**** BEGIN LOGGING AT Sat May 12 03:00:03 2018 May 12 18:42:54 ~ping May 12 18:42:54 ~pong May 12 20:07:14 * enyc meows May 12 22:23:37 the reason why you must (or at least once had to, in better times) apply with your full name and address, and get authenticated to a degree where you can get held liable, when you want to upload anything to maemo-extras closed May 12 22:23:41 https://cypherpunktalks.slack.com/messages/C994AE797/details/ May 12 22:24:33 that page requires login May 12 22:25:19 oops sorry May 12 22:25:43 fscking slack URL redirect May 12 22:25:46 https://www.linuxuprising.com/2018/05/malware-found-in-ubuntu-snap-store.html May 12 22:26:37 wtf. hextris was good and fun open source game May 12 22:27:38 it's a pity someone takes free stuff and adds toxic May 12 22:31:47 This is why "apps" should generally be sandboxed. May 12 22:31:54 pretty common though. I'd say whatsapp got invented that way ;-P May 12 22:32:21 imo iOS has been doing the right thing there, and I think Apple are doing something similar with the macOS store. May 12 22:32:50 It's perfectly feasible to do in Linux, but the major distributors at least don't seem to do it. May 12 22:33:08 or what else except adding bling and toxid did they do to IRC to invent wutzap May 12 22:33:39 "malware" in apps should be comparable to "malware" on websites May 12 22:34:19 apps/websites shouldn't be able to do arbitrary things as the user, so it shouldn't be a major issue. May 12 22:35:03 and of course most games should be considered "apps", since they don't need arbitrary access to the filesystem; they just need access to an isolated place to store their state. May 12 22:35:09 maybe we should fix people, not do workarounds May 12 22:35:46 "fix people" doesn't work when it comes to computer security. May 12 22:35:53 You're meant to assume that people are malicious. May 12 22:36:38 That's why even supposedly legitimate organisations aren't able to access my filesystem if I just visit their website. May 12 22:37:08 unless they use exploits May 12 22:37:09 :) May 12 22:37:26 All of my computers rely on Linux. That doesn't mean it would be suitable for kernel.org to be able to access my filesystem when I visit it in my browser. May 12 22:40:53 It's just a matter of limiting trust. May 12 22:41:29 There's no reason to have to come up with a system where we have to trust or audit every random game developer. May 12 22:41:54 okm whatapp prolly has some magic to work around NAT (like STUN or ICE, whatever), so it performs a lil bit less troublesome on DCC-filesharing May 12 22:42:10 You can instead just have a system where you set up a sandbox capable of running untrusted code. That's the basis of web browsers, and imo OSes should be doing the same thing in a lot of cases. May 12 22:43:21 the problem indeed are people who got so ignorant they can't even imagine there might be such thing like malware and where it's likely to be found May 12 22:43:36 >How was this possible? Well, the Ubuntu Snap Store allows anyone to upload snap packages May 12 22:43:52 >An interesting aspect is that Nicolas Tomb used a proprietary license for at least some of his snaps May 12 22:44:29 and that's where I mused how maemo is or is not threatened by this May 12 22:44:30 I would've just assumed it went through server May 12 22:44:41 ShadowJK: possibly May 12 22:44:52 ICE also does, iirc, under certain conditions May 12 22:45:16 Especially since whatsapp likes to burn tons of cpu cycles to compress things before it sends May 12 22:45:33 lol, yeah, samrt on a smartphone May 12 22:52:51 also, something else to be wary of is the fact that code usually has bugs. May 12 22:53:38 So even if you trust that someone will not intentionally put malware in their programs, their programs could have bugs that allow other malicious people to obtain the same level of access as the program. May 12 22:54:27 Those are usually the more important issues. May 13 01:37:32 enyc: sixwheeledbeast: KotCzarny: Long story short, I was using IE only because I was troubleshooting the problem that the audio output from my computer stopped while listening to music on YouTube in Vivaldi, which is currently my primary desktop Web browser because I have a bad user experience with Firefox because I have too many problems with Firefox. The solution/workaround in the end was to disconnect and reconnect the 3.5-mm plug for the analog audio May 13 01:37:32 extension cable I use for my headphones from the rear panel of my motherboard. Apparently https://www.youtube.com/ still loads in IE11 on Windows 7 and in IE10 on Windows 8 (not Windows 8.1) at work so I do not know what is wrong with my IE11 on Windows 10 at home. **** ENDING LOGGING AT Sun May 13 03:00:06 2018