upvote

points

by meander_water13 hours ago |
comments
upvoteby skissane12 hours ago|
next
[-]
Maybe they have a non-standard interpretation of thumbs-down – as "thumbs-down to this fact" not "thumbs-down to you for pointing it out"
reply
upvoteby hmokiguess10 hours ago|
parent|
next
[-]
I have noticed this behaviour happening more often too, it's very confusing. Usually when texting with younger Gen Z people.
reply
upvoteby efilife9 hours ago|
parent|
[-]
This has always been happening
reply
upvoteby Griffinsauce6 hours ago|
parent|
[-]
We lived through a generation of agism at millennials and now we're turning around and doing it at Gen Z. It's unbelievable.
reply
upvoteby thayne7 hours ago|
parent|
prev|
next
[-]
When you only have eight emoji reactions to choose from, people are bound to get creative in how they use them.
reply
upvoteby matsemann3 hours ago|
parent|
prev|
[-]
Or they're from Eridian.
reply
upvoteby edoceo8 hours ago|
prev|
next
[-]
We need a new emoji for: the situation is lame and the poster is correct. Like a combination of thumbs-up+frown
reply
upvoteby __david__6 hours ago|
parent|
[-]
is not bad for that. Not precise, but in the ballpark.
reply
upvoteby 13 hours ago|
prev|
next
[-]
deleted
reply
upvoteby bpavuk13 hours ago|
prev|
next
[-]
bots.

the GitHub bot law: the GitHub bot situation is way worse than you imagine even if you are aware of the GitHub bot law.

yes, a cheap parody on Hofstadter's law, but that's how bad it is

reply
upvoteby sieabahlpark12 hours ago|
prev|
next
[-]
[dead]
reply
upvoteby noodletheworld12 hours ago|
prev|
[-]
There is no such thing as please be careful when revoking tokens. What does that mean? Dont revoke them? Look at them carefully before revoking them?

And what? Just let the actor just keep using them to spread to other people?

Always rotate your tokens immediately if they're compromised.

If it hurts, well, that sucks. …but seriously, not revoking the tokens just makes this worse for everyone.

A fair comment would have been: “it looks like the payload installs a dead-mans switch…”

Asking the maintainers not to revoke their compromised credentials deserves every down vote it receives.

reply
upvoteby wavemode12 hours ago|
parent|
next
[-]
You seem to be interpreting "please be careful when..." as "don't". I'm not sure how that interpretation makes any sense. Obviously they just mean, first kill the service (or better yet, shutdown the machine entirely) and then revoke the token...?
reply
upvoteby CodesInChaos1 hours ago|
parent|
prev|
next
[-]
Here being careful about revocation means:

Make sure to have an up-to-date backup, that's offline, or at least not mounted on the affected computer.

Check for the dead-man switch, and if present, disarm it.

Only then revoke the tokens. Instead of immediately revoking the tokens, like one would normally do. Nobody is suggesting to keep the compromised tokens active longer than necessary.

reply
upvoteby yuzuquat12 hours ago|
parent|
prev|
next
[-]
my understanding is that careful means cleaning up the dead-man’s switch before revoking
reply
upvoteby 11 hours ago|
parent|
prev|
next
[-]
deleted
reply
upvoteby mosen5 hours ago|
parent|
prev|
[-]
Did you miss the part about the script that nukes your home folder?
reply