this post was submitted on 19 Nov 2023
161 points (95.0% liked)

Games

16658 readers
959 users here now

Video game news oriented community. No NanoUFO is not a bot :)

Posts.

  1. News oriented content (general reviews, previews or retrospectives allowed).
  2. Broad discussion posts (preferably not only about a specific game).
  3. No humor/memes etc..
  4. No affiliate links
  5. No advertising.
  6. No clickbait, editorialized, sensational titles. State the game in question in the title. No all caps.
  7. No self promotion.
  8. No duplicate posts, newer post will be deleted unless there is more discussion in one of the posts.
  9. No politics.

Comments.

  1. No personal attacks.
  2. Obey instance rules.
  3. No low effort comments(one or two words, emoji etc..)
  4. Please use spoiler tags for spoilers.

My goal is just to have a community where people can go and see what new game news is out for the day and comment on it.

Other communities:

Beehaw.org gaming

Lemmy.ml gaming

lemmy.ca pcgaming

founded 1 year ago
MODERATORS
nanoUFO@sh.itjust.works
161
TIL that there's a FOSS Tomb Raider engine that can run on a web browser (lemmy.world)
submitted 11 months ago by AlmightySnoo@lemmy.world to c/games@sh.itjust.works
30 comments fedilink hide all child comments
 

The name is OpenLara (https://github.com/XProger/OpenLara ) and you can try out the WebGL build directly on your web browser on: http://xproger.info/projects/OpenLara/ . The web version works amazingly well on my Pixel 7a with touch controls (you have to click on the "go fullscreen" button) using Firefox as a browser.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] binomialchicken@lemmy.blahaj.zone 1 points 11 months ago (1 children)

What's the biggest code base you have ever reviewed? What's the most recent TLS vulnerability you have encountered, as opposed to the last vulnerability in other parts of your OS? Code being swapped by the server, maybe, but are you saying you do a code review every time you update a package or dependency of some other project? This is only less secure in some inconceivably convoluted chain of events that no practical person could enact. No sane person does what you're saying. Everyone has to trust someone else with code blindly at some point.

[โ€“] DarkMetatron@feddit.de 1 points 11 months ago

Yeah, Man in the middle attacks are completely uncommon and have never happened. You don't need vulnerabilities in TLS itself but there are plenty of those, check the CVE list for 2023 alone: https://www.openssl.org/news/vulnerabilities.html#y2023

You only need a access to a valid certificate authority, no issue for any state actor for example, to interrupt the chain. Yes, there are mechanisms against that but those are so far not really common yet unfortunately.

And I never said that I do code audits, only that I have the possibility to do it.