectation - the other was Edge defaulting to sending the contents of textboxes you're filling out on webpages to the MS cloud for spelling and grammar checks. Thunderbird is still a sound recommendation, and unlike Microsoft, I trust that if I uncheck the telemetry box they're not going to try to get me some other way.

It certainly is so :) https://blog.thunderbird.net/2023/10/thunderbird-for-android-k-9-mail-september-2023-progress-report/

Thanks for all the work on the instance!

I feel this in my soul. With a side of "modern memory-safe languages are great" vs "the consistency and efficiency of shared libraries is what makes distributions great even if they're written in C".

Hmm wasn't there some kerfuffle recently about how the kernel was going to start self-issuing CVEs en masse? Is this the result of that plan?

Lots of previous discussion on this thread: https://lemmy.sdf.org/post/578847

https://youtu.be/BHTUlF7NA2o

Yes. The interaction with the Rust Foundation is described in the linked RFC.

The Council is responsible for establishing the process for selecting Project directors. The Project directors are the mechanism by which the Rust Project's interests are reflected on the Rust Foundation board.

The Council delegates a purview to the Project directors to represent the Project's interests on the Foundation Board and to make certain decisions on Foundation-related matters. The exact boundaries of that purview are out of scope for this RFC.

IrfanView, now that's the good stuff

So tell me: if I download and run a bash script over https, or a .deb file over https and then install it, why is the former a "security nightmare" and the latter not?

Take your time with reintegration. I want more goat-related world-building.