Comments explaining what the code does, which is what an LLM could answer, are basically useless comments. Comments that describes why the code is how it is, is a bit more valuable, but also something LLMs cannot really reliably infer by just looking at the code.
No, proper easter eggs don't introduce security issues, they're benign almost by definition. I think what made them disappear was the introduction of all the suit-wearing people who decide what the programmers are supposed to program, with no room for autonomous work within that.
Proper code doesn't either, and yet there they are! The point is they added another attack surface, however small, and another code path that should be tested.
When people started to care about 100% test coverage, they started to disappear.
> The point is they added another attack surface, however small, and another code path that should be tested.
I dunno, "attack surface" to me means "facilitate opening/vulnerability somehow" and none of the easter egg code I've seen has done that. You have any concrete examples where a easter egg made possible a security vulnerability that wouldn't be possible otherwise?
But yes, another code path created by easter eggs that wasn't tested I've seen countless of times, but never been an issue, but maybe our easter eggs always been too small in scope for that.
> If you want a modable game you really need to have it in a managed language
... Why is that? Personally, both as a game developer and modder, dynamic languages like Lua and alike tend to be a lot easier to make moddable and also force in mods regardless of how the authors felt about modding in the first place. Isn't it quite the opposite?
> Putting someone on a (most) wanted list is "doxing"?
No, if they just put UNKN on the most wanted list, then it wouldn't be doxing. But then they also tie UNKN together with "Daniil Maksimovich Shchukin", and that's the doxxing, regardless or not if it's on a most wanted list.
I think this is not how wanted lists work, here in Germany at least. Do they work this way where you are living? The goal of wanted lists in Germany is to find the person the police is searching for to put them in front of a court if the prosecution can make a case.
Perhaps this goes back to leftist terrorism in Germany in the 1970s, they would not use the code names of terrorists on the wanted lists but their real names to find them, because this is what they wanted - but I don't know.
What do you mean "this is not how wanted lists work"? The goal everywhere is to find the people on the wanted list, that's why they're called "wanted" in the first place. Is there something in my comment indicating I don't believe wanted lists are for finding people?
If someone wasn't previously known, only an alias or alter-ego, but you then link those together with a real-life identity, that's very much the definition of "doxxing", at least the original definition, maybe it's different today? Positive or negative doesn't really matter, just like "shooting" or "jumping" in itself isn't positive or negative, it's just a verb.
No, if I kidnap someone it's kidnapping. If the police based on probable cause receive and execute a warrant for someone's arrest, it's an arrest. This is how the state monopoly on violence works.
More to the point, if the police or whoever shoot someone in self defence, that someone is "killed". If I, or the police shoot someone for fun, it's "murder". In both cases the victim is "killed"
True, self defense isn't called murder. But if the government drone strikes an American citizen without a trial or anything, that's "extrajudicial killing", not murder.
And if the police actually catches the accused and puts them in jail, is that kidnapping? Most verbs have far more semantics than just the most basic before/after state diff.
Well, no, kidnapping is unlawful abduction. But abduction is always abduction, regardless of who does it, police can abduct people too, but when criminals do so, we call it kidnapping, since it's illegal. Not sure what point you were trying to make, but I think it failed to land properly.
Its almost always associated with a private person (ie not police or anyone of a judicial system) releasing personal information with malicious intent.
As the person above you said, semantics are important. This is a judicial system specifically searching for a person they believe to have caused severe criminal harm.
While I don’t think this case is accurately described as Doxxing I also reject the definition that the state can’t commit Doxxing. The reason this situation doesn’t count is because of due process, not simply state action. The state is not infallible, regardless of what immunity may try to establish.
The point is the outcome and magnitude of "kidnapping" and "abduction" are the same, so it's not fair people are treated differently if the terms are virtually synonymous. The impact is the same. If it was a truly just system, the people in power would subscribe to the same rules they codify into law.
I have, admittedly, only been on the Internet for thirty-five years or so, but I seem to recall that a long time ago reading about people "doxxing" guys who posted pictures of them torturing cats and dogs.
"Doxxing" certainly doesn't carry a negative connotation in that usage. Unless you live in a culture where torturing domesticated animals is a good thing.
ANd I recall that, before that, hackers would doxx other hackers in the 90s in order to get them arrested. Again, that seems like the exact same usage as here: tying a pseudonym to an IRL for purposes of law enforcement.
There is still an inherent negative aspect to the "Don't Fuck with Cats" doxxing. Vigilantes publicly revealing the identity of (suspected) perpetrators can enable further vigilante action, and this can cause harm to innocent people if the identification was incorrect, or unwittingly impede law enforcement. And that's before considering whether vigilantism is inherently good or bad.
See the canonical example of this going wrong: the Reddit 'investigation' of the Boston Bomber, where someone was misidentified, doxxed, and their family was harassed.
Of course, law enforcement is capable of making the same mistakes. But ideally they have better safeguards, and victims of their negligence have much better recourse.
> that seems like the exact same usage as here: tying a pseudonym to an IRL for purposes of law enforcement.
I disagree. Tying a pseudonym to an IRL persona for purposes of law enforcement is a part of an official investigation.
Doxxing is specifically non-government unmasking and dissemination of that tie for extrajudicial purposes, almost always for harassment. There is a world of difference between them and we should not fudge them together with terminology. My 2c.
What if the government reveals the name of a victim of sexual assault? Is that doxxing? What about a political rival in connection with a made up crime? What about a true but benign crime such as accessing reproductive healthcare?
Most people who dox for a reason they think is justified will nonetheless reject the label of doxing for what they did. They'll say "I didn't dox him, I just discovered publicly available but obscure information about him and posted it."
Personally I think ubiquitous software is even more important to have Easter eggs, because they're the most widely distributed, and we want as much joy as we could possibly have, before you know.
The earlier you realize how little IQ and "knows a lot" means the person actually know what they're talking about, the easier life becomes. "Smart" people are wrong all the time, some say how they became smart in the first place.
It isn't 100% clear, but what quantization were you using for each? I've had worse results with MLX 8bit than what you get with Q4 GGUF, same model, seems mxfp8 or bf16 is needed when ran with MLX to get something worthwhile out of them, but I've done very little testing, could have been something specific with the model I was testing at the time.
> Due to the embedded nature of Lua, it’s often impossible or difficult to use libraries.
Last time I used LÖVE that wasn't the case, nor does it seem to be the case today, you can require libraries or even use LuaRocks if that is what you prefer, and everything just works.
Been there before, usually because you always feel like there is "one more thing to get into the release" before you consider it "done enough", and that keeps moving. At one point, you've diverged far enough from the previous release, either by time or scope, that now you feel like the next release really should come with major improvements because of other API breakages already, so now you want to fit in more, so the next release after that can skip more breakages.
Rinse and repeat over months, with volunteers, in a game engine no less, and I can easily see many projects being unable to not fall into that trap.
Anyways, I think it's less of an issue for people in practicality, most people who use LÖVE today tends to start with the HEAD source version, which also sets them up to easier contribute back upstream, when they inevitably hit something non-optimal, so maybe it works out in favor for everyone in the end anyways.
The main issue is that distros will only package the latest release. I had a situation where LMMS on their website had download links pointing to the “beta” builds, while the one on all the disto repos was several years behind.
Right now I have a workflow breaking bug in Inkscape which was fixed last year on main but hasn’t made it to a release yet. So my only option is to compile from source.
There being a stigma about a release being “ready” needs to go. Stuff should get only get merged in to main when it’s ready to go live, or behind a feature flag.
reply