Myst, Superhot VR, Beatsabre
Thank you! Here’s the actual PDF doc of their clarifications and here’s the original DSA
The specific language for number of users is:
average monthly active recipients of their service in the Union, calculated as an average over the period of the past six months
And the definition of active recipient:
(p) ‘active recipient of an online platform’ means a recipient of the service that has engaged with an online platform by either requesting the online platform to host information or being exposed to information hosted by the online platform and disseminated through its online interface;
So you just need 45 million EU citizens looking at a platform to qualify as a VLOP. Amazon probably qualifies, but it would be easy for them to prove they were unfairly discriminated against as well.
Did the EU even define the term “Very Large Online Platforms”? I think this is the bill, but it doesn’t ever define the term. Amazon may be right, purely because the legislators are incompetent idiots.
I can’t find the page that lists blocked instances on kbin, but lemmy.ml may be blocked. lemmy.ml (and lemmy in general) are controversial to some people, and those that dislike lemmy for those reasons have gravitated to kbin.
In short, the lemmy devs and lemmy.ml admins are considered “tankies”, so they don’t want anything to do with them. Thought-stopping newspeak to me, but I’m a strict “separate the artist from the art” person, especially if you’re not paying them.
EDIT: A comment from [email protected] you may not be able to see:
With full knowledge that OP is unlikely to check the comments from a non-ml instance, so they’ll likely never see this, I think in light of this sustained situation, we need to discuss whether or not we actually do defederate from lemmy.ml.
Some people over there do know about the dev’s weird scummy coding. Some, like OP, don’t. Either way, neither of the devs have said a word about it in over a week despite being repeatedly asked and the topic repeatedly coming up even on their own instance. They may be bogged, but I sense they would have by now and it’s likely to stay like this.
I think I’m going to give them a little more time, and then (maybe over the weekend?) I’m going to raise the question if someone else doesn’t, about how their contributions to the apparent activity of kbin feeds weighs against our wholesale inability to fully interact with any of it. We can talk with each other there, certainly, but I don’t think that’s enough and it gives a false impression.
Frostpunk is phenomenal! It sucked up all my free time for a couple weeks.
Oxenfree is gorgeous.
Oh man, there are so many great games if you’re willing to play old stuff (although it looks like the summer sale is over):
As a software dev, so much this.
PWAs are super fucking cool, but current web browsers are a SuperFund disaster site, so they make PWAs suck, and PWAs are partially to blame as Google and Apple keep adding features to browsers to mirror their phones’ native features. Every PWA is going to be slower than a native app for the foreseeable future, regrettably, and they’ll always be nothing more than a browser with the decorations hidden.
I hate this reality with a passion, but native apps are faster because it’s an app on your phone and not an app in a browser on your phone.
PWAs are great, because Apple and Google have no say in whether or not you can use them, and they get no cut if you spend money through them (scumbags at Apple taking 30%).
That’s why I said largely useless. An attacker can narrow down the attack surface by ignoring anything that can’t login, but that just leaves them with root and delial, and they already knew or could’ve guessed both of those pieces of information (in this context anyway).
And as you noted when looking at the service accounts, they might be able to login or crack their way in via xrdp or sshd. So, unless you’re port-forwarding those protocols from the internet, how useful is that really? I would say largely useless. Assuming they port-scanned your public IP, they still need either an insecure config or an unpatched, remotely exploitable bug.
That being said, you’re totally right. The average Linux user isn’t “administering” their system, so they probably aren’t following their distribution’s security mailing list, installing security patches as they’re released, and actually RTFM. It’s best for the average user to play it unbelievably safe.
In this case, the machine isn’t actually running xrdp, and sshd doesn’t accept passwords or root logins. (Although, I need to setup knockd to protect that non-standard sshd port a bit more.) All passwords used on the system are random and longer than 32 characters. My router doesn’t port-forward to this machine, either.
This has been an exercise of Cunningham’s Law for the benefit of those reading.
Since you told me not to. There isn’t a risk on most linux systems; passwords were moved to /etc/shadow a long time ago. It only leaks the names of your users and largely useless info for most attackers:
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
_apt:x:100:65534::/nonexistent:/usr/sbin/nologin
systemd-network:x:101:102:systemd Network Management,,,:/run/systemd:/usr/sbin/nologin
systemd-resolve:x:102:103:systemd Resolver,,,:/run/systemd:/usr/sbin/nologin
messagebus:x:999:999:System Message Bus:/:/usr/sbin/nologin
systemd-timesync:x:998:998:systemd Time Synchronization:/:/usr/sbin/nologin
systemd-coredump:x:997:997:systemd Core Dumper:/:/usr/sbin/nologin
delial:x:1000:1000:,,,:/home/delial:/bin/bash
sshd:x:103:65534::/run/sshd:/usr/sbin/nologin
xrdp:x:104:110::/run/xrdp:/usr/sbin/nologin
dictd:x:105:111:Dictd Server,,,:/var/lib/dictd:/usr/sbin/nologin
nm-openvpn:x:106:112:NetworkManager OpenVPN,,,:/var/lib/openvpn/chroot:/usr/sbin/nologin
sssd:x:107:113:SSSD system user,,,:/var/lib/sss:/usr/sbin/nologin
Google and Apple tit-for-tat adding features to browsers and the never-finished living standard are the most egregious examples of this. They are very slowly strangling the web to death by making it impossible to make a browser except to increase a large corporation’s profits.
For me, it has to be Grim Fandango
Great game with a fantastic soundtrack
POSTAL: Brain Damaged is an interesting shooter in this genre, and a faithful addition to the series.