The article says that is the intended use, I agree this is just bad implementation, but it’s bad because it not only allows control one way, from the app to the browser, it also allows it the other way: browser extensions with an ID that matches one of the allowed ones can access userspace, without asking. That is a huge attack surface that is installed without any consent.

No

No, this is not politics, you are not building an echo chamber. This is about respect, and people can respectfully disagree and I won’t block them, but there’s no reason anyone should have to put up with disrespectful users. I also blocked that one user that censored every swear word in shitposts. Fuck that person too. They both shouldn’t modify people’s works without permission.

I guess you can just restore things, this is news to me, but pretty neat.

It’s a scary world out there, I absolutely understand the feeling of reading too far in to a slop piece and feeling like my time was stolen from me. We have to support good human content, even if it’s from some hedge fund think tank thing. Thank you for being honest, sorry for calling it bullshit. It was bullshit, but, like I’m sorry.

deleted by creator

This is terrible advice, even if I assume you are also using a key-file on a removable usb. An attacker can brute force decrypt your db. There is no rate limiting when you literally have the database file, they could replicate it across thousands of servers each with dozens of cores, each core trying a dozen keyphrases per second. That’s assuming a motivated attacker like a government or crypto scammers, but why open yourself to that possibility?

You can just pass the --update flag when invoking yt-dlp. I don’t think the package itself needs to be up to date in order to work reliably.

Like, piping the output of a program into another program.

That’s mercury!

I was wrong, just remembered incorrectly.

Signal is not open source.