chameleon

Not sure, but I can reproduce it on my end. The actual download pages on get.videolan.org have ads, the main site does not.

The whole “don’t look anything up before playing it” genre of cryptic puzzle-ish games where saying nearly anything about it is a spoiler. There’s not all that many of them, but somehow they’re all games where people go in with no expectations and either love it or bounce off of it really fast. The entire internet can scream at you to play Outer Wilds, but nobody wants to tell you why.

Out of the ones I played, I had the lowest expectations/highest payoff for Void Stranger; on the surface it looks just like a pretty average sokoban with gameboy-styled graphics and a surprisingly good soundtrack. And that’s pretty much what it is, except the sokoban isn’t really why you play it, even though you’re gonna be playing a lot of it.

For anything public, it’s anything varying from trivial to hard/annoying depending on your client settings, but never quite impossible. Even in the best-case scenario where you have DHT turned off and all the trackers in the torrent are using HTTPS, man-in-the-middle attacks are fairly doable for anything popular.

I’ve seen the claim around but I’m highly skeptical of it. DDR5 is far too slow for anything where memory bandwidth really matters, any newly produced chip that’s gonna be used for AI is on HBM3 or HBM3e, or possibly GDDR6/GDDR7 if it’s a GPU pulled from the consumer segment. HBM5 is still a very, very early research project and is certainly not being produced yet.

The idea is interesting, but $13/month for one ‘mystery’ album from an artist you (most likely) don’t know feels rather up there.

All true, wanted to add on to this:

Note that smart peeps say that the docker socket is not safe as read-only.

That’s true, and it’s not just something mildly imperfect, read-only straight up does nothing. For connecting to a socket, Linux ignores read-only mount state and only checks write permission on the socket itself. Read-only would only make it impossible to make a new socket there. Once you do have a connection, that connection can write anything it wants to it. Traefik and other “read-only” uses still have to send GET queries for the data they need, so that’s happening for legitimate use cases too.

If you really need a “GET-only” Docker socket, it has to be done with some other kind of mechanism, and frankly the options aren’t very good. Docker has authorization plugins that seem like too much of a headache to set up, and proxies don’t seem very good to me either.

Or TLDR: :ro or stripping off permission bits doesn’t do anything aside from potentially break all uses for the socket. If it can connect at all, it’s root-equivalent or has all privileges of your rootless user, unless you took other steps. That might or might not be a massive problem for your setup, but it is something you should know when doing it.

The modern breed of CAPTCHAs is mostly only trying to verify that it’s a full-fat browser. undetected-chromedriver, camoufox, pydoll, patchright and a million other libraries/tools exist. Nothing’s perfect and it’s a cat & mouse game, but this single incident is a sample size of one as well.

https://ec.europa.eu/commission/presscorner/detail/en/ip_25_1339

Everything regarding enforcement is early stages but what they’re aiming for is much more specific than chat control and is based on existing wording in the Digital Services Act.

Steam for Linux is mixed 32/64, unfortunately the main executable (~/.local/share/Steam/ubuntu12_32/steam) and its associated steamclient library continues to be 32-bit only and runs with a couple of horribly dated libraries in the mix. That process does pretty much everything aside from the UI.

There’s a disclaimer in the readme: https://github.com/juanfont/headscale/?tab=readme-ov-file#disclaimer

The maintainer Tailscale contributes happens to be the lead developer by commit count at the moment.

They also had a major ass security issue that a security company should not be able to get away with the other day: assuming everyone with access to an email domain trusts each other unless it’s a known-to-them freemail address. And it was by design “to reduce friction”.

I don’t think a security company where an intentional decision like that can pass through design, development and review can make security products that are fit for purpose. This extends to their published client tooling as used by Headscale, and to some extent the Headscale maintainer hours contributed by Tailscale (which are significant and probably also the first thing to go if the company falls down the usual IPO enshittification).

Not them but between those two I’d recommend Kanboard if you’re going to be the only user. Far lighter and easier to administer piece of kit, has everything you’d want from a fancy task list but not much more. WeKan is rather heavy software but does have a few features that are probably quite important for large team use.

Started Digimon World Next Order on a whim after it was on a big sale last week. Not sure I can recommend it, and definitively not at full price, but it’s interesting to have a game that doesn’t know if it wants to be a modern game or a 2000 era throwback game in exactly the right ways. And well, it’s still about little critters that turn into big critters (and back), so I’m satisfied nonetheless.

FWIW, your domain will most likely eventually get used by spammers and then it’ll be an endless string of somewhat expected but unpredictable failures from there on onwards, with no actions you can take to reduce it. It’s good to keep an eye on what comes in but I wouldn’t invest too much effort into failure alerting.

There are both dumps with full history and ones that are just the current set of articles. The full dump happens once a month on the 1st, but will often take ~2 weeks to run to completion, so you probably have to look back to the April 1 2025 dump for those. The metawiki dumps page has all the info.

That’s about right. That said, we also don’t know how long regular Switch/Switch 2 carts are going to last. The MaskROM used in the N64/DS and earlier eras is significantly more reliable when stored for a long time than the modern NAND Flash memory as used in the 3DS/Switch+. I suspect key carts won’t have any NAND Flash inside (they don’t need gigabytes of capacity just to store a game name + icon) and might physically last longer.

Of course, key carts are all going to drop to zero value practically overnight when Nintendo eventually pulls the plug, while real carts will die one by one.

We won’t know for sure what’s actually going on under the hood until the console is cracked wide open or there’s a devkit leak, but my speculative guess is that some details of the GPU are ‘emulated’/recompiled. PC AAA games tend to include lengthy shader pre-compilation wait times, console games don’t have that wait time because the shaders are pre-compiled by the developers when building the game, specifically for one piece of hardware. The games themselves then fully rely on those pre-compiled shaders. They’re going to need shaders that work with the Switch 2’s GPU, which is going to involve some kind of imperfect translation process.

AMD was able to design better hardware that works with older compiled shaders, as done in the PS5/Xbox Series (and Pro consoles). That’s not a super common feature, but I imagine that AMD is more motivated to keep Microsoft/Sony happy than Nvidia is to keep Nintendo happy. AMD’s graphics division might as well shut their doors if it wasn’t for the consoles, meanwhile Nvidia is raking in trillions from the AI boom and would rather forget about gaming.

Gives them excuses to punish “weird”/non-perfectly-conforming kids. The definition of the actual law is broad and open to more or less any interpretation you want it to have.

The good stuff is usually hidden in low view hell (or in text form, stuck on personal blogs nobody reads). Getting an audience is mostly a property of marketing, not quality. There’s not a lot of natural overlap between those that can teach well and those that can market well.

There’s no 100% indicator, but presence/non-presence of a contributor license agreement that gives them the rights to distribute under any license is the best one I’ve found. Corporate backed FOSS where they want the option to turn into non-FOSS “just in case” means that will inevitably happen after people are locked in. Best place to look for one is the project’s documentation on how to contribute/how to send pull requests.

Stuff licensed under BSD/MIT style permissive licenses don’t need a CLA to go proprietary, but the ones that do tend to have a CLA anyway.

“CLAs” that are just an sign-off (developer certificate of origin like used by the kernel) are fine and are also treated as a CLA every so often, but the moment you see anything about giving one specific company a “perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license” or the like, run for the hills.