frezik

joined 3 weeks ago
[–] frezik@lemmy.blahaj.zone 8 points 2 weeks ago (4 children)

Microsoft's original plan was to own the living room the way they own the office space. Not just gaming, but all your movies, TV, shopping, etc. could be done through the XBox.

Kinect was a particularly big jump in that regard. There were demos of AR-type stuff where you could see yourself wearing clothes you might want to buy. You could move around and the clothes on screen would move with your body. There's some promo videos of that, but nothing concrete ever came of it.

Now they have slagging sales for two generations, and a AAA industry that struggles to make a real hit and is laying off a lot of people. They can't even hold onto the core gaming market much less get their tendrils into the rest of the living room. They then release a handheld that's basically an upgrade of an existing handheld that wasn't selling very well, but now with XBox branding.

Is this a problem for the rest of us? No, not really. There's plenty of alternatives, and we don't need to care. Is this the result the money people at Microsoft envisioned when they started this ~25 years ago? No, not at all.

[–] frezik@lemmy.blahaj.zone 18 points 2 weeks ago (5 children)

Much of Europe is getting hotter. AC is literally a life-saving technology on extremely hot days. No, it's not mere "comfort". Old people, in particular, are at high risk.

And it's not like Europe is completely blameless when it comes to global warming, either.

[–] frezik@lemmy.blahaj.zone 6 points 3 weeks ago

Seems like every time the hype is about to die, there's a big announcement about a model breakthrough. The breakthrough usually isn't as revolutionary as it first appears, but it's enough to keep funding going.

[–] frezik@lemmy.blahaj.zone 4 points 3 weeks ago (1 children)

Specifically these issues: https://github.com/jellyfin/jellyfin/issues/5415

The big one is that video/audio playing endpoints can be used without authentication. However, you have to guess a UUID. If Jellyfin is using UUIDv4 (fully random), then this shouldn't be an issue; the search space is too big. However, many of the other types of UUIDs could hypothetically be enumerated through brute force. I'm not sure what Jellyfin uses for UUIDs.

[–] frezik@lemmy.blahaj.zone 14 points 3 weeks ago (1 children)

Nah, setting non-standard ports is sound advice in security circles.

People misunderstand the "no security through obscurity" phrase. If you build security as a chain, where the chain is only as good as the weakest link, then it's bad. But if you build security in layers, like a castle, then it can only help. It's OK for a layer to be weak when there are other layers behind it.

Even better, non-standard ports will make 99% of threats go away. They automate scans that are just looking for anything they can break. If they don't see the open ports, they move on. Won't stop a determined attacker, of course, but that's what other layers are for.

As long as there's real security otherwise (TLS, good passwords, etc), it's fine.

If anyone says "that's a false sense of security", ignore them. They've replaced thinking with a cliche.

[–] frezik@lemmy.blahaj.zone 5 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

There are ways they can work around it, but their lead developer was drafted into their country's military. Ultimately, they're going to have to make their own phone, and it looks like they're making plans to do that.

For now, it's fine.

[–] frezik@lemmy.blahaj.zone 2 points 3 weeks ago

And they purposely hobbled certain things people want, like inline links and images. Some clients will do it anyway, but it's against the collective wishes of the developers.

If I wanted to track people on Gemini, I could totally do it. It'd just be in a more server-to-server way than how its evolved on HTTP (pixel trackers and such).

[–] frezik@lemmy.blahaj.zone 4 points 3 weeks ago

Some people haven't lived through the time when HTML layout was done through nested tables, and it shows.

[–] frezik@lemmy.blahaj.zone 2 points 3 weeks ago (2 children)

Maybe we could have No-JS and No-Client-Storage (which would include cookies) headers added to HTTP. Browsers could potentially display an icon showing this to users on the address bar.

Theoretically, browsers could even stop from the JS engine from being started for the site in the first place. Though I wouldn't be surprised if the engine is too tied into the code of modern browsers for that to work.

[–] frezik@lemmy.blahaj.zone 2 points 3 weeks ago

Let's not. It's a terrible protocol with amateur design errors.

[–] frezik@lemmy.blahaj.zone 1 points 3 weeks ago

JS does a lot of crap that didn't need doing in the first place. It can be used in a way that improves performance and user experience, but what's out there is so far from that.

HTML could maybe be replaced by a specific form of Markdown (one with a real spec), but meh, whatever. Gemini did that, but its limitations are a little too much.

view more: ‹ prev next ›