opliko.dev
32 posts
52 followers
192 following
Active Commenter
comment in response to
post
There is the vscode format that uses TextMate scopes but puts the configuration in JSON files (it's also used by shiki.js for example).
It's fairly popular (you might just need to remove the unnecessary parts of the package.json from vscode themes) and easy to adapt tmTheme files to.
comment in response to
post
So... In theory it should work fine, but there can be weird edge case issues even with legitimate licenses.
(Said Win 10 Edu N key did work fine on a PC that didn't come with an OEM license that would break things)
comment in response to
post
More specifically, the system wouldn't accept the license change - presumably because N editions shouldn't have media features by default and they were already installed - and even reinstalls didn't work since the installer didn't even give me an option to input a key just picking up the OEM one
comment in response to
post
In theory I think it isn't any harder, massgrave seems to have scripts and instructions with several methods (for different OS versions).
In practice though I once attempted to upgrade a laptop that came with win 10 home to a legitimate win 10 education N license and found that it just didn't work
comment in response to
post
(this commit fixed it finally: github.com/TelegramOrg/...)
comment in response to
post
Hmm... Actually it seems it was only properly fixed in 2023 - before then you could add anything after the entire first file and it wouldn't find the difference.
In the argument order from docs (core.telegram.org/reproducible...) it would catch code added to the store app, but not code removed...
comment in response to
post
It was an issue in Telegram's apkdiff.py but it was fixed in 2020: github.com/DrKLO/Telegr...
comment in response to
post
And unless you're deciding on what to deploy in a large enterprise (in which case you should be looking at far different factors than most people anyway), your personal decision to use OL probably doesn't bring them any closer to that reality...
comment in response to
post
It's unironically a great RHEL-based distro.
Now, if you'd trust Oracle to keep committed to OSS even if they had a dominant market position there I'd have a bridge to sell you, but they're not really in danger of "winning" even the enterprise distro market.
comment in response to
post
See github.com/cloudflare/p... for how to support the replay in MV3 browsers
comment in response to
post
That is from my understanding the protocol just requires replaying the request (on `WWW-Authenticate: TokenChallenge` header) with the token (in `Authorization: token ...` header), which in Manifest V2 extension is easy, but Manifest V3 made it impossible to do directly within the extension.
comment in response to
post
I think yes in Manifest V3 browsers and not necessarily otherwise (at least with Cloudflare Silk impl, but it was also a bit broken with Firefox so I'm not quite sure tbh)
comment in response to
post
Admittedly, OpenSSL doesn't officially support it yet - it's slated for 3.5.0 in 2025. So to run your own server you need to use a fork (github.com/defo-project...) or something else that supports it like BoringSSL.
comment in response to
post
We do! Since last year all major browsers support and enable ECH by default and Cloudflare (I think Fastly too) have also had it deployed globally for around that long.
You can even confirm that it works here: tls-ech.dev
comment in response to
post
Browsers also have a different UI for invalid certs with HSTS - it disables the option to bypass the warning.
Without HSTS the user can typically still continue in 2 clicks.
comment in response to
post
Yeah, there is some metadata leakage, even if it's getting better with DoH and encrypted SNI - so the question is just whether you want to concentrate that metadata with your VPN provider and possibly tie it to your payment information.
comment in response to
post
It's a good idea, but thankfully redirects need a HTTP response and this will be blocked by HSTS. This is actually an issue with captive portal setups and why browsers open their own special pages (eg msftconnecttest.com/redirect) for WiFi login, that specifically allow DNS to preform this "attack"
comment in response to
post
But how will you get that cert?
comment in response to
post
If you can do it, that's compromising a CA and unless they very promptly resolve the issue, it WILL get them banished from all maintaned browsers and OSes.
comment in response to
post
How do you intend on proving to the CA that you own the domain you're claiming to own?
comment in response to
post
(and by "valid HTTPS response" I mean "one using certs trusted by the user's browser", self-signed certs will not let you pass HSTS)
comment in response to
post
It'd need to get a valid HTTPS response to the client as the client refuses anything that's not a valid HTTPS response for a site it has HSTS loaded on (with most things worth their salt being preloaded to the browser and the rest loaded on the first visit).
You'd need to compromise a CA first.
comment in response to
post
Resulting in a nice, unskippable HSTS error for your victim when they go to pretty much any site that matters.
Again: this is the exact scenario HSTS protects from. It's already widely deployed and there are even some entire TLDs that are preloaded.
comment in response to
post
And I'm honestly not arguing that earning money by creating and subsequently owning a company is necessarily a bad thing, but it is very much different from earning it purely by your own efforts and I don't think it's feasible to become a billionaire through your own effort alone like you suggested.
comment in response to
post
And the money is funneled not to those who make art, but those who own the companies - which sometimes may overlap, but typically even that isn't the case for long
comment in response to
post
Possibly, but that's not really the point here - you asked what if someone made a billion from a piece of art they made, but that's not actually what happens with especially games. Even solo projects turn into collective efforts as soon as they earn enough to hire more people.
comment in response to
post
Yes, as he sold his majority shares of the company to Microsoft - so again, he got the money not from selling art directly, but by setting up and selling an art-producing company that has earned almost all of its money without him anywhere near it.
comment in response to
post
It wasn't. Alpha versions of Minecraft were made by one guy, even by the 1.0 release there were at least 2 other people working on the game (and I'm not counting any management here) and after the release - long before it made anything close to a billion - Notch wasn't even the lead designed anymore
comment in response to
post
I'll note that the enclosure design (especially on lite version which doesn't really have one), performance (and the UI from what I've seen) are worse than JetKVM, so the price they reached is actually very impressive, since the non-lite NanoKVM isn't that much cheaper ($53 excl. Shipping)
comment in response to
post
NanoKVM from Sipeed? The lite version (without display or ATX power support though) is around that price (even below on their website). Supposedly it's fully open sourced now.
They also have a PCIe version that's supposedly going to be shipped soon (and a few other versions that they teased)
comment in response to
post
(I was wondering how bad that would be, and after throwing away many variance of this post, I have to say - it is terrible)
comment in response to
post
brb, adding a bible check to all my text inputs