TheKMAP

joined 1 year ago
sorted by: new top controversial old
Shouldn't most religious people in theory be excited to die because then they get to experience the afterlife? in c/[email protected]
[–] [email protected] 2 points 6 months ago (3 children)

God knows everything, why should you have to prove that you're good?

Shouldn't most religious people in theory be excited to die because then they get to experience the afterlife? in c/[email protected]
[–] [email protected] 2 points 6 months ago (2 children)

I think heaven was a necessary evil. The point was to have a scary place with an omnipresent being that will send you there if you break the rules. For that to work, you need a good place to serve as the dangling carrot.

Shouldn't most religious people in theory be excited to die because then they get to experience the afterlife? in c/[email protected]
[–] [email protected] 15 points 6 months ago (16 children)

?????

Totally not the same. Religious people believe the afterlife is better than real life and the OP was curious why they aren't speed running to get to it.

A blank nothingness is not an upgrade for most people.

What's a bit of good advice that's really bad advice? in c/[email protected]
[–] [email protected] 4 points 7 months ago

Split is a move in blackjack. It's not just hit and stay.

You turn your 9-9 into two separate hands starting with 9s. The most likely card in blackjack is a ten cuz of all the face cards, so the idea is you get 19s instead of 18s

However according to blackjack cheat sheets you should not do this if the dealer is showing 7 10 or A.

Playboy image from 1972 gets ban from IEEE computer journals in c/[email protected]
[–] [email protected] 5 points 7 months ago

She now supports its removal, and IMO that's the only reason it should be taken down.

An update to how many boring, repetitive communities I need to block to make Lemmy enjoyable in c/[email protected]
[–] [email protected] 7 points 7 months ago

Laughs in "I made an account on the NSFW instance"

Those are certainly rookie numbers.

Backdoor found in widely used Linux utility breaks encrypted SSH connections in c/[email protected]
[–] [email protected] 1 points 7 months ago* (last edited 7 months ago) (1 children)

That's a great question. No way to tell. It's freaking emoji.

A thumbs down could be displeasure of the product not being able to catch it, or it could be them not liking the comment because they think it's untrue.

A fuzzer might catch the crashes related to the memory layout? But its purpose is to look for vulns not malice.

The dude himself is legit tho, he probably owns OSS Fuzz

https://www.linkedin.com/in/jonathan-metzman-b8892688

https://security.googleblog.com/2021/03/fuzzing-java-in-oss-fuzz.html

Backdoor found in widely used Linux utility breaks encrypted SSH connections in c/[email protected]
[–] [email protected] 2 points 7 months ago (3 children)

https://github.com/google/oss-fuzz/pull/10667#pullrequestreview-1518981986

This person says OSS Fuzz would not have found it.

Backdoor found in widely used Linux utility breaks encrypted SSH connections in c/[email protected]
[–] [email protected] 1 points 7 months ago

https://github.com/google/oss-fuzz/pull/10667#pullrequestreview-1518981986

Looks like it was a cover up attempt to prevent manual attention and would not have been caught by the automation.

Backdoor found in widely used Linux utility breaks encrypted SSH connections in c/[email protected]
[–] [email protected] -1 points 7 months ago

SolarWinds had garbage infosec but you gotta admit the attack chain is much longer and more complex than "kidnap one guy".

Backdoor found in widely used Linux utility breaks encrypted SSH connections in c/[email protected]
[–] [email protected] 1 points 7 months ago (6 children)

How do you propose we meaningfully fix this issue? Hoping random people catch stuff doesn't count.

Backdoor found in widely used Linux utility breaks encrypted SSH connections in c/[email protected]
[–] [email protected] 1 points 7 months ago (2 children)

Interesting! When? Maybe that can be a metric or requirement before companies or seriously popular projects consider importing upstream code.

view more: ‹ prev next ›