Aren't there licesing issues with porting a proprietary implementation into an open-source one that could open up the project to legal issues with the proprietary vendor?
How do I opt out of this for my own private repos? I don't see anything related to this as I've got a ton of settings for Copilot itself (I have access to Copilot through my work org)
> I guess the equivalent would be if I could ask you to send a PDF to my specific IPv6 address, and you could peer-to-peer shoot it directly to me.
That's not exactly complicated if either party owns a web server. Which - last I checked - the government has.
Just give the person who needs to send the sensitive documents a short link like uploaddocuments.gov, have that page ask for some basic identifying info, and have a box for the user to drag and drop a file. At which point the browser will p2p upload that file over HTTPS.
That’s kinda true, but adds a few steps over cmd-P “print to fax”, paste in a phone number, done. And when done, the fax workflow has been tested and approved in courts. It’s a known entity.
I don’t love faxes. This isn’t me saying we should keep them forever. We shouldn’t. Still, there are reasons they’re still widely used for medical stuff today. If CMS or HHS rolled out a new method and told doctor’s offices to start using it if they want to get paid, the industry would switch in a heartbeat. Short of that, any other alternative will take approximately forever.
In addition to this article, I've recently read this one [1], where the reported received numerous violence and death threats from people who wanted him to change the a story he published to match what they bet on Polymarket.
Yeah this is a much more likely outcome of unregulated gambling... I expect to hear a LOT more of this. Also plan for a swift, complete erosion of trust in sports officiating.
Fedora also wants to reboot to install (dnf) updates offline, as I understand it's to prevent potential instability from running processes getting confused when their files get swapped out under their feet.
It's also good since you can't swap out the kernel without rebooting.
I assume Microsoft took the same approach, just replace everything offline then reboot into a fully up-to-date system without any chance of things in RAM still being outdated.
The point isn't "run the Linux kernel on a phone", the point is "run an non-big-tech OS that respects the user's privacy and choices". See also Google's recent announcement regarding locking down Android app installation to "protect users"
That's not what was said here, though - and also not something that's going to become a viable major platform.
The folks who care about privacy can't agree on the definition of a privacy respecting phone, so whatever you make some of them will be unhappy. 99.9% users care way more about price, availability of apps, and hardware, in that order. App developers will only write apps for the platform once it has sufficient users, and users will only switch if the platform has sufficient apps.
The code you linked to isn't the code for a wrong password. It's a check to make sure you're using a TTY. That code isn't to prevent brute force. The delay there is 10 seconds.
It's really really not. By default PAM has a difficult-to-disable 2ish second minimum delay for all authentication methods. However this is completely pointless for local password authentication because PAM checks password using unix_chkpwd, which has no delay. The comment I linked to is explaining that unix_chkpwd has a silly security theatre delay if you try to run it in a tty, but that's trivial to avoid.
If you want to brute force local password authentication you can just run unix_chkpwd as fast as you like. You don't need to involve PAM at all, so its 2 seconds delay achieves nothing.
It maybe does more for remote connections but I'm not sure about that either - if you want to check 10k ssh passwords per second what stops you making 10k separate connections every second? I don't think the 2 second delay helps there at all.
> Change both the config files and you can remove the delay if you want.
This is extremely complicated. See the comments in the issue for details.
No, I'm right. You can't run unix_chkpwd against a local account without root because you won't be able to access /etc/shadow to get the hash. If you think you can, explain how. Otherwise you have to use the setuid version which won't let you run it directly.
And I just removed the delay using my method. Perhaps try checking something yourself?
reply