“I’m sorry too, Dmitri. I’m very sorry. All right, you’re sorrier than I am. But I am sorry as well. I am as sorry as you are, Dmitri. Don’t say that you’re the more sorry than I am because I am capable of being just as sorry as you are. So we’re both sorry, all right? All right.”

Usually the asshole.

Yeah. And, in fairness, as a non-pirate, I read along here for tips and tricks to get a non-shit streaming experience out of my home hosted hardware.

If I could still pay for a non-shit streaming experience, I would just do that.

It’s you can modify the settings file you sure as hell can put the malware anywhere you want

True. (But in case it amuses you or others reading along:) But a code settings file still carries it’s own special risk, as an executable file, in a predictable place, that gets run regularly.

An executable settings file is particularly nice for the attacker, as it’s a great place to ensure that any injected code gets executed without much effort.

In particular, if an attacker can force a reboot, they know the settings file will get read reasonably early during the start-up process.

So a settings file that’s written in code can be useful for an attacker who can write to the disk (like through a poorly secured upload prompt), but doesn’t have full shell access yet.

They will typically upload a reverse shell, and use a line added to settings to ensure the reverse shell gets executed and starts listening for connections.

Edit (because it may also amuse anyone reading along): The same attack can be accomplished with a JSON or YAML settings file, but it relies on the JSON or YAML interpreter having a known critical security flaw. Thankfully most of them don’t usually have one, most of the time, if they’re kept up to date.

Yeah. The “this got dumped on us and we’re doing the minimum until we can replace it” is a genuinely solid use case for vibe coding.

And honestly, that’s all I usually did with those before AI came along anyway. So I welcome better tools for it.

If you want better software, you have to give developers worse hardware to develop on, and more time to develop.

Shhh. There could be application development managers listening… (I’m joking… Mostly.)

I like your idea, but hear me out:

A Python file for configuration is the best way to guarantee that any friendly code I write to help the user with config usually won’t execute. And I hate my users.

Yeah. Maybe .to_lower() is really expensive in their environment, lol.

Hey, that’s my username too. Or it was going to be, while the site was still up.

What a coincidence!

I guess I’ll wait for the site to come back, and see if it’s still available…

Today I learned the term Vibe Coding. I love it.

Edit: This article is a treasure.

The concept of vibe coding elaborates on Karpathy’s claim from 2023 that “the hottest new programming language is English”,

Claim from 2023?! Lol. I’ve heard (BASIC) that (COBOL) before (Ruby).

A key part of the definition of vibe coding is that the user accepts code without full understanding.[1] AI researcher Simon Willison said: “If an LLM wrote every line of your code, but you’ve reviewed, tested, and understood it all, that’s not vibe coding in my book—that’s using an LLM as a typing assistant.”[1]

Did we make it from AI hype to AI dunk in the space of a single Wikipedia article? Lol.

research papers that require a strong background in mathematics and cryptography to understand and implement.

Lol. I guess that makes sense. Outside of school, we hope that all authentication will be implemented only cryptography experts anyway.

Could you maybe suggest some resources on this topic?

Not really, sorry. I’m not aware of anyone creating resources for your situation.

Or should I choose a simpler project?

For some context, cryptography isn’t even usually implemented “completely correctly” by experts. That’s part of why we have constant software security patches.

If I were in your shoes, I guess it would depend on my instructor and advisors.

If I felt like they have the skills to catch mistakes and no time to help correct mistakes, then I would just choose a simpler project. If they’re cool with awarding a good grade for a functional demo, I might just go for it.

I guess I would take this one to an advisor and get some feedback on practicality.

If Subnautica 2 delivers on the multi player co-op, I could see it joining my primary LAN party rotation. Exciting stuff.

I find it hard to beat Markor (available on F-Droid) for quick journaling on a phone.

It has quick keys for instant open note files and todolist files, and has customizable (and reorderable) buttons, including an available button that inserts the current date with one touch.

So in your shoes I would pull the quick date button to the start of the toolbar, and add dream logs to the Quick Note every morning.

So then the taps are:

1. Open Markor
2. Tap Quick Note
3. Tap Insert Date (looks like clock)

Then type in dream notes.

4. Tap ‘Save’.

I’m a fan of blocking all sources, and then just unblocking every so often to install updates.

One of your implied questions is, “Can I get a reliable vehicle from around 2015 and spend less than $414 monthly, combined, on loan interest and repairs?”

To which I say, “probably”. I’ve bought cars that meet those requirements, for my definition of “reliable”. But your needs may vary.

I will say, financing a car is among the top unnecessary “stupid taxes” that I have paid, in hindsight.

Now that I don’t have car payments, I’ve found that ~$414 per month chucked into a savings account can buy a surprisingly decent car surprisingly quickly.

And having no car payment feels like I imagine having a rich uncle must feel like.

(not my meme, but I’ll add) Some missing context - Professor Chang, pictured in the meme - is also shouting at something that clearly isn’t gay.

Professor Chang is essentially a continuous uncomfortable non-sequiter of nonsense.

Lol. When I retire, I’m going to change all my job titles on social media to “entrepreneur” just to fuck with my friends.

Yes. I love the confidently incorrect additional comments explaining in detail how the incorrect code works.

Though I’m usually pretty angry at that point, it is also pretty funny.

Yes, that’s the joke.

AI creates almost (but not) good enough stuff really fast. And occasionally straight up hallucinates stuff that is meaningless or worse.

So this person has a huge stack of functional but broken crap, and it’s blaming X for their woes.

There’s an old saying that goes roughly “It takes four times the experience to maintain a program as it took to write it. So anyone writing the most clever program they can think of is, by definition, not competent to maintain it.”

In this case, it’s extra funny, because neither the AI nor the AI user has the faintest idea how the generated code works. So maintaining it is almost certainly 1000% outside their abilities.

So they’ve paid an AI for the privilege unpleasant daily panic of learning everything they need to learn after the app has gone to production, rather than before.

Agreed. And either way, they remember me fondly later when they’re ready for their next job switch…