maybe they were looking for extra special characters like 🁄 or ⶸ. Who am I kidding, RFC 1738 tells us that literally everything is unsafe and you know, we need to prepare for the inevitable occasion when the password somehow ends up inside an URL.

The characters “<” and “>” are unsafe because they are used as the delimiters around URLs in free text;
the quote mark (“”") is used to delimit URLs in some systems.
The character “#” is unsafe
The character “%” is unsafe

It ends up with

Thus, only alphanumerics, the special characters
$ - _ . + ! * ’ ( ) ,
are safe

Rendering is not what you are doing server side.

No shit sherlock. Rendering requires information about the game, and that information is enough to allow cheating. Aimbots don’t need to perform “invalid actions” in order to wreck a game. They just need to be faster and more accurate than most human players. Trying to heuristically detect aimbots is also commonly used alongside other anticheat methods, it just doesn’t work (unless you have people manually reviewing individual reported cheaters, but companies try to avoid that because it’s expensive and risks false positives).

Ultimately you either have basically google stadia (with all its technical problems) or you are trusting the client to render the game.

Even if the client only has exactly the absolute minimum amount of information needed to draw all the things that are visible, that still allows a cheat to see the player coordinates and the coordinates of visible entities, which usually makes eg. an aimbot trivial to make.

“Never trust the client” renders entire genres of games inaccessible for a big corporation. But those genres have billions of dollars of potential profit in them. So they will go as far as they can to make the client almost trustable. The average player of a first-person shooter doesn’t really think about the implications of kernel-level anticheat at all so it’s not a hard choice for them. 95% of them are on windows after all and that already gives kenel access to their PC to some entity they really have no good reason to trust.

it’s

while (true) {
    let t = Date.now();
    if (timeoutMap.has(t)) timeoutMap[t]();
}

of course. Clearly O(n).

SteamOS for Desktop is imminent

Do you have some source? I recall the latest rumor related to a valve patent is more likely to be about some VR thing than a steamOS PC

“You want to use teams a bit? We have a session here” “I’d be happy to, actually. Not really, but it wouldn’t be bad” “Not really? If you say so, I have a teams session ready right here” “No. No. I’m not stupid” “People use it every day.” “Tell the truth” “It’s a good user experience.” “So are you ready to use it? For 5 minutes?” “No, I’m not an idiot.”

Most people may miss this detail, but “pisscorp” comes from the old discord logo’s stylized Ds looking like a hebrew letter that is pronounced almost like P

They already have almost all of the discrete gpu market, they’d have to expand to new markets (although they are kind of exploring that already)

and with a good enough leak, the amount of unused memory will become negative!

Nim is more “high level, automatic memory management by default, but you can go 100% manual if you need to”, though the reality of doing that is basically the opposite of rust’s “everything you need to do is well-documented and solid”

Nim is a compiled language by default, and supposedly cross-compilation is usually as simple as

apt install mingw-w64
nim c -d:mingw myproject.nim

though I haven’t really tried doing it (and my general impression of nim is anything “slightly obscure” like cross-compilation still has a non-zero risk of running into unexpected thorny bugs)

The oxford that says this?

Acronym

1. A group of initial letters used as an abbreviation for a name or expression, each letter or part being pronounced separately; an initialism

or the merriam webster that says this?

Some people feel strongly that acronym should only be used for terms like NATO, which is pronounced as a single word, and that initialism should be used if the individual letters are all pronounced distinctly, as with FBI. Our research shows that acronym is commonly used to refer to both types of abbreviations.

Video has general VPN background info:

A VPN is ultimately just someone else’s computer that routes traffic through it, and there is nothing stopping you from starting your own VPN company, promising you’re not logging anything, and then logging everything you can. You are almost certainly never going to be punished in any way for lying to your customers as long as you put in a minimal amount of effort.

Some VPN companies like to make ridiculous claims like “the vpn will prevent you from getting hacked” which is not true

For 95-99% of internet users (at least in western countries) a VPN doesn’t really help with privacy at all since your browser is most likely still easily fingerprintable. UBlock origin or similar things help but are not even close enough to stop all fingerprinting, you need something like tor browser with javascript disabled to actually get your browser privacy to the level where a VPN is relevant. (Though it does have other benefits like circumventing some geoblocking, making unencrypted websites slightly safer, etc)

You ought to manually configure DNS, possibly even try to self-host

touched upon in the video but not directly explained, almost all VPN companies just rent from cloud services instead of hosting it themselves so even if they didn’t personally log anything, all the network traffic is likely actually still being logged by amazon etc

governments and police can just get court orders to get all the data from VPNs, or even force them to start logging if they didn’t already, though this is probably not a problem for you if you’re not considered an exceptionally interesting person

generally trusted VPNs are mullvad, IVPN, ProtonVPN, the only one I’ll personally point out is mullvad who have cohosted servers which should bypass the cloud related issues, though you had to manually select a non-cloud server last time I checked

As for more or less unique info specific to this video, it claims that VPNs lying about not collecting user data is indeed very common and done by ad companies that buy out VPN companies etc, and government spying agencies also operating VPN companies as honeypots

Well eh, the binary seems to be about 130MB while the ffmpeg source repository is only 80MB (and the version with separate .so files (all part of the project as far as I can see) is even larger)

buffer overflows are critical for memory safety since they can cause silent data corruption (bad) and remote code execution (very bad). Compared to those a “clean” unhandled runtime error is far preferable in most cases.

We can avoid expensive branches (gasp) by using some bitwise arithmetic to achieve the so-called “absolute value”, an advanced hacker technique I learnt at Blizzard. Also unlike c, c# is not enlightened enough to understand that my code is perfect so it complains about “not all code paths returning a value”.

private bool IsEven(int number)
{
    number *= 1 - 2*(int)(((uint)number & 2147483648) >> 31);
    if (number > 1) return IsEven(number - 2);
    if (number == 0) return true;
    if (number == 1) return false;
    throw new Exception();
}

After working at blizzard for 51 years, I finally found an elegant solution by using the power of recursion

private bool IsEven(int number){
  if (number > 1) return IsEven(number - 2);
  if (number == 0) return true;
  if (number == 1) return false;
}

funny how well this fits for both meanings

Yeah, same for simcity 4