Brief items

When your username and password are entered on Google's sign-in page, we'll run a risk assessment and only allow the sign-in if nothing looks suspicious. We're always working to improve this analysis, and we'll now require that JavaScript is enabled on the Google sign-in page, without which we can't run this assessment.

Chances are, JavaScript is already enabled in your browser; it helps power lots of the websites people use everyday. But, because it may save bandwidth or help pages load more quickly, a tiny minority of our users (0.1%) choose to keep it off. This might make sense if you are reading static content, but we recommend that you keep [JavaScript] on while signing into your Google Account so we can better protect you.

Voting machines are terrible in every way: the companies that make them lie like crazy about their security, insist on insecure designs, and produce machines that are so insecure that it's easier to hack a voting machine than it is to use it to vote.

[Security researcher Bryan] Varner paid less than $100 each for two voting machines. Once he unscrewed the nonfunctional "tamper-proof screws," he found a Windows CE machine with open USB ports, still bearing their "property of" seals from the government entity that had sold them, filled with voter data. He was able to trivially backdoor them and points out that it would be easy for anyone to do this and then put the machines back on Ebay for sale to other voting authorities.

This is why passwords aren't going anywhere in the foreseeable future and why [insert thing here] isn't going to kill them. No amount of focusing on how bad passwords are or how many accounts have been breached or what it costs when people can't access their accounts is going to change that. Nor will the technical prowess of [insert thing here] change the discussion because it simply can't compete with passwords on that one metric organisations are so focused on: usability. Sure, there'll be edge cases and certainly there remain scenarios where higher-friction can be justified due to either the nature of the asset being protected or the demographic of the audience, but you're not about to see your everyday e-commerce, social media or even banking sites changing en [masse].

I've lost count of the number of times I've heard "but O_DIRECT is supposed to make things faster!" because people don't understand exactly what it does or means. Bypassing the page cache does not magically make applications go faster - it puts the responsibility for doing optimal IO on the application, not the kernel.

The truth is, the Solus project has stood on its own merit and feet for a long time, and has moved under it's own steam. For a long time I had said that I was merely the first settler in the town that would become Solus, and in time it would need it's own architects, planners and mayor.

Vagrant Cascadian has probed the Debian package archives found that in current Debian Sid, 88 out of the 154 packages (57%) of the Debian binary packages installed in a minimal system can be verifiably reproduced.

For a long time, 25,561 out of 27,427 (93%) of the total source packages in the Debian archive have been known to be reproducible in our testing environment. While 57% is a lower figure it could be considered a more substantial statistic as it is not a measure of packages that behave well under carefully controlled conditions but of "real world" Debian artifacts that are installed on end-user systems.

In 1997, writing a complex, interdependent project like a desktop environment using C++ was the "edgy" effort, for lack of a better word, comparable to writing a desktop environment in, say, Rust in 2018.

The other potential candidate for Rust support is m68k. There are ongoing efforts to add m68k to both LLVM and Rust and while many people think that supporting modern Linux software on 30 year-old hardware is insane, I think it's actually fun :-).

We might also be able to re-add the Alpha and Itanium backends and consequently add support for these architectures to the Rust compiler as the latter is the smaller of the two efforts, but I guess the LLVM people will chase us to Mars for trying to do that :-).