A lot of people voted for someone who was known to be an evil crook. It was very clear that he got into politics for praising his own ego. They voted against 'the good' in the hope for their own benefit and against that of the world. If they did not 'expect' the current state of affairs then they just refused to listen to their own heart.
When I go to https://noscriptfingerprint.com/ all I see is a blank page. My browser is pretty locked down in other ways which probably helps, but I'm still taking that as a good sign.
Should not, true, but in the case of many websites the reality is that allowing JS means you lost your privacy. Just like one cannot allow webgl and canvas by default any longer.
Thanks to all the web devs who helped creating this web dystopia.
Yes, my point is that this does not mean it is an "opt in checkbox". I appreciate that it allows people to be nasty, it just isn't a "please be nasty" toggle.
The person I have responded wrote the "should have" construction without giving any proofs why is it so. Maybe in the world of pink ponies everyone should have a free bread on the breakfast, but some things might be unintuitive in the our one.
You can't go out in public naked and just ask everyone to look away. If you want someone you don't trust to run unvetted general purpose code on your machine you have to accept that you are trading away some privacy. You can sandbox them (wear cloths) but that doesn't give you strict privacy.
I do wear clothes (all JS code runs in a sandbox).
This is a bit like saying "you should lock the door to your house" and therefore refusing to prosecute someone who steals from a house with a broken window frame. I did lock my door, and it's still a crime regardless!
100% we should ensure that Browser's restrict fingerprinting as much as posible. I certainly set my Firefox to have many inconviniencies to reduce the fingerprint. I am just saying this is an engineering compromise and the tradeoff will be different for different people. Wishing we can have our cake and eat it dosn't help; you do have to choose between privacy and functionality.
I mean just distributing the regular compiled x86_64 binary and then running it as a normal executable on the client side but just using that syscall shim so it is safe.
If you think about the fundamentals involved here, what you actually need is for the OS to refuse to implement any syscalls, and not share an address space.
A process is already a hermetically sealed sandbox. Running untrusted code in a process is safe. But then the kernel comes along and pokes holes in your sandbox without your permission.
On Linux you should be able to turn off the holes by using seccomp.
seccomp is a very coarse filter and a very limited action set. think what you could do if you could see the payload of the syscall or change the output of a read syscall depending on agent identity.
They meant to say that swithing from assembly to high-level programming is not the same as switching from high-level programming to LLMs, because the latter loses you the guarantee that the computer will do what you told it to.
Sure, it's less common that people are writing full-fledged applications in nothing but assembly.
However, I would strongly disagree that people are no longer writing/using assembly. I was writing a bit of assembly the other day, for example.
Come on over to the game emulation, reverse engineering, exploitation writing, CTF, malware analysis, etc. hobby spaces. Knowledge of assembly is absolutely mandatory to do essentially anything useful.
My point is that the coding LLMs are another point on the reliability / ease of use spectrum. We already mostly moved to another point with HLL compilers from machine language. This is another leap where the transform is unreliable but it's very easy to use (and it could preserve output edits, to some indeterminate extent).
The next step is just selling tickets to that flight in advance as a preorder. One could call it roadster preorders because of the difficult road ahead
reply