Readit News logoReadit News
stevekemp commented on FVWM-95 (2001)   fvwm95.sourceforge.net/... · Posted by u/mghackerlady
BeetleB · 2 days ago
I have fond memories of FVWM. I don't know where this was (Slashdot?), but back in the mid 2000's, someone posted a "Why are people not using FVWM? It's one of the most flexible window managers?", and linked to various people's FVWM setup. This led to a lot of folks (including me) switching to FVWM. I used it until switching to AwesomeWM around 2011.

You can see some (fairly old!) screenshots here: https://fvwm-themes.sourceforge.net/screenshots/

Glad to see it's still around.

Edit: Here's the thread (Gentoo Forums): https://forums.gentoo.org/viewtopic.php?t=80517

The thread ran a total of 121 pages over 7 years.

stevekemp · 2 days ago
I used it until I switched to GNOME2 at some point, and I also have fond memories. Just seeing the title of this post recalled the desktops I had had over the years.

My linux days started around 95/96, and I was always using low-resource environments due to necessity. Other than FVWM95 the other system I recall using for a long long time was IceWM which was something I switched to around 1999/2000.

stevekemp commented on The Rise of Computer Games, Part I: Adventure   technicshistory.com/2025/... · Posted by u/cfmcdonald
griffzhowl · 4 days ago
There was a Hitchhiker's Guide to the Galaxy text adventure, with writing from Douglas Adams. It's entertaining, but insane what you have to figure out to get the babel fish...

https://en.wikipedia.org/wiki/The_Hitchhiker%27s_Guide_to_th...

stevekemp · 4 days ago
There's a good three-part writeup starting here, covering Douglas and the game:

https://www.filfre.net/2013/11/douglas-adams/

For my money the "best" adventure game was and is The Hobbit, but that may well be because it's the first one I was haunted by.

Similar two-part writeup starts here :

https://www.filfre.net/2012/11/the-hobbit/

stevekemp commented on Israel used Palantir technologies in pager attack in Lebanon   the307.substack.com/p/rev... · Posted by u/cramsession
_DeadFred_ · 8 days ago
This conversation already has comments on one side flagged to invisibility. If you are going to allow these conversations, but only allow one side, then Hacker News is not about discussion but about what?
stevekemp · 8 days ago
There are no useful discussion to be had on such topics as war in Isreal, Donald Trump (be it "stolen elections", or foreign politics), or Russia's invasion of Ukraine.

Nobody will ever think "That was a well-reasoned argument I now believe war crimes were, or were not, committed".

The best thing to do on posts like this is avoid reading them, or flag them.

It feels like there's an obviously correct side to most of these issues, the problem is half the audience here believes their side is correct and yours is wrong.

stevekemp commented on Tunnl.gg   tunnl.gg... · Posted by u/klipitkas
stevekemp · 14 days ago
If you keep this up you'll want to add yourself to the public suffix list:

https://publicsuffix.org/

You should also consider grouping your random hostnames under a dedicated subdomain. e.g. "xxx-xxx-xxx.users.tunnl.gg", that separates out cookies and suchlike.

Posted by u/stevekemp 15 days ago
Trumpkin's Notes on Building a Saunalocalmile.org/trumpkins-n...
stevekemp commented on 4.3M Browsers Infected: Inside ShadyPanda's 7-Year Malware Campaign   koi.ai/blog/4-million-bro... · Posted by u/janpio
payphonefiend · 16 days ago
Painful read, this reads like it was written by AI.
stevekemp · 16 days ago
I flag posts like this.
stevekemp commented on Ask HN: Does cross-posting to Medium still help, or does it just dilute SEO now?    · Posted by u/StealthyStart
rozenmd · 17 days ago
Better question to ask might be: do you actively avoid medium.com links?

I know I do.

stevekemp · 16 days ago
Same for me. Medium, SubStack, and several other sites, have ruined any former good will and interest they once held. Instead of being sources for good writing they're 99% full of low-effort spam these days.
stevekemp commented on Why xor eax, eax?   xania.org/202512/01-xor-e... · Posted by u/hasheddan
jgrahamc · 17 days ago
I started out writing machine code without an assembler and so had to hand assemble a lot of stuff. After a while you end up just knowing the common codes and can write your program directly. This was also useful because it was possible to write or modify programs directly through an interface sometimes called a "front panel" where you could change individual bytes in memory.

Back in 1985 I did some hand-coding like this because I didn't have access to an assembler: https://blog.jgc.org/2013/04/how-i-coded-in-1985.html and I typed the whole program in through the keypad.

stevekemp · 17 days ago
Same here. On/For the ZX Spectrum, looking up the hex-codes in the back of the orange book. At least it was spiral-bound to make it easier.

Later still I'd be patching binaries to ensure their serial-checks passed, on Intel.

stevekemp commented on Post-mortem of Shai-Hulud attack on November 24th, 2025   posthog.com/blog/nov-24-s... · Posted by u/makepanic
woodruffw · 18 days ago
> Problem is that you might want to have the tests run before even looking at it.

Why is this a problem? The default `pull_request` trigger isn't dangerous in GitHub Actions; the issue here is specifically with `pull_request_target`. If all you want to do is have PRs run tests, you can do that with `pull_request` without any sort of credential or identity risk.

> Hilariously the people at pypi advise to use trusted publishers (publishing on pypi from github rather than local upload) as a way to avoid this issue.

There are two separate things here:

1. When we designed Trusted Publishing, one of the key observations was that people do use CI to publish, and will continue to do so because it conveys tangible benefits (mostly notably, it doesn't tie release processes to an opaque phase on a developer's machine). Given that people do use CI to publish, giving them a scheme that provides self-expiring, self-scoping credentials instead of long-lived ones is the sensible thing to do.

2. Separately, publishing from CI is probably a good thing for the median developer: developer machines are significantly more privileged than the average CI runner (in terms of access to secrets/state that a release process simply doesn't need). One of the goals behind Trusted Publishing was to ensure that people could publish from an otherwise minimal CI environment, without even needing to configure a long-lived credential for authentication.

Like with every scheme, Trusted Publishing isn't a magic bullet. But I think the proscription to use it here is essentially correct: Shai-Hulud propagates through stored credentials, and a compromised credential from a TP flow is only useful for a short period of time. In other words, Trusted Publishing would make it harder for the parties behind Shai-Hulud to group and orchestrate the kinds of compromise waves we're seeing.

stevekemp · 18 days ago
> the issue here is specifically with `pull_request_target`

I just went to github to search for references to that trigger-type, and I admit I was surprised at the sheer number of times it is visible in a code-search.

It seems like a common-pattern, sadly.

stevekemp commented on How Charles M Schulz created Charlie Brown and Snoopy (2024)   bbc.com/culture/article/2... · Posted by u/1659447091
andrewstuart · 20 days ago
I think many people have seen only the commercially exploited peanuts imagery.

In fact the comics - especially the older ones are incredibly clever and funny and insightful and there’s long running threads and connections and strong characters.

Peanuts the tshirt/hat/poster/cup is crass.

Peanuts the comic is genius.

It exactly the same with Donald Duck and Uncle Scrooge. The commercially exploited imagery is crass and dumb. The comics written by Karl Barks were genius and often really entertaining adventure stories.

stevekemp · 20 days ago
I have approximately one meter of snoopy books - collections of the comic strip - dating from the 70s and 80s. Now and again I read a few strips, but at least once every month I wear my snoopy watch, and seeing Snoopy on the dial makes me smile every time.

I've had more comments on the snoopy dial, and my casio terrorist watch, than any high-end piece in my rotation/collection. I struggle to think of other snoopy merchandise which is common-place, outside watches.

(I asked my eight year old son a while back if he knew the names of some characters from Peanuts, while showing him a couple of the cartoon strips, the only one he knew was Snoopy. I was sad to learn he didn't know the name of either Charlie Brown or Woodstock.)

s

u/stevekemp

KarmaCake day9865October 30, 2012
About
Born in the UK, now living in Helsinki, Finland.
View Original