• 0 Posts
  • 51 Comments
Joined 2 years ago
Cake day: July 9th, 2023
  • AA5B@lemmy.worldtoSelfhosted@lemmy.worldDo you actually audit open source projects you download?English
    1·
    2 months ago

    I’m actually planning to do an evaluation of a n ai code review tool to see what it can do. I’m actually somewhat optimistic that it could do this better than it can code

    I really want to sic it on this one junior programmer who doesn’t understand that you can’t just commit ai generated slop and expect it to work. This last code review after over 60 pieces of feedback I gave up on the rest and left it as he needs to understand when ai generated slop needs help

    Ai is usually pretty good at unit tests but it was so bad. Randomly started using a different mocking framework, it actually mocked entire classes and somehow thought that was valid to test them. Wasting tests on non-existent constructors no negative tests, tests without verifying anything. Most of all there were so many compile errors, yet he thought that was fine

  • AA5B@lemmy.worldtoSelfhosted@lemmy.worldDo you actually audit open source projects you download?English
    5·
    2 months ago

    My company only allows downloads from official sources, verified publishers, signed where we can. This is enforced by only allowing the repo server to download stuff and only from places we’ve configured. In general those go through a process to reduce the chances of problems and mitigate them quickly.

    We also feed everything through a scanner to flag known vulnerabilities, unacceptable licenses

    If it’s fully packaged installable software, we have security guys that take a look at I have no idea what they do and whether it’s an audit

    I’m actually going round in circles with this one developer. He needs an open source package and we already cache it on the repo server in several form factors, from reputable sources …… but he wants to run a random GitHub component which downloads an unsigned tar file from an untrusted source

  • AA5B@lemmy.worldtoSelfhosted@lemmy.worldPlex is locking remote streaming behind a subscription in AprilEnglish
    3·
    4 months ago

    I imagine there’s a significant chunk of users who don’t know or care how to properly open their server up to the world and are relying on the Plex proxies

    That seems like the obvious place to put a subscription that won’t get people upset. Or maybe it’s in the presentation.

    When HomeAssistant started a subscription, they renewed their commitment to opensource, added new remote features with obvious costs under subscription while still letting you do it yourself, plus made it clear this funded continued opensource development. I happily pay this and haven’t been disappointed. Did Plex fumble a similar opportunity?

  • AA5B@lemmy.worldtoPrivacy@lemmy.worldI'm sick and tied of camerasEnglish
    2·
    9 months ago

    Yeah this is an important consideration and I hope to move to that, however it’s a bigger project than I have time for.

    I have a Ring so the recordings are online and it’s certainly convenient. The basic plan keeps recording up to 180 days but of course once they have them it’s outside our control. It’s a good point that the length of time they’re kept doesn’t seem configurable. I would certainly prefer they be kept a much shorter time but don’t see a way to configure that

    The one time a policeman came around to ask if my camera caught something, they asked me to check on my app and they took my word for it. While I understand they can compel Ring (or me) to give it up, maybe there’s some comfort that’s it’s not a dally worth their effort

    EDIT While the plan says it keeps recordings up to 180 days, the default is 60 days for video and one week if you take snapshots. I did figure out how to set this this shorter but you can assume most people won’t

  • AA5B@lemmy.worldtoPrivacy@lemmy.worldI'm sick and tied of camerasEnglish
    2·
    9 months ago

    Are you sure?

    I also have a Ring doorbell camera so I know when someone is at the door.

    • records on motion, not always
    • motion detection has limited range, and Ring has options to tune it to your property line
    • wide angle lens gets really poor with distance.

    I live in a neighborhood where everything is close together so I tested this out. The camera can see there is a person walking on the other side of the street but not well enough to know who it is, plus it won’t be recorded since that is outside motion detection range

    It will record you detectably on my side of the street but I have that mostly configured out. In general it’s not recording you unless you’re on my property l and even if it recorded more, pictures from any distance are extremely poor

  • AA5B@lemmy.worldtoPrivacy@lemmy.worldAnything wrong with using my real name in email aliases with organizations I have to communicate using my real identity anyway?English
    5·
    1 year ago

    Hopefully it’s all electronic. There should be nothing to make easier.

    Meanwhile, why would you use a service that maintain privacy, while making choices to lose the benefit?

    I used to do something like that a couple decades ago. I still have a domain with wildcard email forwarding, with the goal of using a different email for every service. Then I know who leaked my information, knew which password to reset, and who to block. But it wouldn’t be difficult to connect me with the domain, so one of the reasons I stopped using it was not seeing a privacy benefit (plus it was too much work).

    Now that we have services to make it easy, let them do their thing. Every account ve created in the last 3 years has a unique generated email as well as a generated password. It’s all managed by a password manager so easy for me, and every time there’s a leak of my credential, I know which to rest or delete. I know which email to stop forwarding

  • AA5B@lemmy.worldtoTechnology@lemmy.mlWorld passes 30% renewable electricity milestone for the first time, decline of fossil inevitable
    1·
    1 year ago

    YeaH, even the US is moving toward renewables and there are some highlights like steel production, but way too slowly, way too many lowlights, like peak fossil fuel production and export. That data shows we’re heading in the right direction, but all too slowly, we may not keep the pace, and could even see future growth in fossil fuels, all else being equal.

    I know it’s a reflection of data predictability but I’m especially frustrated they don’t see EVs getting above 30% of the fleet. I hear Biden trying to be encouraging, but this data shows us nebpver meeting his 2030 goal for transportation

  • AA5B@lemmy.worldtoTechnology@lemmy.mlWorld passes 30% renewable electricity milestone for the first time, decline of fossil inevitable
    4·
    1 year ago

    Excellent news.

    It really needs to mention the US, though. I know this is about Europe, and trying to celebrate good news, and you’re probably tired of us making everything about the US, but we’ve “earned” our place in any article about climate change or carbon emissions.

    My country deserves to be named and shamed for lagging in something so critical. It needs to be nagged continuously to catch up. It needs to be reminded of the impact it has made and continues to make. There are still so many people who don’t believe it’s real or don’t think it will impact them and don’t care who it does impact, so many both politicians and constituents who can’t look beyond their immediate desires.