More

jamespo · 2024-05-23T08:41:58

It's an alternative explanation all right

jamespo · 2024-05-15T18:17:09

I've recently had to zero score SpamAssassin ENCRYPTED_MESSAGE rule as it's being exploited. Also I don't receive any encrypted messages.

stuffinmyhand · 2024-05-16T07:19:34

> Also I don't receive any encrypted messages.

Should start giving people your public key then!

psd1 · 2024-05-20T09:40:06

Yes, and email address.

jamespo · 2024-04-24T16:08:38

I'd hope these other critical services at least sign their packages

cryptonector · 2024-04-24T17:07:17

Yes. But IIRC there have been attacks on Debian package fetching anyways.

jamespo · 2024-04-15T07:43:07

Why do you want ssh if you don't have network :)

1oooqooq · 2024-04-15T08:11:08

in fact i noticed this bug when ssh doesn't come up on qemu vms start on a laptop without wifi connection.

hardly Far from a 99% use case.

loopback address space is not enough for the network target

jamespo · 2024-04-13T09:07:12

The VPN is just part of the picture (sock puppet accounts complaining about speed of dev, no meaningful history of other contributions from the dev, no trusted "personal network" for the dev, etc) that in hindsight should have raised red flags.

xcrunner529 · 2024-04-14T05:05:06

If they constantly are on a VPN and not willing to disclose a real location or IP then I fail to see why they should be trusted when they don’t provide anything trustworthy themselves.

markhahn · 2024-04-13T14:59:10

new project idea: OpenBackgroundCheck

volunteer osint researchers attempt to dox any identity you submit, so you can know whether they're the Right Kind of OSS contributor or not.

/s

jamespo · 2024-03-29T21:33:50

I suppose they're getting at why was it important that Redis was open source to you? Under the assumption someone else would be responsible for free updates?

tbrownaw · 2024-03-30T02:35:01

This accusation is not consistent with what you're replying to.

jamespo · 2024-03-29T21:16:30

"Jigar Kumar" seems to have disappeared

Nathanba · 2024-03-29T22:25:37

true, that is suspicious as well. A person that hasn't even created any bugs or issues suddenly has a big problem with the speed of development? Especially the way this was phrased: "You ignore the many patches bit rotting away on this mailing list. Right now you choke your repo. Why wait until 5.4.0 to change maintainer? Why delay what your repo needs?"

"Why delay what your repo needs?" This sounds like scammer lingo

jamespo · 2024-03-29T09:15:49

5% of contributions is not “mainly” from AWS

jamespo · 2024-03-29T09:10:41

Not for redis the company if they follow mongodb’s trajectory

jamespo · 2024-03-28T19:14:39

I think part of the issue and what the judge didn't like is he doesn't seem to have any remorse.

kelnos · 2024-03-29T10:08:30

Sure, and that certainly means any rehabilitation would be harder, and we'd be right to be skeptical of the results of that rehabilitation (as in, is he just pretending to be rehabilitated).