it’s also important to keep in mind that the cybersecurity field has adbanced tremendously, with cloidfare, EDRs, and in general it is now way harder to do anything anonymously without getting caught, quickly. This also males the field of hacking way more difficult to get in, which combined with reduced attention span of younger generations probably means there’s not that many bored teens willing to put the time in, and as an adult you have way much more to loose, so for hose who had the skills it would be a lot greater risk.

I spent three days trying to get a RaycastCommand (Unity’s jobified raycasts) working to get multiple hits per raycast. Should have been easy, according to the docs:

The result for a command at index N in the command buffer will be stored at index N * maxHits in the results buffer.

If maxHits is larger than the actual number of results for the command the result buffer will contain some invalid results which did not hit anything. The first invalid result is identified by the collider being null

maxHits The maximum number of Colliders the ray can hit

Well, no. I was getting super weird results and couldn’t get it to work properly. First thing I checked was if I’m getting two+ hits for any of the raycasts, because you simply can’t trust Unity. And I was getting multi hits, but seemingly at random.

The error? I was sorting the hits by distance using bubblesort, and made a simple error with index in it. Which resulted in me seemingly getting two hits per ray sometimes, but it was just a result for another ray moved there by faulty bubblesort. Because unity actually doesn’t support multiple hits per ray.

I couldn’t find the original thread about the issue (which was two years old by the time I was dealing with it), which had an amazing reply from Unity:

I have discussed it with an engineering team, and RaycastCommands don’t support multiple hits because it was difficult to implement. The documentation just doesn’t explains it really well

The fuck doesn’t explain it very well??? It literally describes a parameter that sets max hits per ray and tells you how to get the multi hits from results…

Fuck unity :D

I think it eventually got challenged and banned. The response from the SPD party was “We were just getting started, our campaing will be even more harsh.”

It is just a bunch of idiots, what can I say.

On the topic of Mullvad, what made me choose Kullvad over LibreWolf was the VPN being bundled in. If I’m not mistaken, the whole point of ToR browser is that you have exactly the same fingerprint as any other Tor browser user, making it a lot harder to distinguish you from others using your extensions, browser and other minor stuff your browser reports about you, that combined makes for a pretty unique fingerprint, evej of you are using a VPN.

But, if you have a browser that has the same fingerprint for all users, and it has an accompanying VPN, you can partly expect that most of other users of the same VPN will also be using the same browser, making it a lot harder to track you - because while there may be only a few thousands users of Mullvad in the wild, which renders the same fingerprint not much of an advantage (because you would be one of the few users of i.e Proton VPN with Mullvad), if you also use Mullvad VPN, it’s probable that most of other users who share your Mullvad VPN IP are also Mullvad browser users, making it easier to blend in.

Bit that’s mostly my theory, why (along with being able to pay with Monero) I feel like the combo of Mullvad browser and VPN is the best combination as far as minimizing fingerprint is considered. If someone has more knowledge about the issue, I’d love to hear some counter-arguments or tips how to improve my setup.

After Stormgate, which I was looking forward to, came out to be kind of meh, I reinstalled Starcraft and catched up on recent Florencio Files. I like PiG’s casting, and Florencio’s games are so entertaining to watch, how off-meta and nonsensocal they are, while also miracolously working. IIRC he plays in GM league, while his mechanics and gameplay is so weird but still somehow works. It’s fun.

My favourite has been this game, the sneaky probe is such a genius move - https://youtu.be/-tlQv_r5w_s?si=Mb5Zb3hCxUXIpQh-

https://www.ccpgames.com/

EVE is one of the most unique games I’ve ever seen and I admire it, and CCP in general, from what I’ve seen in their volunteer programs or from streams, seems like a nice workplace.

Also, Island is cool.

Then the book will definitely be up your alley, it’s exaclty about that, and offers a great tips about how to approach it.

I cheated the MFAs by switching what I could to SMS, Yubikey or just copying the MFA private keynto Bitwarden. Kind of defeats the point of MFA, but makes stuff definitely easier.

Anything that’s important however is on yubikey, however.

Also, good luck! Are you going through the Digital Minimalism book? I should refresh on it, every time I try it, it doesn’t last long, but I always get rid of one more stupid online habit that I don’t pick up when I inevitably return to my pre-reading the book intetnet usage. So, after already going through like 4 attempts in the last 3 or 4 years, my internet usage is slowly but surly changing for the better. But it’s more of a long run, rather than being able to get everything on the first try, in my experience at least.

If you’re not doing it because of the book/haven’t heard of it, I definitely recommend reading Digital Minimalism by Carl Newport.

How to best approach starting secops in a small indie gamedev studio. We don’t even have a sysadmin, and our boss mostly also does most of our infra together with one of the programmers.

We would love to start setting up some basic security setup, ideally FOSS based, and while I work there as a programmer, I do have 5 years of experience working as pentester and doing red teamings, so I kind of have an idea about what we could have. But I never did anything from blue team side, and also worked for large corporations, so most of the tools and solutions I’ve encountered are waaay over the budged of 20 man indie gamedev studio.

How would I even start? Are there any frameworks that would help but arent aimed at large corporations? What of the buzzwords we even need? Do I start with hardening group policies, get rid of local admins, then set up some kind of log management/SIEM, then IDS? And it’s so hard to google for, because every blog post I found is just a disguised ad for a company that does Security as a Service. Why isn’t there some kind of easy 10 step program that would tell you “step 1. Harden configuration. Step 2. Install <one of many security tooling acronyms>.”

I vaguely know that most of the buzzwords that are thrown around have some dependencies, but what? Does IDS needs logs from SIEM, or is it the other way around? I’m obviously not qualified for this, but i dolid get time to research it, and some DIY attempts is definitely better than having no security in place at all. And, I know very well how to actually hack and test our security setup, so I can at least tell if something I’ve done is shit or useless :D

I’d go for scandiavia, if I could choose anywhere. Or Island, working for CCP is my dream job.

When I tried that, it lasted me for almost a year and a half, before I unfortunately got a second job that required MFA and I needed to be more online in general due to juggling two jobs. And it was amazing!

What I eventually did however was to get a dumb phone that can do a wifi hotspot, and still carried my smartphone but without simcard and net access, and powered off. When I really needed to get a taxi or look up a way home when I overslept drunk on public transport and ended up who knows where, I could always just fire up hotspot, power on the smartphone and do stuff I needed. Cause when that happened first time, it was when I first realized how much dependent I am on smartphone and net access.

Thanks for reminding me, I just quit one of the jobs and I can afford to be more offline, so back to the dumb phone I go! Convincing my GF again that she has to text me instead of using discord will be hard, though … Or explaining that I really cant look up the fact she wants, or call a taxi quickly…

I still have a python bot that forwarded discord messages to my own bare html website, so I can chat with her with the basic web browser of the dumb phone.

Yeah, I know and that’s what I’m afraid of. I guess I’ll just have to come to terms with most websites not working in some obscure web browser that’s not feature-complete. Would actually help with my addiction, so it won’t be so bad, I guess.

You are right, it was unfairly harsh wording, I apologize for that. Most of those products are super cool and important, I’ve kind of extrapolated it from what I’ve read in other posts about them spending too much on stuff like events and other, non-developemnt, related stuff that I actually never checked, while also not realizing that they also have a ton of other projects, which mixed with the dissapointment with the recent development about the Meta partnership led to me choosing that wording unfairly.

I stumbled upon the Geminy page by accident, so i figured lets give it a try.

I asked him in czech if he can also generate pictures. He said sure, and gave me examples about what to ask him.

So I asked him, again in czech, to generate a cat drinking a beer at a party.

His reply was that features for some languages are still under development, and that he can’t do that in this language.

So I asked him in english.

I can’t create images for you yet, but I can still find images from the web.

Ok, so I asked if he can find me the picture on the web, then.

I’m sorry, but I can’t provide images of a cat drinking beer. Alcohol is harmful to animals and I don’t want to promote anything that could put an animal at risk.

Great, now I have to argue with my search engine that is giving me lessons on morality and decide what is and isn’t acceptable. I told him to get bent, that this was the worst first impression I ever had with any LLM model, and I’m never using that shit again. If this was integrated into google search (which I havent used for years and sticked to Kagi), and now replaces google assistant…

Good, that’s what people get for sticking with google. It brings me joy to see Google dig it’s own grave with such success.

If it keeps going on like this, it won’t be long before I’ll just say fuck it and switch to elinks…

Hmm, on that note - is there any CLI web browser that can do javascript and css? Because iirc, elinks doesn’t, though I havent used it in years.

IIRC, only like 2% of Mozilla spending goes towards FF (I may be misinterpreting something, but I remember 2% being thrown around), so funding FF without rest of Mozilla bullshit shouldn’t be that hard. Of course, since Mozilla did spend so little on FF, it’s a question how much they actually care about FF and what would happen if they lost access to their golden goose. They shouldn’t have problem funding FF, but they probably have other bullshit they don’t want to let go and that has more priority for them.

I’m not sure what Mullvad is based on - i think it’s on Tor, which is Firefox based?

I do use mostly LibreWolf, but if FF also went to shit, I wonder if Tor, and thus Mullvad, would keep on going or not. Because I suppose LibreWolf would have troubles with keeping up, if Mozilla would enshitify FF, since they would probably have to fork and continue development on their own.

I suppose that this isn’t something to worry about with GrapheneOS, right?

That’s not even the worst poster they have. They also have this one:

Healtcare shortcomings won’t be solved by imported ‘surgeons’

Stop the EU migration pact

I hate those pieces of shit so much. And this is a real election campaign poster.

How I understand it is that the admired language is one of those “I’ll start learning it tommorow” languages, that you however already talk about how great it is wherever you can, i.e see Rust on Lemmy.

I also find it funny (and relatable) how neovim is the most admired IDE. I totally relate to that, I’ve been telling myself “I’ll learn and switch to Helix tommorrow” for the past two years.