Here is the actual link: https://www.humblebundle.com/software/everything-you-need-to-know-about-godot-4-encore-software

What servers? It probably stores a few KB of data per player.

Couldn’t they just release green version and yellow version when they reach the first threshold, ad infinitum?

So why do they need to remove it?

Is Hyprland violating someone’s copyright?

These are not Drew’s words, he is quoting something said by the project dev. The context that the previous commenter ommitted is:

Following my email conversation with Vaxry, he appeared on a podcast to discuss toxicity in the Hyprland community. This quote from the interview clearly illustrates the attitude of the leadership:

[A trans person] joined the Discord server and made a big deal out of their pronouns […] because they put their pronouns in their nickname and made a big deal out of them because people were referring to them as “he” [misgendering them], which, on the Internet, let’s be real, is the default. And so, one of the moderators changed the pronouns in their nickname to “who/cares”. […] Let’s be real, this isn’t like, calling someone the N-word or something.

An open source project backed by a corporation that sells support. And… the open source community almost instantly turns on that and decides they are evil

Redhat was the golden child of the open source community, the paragon of open source success stories, until fairly recently.

Canonical was also very highly respected until they started putting Amazon ads into people’s menus.

It is not something that happens instantly for no reason, it’s because of the need for these companies to squeeze every last drop of revenue out of a product to appease shareholders. Open source companies can, and do, thrive without screwing their communities over. The problem is the mindset that creating value for shareholders is the only thing that matters.

What this guy found in Austria is actually illegal under EU consumer protection law.

Misleading price reduction claims

Price reduction claims such as “was € 50, now € 25” can be misleading if the initial selling price (known as “anchor price”) has been inflated. In all EU countries traders are obliged, when offering a discount, to indicate the lowest price applied to the item at least 30 days before the announcement of the price reduction. This information allows you as a consumer to assess whether the discount is genuine or not.

https://europa.eu/youreurope/citizens/consumers/unfair-treatment/unfair-pricing/index_en.htm#shortcut-3

KSMBD is also important in that placing such core server functionality right inside the kernel represents a significant potential attack surface for crackers. As one comment on Hacker News said “Unless this is formally proven or rewritten in a safer language, you’ll have to pay me in solid gold to use such a CVE factory waiting to happen.”

Words to live by.

Postel’s Law is relevant here. Conservative in what you send (simplify the schema of the data on the wire) and liberal in what you receive (put the complexity for interpreting that data in the client).

The Kaspersky analysis noted that the malware contained comments in the shell scripts written in Ukrainian and Russian, and used malware components detected in previous malware campaigns since 2013 that presumably have been attributed to a specific group.

FTA:

Meanwhile, the postinst script contains comments in Russian and Ukrainian, including information about improvements made to the malware, as well as activist statements. They mention the dates 20200126 (January 26, 2020) and 20200127 (January 27, 2020).

…

Having established how the infected Free Download Manager package was distributed, we decided to check whether the implants discovered over the course of our research have code overlaps with other malware samples. It turned out that the crond backdoor represents a modified version of a backdoor called Bew. Kaspersky security solutions for Linux have been detecting its variants since 2013.

…

The Bew backdoor has been analyzed multiple times, and one of its first descriptions was published in 2014. Additionally, in 2017, CERN posted information about the BusyWinman campaign that involved usage of Bew. According to CERN, Bew infections were carried out through drive-by downloads.

As for the stealer, its early version was described by Yoroi in 2019. It was used after exploitation of a vulnerability in the Exim mail server.

part of the plan from day one of the web 2.0

Ah yes, XMLHTTPRequest, the ultimate bait-and-switch.

AFAIK even legitimate ad clicks will first direct to an analytics platform before redirecting to the destination site, so that they can track click through rates and where the referral came from. So it is unlikely that ad links will actually go to the website you expect them to even in normal scenarios. It is actually this mechanism that the malicious ads described in the article are using to fake the display URL.

the folder Music>Pictures (the regular Pictures folder… for some reason that’s where it is) is open in explorer.

This sounds like the kind of thing that might happen if you have some kind of automatic sync set up, like when you plug your phone in and it automatically copies photos, or perhaps a cloud service that’s syncing photos?

I started the video thinking “huh, that’s neat I guess” and then I was more and more impressed as the video went on. This would be pretty revolutionary in how it could change your workflow. It’s the kind of feature that would get me to switch from Gnome to KDE if it was only supported fully in the latter.

7-zip supports just about every archive type (including rar files) and it’s Free Open Source Software.

I can’t go back to a phone where I can’t re-lock my bootloader after installing a custom ROM

Is this something that only certain models of phone are capable of doing? Or is it a new Android/hardware feature that only new phones have?

The key thing to know is that a client can do an HTTP HEAD request to get just the Content-Length of the file, and then perform GET requests with the Range request header to fetch a specific chunk of a file.

This mechanism was introduced in HTTP 1.1 (byte-serving).

and it could abusing the bandwitdh limitations of the source site by using multiple parallel connections that pulled on different file chunks

Also for files which had multiple different mirror sites you could download chunks from multiple mirrors concurrently which would allow you to max out your bandwidth even if individual mirrors were limiting download speeds.

Yeah I agree, sorry about that. I thought that the body-text field was mandatory to fill in, so I used the introductory paragraph from the article so as not to editorialize.