t҉̠̙ǵ̣̞̄ͪ͜x̸̱͚̳ͫ͐̑̈ͯͣ̚n̒͌҉͉̦̜̝ͅ

Redhat employee had leaked credentials, threat actor used those credentials to push some files to GitHub, which executed the code in a GitHub action which had trusted access to publish to NPM.

Essentially, an employee got owned and someone used their access (that they already had) to publish the nefarious code.

You’ll see GitHub Actions in these often, as that’s how a lot of big open source organizations publish their packages and run tests/deployments. It’s less of a “GitHub based problem” and more of a “trust boundary problem”, if they used other services, the same problem could likely have still been successful.

Best Hemisphere.

You sir, are MVP.

I mean, if you read the OP, it says at the end. The clients are Apache2 and can just be formed if the API starts drifiting.

I think facial recognition technology is very different to threw diverse software. The fact that those technologies are trained on predominantly-white data is no surprise, both of your examples are data-based (ML models) where the data itself contains the bias.

I am talking more of the open-source projects, it’s important; as you rightfully call out, that we have a varied group of opinions within the developer group 👍

Hmm, you’re talking about the little red warning triangle? In theory this could be cool if it was something each instance could configure using custom url-lists (as you know we all don’t agree on which perspective is “right”) but if it’s coming packaged with PieFed, then I would call that inherent bias in the product. 🤨

Yeah, I’m not a huge fan of it myself and don’t see the need for it really. If that’s right about the baked-in blocklist, then this was the right choice. You should be able to craft your own blocklists, if you so choose to.

Personally I don’t see why the views of those that write software should really concern us, as long as the technical implementation is not biased. It’s open-source and people can take it and do with it what they please. No-one is forcing you to accept certain views or think about things critically (including assessing others viewpoints that may be different to yours). I feel like it’s a bit of a waste of time to worry about these things.

Lmao, who is this guy? db0 is cool, and so is Quokka 🤣 What a cooker. (p.s. will this get me added to the list?)

They won’t if it’s more expensive? A small portion of people are buying it, but more would if tbe price was at least at parity.

duh, you’re right I can’t read 😂

I’m not sure on an answer to your question, but I am interested as to what hardware you run this on?

Unless your using an LLM to make simple one-page HTML pages. In which case it likes to reinvent the wheel every single time. 🤣

Yea and they should. I want Google to completely delete my apps though. 🤨

Maybe you will, I demand a signed decree!

Ahh fuck Google. They will allow you to delist apps, but you can never delete them from the Play Store entirely.

Yeah it’s fucking stupid. Fuck Google and the fuckknuckle changes they are making to restrict our devices, in the name of “security”. Not a happy camper.

And to clarify, these are linux-kernel distros developed for mobile devices. Previous commenter seemed to care that the Android kernel is based on Linux, even though it’s heavily modified. - “Linux phones” would typically use a much more standard, open-source kernel and driver bundle.

Not necessarily - I use Aurora store (without Google login) to install apps, and now apps have a method of validating which store installed them. Which is dogshit since it’s the same APK running on my device. Said apps can now block usage if they detect they have not been installed using “approved methods” which is my take on OP’s post.

For apps I install with F-droid or Obtainium, this is usually not an issue since those apps don’t enforce stupid rules.

Edit: I should point out that this is 100% related to Google’s upcoming (hopefully not…) enforcement of “no third party app installations” - this is the exact method they will use to block access to these applications.

are you saying that we’re not all here commenting, regardless? 😥🥹