software is not a one and done, and foss is so far from a workplace. there’s a huge amount of software engineering that’s not writing code, and maintaining a code base over years is far different than a relatively isolated fire and forget
an internship wouldn’t cut it, and neither would foss contributions
i wouldn’t say projects are practise… they’re kinda like a really basic simulator… you’re solving contrived problems so they’re not messy, you don’t have seniors etc, there’s no existing code base, no complex deployments, you’re not doing most of the non-technical parts of software engineering, and the list goes on and on and on
internships are great, but they’re really short
software should be a trade, and treated like apprenticeships… some theory is needed, but it’s wild that anyone thinks 3 years of just theory is going to produce decent software engineers
well it is only 0.50.0… the way most of these things go is that you get the gameplay mechanics working fist and you optimise performance close to release. same is true for early access commercial titles
voyager automatically opens links in reader mode for me and it works about 80% of the time
(but this article it doesn’t work for)
this entire thread is about the STG petition, and thus about the theoretical possibility of how laws could change
mandatory minimum warranties are also not relatively minimal effort and yet we have laws that require those… most consumer protection standards aren’t minimal effort: that doesn’t mean we don’t make laws to ensure consumers get what they are expecting when they hand over money
why shouldn’t handing over source code to a game that’s being shut down (and apparently that nobody finds any value in since it wasn’t even bought in bankruptcy auction) be mandated as a last resort?
literally what STG is about
and the law is able to make license conditions illegal/unenforceable (like non-compete clauses in employment contracts)
usually in bankruptcy the game gets sold in order to help pay debts… whoever buys the game assumes the responsibility of contributing to run the online services, or provide options for others to… in the case that nobody buys the game (im not entirely sure what happens to the IP in that case) but it’s relatively minimal effort to release server source code or documentation OR even just remove the online parts that’s usually just for DRM which is now pretty irrelevant because you’re shutting it down anyway so why would anyone care if someone pirates it?!
not to mention whose recent valuations have basically been about selling their data to train models which will be used to make AI slop
there are public STUN servers: just like DNS, STUN is a fairly critical part of modern infrastructure
peer to peer real time video is a fairly solved problem. the fact that we have google/amazon/zoom/etc in the middle isn’t because it’s necessary
that having been said, STUN servers are also incredibly cheap to run… i wouldn’t consider it exactly off the cards for a company that’s selling products to support a public STUN server indefinitely… it’s not quite as simple as them having to pay tens of thousands /mo in infrastructure costs to keep the lights on: it’s more like $100/mo, which at numbers that small you’d make back in just interest on the sales you made… but i reckon it could go something like “support for 10 years” and then they release an update that lets you set your own STUN server; perhaps defaulting to a public, free one
you can make very cheap to maintain peer to peer solutions
you can use a STUN server to discover your public IP and use a method called UDP hole punching to open a port others can connect to. STUN servers are very cheap to run: they don’t actually handle the data; just provide a kind of handshake service in the middle for coordinating
this is often used for peer to peer video chat etc
Having a unique password per device is best practices.
yup that’s all i’m getting at… this vacuum has unprotected access to ADB, which another user likened to root access, and i just think that in circumstances that are root-like, even physical access shouldn’t grant unprotected root
they’re not going to go after the robot vacuum when the thermostat, tablets, computers, TV, router, access point, etc are right there.
… and all of those things should be equally protected
they’re going to go for the easiest thing to extract information or escalate
since they have root they can add a password themselves!
the most absurd thing is assuming that an end-user is going do add a root password to a serial interface
i’m not saying end users shouldn’t be able to gain root somehow, simply that it shouldn’t be wide open by default… there should be some process, perhaps involving a unique password per device
doesn’t mean it can’t do damage - like fox news
hell you don’t even need a lab for a lot of bio plastics: you can produce them in your kitchen
Even 50 days is relatively fine if it’s cheap enough to replace saran wrap for food products
well we already have that
and that’s 50 days total, so those big commercial rolls of plastic wrap are much harder because they’re now perishable too: you can’t just stock a warehouse up
you’re on programming.dev so i assume you know that secrets is a generic term to cover things like your cloud account login (whatever form that may take - a password, token, api key, etc) for the robot vacuum service and you’re being intentionally obtuse
it’s a realistic attack scenario for some people - think celebrities etc, who might be being targeted… if someone knows what type of vacuum you have, it’s not “carefully take apart” - it’d take 30s, and then you have local network access which is an escalation that can lead to significantly more surveillance like security cameras, and devices with unsecured local access
just because it doesn’t apply to you doesn’t mean it doesn’t apply to anyone… unsecured or default password root access, even with physical access, is considered a security issue
meta and ctrl switched, because if there’s something apple did right it’s using the thumb as modifier key for copy/paste/etc instead of pinkie finger which is far FAR less able to deal with repeat strain
but i also type programmers dvorak because i got pretty horrible wrist pain at one point so anything to stop me damaging my wrists :p