Missing key info. Read the article.

Agree that people like to fluff the severity of bugs they report. It’s better for prestige and bounty payouts. But this is a little more nuanced.

“While I didn’t really intend the module to be used for any security related checks, I’m very curious how an untrusted input could end up being passed into ip.isPrivate or ip.isPublic [functions] and then used for verifying where the network connection came from.”

It’s interesting, that it would be hard to make a case that there was a “vulnerability” in the ip package. But it seems like this package’s entire purpose is input validation so it’s kind of weird the dev thinks otherwise.

Recurring incidents like these raise the question, how does one strike a balance? Relentlessly reporting theoretical vulnerabilities can leave open-source developers, many of who are volunteers, exhausted from triaging noise.

The researchers need to provide proofs of concept. Actual functional exploits.

Also, some of these Live Nation places are literally just fucking Old People places, like the local Elk’s Lodge. Nobody is doing wild concerts at the fucking Elk’s Lodge.

Some of the best shows I’ve ever been to were at an Elks or VFW. Often they’re the only venues available in suburban and rural areas. And they’re usually priced reasonably.

As if it’s just a given that online purchases (the increasing majority of all economic activity) is subject purely to a ToS and not the laws and protections granted to us by the government.

What? Of course they’re still subject to laws. There’s so many laws and precedent based around banking that it requires specialized lawyers.

As a very long time Arch user I wouldn’t say “easy” like everyone else seems to. I absolutely would not suggest it for a first distro for someone, which is what I would classify as the “easy” level.

But if you’re comfortable with using Linux, the terminal, and being able to follow written documentation you’ll be able to do it just fine maybe with a little frustration the first time. If you’re installing to a laptop, make sure to look up your model on the wiki first.

Of course we want affordable health care and housing, but I’d absolutely kill for a Bill Clinton or Bush Sr over a Trump any day.

Would really like to meet the person that’s undecided between Trump and Biden. I could understand someone staying home long before someone choosing between the two.

Yes, please!

“The roundtable setup featured Representative (and Trump V.P. wannabe) Byron Donalds, former Trump Housing and Urban Development Secretary Ben Carson, and Representative Wesley Hunt in attendance,” she writes. “The seats were positioned in a semi-arc facing a gaggle of cameras and sea of white people, and everyone looks abundantly unenthused to be there.”

Where are the photos, man!?!

BAT is trash but I’d love to see more quick crypto donation options.

SELinux was a product of the NSA. Maybe the best thing that agency has done.

This is what these fuckers have been working on for so many years. Finally came to a head in a clear-cut partisan line vote.

They went bankrupt in 2018 and are but a shell of what they once were.

“Ms Hilton, I first read about your story in Vanity Fair. I don’t usually read that magazine, my wife does. She told me, ‘You have to read this story. You won’t believe what happened to her,’” Representative Mike Kelly said. “You telling what happened to you…is absolutely incredible and opens up a whole new vision for the rest of us.”

Nice save there, Mike.

Well, if it’s going to be the government of celebrity, maybe we can at least get some good done with it.

He had plenty of training. He PIT the dude’s car, and shot him in the forehead 1.6 seconds after stopping his car. Lots of training went into that.

It’s just the wrong training.

In ruling for the former mayor, the justices drew a distinction between bribery, which requires proof of an illegal deal, and a gratuity that can be a gift or a reward for a past favor. They said the officials may be charged and prosecuted for bribery, but not for taking money for past favors if there was no proof of an illicit deal.

huh?

[Ketanji Brown Jackson] said the mayor’s “absurd and atextual reading of the statute is one only today’s court could love.”

lol, GOTTEM

Prosecutors said James Snyder was heavily in debt and behind in paying his taxes when he became mayor of Portage, Ind., in 2012. The city needed new garbage trucks, and the mayor took over the required public bidding. He spoke regularly with two brothers who owned a local truck dealership that also had financial problems, and he designed the bidding process so that only their two new trucks would meet all of its standards. He also arranged to have the city buy an older truck that was on their lot.

Two weeks after the contracts were final, the mayor went to see the two brothers and told them of his financial troubles. They agreed to write him a check for $13,000 for undefined consulting services.

Seriously, how is that not outright corruption?

So many exploding hearts.

On new install without logging in a Microsoft account?

You’re hearing what you want to hear. “Growth” is not financial growth. It’s not wages, I thought that was made clear in the end sentence. Growth is like personal growth or professional growth. Learning things. Becoming more. No stagnating.

But hey, if you’re happy in a “dead end” job more power to you. I wasn’t necessarily arguing against it. I was just trying to clarify that “dead end” does not refer (solely) to wages.