Re: Downvote bots. I can’t say they’re necessarily bots, but my instance has scripts that flag accounts that exclusively give out downvotes and then bans them. That’s about the best I can do, at present, to counter those for my users.

It is usually not a good idea to specify what your exact metrics are for a ban. A bad actor could see that and then get around it by randomly upvoting something every now and then.

There is also the risk of homograph attacks. The link below is for domain name encoding via IDN, but the same applies to usernames. You could easily impersonate another user by having chars that look similar.

https://en.wikipedia.org/wiki/IDN_homograph_attack

Sure, but even if they started tomorrow it would probably be years before it even could be considered experimental outside of the most daring early adaptors.

Having a combability layer is not ideal but it would mean they could have something worker for more users faster and at the same time see which modules/drivers they should focus on.

“Thread closed due to inactivity.”

No, the main point of standing desk is that whoever has one talks about them all day, every day. At least, that was my experience 10-15 years ago, which was the last time I spent in an office.

He could have handled it better. But he didn’t call the code crap directly, just the bundle of everything.

Having a meta package and let users choose seems like the best way. But this is a Debian issue, and not a keepassxc issue. It is up to Debian to package it anyway they want.

Exactly. And if you want those features, you install the full version. Packages can break in sid, that is the whole point of it.

I am also running sid and keepassxc and I see no problem with this change. In fact it seems like a very sane thing to do, and something I wished more packages did.

Security is hard. Especially at the scale of those companies. Since they are big, they get a lot more hacking attempts. Makes more sense for bad actors to attack someone with millions of customers than your mom & pop store that might have hundreds, if everything being equal.

More and more people and compa ies wants to store things “in the cloud”, (read: someone else’s server). It is for the most part a good thing as it makes it easier to access, but it also opens up bigger and other attack vectors.

So, I think the number of breeches will only increase. Not always because the companies have bad security (though sometimes it is 100% that), but also because the attack vectors keep growing due to changed business decisions and user preferences.

Why not just go full WSL?

Most of those cookie banners are not even needed, you only need them for tracking cookie, not login and session cookies. But of course everyone decided it is just easier to nag all the users with a big splash screen.

A lot of them are not even doing it right, you are not allowed to hint the user that accept all is the “correct” choice by having it in a different color than the others. And being able to say no to all shouls be as easy as accepting all, often it isn’t.

Basically, cookie banners are usually not needed and when they are they are most often incorrectlt designed (not by accident).

The problem is that it is almost always just one lf them. Let’s say that v0.20 is called “Fuck Spez” and v0.21 is called “YouKnowWhatFuckMuskToo”.

Most people are going to refer to them by either the number or the name, almost never are both used. The biggest problem with names is that they are rarely sortable (google did it with android, for a bit but not anymore), so in the future it is hard to know which is which without resorting to looking at a list of releases.

For example, in the future when we are on v0.30 someone might say “ah, but this has been an issue since “Fuck Spez”.” And then most likely you have to look it up to know what they are talking about. If we coulld force everyone to alwaya write “version “Fuck Spez” (v0.20)” then it would be great, but that never happens.

I personally prefer just semantic versioning for this reason.