kolorafa

joined 2 years ago
[–] kolorafa@lemmy.world 8 points 3 days ago (2 children)

It's not that bad that you might think, the db user just need to have readonly access permissions to specific database tables.

Ofc all data in tables ofc need to be public, so more like simple public facing page, app should not have any notion of users in any way, data probably populated by some automated system, and UI just to make it easier for anonymouse users to view that data in a friendly way.

On top of that it will be a hell for the sysops as they will need to know the whole db structure and such of even a single part of db would contain non-public data, but that overall the best guy to handle security in the first place.

And because all data is totally public in the first place you could give the task of creating frontend to any junior or LLM and it will be still secure.


But in truth it is very bad idea (even it it is possible), because most likely the database connections would be reused so you could for example change current connection session timezone or other params and that ofc would nit change the data in db but still could affect other users by showing wrongly formatted or shifted data.

[–] kolorafa@lemmy.world 21 points 3 days ago* (last edited 3 days ago) (1 children)

Good to know that it's not every friday but specific days of year. So today and next one is in december.

[–] kolorafa@lemmy.world 1 points 3 weeks ago

Sorry, didn't read other comments, so it is already known bug :)

[–] kolorafa@lemmy.world 1 points 3 weeks ago (1 children)

Found the cause for my observed issue, if you grab the timeline by the text box then the text is moved inside the box.

Recording: https://nextcloud.dlk.pl/s/qfzCXsGXXPHq5mD

[–] kolorafa@lemmy.world 1 points 3 weeks ago

Text size dorsnt change, the viewport gets bigger and the text get shifted to a correct position like fixing itself.

But i only saw that like handfull of times.

[–] kolorafa@lemmy.world 5 points 4 weeks ago* (last edited 4 weeks ago) (4 children)

It's some sorts of a bug, as it changes it size/offset if you interact with it in some ways. Has that multiple times but didn't know how to reproduce it or if its not even only on my phone (fairphone 5)

[–] kolorafa@lemmy.world 12 points 1 month ago* (last edited 1 month ago) (1 children)

It have a very small amount of informations about it.

Would be nice to have some details about:

  • Where messages and identities are stored?
  • How the identity is managed?
  • What topology does it use for the decentralization.
  • If and how does it supoort multiple clients for the same identity.
  • Does it handle multiple servers/identities?
  • There is a home server, but does it store all informations in some way or is it just a encryoted storage and relay.

Only android and Desktop. But it's a good start.

[–] kolorafa@lemmy.world 1 points 1 month ago* (last edited 1 month ago)

Fake news, CEO and all emplyes are getting pay'd in full, it doesn't matter if they sell the product to its users or sell (user data) to their sponsors or share the data internaly, it doesnt matter that the service model itself is not profitable as they make the rest from selling a (fake?) promises.

Same with many others like Youtube, they are also "not profitable" on paper as a standalone service. It only mean they are using you, selling your data or selling some promises.

If they would actully not be profitable then they would rise prices or just disapear and some other company would arise but with srtategy that is at least sustainable.

Open source devs can be losing money, as the pay from their own pockets.

I would like to see at least one person in that company that is not getting money from it but fund it from own money.

[–] kolorafa@lemmy.world 12 points 1 month ago (2 children)

They try to push Chat Control every year for some time now...

[–] kolorafa@lemmy.world 8 points 1 month ago* (last edited 1 month ago) (1 children)

I dont have an issue with a feature to allow my phone to automatically veirfy signatures. But there should be a way to import/configure more signature verification providers including my own authority and even then it should still allow imstall if user really want and trust it.

 

This should be illegal, companies should be forced to open-source games (or at least provide the code to people who bought it) if they decide to discontinue it, so people can preserve it on their own.

view more: next ›