I suspect part of it is that the mitigation for DirtyFrag covers it, so everyone who blocked all the modules in question when that had only an incomplete patch probably hasn't unblocked them yet. I think this is the 4th patch for these modules, and only got a new name rather than just "there's still a way to get this code to do the wrong thing" because a different outside team found this one.

Do you really mean that if your git repo were corrupted, restoring a snapshot of the repo from backups wouldn't work? If that's true, then it sounds like your backup system is broken. The hashes after restoring ought to be identical to what they were before the backup.

If git used the files' iNode numbers for its hashes, then I could understand how a filesystem-based backup/restore might not really work; you'd have to backup at the block level instead. But git doesn't use the iNode numbers.

git isn't magical. It only knows files. It doesn't know if you moved the repo, copied the the repo, or restored the repo from a ten year old backup. I have moved git repos around plenty of times, `cp -a`ed directories with repos, tared and un-tared directories that contain repos, and the copies have always Just Worked without any hash mismatches.

mkdir ~/test. cd ~/test. git init, touch test.txt, git add test.txt and git commit. cp -a ~/test ~/test2. cd ~/test2 and check out the backup repo. The backup is valid. Then simulate a disaster with rm -rf ~/test. Then recover from the disaster with cp -a ~/test2 ~/test and you've just restored a repo from filesystem-level backup. The resulting repo works perfectly and its hashes aren't off. git has no idea you deleted and restored under its nose. Try it yourself.

What am I missing? I'm not surprised to be called idiotic, and the shoe often fits. But I'm surprised to be called that over this.

My router's hardware's parts were made in China. Its software was made as a worldwide effort but the team seems to be officially based in the Netherlands. And I'm not asking my government's permission for updating either one. Trumptards and their micromanaging far-left centralized-economic-planners can go fuck themselves. Keep your damn dirty ape hands off my computers, comrade.

Yeah, and the person who released the information first was operating in an "if I noticed this, doing only as much as I'm doing, surely attackers would also notice" mode. Possibly some patches these days are sufficiently obvious as to their correctness and also effect that they should first become public as a set of stable releases. This was a kind of special case, as CopyFail was the combination of some code doing something strange with one user not being prepared for it, and fixed the user. If there are other users that also aren't prepared, fixing them isn't going to be subtle.

How shadows and reflections move when you're 10 milies from a mostly flat surface a thousand miles across is legitimately hard to analyze for a visual system that evolved on the ground, especially if you throw in small periodic surface orientation variations. Given how complicated it is to explain rare rainbow-related phenomena like sun dogs, it would be surprising if we'd identified and explained everything that can appear when flying above the ocean.

Is there room for consciousness to manifest in a brain?

While you're at it, you also need to block installing esp4, esp6, and rxrpc, for, y'know, reasons.

If the data center is primarily intended for use by (exclusively or nearly exclusively) the people in the neighborhood, sure, it could make sense. I know this is quaint and out-of-date but one can imagine a neighborhood squid cache, NNTP server, modern Netflix cache, etc for the neighborhood. Have it be connectable by a high-speed neighborhood LAN, to share the 'hood's WAN.

Just a classic neighborhood network coop, but with some added caching services, which is what would cause it to be called a "datacenter" instead of a "router." ;-)

As if that would really happen. And that's sure not what this is.

Once again, I'm not shocked by the percentage laid off, but I'm shocked by the number of individuals. If 700 people was 14% of their workforce, then this company had about a hundred times as many employees as I would have guessed. Not that my guesses are particularly well-informed, but when I look at what this company's product appears to be and compare it to my own experiences, I can't help but make guesses that are apparently 99% off! (I'm that dumb!?)

What do employees at these large companies do all day? Why were they hired in the first place, or why weren't they laid off many years ago? I just don't get it.

I don't mean it as a put-down of their products, but on the surface it just doesn't look like their thousands of employees do anything bigger or more complicated than my dozen-developers-sized team (which is, itself, much larger than the teams I've been on in previous decades). Is everyone's productivity just .. eaten up by labor-not-scaling problems? Do I need to really read the Mythical Man Month instead of treating it as distant folklore that I'll some day get to?

Or is the answer in some other direction? Part of me thinks I should just drop it, and accept that I really don't know jack shit about the profession I've had for the last 40 years.

I can't really say it's bad for it to be doing these seemingly-bad things, until I know the answer to this: what is the app's intended purpose? Why would/should a person use it?

If it's intended to inconvenience/expose/punish users for trying to find out things about the White House, then maybe the application is doing the right thing.

Restore the repo from backup at the filesystem level, and the hash will be valid because it was valid at the time you backed up.

Even if this crazy minimum-age shit weren't happening, it's generally a good idea to give incorrect information. Have one birthday for site x and a different birthday for site y. Use one of your parent's birthdays here, and a celebrity's birthday there. Pollute the public data and cause confusion.

If minimum age laws help to encourage data public data pollution (all of which arguably shouldn't be public at all anyway), then at least one good thing will have come out of it.

Let's get it up to 84% of parents helping their kids bypass age checks.

do you think YouTube's subtitles are "appallingly bad"?

No, they're much, much better than having no generated titles at all, and by a lot.

mpv won't generate any subtitles for me; it can only show what's included in the data.

The LLMs weren't trained on a story about who won. How TF is it supposed to predict it in advance? That's not how LLMs work. Just train it on one more thing, a story about who won in 2026, and I'm sure you'll see its accuracy go up.

According to the article, they (by way of their cloud provider) had DR backups, which they were able to get restored. But getting offline backups restored takes longer than the SLAs they give their customers and loses some data that hasn't been copied offline yet, which is why they also have backups that are complete and immediately available, using the API key that the attacker -- sorry, AI -- found in a file it wasn't supposed to have access to.