This is me whenever I plan on a staycation…and it turns into my mom(bc who can afford to move out???) Finding shiz I need to do and I just can’t seem to rest bc gotta be productive 🫠
I wish there was a separate meme community for normal memes and these Zoomer memes. I just can’t find the humor in so many of these. Like what does this text really do that’s funnier than easily readable text? Why are the images always like 4 clear pixels and the rest a blur?
I too wish there was a separate meme community, where those who have never contributed to a meme community can go to whine about the content of the existing meme communities instead of scrolling past things they don't understand or like and moving on with their lives. I just can't find any fucks to give about your need to make everything about you and your personal taste. Like, what does this whining achieve? Why are there always people who think everything on earth needs to cater directly to them, and if it doesn't it must be bad?
(hint: instead, you can just block and move along, just like I've done with you!)
All games (theoretically) run on Linux – cloud gaming is a thing. Even if you may say “B-but muh input lag” its extremely doable and reliable as of now.
Germany has terrible internet service, so no, not everywhere. Also you would still need a cloud gaming provider that has servers close enough to your location that lag doesnt become an issue and actually offers that service in your country, which I’m not sure would be the case for all places
The only place I’ve seen it viable was in a speed test in Los Angeles on Verizon mmwave that achieved 6ms latency on input.
That’s in addition to the controller, bluetooth, and device input lag. This 6ms is experienced both in the video feedback and in the button presses.
In certain games this lag can hamper the experience. I know with 12-16ms ping I still hit cars and walls I shouldn’t have in driving games which I figured would be the easiest to stream.
Maybe fiber could achieve a less perceptible latency, but I can’t imagine that rolling out faster than some people will be able to render it natively on a low end device.
Do we know the data centers are rendering the games on Linux? It’s entirely possible they spin up ephemeral stripped down windows vms to host the sessions.
This. My current connection is the most speed I’ve ever had and the most you can get in my area without spending a ton on business class, but cloud gaming is atrocious at best. I’m not gonna move to the city so I can get gigabit for a half decent price while spending 4 or 5 times more on housing.
I personally don’t think they do, but an argument can certainly be made. Rust proc macros can run arbitrary code at compile time. Build scripts can also do this.
This means, adding a dependency in Cargo.toml is often enough for that dependency to run arbitrary code (as rust-analyzer will likely immediately compile it).
In practice, I don’t think this is much worse than a dependency being able to run arbitrary code at runtime, but some people clearly do.
I don’t know if it is a huge issue but it is definitely a nice to have. There are a few examples I can think of:
I open the code in my IDE but build somewhere sandboxed. It would be nice if my IDE didn’t execute the code and can still do complete analysis of the project. This could also be relevant when reviewing code. Often for big changes I will pull it locally so that I can use my IDE navigation to browse it. But I don’t want to run the change until I finish my review as there may be something dangerous there.
I am working on a WebAssembly project. The code will never run on my host machine, only in a browser sandbox.
I want to do analysis on Rust projects like linting, binary size analysis. I don’t want to actually run the code and want it to be secure.
I want to offer a remote builder service.
I’m sure there are more. For me personally it isn’t a huge priority or concern but I would definitely appreciate it. If people are surprised that building a project can compromise their machine than they will likely build things assuming that it won’t. Sure, in an ideal world everyone would do their research but in general the safer things are the better.
Analyzing without running might lead to bad situations, in which code behaves differently on runtime vs what the compiler / rust-analyzer might expect.
Imagine a malicious dependency. You add the thing with cargo, and the rust analyzer picks it up. The malicious code was carefully crafted to stay undetected, especially in static code analysis. The rust analyzer would think that the code does different things than it actually will. Could potentially lead to problematic behavior, idk.
Not sure how realistic that scenario is, or how exploitable.
I don’t think this is a problem with proc macros or package managers. This is just a regular supply chain attack, no?
The way I understand it, sandboxing would be detrimental to code performance. Imagine coding a messaging system with a serve struct, only for serde code to be much slower due to sandboxing. For release version it could be suggested to disable sandboxingy but then we would have gained practically nothing.
In security terms, being prepared for incidents is most often better than trying to prevent them. I think this applies here too, and cargo helps here. It can automatically update your packages, which can be used to patch attacks like this out.
If you think I’m wrong, please don’t hesitate to tell me!
lemmy.ml
Top