eleijeep
@eleijeep@piefed.social
- Comment on There Is No Reason To Buy Another PlayStation Or Xbox 2 days ago:
Well they bought all the game studios and then closed them, so there won’t be any games to play anyway.
- Comment on Any signed GitHub commit can be copied, without the author's secret key, creating a distinct commit with an identical tree, metadata, a valid signature, and a "Verified" badge 2 days ago:
This is the opposite of a hash collision (where two different inputs have the same hash), it’s instead a case where the same input can produce two distinct hashes. I’m struggling to think of an actual malicious application of this.
You would need to have a malicious commit (eg. as part of a supply chain attack) which is signed by a maintainer (because their keys were stolen), and then when the project finally reverts the malicious commit, another attacker (without needing the signing keys) can recreate the malicious commit with a new commit-hash, which might trick automated tools into thinking it’s a new commit, but the tree and metadata would be identical to the malicious commit, and it would be signed using the old (stolen) signing key that would since have been revoked.
Is that their point? Or is there some other attack that this enables? This just means that we can’t blacklist git commits, since an attacker could produce a new commit hash that represents the same tree. But if an attacker already has the signing keys, then they can do this indefinitely even without this signature malleability. The signing keys would get revoked in both cases, and that’s what needs to be checked.
- Comment on Neverness to Everness has patched out a character’s shorts in favor of panties following complaints 4 days ago:
- Comment on Resetting XBOX - Compulsion Games and Double Fine to go indie again, Ninja Theory and Undead Labs "to join new ownership" 4 days ago:
Those middle managers won’t middle manage themselves.
- Comment on Andy Burnham backs under 16s social media ban and wants 'urgency' in delivery 6 days ago:
Clap your hands! Throw a chair! Peel a parsnip! Iron your trousers! Sieve the greens! Strangle a fox! Pipe the buttercream! Stub your toe! Cancel your Netflix! Andy Burnham!
- Comment on Andy Burnham backs under 16s social media ban and wants 'urgency' in delivery 6 days ago:
Are you in favour of all adults having to provide ID to access the internet? Because that’s the policy that you’re supporting.
- Comment on Data from the 2023 Insomniac leak showed that most first party Playstation games sold more physical discs than digital copies 6 days ago:
On the retro consoles that I play, I can fit the entire library onto an SD card and put it in a flash cart or ODE. And yet I still buy physical games and put them on my shelf.
People want to have a physical game collection. It’s tactile and it helps with choosing what to play when you can see all the boxes. It also feels more permanent, and for a lot of media types, it is more permanent than the NAND flash in SD cards.
- Comment on French retailer mocks €1039 Steam Machine with “Stim Machine” RX 9060 XT PC for €999 2 weeks ago:
Are you really going to shit on a PC because it’s not a Steam Machine? What kind of weird console-gamer brand loyalty is this?
- Comment on Andy Burnham picks former Blair minister James Purnell as chief of staff 2 weeks ago:
More of the same, then.
- Comment on Sir Keir Starmer resigns as prime minister 2 weeks ago:
It sounds simple when you’re not a mathematician or cryptographer, but the academic study of these systems reveals that it’s probably intractable:
Privacy-Preserving Age Verification and Its Limitations - Steven M. Bellovin
Cory Doctorow wrote an article shortly after this paper released that explains the situation quite well: https://pluralistic.net/2025/08/14/bellovin/#wont-someone-think-of-the-cryptographers
- Comment on Sir Keir Starmer resigns as prime minister 2 weeks ago:
Just think, we could have had Rebecca Long-Bailey or Lisa Nandy instead.
- Comment on Sir Keir Starmer resigns as prime minister 2 weeks ago:
Whenever you see the words “social media ban” you need to substitute them for “mandatory ID checks for adults to use the internet,” because that’s the only solution they have to enforce the ban for children.
We don’t want to provide our IDs so that we can be associated in perpetuity with every brain fart that we post to MySpace or whatever people are using these days.
Online pseudonymity is important for a functioning democracy. When people fear consequences for expressing their political opinions, this leads to the chilling effect.
The ban is not about children, it’s about everyone, and it’s about our freedom to speak freely online.
- Comment on Ubisoft Co-Founder Claude Guillemot Dies In Plane Crash 2 weeks ago:
Why are you still posting?
- Comment on Brexit voting areas have seen faster growth in foreign workers since EU referendum 2 weeks ago:
I just did the dirtiest laugh. I didn’t even know I had that noise inside of me.
- Comment on UPDATE: I'm a dev who has been working on my game for 2 years and my game title appeared on another Steam game as they plan to release before I do. 3 weeks ago:
Happy to hear you worked it out. Good luck with your game!
- Comment on UPDATE: I'm a dev who has been working on my game for 2 years and my game title appeared on another Steam game as they plan to release before I do. 3 weeks ago:
everything went better than expected
- Comment on EU Commission meets behind closed doors with Ubisoft, other corporations, and exhibits blatant corruption. 3 weeks ago:
Before the internet was widespread, that’s exactly how they worked.
- Comment on Assume You Will Be Hacked: AI is enabling a deluge of cyberattacks the likes of which we’ve never seen before. 3 weeks ago:
This is just hype. The marketing hype of these models has focused a huge amount of human effort on looking for vulnerabilities that we could have found before if CTOs could have been convinced that it was worth the time and resource investment to go looking for them.
We now have an industry full of executives who believe they will be the ones held responsible if they don’t quickly respond to this “new threat” and so now the engineers who should have been given the time to address technical debt and look for security issues in their products years ago, actually have the remit from the suits to do so.
Any time one of these snake-oil companies tells you that their model found hundreds of security issues in a project, just realise that what it actually did is spit out thousands of useless pages of nonsense that a team of real engineers had to check, and in checking all of the nonsense they realised that hold on a minute, yes this particular function does have a vulnerability. The AI is just giving us permission to look, by pointing its sixth finger at every other line of code.
- Comment on I'm a dev who has been working on my game for 2 years and my game title got stolen on Steam and they plan to release before I do. What should I do? 3 weeks ago:
See if anyone else in the game dev community has experienced this kind of thing before. If it turns out to be a consistent problem then you could try to get a games journalist involved and see if they will write a story. In order to get anything done about it, you have to make enough noise that it comes to the attention of the people who can actually effect a change.
I’m not sure what the solution is though, because when the base concept is already in the public domain, it’s probably something that happens sometimes through pure coincidence. Like the ant movies. Steam would have to have a set of criteria by which they judge if someone is doing it deliberately and maliciously in order to classify it as fraud or impersonation. If it’s a big enough problem and happens regularly, maybe they would consider it though.
- Comment on Riot police enters Turkey's largest opposition party 1 month ago:
How’s that EU application coming along?
- Comment on What Do People Attending a Tommy Robinson March Really Believe? 1 month ago:
The whole concept that allowing the free expression of objectionable ideas will allow them to be dissected and disproven in the cold light of public debate, has itself been disproven over and over for at least the past decade.
We live in a different era, where partisanship and propaganda are so powerful that there is no longer an authoritative voice that the general public trusts. The government is distrusted, the both-sides-BBC is distrusted, the broadsheets that turned into clickbait farms are distrusted.
We have to stop giving oxygen to fascists in the hope that people will just see how wrong they are. I don’t care what people attending this march really believe. What I care about is that people preaching hate should not have a platform, anywhere, under any circumstances.
- Comment on 1 in 5 Brits think AI layoffs could trigger civil unrest 1 month ago:
Poe’s law.
- Comment on 1 in 5 Brits think AI layoffs could trigger civil unrest 1 month ago:
And the reality is that it’s neither of those two that are to blame. We’re in recession and AI is just the convenient excuse to make layoffs without crashing the stock-price.
The real people who should be blamed are the ghouls who have been exploiting disaster-capitalism since at least the pandemic to concentrate all of the wealth in the hands of a few oligarchs. The politicians are all complicit.
- Comment on Moving to the USA could be the Most Expensive Mistake of your Life 1 month ago:
source?
- Comment on Can Someone Please Explain Whether Cloudflare Blackmailed Canonical? | flyingpenguin 1 month ago:
Cloudflare have been accused before of some very sketchy behaviour to coerce customers into paying for higher service tiers. It wouldn’t surprise me if they knew what was going on.
- Comment on Boots stores ban for boy after £100,000 shoplifting sprees 1 month ago:
How do you get 60k worth of goods in 11 visits?
Cosmetics apparently.
- Comment on [PlayStation] [DRM] Licenses now requires an online check-in every 30 days. 2 months ago:
Perfect timing for the Steam Machine to come back. Shame about the … everything else going on.
- Comment on Do I belong in tech anymore? - On quitting, the spread of AI, and the loss of an ideal. 2 months ago:
You say, “what’s the privacy policy for your AI assistant?” and then keep asking questions like that until the person running the call gets annoyed that this has taken over their agenda and they’ll ban people from using unapproved AI agents on calls.
“Where is the data stored?” “Has this tool been approved by IT?” “Did you get consent from everyone to be recorded?” “Does the employee handbook say you can record other employees?” “Is my voice going to be used by an AI company to train a model?” etc.
- Comment on UK’s OnlyFans tops $3bn valuation amid talks to sell stake to US investor 2 months ago:
TIL OF is from the UK
- Comment on Centrepoint to cut ties with Sharon Osbourne after she backs Tommy Robinson rally 2 months ago:
Not very rock and roll of you, Sharon.