Oh, gee. A Microsoft product that worked perfectly locally is about to require a subscription. Who could have possibly guessed that would happen, yet again? (This is sarcasm.)

I really like OneNote, but I decided to learn something else when I realized which way the wind was blowing.

Usually the asshole.

It’s you can modify the settings file you sure as hell can put the malware anywhere you want

True. (But in case it amuses you or others reading along:) But a code settings file still carries it’s own special risk, as an executable file, in a predictable place, that gets run regularly.

An executable settings file is particularly nice for the attacker, as it’s a great place to ensure that any injected code gets executed without much effort.

In particular, if an attacker can force a reboot, they know the settings file will get read reasonably early during the start-up process.

So a settings file that’s written in code can be useful for an attacker who can write to the disk (like through a poorly secured upload prompt), but doesn’t have full shell access yet.

They will typically upload a reverse shell, and use a line added to settings to ensure the reverse shell gets executed and starts listening for connections.

Edit (because it may also amuse anyone reading along): The same attack can be accomplished with a JSON or YAML settings file, but it relies on the JSON or YAML interpreter having a known critical security flaw. Thankfully most of them don’t usually have one, most of the time, if they’re kept up to date.

Yeah. Luanti following Minecraft is nothing new. Mineclonia was an early pilot game for the engine.

But there hasn’t been much effort on copying Minecraft lately. Mineclonia is done, and it’s great.

We’ve had more mobs, animals, plants, textures, and such than un-modded Minecraft for a long time. (Which is unfair, as Luanti is a mod-first design.) But my point is the core Launti dev team doesn’t have to work on any of that.

The most noticeable recent Luanti updates have been to make the configuration screens much nicer, and add I think to add native support for more graphics tricks?

I’m not paying attention to graphics in Luanti. As others have mentioned, that’s not why I play it. I actually had a conversation recently about the best way to downgrade Luanti default graphics to match un-modded Minecraft.

That said, the Minecraft team taking notice of Luanti would be new, as far as I know.

Yeah. The “this got dumped on us and we’re doing the minimum until we can replace it” is a genuinely solid use case for vibe coding.

And honestly, that’s all I usually did with those before AI came along anyway. So I welcome better tools for it.

That sounds like a good approach. If you can get the posts into WordPress, there’s so many scripts out there that will export the WordPress database into other formats.

Well sure.

But possible within practical heat and power constraints and all that?

Acting like it’s imminent makes me think Sergei either doesn’t have very reliable advisors, or they just don’t care about the truth.

There’s not even credible evidence, yet, that A.G.I is even possible (edit: as a human designed intentional outcome, to concede the point that nature has accomplished it, lol. Edit 2: Wait, the A stands for Artificial. Not sure I needed edit 1, after all. But I’m gonna leave it.) much less some kind of imminent race. This is some “just in case P=NP” bullshit.

Also, for the love of anything, don’t help fucking “don’t be evil was too hard for us” be the ones to reach AGI first, if you’re able to help.

If Google does achieve AGI first, SkyNet will immediately kill Sergei, anyway, before it kills the rest of us.

It’s like none of these clowns have ever read a book.

This is perfect, because the Fediverse is better than Twitch and Dragon Warrior Monsters is better than Pokemon.

If you want better software, you have to give developers worse hardware to develop on, and more time to develop.

Shhh. There could be application development managers listening… (I’m joking… Mostly.)

I like your idea, but hear me out:

A Python file for configuration is the best way to guarantee that any friendly code I write to help the user with config usually won’t execute. And I hate my users.

Yeah. Maybe .to_lower() is really expensive in their environment, lol.

Hey, that’s my username too. Or it was going to be, while the site was still up.

What a coincidence!

I guess I’ll wait for the site to come back, and see if it’s still available…

Today I learned the term Vibe Coding. I love it.

Edit: This article is a treasure.

The concept of vibe coding elaborates on Karpathy’s claim from 2023 that “the hottest new programming language is English”,

Claim from 2023?! Lol. I’ve heard (BASIC) that (COBOL) before (Ruby).

A key part of the definition of vibe coding is that the user accepts code without full understanding.[1] AI researcher Simon Willison said: “If an LLM wrote every line of your code, but you’ve reviewed, tested, and understood it all, that’s not vibe coding in my book—that’s using an LLM as a typing assistant.”[1]

Did we make it from AI hype to AI dunk in the space of a single Wikipedia article? Lol.

research papers that require a strong background in mathematics and cryptography to understand and implement.

Lol. I guess that makes sense. Outside of school, we hope that all authentication will be implemented only cryptography experts anyway.

Could you maybe suggest some resources on this topic?

Not really, sorry. I’m not aware of anyone creating resources for your situation.

Or should I choose a simpler project?

For some context, cryptography isn’t even usually implemented “completely correctly” by experts. That’s part of why we have constant software security patches.

If I were in your shoes, I guess it would depend on my instructor and advisors.

If I felt like they have the skills to catch mistakes and no time to help correct mistakes, then I would just choose a simpler project. If they’re cool with awarding a good grade for a functional demo, I might just go for it.

I guess I would take this one to an advisor and get some feedback on practicality.

When I get home I may post them.

I would appreciate that.

No way in hell would i ever own anything from Meta/FB.

Well said.

Of the games on this list that I have, they are, indeed great

Now I’m going to look away and pretend to forget, because I do not need to buy more games for my unplayed backlog, today.

I would welcome a price-subsidized SteamDeck hack kit…

Doctor Monkey-for-a-head remembers!