As others have pointed out, it does still require (with some caveats about the infra setup) the user to be an admin. But if someone manages to get in to the interface, or another person is granted admin access who shouldn’t have been, it makes it more risky than it needs to be. It also for me is a design choice that indicates other parts of the system should be carefully examined for how they’re handling and sanitizing input.
Any webserver you browse is possibly capable of ACE depending on the implementation. When it starts to hold user data is when that starts to be a big concern. The more points of entry, the more that needs to be secured.
I don’t have any experience with piefed admin, or any opinion on piefed itself, just too many years of web admin experience. And as soon as I see intentionally made doors that allow code input, I start to worry about how much experience the devs who made it have with web admin.
Well, just copy and pasted rather than written. I would have hoped that infra read-level permission, infra write-level permission and admin interface permissions were all separate to begin with, even if the person who spun up the instance obviously has all three.
You do need a level of trust in an admin, of course, but wide open text boxes for putting in code are a questionable system design choice, in my opinion. It adds an extra point of possible entry that then relies on the security of the overall admin interface instead of limiting it to what should require highest level infra admin permissions to access. And if it is something that would be limited to someone who has those, then what is the actual utility of having a textarea for it in the first place?
I get that many people are concerned about is scoring systems, but it seems a lot more worrying to me that it allows arbitrary code execution.
Excellent job on taking care of Lester. I can tell he’s in caring hands and I hope you both have many wonderful (and URTI-free, fingers crossed for that) years together.
I’d say never feel silly about a vet visit. Even if why you booked it is no longer an issue (which is definitely something that can and does happen for any pet owner), you can always use the time to pick their brains, learn new things and build a good relationship with them.
But… Where are 102 and 103 then? Are they on a separate street?
Oh wait I get it now. It’s a weird choice but ok. Where I live we just subdivide by adding letters. E.g 20 subdivide and becomes 20 and 20A.
That depends on if you consider the “inferior” to be human, if they’re even still alive after the eugenics part.
In retrospect the word quarterlies is what I should have chosen for accuracy, but I’m glad I didn’t purely because I wouldn’t have then had your vivid hog simile.
Amazon’s latest round of 16k layoffs for AWS was called “Project Dawn” internally, and the public line is that the layoffs are because of increased AI use. AI has become useful, but as a way to conceal business failure. They’re not cutting jobs because their financials are in the shitter, oh no, it’s because they’re just too amazing at being efficient. So efficient they sent the corporate fake condolences email before informing the people they’re firing, referencing a blog post they hadn’t yet published.
It’s Schrodinger’s Success. You can neither prove nor disprove the effects of AI on the decision, or if the layoffs are an indication of good management or fundamental mismanagement. And the media buys into it with headlines like “Amazon axes 16,000 jobs as it pushes AI and efficiency” that are distinctly ambivalent on how 16k people could possibly have been redundant in a tech company that’s supposed to be a beacon of automation.
Now I’m curious what replacing the word “girl” with “boy” in the same prompt would return. Would they also be hypersexualized from the inclusion of “stockings” and “braids” which can just as easily be fetish categories as innocuous physical descriptions, or is it mostly the female dataset that puts it into the porn realm?
Terrorism seems cheap when you put it that way
I love how they include a “blast radius” summary for each. What a great little website!
Careful of your eyes! I’m pretty sure you need a special filter or telescope for the sun
What? He was convinced by an auto complete function? The same thing that has existed for many years in any dedicated IDE? Nadella has clearly been off the tools a very long time.
It’s pretty horrifying that someone could be regarded as an authority on the future of tech when they aren’t even aware of the present and recent past, but I guess Davos has never existed for realistic evaluations and accurate public information.
Brb, I’m going to show him my amazing new invention, the wheel.
While the conclusion of it being replaced with an LED is obviously not what happened, I think it’s very possible that the sun was often orange for him when he was growing up, because of air pollution.
30 years ago, depending on where you lived, there were more cars on the road with less efficient fuel consumption, more people using fireplaces, more people burning trash, less regulation of various industries etc. Searching for images with the phrase “smoke pollution sun” will give you a lot of photos of orange suns, and they’re definitely not all altered for effect. I’ve seen red suns in real life too when wildfires are really bad near my area even though that’s thankfully rare.
We know not the sun itself that is orange, but in a polluted environment it certainly looks like it is - and if you don’t get a great education, I can see how you might think that’s the actual color of the sun.
Lots of snuggles.
It seems like you already have a good handle on the rest already, even if 3 URTIs in 5 months is no fun for anyone.
It might be worth giving your house a thorough clean to see if that helps. Maybe there’s a source of irritants (molds, pollens, that kind of thing) that is only really problematic for someone with a weakened immune system, and therefore more prone to secondary infections.
Nah, it’s 24.04 LTS
Super interesting. Maybe your immune system wasn’t so much suppressed, but just too occupied with everything else being on fire to focus on only your skin… But then why would it get worse for other people instead? Both COVID and bodies are really annoyingly complicated.
Maybe it thinks it has more memory available than it does, or the gc isn’t running efficiently, or it’s allocating to 100% without including a sensible safety gap, something like that. It’s a significantly low-level enough problem that I’m wary of tinkering with values I don’t fully understand even if I wanted to spend the probably large amount of time necessary to find root cause.
I’m not a spice merchant, and most exploits rarely involve a single step. This screenshot is just a system design red flag.
You’re free to examine the repo yourself and find your own spice, my 5 min look tells me that piefed needs to expend a significant amount of effort on infosec to maintain user trust in the longer term.