Reference for the admission?

And it’s made by a Bitwarden developer.

They highlighted it was a bug and said it would be fixed very soon after it was flagged. It was addressed in a matter of days. You can build the server with the /p:DefineConstants=“OSS” flag still and you can build the clients with the bitwarden_license folder deleted again (now they’ve fixed it).

I don’t understand why you’re throwing FUD about this. Building without the Bitwarden Licensed code has been possible for years and those components under that license have been enterprise focused (such as SSO). The client is still GPL and the server is still AGPL.

This has been the way for years.

Cool. They got that sorted nice and quickly.

Edit:

I don’t get why people think they’re suddenly doing stuff under a different license to subvert the open nature of the project. They’ve been totally transparent on what isn’t part of the GPL/AGPL licensed code for years.

SSO, the password health service, organisation auth requests, member access report blah blah have been enterprise features under the Bitwarden License for ages and they architected the projects in a clear and transparent way to build without those features since they added them.

This is actually why I use macOS at work - I wasn’t able to get a Linux box approved by IT but they happily support macOS and I get to use basically all the same software I do on Linux.

Lost me immediately with “Blockchain Socialist”.

All that money and engineering to have a human still needed to do the job of a human lol.

Exactly. Source it from upstream at build time or something so it’s transparent.

You’ve been on vacation for 5+ months?

Also wouldn’t it be best to post this communication in the issue thread?

Given how long this has gone on now, it’d probably be best to inform your community that you’ll be removing BLOBs from the source and for them to be produced during build otherwise this shadow is going to remain.

This was the first time I’ve ever heard of your software and has kind of made me want to steer clear of it.

Microsoft aren’t kicking people out of kernel space but expanding the capabilities in user space to minimize the reasons to need to run security components in kernel mode so they can develop and deploy solutions with minimal risk (no security vendor wants that risk when they’re running on business/enterprise machines like CrowdStrike).

Kicking everyone out of the kernel is a long journey and even Apple, who are much further along this path, still haven’t completely closed the door on kernel extensions. It’ll be several Windows versions yet before kernel drivers are no longer a thing.

I’m not insisting anything; stating C is not a memory-safe language isn’t a subjective opinion.

Note I’m not even a Rust fan; I still prefer C because it’s what I know. But the kernel isn’t written by a bunch of Lewis Hamiltons; so many patches are from one-time contributors and the kernel continues to get inundated with memory safety bugs that no amount of infrastructure, testing, code review, etc is catching. Linux is written by monkeys with a few Hamiltons doing their best to review everything before merging.

Linus has talked about this repeatedly over the past few years at numerous conferences and there’s a reason he’s integrating Rust drivers and subsystems (and not asking them to fork as you are suggesting) to stop the kernel stagnating and to begin to address the issues like one-off patches that aren’t maintained by their original author and to start squashing the volume of memory corruption bugs that are causing 2/3rds of the kernel’s vulnerabilities.

No idea what you’re being downvoted. Just take a look at all the critical CVSS scored vulnerabilities in the Linux kernel over the past decade. They’re all overwhelmingly due to pitfalls of the C language - they’re rarely architectural issues but instead because some extra fluff wasn’t added to double check the size of an int or a struct etc resulting in memory corruption. Use after frees, out of bounds reads, etc.

These are pretty much wiped out entirely by Rust and caught at compile time (or at runtime with a panic).

The cognitive load of writing safe C, and the volume of extra code it requires, is the problem of C.

You can write safe C, if you know what you’re doing (but as shown by the volume of vulns, even the world’s best C programmers still make slip ups).

Rust forces safe® code without any of the cognitive load of C and without having to go out of your way to learn it and religiously implement it.

No ash or dark fumes emitted - I assume did something clever underground to capture or filter it. But plenty of steam billowed out of the cooling tower. During cooler parts of the year, the steam would freeze and turn into snow which was a lot of fun to go and have a snowball fight in late autumn.

But then again, I’m possibly just blissfully ignorant and lung cancer will get me any day now.

Whilst it’s nowhere near as big of a contributing factor as those mentioned above, the election was also called during the time of year the largest number of people are holidaying.

Fully agree. People travel for thousands of miles to see the windmills in the Netherlands. They’re no different and the beautiful white and curved designs makes them look like a true wonder of modern engineering achievement.

Fuck yes. I live very close to a wind farm and can see them from my window. They’re marvels and, alongside the several local solar farms too, it’s such a positive feeling knowing that, regardless of the weather, clean energy is being created.

I know plenty oppose these things but having grown up next to a coal power plant, I’ll take a stunning wind turbine any day over those giant cooling tower monstrosities.

Conway’s Law applies in this respect; the mess in governance of Nix has produced a product that reflects that mess. Nix started a beautiful movement but like many first movers, they rarely reap long-term rewards.

He’s been here the whole time!

I don’t know about deduping mid transfer but these two have been helpful over the years:

• dupeguru
• czkawka

Yes. What’s modified about it?