yeah, about twice a year I use the CLI to backup my vault, and I’ve never felt comfortable installing an npm package to handle my vault. Now I’m definitely sandboxing it in a rootless container without internet next time. And installing a week old version, or older.

containers

reposting the tl;dr I wrote from another community…

Yesterday, for about 1h30min (starting at 5:57pm ET / 21:57 UTC) anyone installing the latest version of the command line interface of bitwarden was installing malware.

The malware steals GitHub/npm tokens, .ssh, .env, shell history, GitHub Actions and cloud secrets, then exfiltrates the data to private domains and as GitHub commits and doesn’t seem to be targeting Bitwarden specifically, or user vaults.

There’s no evidence that end user vault data was accessed or at risk, or that production data or production systems were compromised, according to their official statement.

It seems there were 334 bitwarden CLI downloads in this time period, some or many of which might have been from bots, so this is a higher bound to the number of affected users.

framework as in the laptop brand, or…?

Because if so, I think you can also install arch/arch-based and have bleeding edge

Each screen can now switch between any of the system’s virtual desktops independently!

no way, I thought this would never be a thing! Been wanting this for over 3 years now.

A lot of the hype it’s because it’s Rockstar. There aren’t many studios with their level of attention to detail and budget to make it come true.

ctrl is more useful

just stand there and wait until somebody comes in, like everyone does

I don’t think you can have both

yeah, I think the whole “water” argument really dilutes the case against data centers.

On a serious note, the argument works for areas that already struggle to supply enough water for consumers. Otherwise, we should be focusing more on the power stress to the grid, and the domino effect on supply chain of hardware cost increases that it’s happening across many industries. It started with GPUs, now it’s CPU, storage, networking equipment, and other components.

If these prices are too high for a couple of years, we’ll start seeing generalized price increases as companies need to pass along the costs to consumers.

It’s not, I read the code. It’s not merely asking the LLM for recommendations, it’s using embeddings to compute scores based on similarities.

It’s a lot closer to a more traditional natural language processing than to how my dad would use GPT to discuss philosophy.

No, it also doesn’t do that. It gets embeddings from an LLM and uses that to rank candidates.

no one is saying everyone has to ask an LLM for movie recommendations

chill, this is extracting text embeddings from a local model, not generating feature-length films

that’s like saying “no jet use is benign” meant for comparing a private jet to a jet-ski

the generative aspect is not even used here

There’s no training, the LLM embeddings are used to compare the plots via a cosine similarity, then a simple weighted score with other data sources is used to rank the candidates. There’s no training, evaluation, or ground-truth, it’s just a simple tool to start using.

that’s pretty cool, this is just the wrong crowd, don’t worry about the downvotes

tmpfs is a memory filesystem, they all do

https://man7.org/linux/man-pages/man5/tmpfs.5.html

one-liner to get the total used size

/usr/bin/df --type=tmpfs | awk 'NR>1 {sum+=$3} END {print "tmpfs used (MiB): " sum / 1024}'

for a more readable output

df -ht tmpfs

it can use up to that number, but it won’t allocate that much when not needed, which is the case here. tmpfs can also use swap, so the maximum space available is system RAM + swap

configure dolphin -> View -> Content Display -> Sorting Mode -> choose Alphabetical (defaults is Natural)