see also previous thread in this community on this topic from a month ago

For each participant, Dialog logs a membership status, every retreat the person has attended, a biography, a home city, and a private access token. WIRED is not publishing the tokens, which function as login credentials, or the personalized account links that contain them.

This is an odd thing to say given that neither Wired nor their source (“the Swiss hacktivist maia arson crimew”) appear to be publishing any of the actual data whatsoever, beyond the handful of mostly nonspecific references to it in the article text. (Eg, lots of sentences like “The website directory names sitting Trump administration officials, two US senators, six members of the Paypal Mafia, a former Middle East chief of intelligence, and a sitting ambassador to the United States, along with the founders and directors of many of the country’s largest surveillance, data-broker, and advertising-data companies.” - omitting names of any of these people.)

Also, the linked archive says:

Update 6/16/2026, 5:47 pm EDT: WIRED updated this article to correct a conflation of two people named Jeff Epstein. A small revision was also made to address a security concern raised by a Dialog representative.

Someone helpfully had already made an earlier archive before that, so we can see what information Wired journalists Dell Cameron and Yulia Almazova removed at the request of a Dialog representative: where it now says “The retreat is scheduled for August 12-16 at a venue near Dublin” it originally said “The retreat is scheduled for August 12-16 at the Powerscourt Hotel outside Dublin”.

yeah, i edited my comment while you were replying to note that /g is a valid flag for m/// as well. it is a valid perl matching operation precisely as-is but it can’t match anything due to the spaces it has before the ^ and after the $.

from the /g at the end i agree it looks like it could be a malformed attempt at an awk/perl/etc substitution operation, and your rewrite of it as an s/// does work, but the parts between the ^ and $ would also be a valid regexp in Perl-compatible regexp and some other dialects if not for the spaces at the start and end. And, the /g is also a flag (“Match globally, i.e., find all occurrences.”) for the m/// matching operator in Perl.

The \1 and \2 are backreferences to the capture groups, which can be used not only in the replacement part but also in the pattern itself.

You can see this working by running this command:

echo '123 - 45 - 67890 45 123'|perl -ne 'print if m/^(\d{3}) - (\d{2}) - (\d{5}) \2 \1$/g'

…which will echo the string because it matches the pattern. (if you edit the input string to change, for instance, the last digit, it will no longer match and will output nothing.)

There is no input that can match the pattern as it is in the comic with the space before the ^ and after the $ however.

Interestingly backreferences are also supported by POSIX Basic Regular Expressions (BRE), but are not supported by POSIX Extended Regular Expressions (ERE). (Also the former requires you to escape parenthesis and curly braces for them to become meta characters, while the latter requires you to escape them if they’re literals as Perl etc do. And neither of the POSIX flavors supports \d as a shortcut for [0-9].)

tuta is (like proton) snake oil. (here and here are two of my old comments about why…)

Mailbox.org lets you keep your own private key.

Every email provider lets you keep your own private key if you do encryption using the interoperable OpenPGP standard using software running on your own computer. Many email providers will recommend that you do exactly that, and will helpfully instruct you about how to do so (eg, the more reputable options in this thread such as migadu.com, mailbox.org, posteo.de, and even fastmail.com all have instructions for how to use some implementation of pgp to encrypt your email).

Meanwhile any company selling non-standard “email encryption” (eg, proton and tuta) which is not compatible with pgp (or, in the corporate world, s/mime, which is also a standard…) is firmly in the snake oil business and should be distrusted and boycotted regardless of which shitty youtubers they’re sponsoring this week.

that may be true but you should consider that HR departments are notorious for failing to document complaints from members of socially-disadvantaged groups

Companies now block older browser versions

Now? This has been happening since the dawn of the web. At least the screenshot you pasted represents all of the big three rendering engines - it used to be common to see “Internet Explorer version XYZ required”, sometimes with javascript to prevent you from using the site with any other browser (even if in some cases it would actually work fine if you simply spoofed your user agent string).

I have used kinda retro devices to surf the web at times

Most websites became HTTPS-only sometime after the snowden disclosures in 2013.

Over time old versions of TLS have been deprecated and eventually support for them is dropped from browsers and web servers alike. So, a browser from even 15 years ago literally cannot connect to most webservers today.

Planned obsolescence is terrible but it’s a minor factor here: it’s actually dangerous to use even (especially?) a slightly-out-of-date web browser because every new release fixes vulnerabilities which can be exploited to run malicious code on your computer. The planned obsolescence which prevents people from being able to have an up-to-date browser comes mostly from proprietary operating system vendors; to have up-to-date software while continuing to use somewhat older computers you need to use free/libre software.

AI;DR - i literally could not bear to finish reading this slop, and went to find something human-written to confirm if any of it is based in reality. It is, but I wouldn’t assume any details in the slop summary are accurate.

From what i skimmed I think the sole real-world source on the topic which this “article” (if you can call it that) cites is this abstract for a seminar that happened in 2022. An 88-page report from 2019 (San Joaquin Kit Fox Response to the Topaz Solar Farms) has far more information as well as pictures of the foxes and one of the dens the researchers built for them:

sydney morning herald my head

i concur, but a lot of people do start out with Arch afaict

Wait but that means your computer will stay on if the update fails, right?

If it was && then the second command would only run if the first command was successful.

But @vodka@feddit.org wrote only one & which instead means the first command will run in the background and the second will execute at the same time… which does not seem like a good idea in this case 😅

Many people do seem to like Arch fwiw

i don’t recommend Arch smh

As others have said it is a huge amount of work to maintain a fork of such a complicated piece of software.

Especially around security: web browsers constantly process potentially-malicious data, which gives them a large attack surface. Every browser regularly has new vulnerabilities discovered which must be fixed. Hard forking a browser means that, even ignoring any bugs in the new code the fork has added, every time a bug is discovered and fixed in the code they forked from someone needs to analyze the upstream’s fix and port it to the fork. The more they diverge, the more work this is. Failing to do this work lets any malicious website exploit the bugs and install malware on users’ computers.

One shot rewriting the whole test suite

tridge’s blog post makes it clear that this was not “one-shotted” at all.

You should read the whole thread

I regret reading it; I’ll assume in good faith that it wasn’t LLM generated but it is ironically as confidently wrong as if it were.

It almost (and should have) lost me when it started by quote-agreeing with someone else saying “rsync was basically done until the maintainer discovered vibecoding” - no, pay attention, it was not “basically done”, there were/are a mountain of CVEs!

But then this got my interest:

This does not “translate tests into pytest” or a unit testing framework, it writes its own testing framework where tests are whole python scripts that redefine basic test functions in every script. Surely there would be a single way to “run rsync and get the results” - nope, well, there is, but then every test file will randomly redefine its own _run_and_capture function.

tridge says he has used pytest on other projects and had good reasons not to use it here; I’m inclined to believe him.

But the notion of every test defining its own way to invoke rsync sounded like a valid criticism, and an easy one to verify, so I checked: It turns out that there is in fact a common run_rsync function which is used by the majority of the tests. One test defines its own _run_and_capture function (which differs in that it writes the output to a file, for reasons I didn’t investigate), and it looks like a few others invoke rsync other ways, but the majority of them use the common function.

So, that rambling thread’s sole concrete criticism of rsync’s new python tests turns out to be false.

Mamdani signed an “executive order”

in comic sans