My condolences. Unfortunately, people are sometimes designated the in-house expert on a thing just because they seem slightly less ignorant of it than anyone else in the organization. That leaves more than a few people making decisions that impact security and privacy without good understanding or sound judgment in those areas.

Maybe you should train up and become your state’s new security expert?

This is one of the more important reasons to minimize dependencies and be very picky about the ones we adopt.

It’s important to post these things every so often. There will never be a day when everyone already knows. :)

https://xkcd.com/1053/

Beware online “filter bubbles” (2011) - Eli Pariser

https://www.ted.com/talks/eli_pariser_beware_online_filter_bubbles

Don’t assume too much from the headline, folks. They’re not saying everything has to be rewritten by 2026. They’re saying new product lines serving critical infrastructure should be written in memory-safe languages, and existing ones should have a memory safety roadmap.

If you’re about to post about how you think that’s unreasonable, I think you should explain why.

It’s one thing to make a reasonable assumption/prediction about how things probably are based on surrounding circumstances.

It’s quite another thing to have objective, quantifiable data showing how things actually are. Even better if it includes the fine details: the underlying reasons behind the scenes that might not be exactly what we expected.

Nobody finds a report like this surprising, but it is important nevertheless.

You could always test the waters by writing up a few of your workarounds in Lemmy posts, and seeing how much interaction they draw. If they’re well-received, the effort of building and maintaining a blog might be worthwhile.

The argument against it is founded on copyright.

We fund copyright in order to enrich our culture, by incentivizing creative works.

Blocking creative works preservation strips away the cultural enrichment.

What’s left? People being compelled through taxes to fund profit police for copyright holders who aren’t holding up their end of the bargain.

It’s worth noting that publishers, and especially the “rightsholder groups” that they hire, are not artists. They are parasites. They are paid more than fairly for their role in getting creative works out there in the first place. I can’t think of any reason why they should have continued control after they’ve stopped publishing them.

Your account info says you joined Lemmy a couple of years ago. Could that have something to do with it? Could be that there are simply fewer of us here than wherever you were before.

Also, if Reddit is one of your haunts, keep in mind that a lot of communities there partially dispersed a little over a year ago, and not everyone has reappeared in the same place (or at all).

Gift links have trackers. (More accurately, they are trackers.) The archive copy doesn’t have trackers or require javascript, which itself enables fingerprinting and more tracking techniques.

https://archive.today/hgGJM

Technologies accelerate all sorts of agendas, but to blame this long-standing problem specifically on tech companies is to misunderstand the problem. Corporations shouldn’t have been allowed much influence on governance in the first place, no matter what their tools or line of business might be.

Instead of pointing fingers, how about we stop allowing corporate political donations and lobbyists in democracies, and put some real enforcement behind anti-corruption and bribery laws?

Unfortunately, I don’t think D is good enough to prove your point. From your follow-up comment:

A language that for all intents and purposes is irrelevant despite being exactly what everyone wanted,

As someone who uses D, I can attest that it is not what everyone wanted; at least not yet. Despite all the great things in the language, the ergonomics around actually using it are mediocre at best: Several of its appealing features quickly turn it into a noisy language, error messages are often so obtuse as to be useless (especially with templates and contracts in play), and Phobos (the standard library) is practically made of paper cuts. Also, the only notable async support is a fragile mess, and garbage collection is too deeply embedded into both the stdlib and the ecosystem.

(To be fair, D could be vastly improved with better defaults and standard library. That might happen in time, as Walter and the other maintainers have shown interest, but it’s just wishful thinking for now.)

Also, D is an entirely different language from C++, and as such, would require code rewrites in order to bring safety to existing projects. It’s not really comparable to a C++ extension.

https://archive.today/tz2Sf

Is this going to be re-posted every month?

That was a different community.

Also: https://xkcd.com/1053/

Given how long and widely C++ has been a dominant language, I don’t think anyone can reasonably expect to get rid of all the unsafe code, regardless of approach. There is a lot of it.

However, changing the proposition from “get good at Rust and rewrite these projects from scratch” to “adopt some incremental changes using the existing tooling and skills you already have” would lower the barrier to entry considerably. I think this more practical approach would be likely to reach far more projects.

I read his message. He didn’t seem grumpy or frustrated to me; just encouraging folks to use a certain style that’s already in wide use, for reduced noise and better consistency.

With no context, this could be an honest attempt to learn about different tools, a thinly veiled set-up to promote a specific language, or an attempt to stir up drama. I can’t tell which.

It’s curious how such specific conditions are embedded into the question with no explanation of why, yet “memory safe” is included among them without specifying what kind of memory safety.

Orbituary@lemmy.world wrote:

Why are you certain they meant well? You have even less evidence of that than was needed to determine if someone slept through sexual abuse.

I’m not certain of what they meant, because I haven’t met them and can’t read minds. Obviously, I’m being charitable with my assumptions about details that are both unknowable and irrelevant to my point.

Stop blocking for cops.

You sound just like an aggressive cop’s catchphrase: “Stop resisting.”

Maybe you should stop willfully misinterpreting people’s words and slinging accusations.

I hope we as a society will start teaching new parents that they shouldn’t rely on child development advice from a single person, especially one with limited knowledge and experience in that area. Raising humans is complicated, and as with many things, the pitfalls are often invisible unless you’ve run into them before.

I assume the detective constable meant well when offering guidance, but it’s important to consider the source when evaluating guidance, and be a little skeptical when it comes from someone whose qualifications and incentives don’t directly apply.