alias thanks="You are most welcomed"

you need to use the echo command if you want to echo something:

alias thanks="echo 'You are most welcomed'"

(the inner single-quotes are not strictly required in this case, but recommended nonetheless)

https://gitlab.com/edneville/please (a sudo alternative)

given the fact that LLMs’ outputs can include verbatim or near-verbatim excerpts of their training data, how do you justify placing an open source license (or more generally, any copyright claim of your own) on source code you’ve “authored” using one of these automatic plagiarism machines?

I am using AI to do this so its important to be clear that im not asking you to audit or review my vibecoded project. While i have made attempts to create things like audits and formal-proof verication, i know better than to trust AI when it tells me its working correctly.

Sharing it now if there is feedback about the implementation. Anything i may be over looking? Feel free to reach out for clarity on any details.

Did you write this post using an LLM too? You say that you are “not asking you to audit or review my vibecoded project” and then in the very next paragraph request “feedback about the implementation”.

Here is my feedback: stop trying to vibe-code privacy software.

i know better than to trust AI when it tells me its working correctly

if you know better, why are you continuing to do it, and to post your outputs here?

what’s the goal?!

maybe it would be better to say that it is stochastically accurate?

also btw icymi, this is a post about LLMs

!memes@lemmy.ml mod here - rather than downvote, i deleted it.

imo “eliminates 99.9% of [demonym]” isn’t funny or ok for any value of [demonym], even when you’re making a germs/germans pun.

Zionism is, and has always been since the modern movement started in the 19th century, intrinsically antisemitic.

don’t say that he’s hypocritical, say rather that he’s apolitical

Idk it works for me.

I don’t think there is any possible value for the sign variable which would make that if statement do anything other than raise a TypeError.

Also "8:00:00" > "10:00:00"

but "08:00:00" < "10:00:00". comparing timestamps as strings is weird but actually works, as long as the hour is zero-padded :)

the problem with this code is that & (bitwise AND) has higher operator precedence than > and == do, so it is first trying to bitwise AND "10:00:00" with sign (which i’m assuming would also be a string) and that will always raise a TypeError.

to do what the author appears to have intended to do, they would either need use parenthesis around both comparisons to actually bitwise AND their results, or (better) to use the boolean AND operator (and) instead of &.

The boolean and operator is the right tool for the job, and since it is lower precedence it also wouldn’t require that any parenthesis be added here.

don’t trust anyone over 30 0x30

TypeError: unsupported operand type(s) for &: 'str' and 'str'

i think i get Candand (what some Barnes & Noble spam once rendered C++ as?) but, what is borsuk language?

💯

hopefully a FOSS organization will hire the person who made this

Reputable news source “GLOBAL FACTZ”

😂

Fwiw, before reposting this meme, I actually checked to make sure that the underlying “weird news” story here was not solely reported by random clickbait fake news sites but was also covered by an actual news organization.

So in summary. You’re right. Sealed sender is not a great solution. But

Thanks :)

But, I still maintain it is entirely useless - its only actual use is to give users the false impression that the server is unable to learn the social graph. It is 100% snake oil.

it is a mitigation for the period where those messages are being accepted.

It sounds like you’re assuming that, prior to sealed sender, they were actually storing the server-visible sender information rather than immediately discarding it after using it to authenticate the sender? They’ve always said that they weren’t doing that, but, if they were, they could have simply stopped storing that information rather than inventing their “sealed sender” cryptographic construction.

To recap: Sealed sender ostensibly exists specifically to allow the server to verify the sender’s permission to send without needing to know the sender identity. It isn’t about what is being stored (as they could simply not store the sender information), it is about what is being sent. As far as I can tell it only makes any sense if one imagines that a malicious server somehow would not simply infer the senders’ identities from their (obviously already identified) receiver connections from the same IPs.

Sure. If a state serves a subpoena to gather logs for metadata analysis, sealed sender will prevent associating senders to receivers, making this task very difficult.

Pre sealed-sender they already claimed not to keep metadata logs, so, complying with such a subpoena^[1] should already have required them to change the behavior of their server software.

If a state wanted to order them to add metadata logging in a non-sealed-sender world, wouldn’t they also probably ask them to log IPs for all client-server interactions (which would enable breaking sealed-sender through a trivial correlation)?

Note that defeating sealed sender doesn’t require any kind of high-resolution timing or costly analysis; with an adversary-controlled server (eg, one where a state adversary has compelled the operator to alter the server’s behavior via a National Security Letter or something) it is easy to simply record the IP which sent each “sealed” message and also record which account(s) are checked from which IPs at all times.

sealed sender isn’t theater, in my view. It is a best effort attempt to mitigate one potential threat

But, what is the potential threat which is mitigated by sealed sender? Can you describe a specific attack scenario (eg, what are the attacker’s goals, and what capabilities do you assume the attacker has) which would be possible if Signal didn’t have sealed sender but which is no longer possible because sealed sender exists?