• 1 Post
  • 428 Comments
Joined 3 年前
cake
Cake day: 2023年7月5日

help-circle
  • This article seems to miss that the ban has likely already killed the industry. The ban comes into effect by late 2026 and it takes a few months to grow hemp. I can’t imagine being a hemp farmer and hope that Congress gets their shit together and passes something that allows your crop to be sold. At this point I have to imagine most hemp farms have either pivoted or been sold off.

    I suspect some big companies are going to scoop up these farms and in a few years once marijuana is federally legal they’ll switch to that.

    McConnell screwed them once and while it doesn’t look like he’ll live to see it, he’s going to screw them again.


  • Just to be fair, the Nintendo Switch 2 does support “Game Key Card” games. Such that you still must download the game and use the card to authenticate your game.

    However there are zero first party* Nintendo games that are “Game Key Card” games. If you buy Mario or Zelda you do get the game on the card.

    I do expect that will change in the future and follow the trend Sony is taking to be 100% digital. So you’re right to be concerned that they are heading in the same direction.in fact with Sony already heading that direction it’s even more certain.

    *(Pokemon, which feels like a first party and Nintendo owns a large portion of, is technically third party.)


  • I once bought a small tube of toothpaste for travel. I didn’t really check what was allowed by the airport, I just bought what looked small enough. I arrived at the airport, went through security, traveled to my destination and used the toothpaste during the week I was away.

    When I was set to return my toothpaste was flagged at the airport. It was “too big”. I of course argued with the TSA agent that I had flown into this exact airport a week before with MORE toothpaste in the container than it had in it now. Of course there is no logic. Into the bin my mostly new toothpaste went.









  • Over the years, players generated vast amounts of visual mapping data by scanning streets, buildings and public spaces to progress in the game.

    Which I believe refers to AR Mapping . (Note it’s an archive.org link because this feature was removed from the game earlier this month.) I haven’t played Ingress in a few years, but I don’t think it had these tasks.

    Basically you take a video of the area you are in, and that data could in turn be used to create a 3D representation of whatever you scanned. So instead of knowing you having a house at a given location, you know how tall it is. Google Maps actually has a feature called “Aerial View” where you can see something similar.






  • You’re absolutely right about Paris. I’ve traveled to a number of big cities but Paris was the first city that I felt I was in actual danger. The first time was traveling around Montmartre, there were a number of aggressive scammers who grabbed my arm and tried to “give” me a bracelet. The second was traveling near a circus or park and I clearly wander too far off that I felt the need to run back to the train station.

    Sure it was 10+ plus years ago, so maybe it’s better now, amd there was much more of the city that I felt fine traveling around. In fact most of the city was fine. But on those two occasions, I’ve never felt less safe, and that includes traveling to LA where I saw a man kicked out of a bar… and then kicked in the middle of the road while a large crowd just watched.

    Fuck Paris.




  • So as another comment pointed out you don’t need to give your user account access to docker in this way, it’s an optional step, but one that I suspect many people do (since it’s part of the official docs).

    What the LLM has done is silly, but completely possible. It climbed through the window that you left open.

    But let’s jump to a different scenario, the ping command (on Linux). That’s a perfectly harmless command, right? You just want to say hello to another computer and see if they say hello back.

    Except that historically the ping command was something called “setuid” which means when it ran it ran as root. It ran as root because in order for ping to work it has to create a special type of network packet that only root can create. But if you’re root you can run anything! So in theory ping opens a huge attack surface. If you have to worry about ping then is everything too complex to be manageable?

    Luckily, as I said, this is a historical problem. The permissions ping needs have been moved to a specific capability and the command changed to utilize it and now ping can just run as a regular user without root privileges. But you can’t just make that change overnight. It takes a lot of time and effort.

    So could the same be done for docker? Maybe. A rootless version of docker already exists. If you actually wanted to do what the LLM suggested, that wouldn’t work with a rootless docker, at least not without a bunch more configuration (and even then maybe).

    So is security hard? Yes. Is it impossible? No.