The repo owner is literally starving. His shit is present in almost every js website. A lot of billion and even trillion dollar companies (including Apple, Google and Microsoft) used it without giving him a dime.
2 months ago
Anonymous
Oh yeah, I remember finding out about this. We happen to use it at work and I was confused what it was so I looked it up. Surreal moment when I realized every big site uses it yet the dude is broke
2 months ago
Anonymous
thhat's the normal situation when you produce useless bloatware related to js
2 months ago
Anonymous
oh frick that's heartbreaking >almost 30mil downloads weekly on npmjs
2 months ago
Anonymous
I wonder if """sanctions""" have something to do with lack of company backing.
People don't understand anti-Indian racism because "they're nice and non-violent".
They are literally lowering the standard of living of society by their presence.
The quality of discourse, art, fashion, tech, politics, behavior.
In Canada, they are creating new, lower standards for what are acceptable living conditions because they are willing to live in single rooms with 6 other people.
I can just imagine this poor sod's boss breathing down his neck for a date, and having no fricking clue how to patch or vendor FFmpeg to get around the issue.
>Use -data_field first as decoder option in CLI. Default value was changed from first to auto in latest FFmpeg version.
In all fairness, things did break out from under him.
Oh course they need to rely on volunteers when all their workers are pajeets and all the people without work are white thanks to diversity quotas.
That explains everything.
>xz fiasco resolved before any US systems actually compromised, while still demonstrating national security risk >implicates China and open source computing >"discovered" by MS employee
It's an op, guys.
So this FFmpeg account is trying to argue that open source is a bad thing...? Or what take am I supposed to be seeing here? Sounds like he's saying companies should focus on closed source projects they can control, and supporting open source is a bad thing
Mocking them for using FFmpeg? That just makes this even more confusing. Sounds like this is a project that should only be used by individual hobbyists and not used commercially?
Mocking them for being cheap. They come in like boomers demanding the highest priority for their issue but don't wanna pay for it like the israelites they are.
2 months ago
Anonymous
ffmpeg devs set their own price when they released this as open source. they did this to themselves.
2 months ago
Anonymous
How?
2 months ago
Anonymous
Maybe if Microsoft sent a substantial "donation" they'd be ok with their high priority requests
2 months ago
Anonymous
Nice software you got there... using open source libraries in it?
Would be a real shame if some bugs or even vulnerabilities got introduced to it... you know how it is with these unpaid volunteers. Sometimes they just miss a comma or turn over the project to a chinese spy.
But I think we can work something out here... with just a small donation from you to our so-called open source foundation I think we just might find someone to take good care of this for you.
2 months ago
Anonymous
Maybe Microsoft should have read the License >THERE IS NO WARRANTY
2 months ago
Anonymous
>they did this to themselves.
Did what exactly? It's the billion dollar company which is groveling and begging. FFmpeg devs can literally close the ticket and jerk off instead for all they care.
I beg IQfy moderation to do that on a daily basis. If they could legitimately communicate in English, my problems would have been solved many years ago, literally.
So this FFmpeg account is trying to argue that open source is a bad thing...? Or what take am I supposed to be seeing here? Sounds like he's saying companies should focus on closed source projects they can control, and supporting open source is a bad thing
Yes they are unintentionally arguing against open source. They are begging the billionaires that are making trillions off their free work to support them a little bit. But the pathetic begging that will never be considered without pushing caveats that give the cloud corp control will never be considered. As such, it is a reason to stop supporting OSS to anyone with a brain.
Open and closed source share the same vulnerabilities, in that, if you let non-vetted people submit code and you accept that code then a child could hack the planet. True peer reviews by multiple people are the only safeguard regardless if open or close source.
>if you let non-vetted people submit code
or if you let the wrong people become vetted
this was a problem of someone deliberately infiltrating a project that was upstream of a major target and using the project as an attack vector
worse, the major target wasn't watching for it because they were immune... but the fiddled-around version distributed on some big Linuxes wasn't
Debian and RedHat: Asleep at the Wheel!
stallman was approached by companies and paid to prioritize features that wanted on free software, he got paid, free software improved, next gen of nerds got opportunity to use relevant software, everybody won.
No I mean unverified people. Letting random anonymous rando's contribute code is beyond full moron. All your undocumented people are about to be conscripted but that's a different issue.
why even have report flags if you're just going to shit your diaper and throw a temper tantrum when someone uses them properly?
Really makes you think.
Microsoft is not a high priority. When they make Windows completely free and open source, they can be high priority, until then they go to the back of the queue.
Always good to have another reminder that OSS has been very effectively exploited by closed-source corpos. To have true FoSS we need a License that does not allow usage in any centrally controlled closed source/cloud tech corpo service. And we need people to stop trying to support F/oSS jsut to get a job in closed source/cloud tech.
And everyone will say no (despite not having a viable alternative)
[...]
Yes they are unintentionally arguing against open source. They are begging the billionaires that are making trillions off their free work to support them a little bit. But the pathetic begging that will never be considered without pushing caveats that give the cloud corp control will never be considered. As such, it is a reason to stop supporting OSS to anyone with a brain.
this is fricking pure gold. >pajeet from microshit doesnt read documentation, quick to ask for help >real elon musk chimes in >SAR PLS BIG COMPANY DEPANDS FIX IMMEDIATELY INFORM ME ASAP >elon musk provides fix
What an indian chad. got elon musk himself to do the needful.
>The issue was actually the jeets not being able to read documentation
They probably can't read the documentation because Windows doesn't have:
man ffmpeg-all
You obviously don't speak from experience here anon
If the command line interface for ffmpeg is a moderate challenge, libav's C API is like trying to swim in the ocean with cinder blocks chained to your legs
Here's how you transcode an audio file to AAC using their C API
https://github.com/FFmpeg/FFmpeg/blob/master/doc/examples/transcode_aac.c
2 months ago
Anonymous
3 trillion dollar company
2 months ago
Anonymous
That got nothing to do with my post about ffmpeg's CLI not being available from libav's C API
2 months ago
Anonymous
so have some autist write wrapper for python or whatever else those ms jeets use
2 months ago
Anonymous
>it's more difficult to do it correctly
That's not an excuse nor a defense.
2 months ago
Anonymous
Everybody should know C well enough already. Certainly Microsoft should have the best C programmers in the business. That example isn't even advanced C.
https://trac.ffmpeg.org/ticket/10341#comment:10
Looks like this commotion has caused a comedian to add to the thread.
I spose the deeper issue is that they upgraded to a newer version of ffmpeg and didn't test thoroughly to identify the change they needed ahead of time. And instead of rolling back to a functioning version they just made this ticket claiming it was broken.
>The issue was actually the jeets not being able to read documentation
They probably can't read the documentation because Windows doesn't have:
man ffmpeg-all
True, Elon in the thread though provided them a command that shows the documentation they're looking for https://trac.ffmpeg.org/ticket/10341#comment:8 , and they still said they couldn't find it.
ffmpeg -h decoder=cc_dec
>default value was changed
I fricking hate this shit, it's the main reason why updating software is a pain in the ass. Who the frick knows what devs have decided to change in basic functionality.
Honestly, what was the last time someone shit up a thread you were in and deserved to be banned? People that say this are always seething troons reporting people for racism.
reminder that webvtt is cursed and you probably don't want support for it in the first place
https://github.com/mpv-player/mpv/issues/7214#issuecomment-811678383
can't wait for this being exploited thanks to someone uploading the wrong video in shady sites
furthermore, WebVTT only allows URLs with a data scheme.
there is absolutely nothing insane about applying styling to all cues after/before a specific cue. implementing something like this is beyond easy.
>ASS, on the other hand, is basically just timed vectors with some transforms.
wrong
http://www.tcax.org/docs/ass-specs.htm
ASS can include text-encoded truetype font files and graphic files (images, audio and videos).
This is absolute bullshit. Once again mpv devs prove that they are useless pedos whose only skills are watching anime.
WebVTT is meant for use in connection with the HTML <track> element.
Programs that deal with HTML usually are able to handle CSS, so it makes sense to use it for WebVTT. Same goes for scripting with JS.
That being said, you don't have to support CSS/JS at all if you don't want to.
https://www.w3.org/TR/webvtt1/#conformance-classes
You can do some basic styling without CSS:
https://www.w3.org/TR/webvtt1/#caption-text
https://www.w3.org/TR/webvtt1/#default-classes
Don't get your post. You call mpv devs useless pedos, fair enough, then go on to 100% support their reasoning.
>WebVTT is meant for use in connection with the HTML <track> element. >Programs that deal with HTML usually are able to handle CSS
Exactly why they don't want full support it in their non-HTML software >That being said, you don't have to support CSS/JS at all if you don't want to.
If you look at the screenshots in the OP you will see that that is indeed what mpv currently does. The issue was about missing the additional "optional" styling
furthermore, WebVTT only allows URLs with a data scheme.
there is absolutely nothing insane about applying styling to all cues after/before a specific cue. implementing something like this is beyond easy.
>ASS, on the other hand, is basically just timed vectors with some transforms.
wrong
http://www.tcax.org/docs/ass-specs.htm
ASS can include text-encoded truetype font files and graphic files (images, audio and videos).
>ASS can include text-encoded truetype font files and graphic files (images, audio and videos).
All of which they already support anyway. (Dis)playing images/audio/videos is its main purpose after all and fonts are needed for text in the OSD. (More specifically the OSD is implemented by (ab)using the ASS renderer afaik)
If you look at the screenshots in the OP you will see that that mpv does not respect the position of the subtitle as defined in the vtt file. This has nothing to do with CSS, you do not need a CSS engine for this.
So this whole rant about muh DOM, JS scriptability (which is wrong, WebVTT is not scriptable) and CSS is completely misplaced.
2 months ago
Anonymous
If you read the bug they did not oppose some minimal subset of VTT being implemented. They just have no interest in doing that work themselves.
If you look at the screenshots in the OP you will see that that mpv does not respect the position of the subtitle as defined in the vtt file. This has nothing to do with CSS, you do not need a CSS engine for this.
So this whole rant about muh DOM, JS scriptability (which is wrong, WebVTT is not scriptable) and CSS is completely misplaced.
OSS maintainers are very often power tripping gays though, if Microsoft tried to push through their own patch or a fork they would be crying about being embraced-extended-extinguished instead
Always good to have another reminder that OSS has been very effectively exploited by closed-source corpos. To have true FoSS we need a License that does not allow usage in any centrally controlled closed source/cloud tech corpo service. And we need people to stop trying to support F/oSS jsut to get a job in closed source/cloud tech.
And everyone will say no (despite not having a viable alternative)
running code on a remote server cannot be open source by definition, you can't know the code that is being run, so your comment makes no sense
furthermore corporations or any kind of organized entity can't exist without foss tools
releasing closed source software is the main problem
>running code on a remote server cannot be open source by definition, you can't know the code that is being run, so your comment makes no sense
Maybe this is why Stallman hasn't really pushed for the AGPL. >releasing closed source software is the main problem
Not really, tho. Everything is on the cloud nowadays.
2 months ago
Anonymous
you are free to run your code on your server or a remote one. websites are just website, it displays information. it doesn't matter if you don't have the source code, you control the input.
excluding websites programs still need to be run on your machine.
>To have true FoSS we need a License that does not allow usage in any centrally controlled closed source/cloud tech corpo service
that's what the AGPL3 is for, while the GPL3 requires source access when you distribute binaries, the AGLP3 also requires source access when you provide only remote access to said software, rather than distributing binaries
Closed source/ open source is something that was important 20 years ago. But in the post-2010 world the important thing if it's a centrally controlled "cloud" service or not. For example: Microsoft it completely allowed by the GPL to sell access to linux-based servers, using their closed-source API, platform & interface.
Or facebook is allowed to use linux for all the hosting for their closed-source dystopian nightmare. "cloud" is many times worse than closed source that at least runs on your machine.
You fundamentally don't understand the dynamic. Teams is used by literally every fortune 500 company. If microshaft wanted to fix this problem, they could have devoted time or money or both to fix it. They didn't do either, but expect a community of unpaid volunteers to do it for free. This is like getting a good Samaritan to fix your flat tire, and then yell at them for not changing your oil.
>The xz fiasco has shown how a dependence on unpaid volunteers can cause major problems
every heard of WEBP?
you know, the thing that made all Androids, Web Browsers vulnerable for 9 years made by Google?
right >let's link this massive attack surface into sshd just to give it a dubious feature
brilliant idea
it also showed that the pressure for software projects to be "active" can cause major problems. this would have never happened if xz was considered finished.
I really hate systemd mainly because it showed how easy it is to push giant piles of shit to lazy distro builders. This exploit is a wake-up call but unfortunately nobody is paying attention because it's being drowned out by smug arch buttholes who can't see the bigger issue.
Is there any effort to crowd fund general bug/exploit bounties? gayMAN sure as shit isn't going to fix things.
2 months ago
Anonymous
What would that prove that this exploit hasn't already proven?
2 months ago
Anonymous
Nothing? Do you know what a bug bounty is? I mean that there should be a community funded reward for catching issues like this to incentivize more people looking for backdoors and provide something slightly closer to a fair reward than nerd street cred.
2 months ago
Anonymous
Dude, all software has bugs. Giant blobs of code like systemd will have many, many, many bugs. It's also not a stationary target. More and more code is being added to this monstrosity, and it all has root privileges. Finding bugs in systemd is not going to make it secure.
2 months ago
Anonymous
Wtf are you talking about? Do you even write software?
LAKHS of clients lost
Kek
2 months ago
Anonymous
Yes, and everything I said is the truth. The only solution is to shrink the amount of code that runs in privileged memory. systemd does the fricking opposite of that. You can't fix systemd, you can only replace it with something sane
2 months ago
Anonymous
You're right that systemD is fubar but a exploit bounty will still have positive effects. It will make more people look, making people realize how bad it is, The ones found will punish potterling for his bloat, and there's a slightly higher chance that someone that finds an exploit reports it instead of using it.
2 months ago
Anonymous
Again, what would that prove that this exploit hasn't already? Oh, well prove it again, only this time they'll listen! No, they won't. The only solution is to make a better alternative
2 months ago
Anonymous
Everything you said is completely unrelated to what I am proposing. If your original point is that getting off of systemd will fix all or most of these issues then you're moronic. I think it's justified at this point but there needs to be more corp-independent quality incentives regardless.
2 months ago
Anonymous
You're not even trying to understand what I'm saying despite my plain English.
ANY giant blob of software running in privileged memory (including those Intel firmware blobs) is going to leave you vulnerable. systemd isn't a problem because it's buggy. All software has bugs. systemd is a problem because it's a fricking monstrosity
2 months ago
Anonymous
Again, I don't disagree with any of that. It's beside my point entirely and nowhere near sufficient to prevent these kinds of attacks.
2 months ago
Anonymous
LOL, OK I'm done with you.
2 months ago
Anonymous
You never even began
2 months ago
Anonymous
With that sort of attitude, why do you use computing devices at all? You should go and hide under the bed-covers for the rest of your scared little life.
2 months ago
Anonymous
LOL what kind of take is this?
"I mean why even care about security you LUDDITE!" - lowest IQ poster in this thread
>israel/mossad/unit8123818238/companies contracted by the government already have plenty of malware attributed to them beyond almost any reasonable doubt >some random turdie has to make shit up, and shoehorn in some whining about ukraine for good measure
why do they do this?
We warned you that proprietary software was the only way for your labor to be valued.
You rejected it and now you're expected to work for free.
When we told you this was gonna happen, you called it anti-free software FUD.
Now, you get what you fricking deserve.
holy based. I hope ffmpeg doesn't fix it.
also, how the frick are commercial entities using something like ffmpeg in the US? how autismal in compiling features do you have to be to make sure you don't have a build that violates some software patent?
no the point of open source is to allow anyone else to contribute regardless of their financial backing or history
the actual problem is that these projects get subsumed into closed source mega-apps with dark branches that never get pushed upstream, ran by outsourced third-worlders that go into these volunteer projects expecting support like they're paying for a contract, which isn't the fricking case
"burnout" from lack of funding is real, but it's not nearly as widespread a problem as the above
i don't think it will ever happen. for corporations it is much cheaper to hire thirdies to shill open source 7/24 than to pay for it, if they haven't already. we can only redpill a few developers like the tale of the starfish.
2 months ago
Anonymous
until all foss devs start doing the foss-hacktivism like node-ipc, detect code is used by MS/RHEL and just nuke their pc, suddenly all foss livraries need to be hard forked and MS and RHEL need to hire maintainers for every and each one of them, no more free lunch
>the actual problem is that these projects get subsumed into closed source mega-apps with dark branches that never get pushed upstream, ran by outsourced third-worlders that go into these volunteer projects expecting support like they're paying for a contract, which isn't the fricking case
Well, that's when the pajeets Get Told.
If you or anyone else want a thing done on your time schedule, better be prepared to pay to see it happen. You might get lucky and get away without paying, but getting anything reliably requires money. And not being an butthole.
>And not being an butthole.
So THAT'S why IQfy management and moderation can't form a good userbase! You reap what you sow, I suppose. Plant butthole seeds, get buttholes.
Hmmm... sweaty... thanks to the GPL Microsoft still made money out of software they only contributed six patches for in 4 years (since 2020) nor paid for its development, and even got free support from seething NEETs. That's not what being a cuck is like.
>go to sleep having only 1 (one) sponsor, a fellow Apache member for the utility under a permissive license you have been developing for free for years during your free time >wake up >Log4Shell happens >now everybody wants to see you answering their support calls >ALSO now you have 108 sponsors, among them Amazon Web Services
Now that the momentum is gone, he has 15 sponsors, which is 15 times more sponsors he had before the controversy.
Why doesn't Microsoft, a billion dollar corporation with some of the best talent in the industry, simply have a team of employees working on FOSS bug fixes?
A trillion dollar worth corporation. Trillion. That's bigger than the worth of several nations.
Sorry, can't afford to pay actual programmers, though. Can only hire Indians who have no idea how to fix anything other than copy/pasting JS Electron shit from stack overflow and asking chatGPT to generate newer code
>Why is everyone saying the guy is indian?
the writing style, not that's in indian per-se, it could be one of many esl's, it's just that microsoft is well known to have many indians working there
>actively, blindly create problem >try to blame everyone else for it >still don't try to fix it to save themselves from the embarrassment of being wrong despite being ridiculed by everyone already
Dang, Microsoft got that Hiro/mod/janny mindset. Why are "tech minded" "people" like this?
>Trillion dollar corporations expect free and urgent support from volunteers
That's kinda bullshit, everyone is in agreement that this is an issue that needs to be fixed quickly, that doesn't suddenly become the result of corporate greed abusing open source volunteers because MS stated the obvious here that a fix is high priority.
sars please do the needful
Jesus christ just burn this company already.
do fix the needful
>PLS DO THE NEEDFUL FAST
the absolute state of ms
good morning sir,, plaese do the needful and fix exploit,,, thank you
>Please help,
sar
lmao
"Pull requests welcome :)"
looks comfy
i can't tell if these are AI or not anymore, and thats hilarious
3 trillion dollar company btw
SIRS PLS HELP
lmao freetards why don't you give proper software to microsoft?
You can smell that post
>jpg
loser
SAR PLS REDEEM CAPTION SAAAAR!!!!
https://odysee.com/@Minnesota-tan:5/Codex-Pajeet-II:4
SAAR, not scamming an old lady today?
codex pajeet is real
Whoever wrote this shit should be flayed alive and all managers should be forced to watch it happen live
unbelivable
> microsoft can't fix software in current year
> PLS MPEGSIRS! DO THE NEEDFUL!
lmao.
LAKHS of clients lost
Hi sirs, Caption is having issues in Microsoft with FFmpeg version please give high priority
This shit (and the core-js thing) is the reason why I am NEVER going to write a single line of FOSS code. Frick Black folkoft.
what core-js thing?
The repo owner is literally starving. His shit is present in almost every js website. A lot of billion and even trillion dollar companies (including Apple, Google and Microsoft) used it without giving him a dime.
Oh yeah, I remember finding out about this. We happen to use it at work and I was confused what it was so I looked it up. Surreal moment when I realized every big site uses it yet the dude is broke
thhat's the normal situation when you produce useless bloatware related to js
oh frick that's heartbreaking
>almost 30mil downloads weekly on npmjs
I wonder if """sanctions""" have something to do with lack of company backing.
He did this to himself. I have no fricks to give.
the absolute state of ms jeets lol
that said, they're free to beg. maybe someone will answer
Surely the dev powerhouse over at the Microsoft Global Office can fix this?
even outside of the ESL phrasing, only jeets have the audacity to write this
that english is fricked
man i'm so happy for independent devs rn
this just keeps getting better and better
He needs to head to the M$ forums for some advice.
I don't think they even tell you to run sfc /scannow anymore, all modern M$ forum advice can be condensed into this simple flowchart
People don't understand anti-Indian racism because "they're nice and non-violent".
They are literally lowering the standard of living of society by their presence.
The quality of discourse, art, fashion, tech, politics, behavior.
In Canada, they are creating new, lower standards for what are acceptable living conditions because they are willing to live in single rooms with 6 other people.
>BASTARD b***h DO THE NEEDFUL
jeet thought he was posting to an internal microsoft ticketing system
People like this deserved to be named, shamed, tarred, feathered, and dragged over the coals.
Nah, it's microsoft itself that should take the hit for it. They should budget dev time to fixing it.
>sar this is very important at Microsoft so do the needful ASAP
I can just imagine this poor sod's boss breathing down his neck for a date, and having no fricking clue how to patch or vendor FFmpeg to get around the issue.
Get to it code janny!
>trillion dollar corporation wants them to do it for free
lol
lmao
i wish they'd leave it there for a few months just to spite them
There was nothing to do, they just didn't understand how to use the program and needed someone to tell them the flags to use.
Microshaft confirmed jeetware. There has to be some way to punish their ineptitude
https://trac.ffmpeg.org/ticket/10341#comment:7
holy frick it's real.
>Use -data_field first as decoder option in CLI. Default value was changed from first to auto in latest FFmpeg version.
In all fairness, things did break out from under him.
When your own jeets can't complete an intermediate level threat, you need to ask the NEETs
Oh course they need to rely on volunteers when all their workers are pajeets and all the people without work are white thanks to diversity quotas.
That explains everything.
I'd have posted "sounds like a personal problem" on it
people really need to learn how to respond to those that can't read the docs
>xz fiasco resolved before any US systems actually compromised, while still demonstrating national security risk
>implicates China and open source computing
>"discovered" by MS employee
It's an op, guys.
Yeah, am I seriously supposed to believe that he didn't edit the security.md file until months after the backdoor was planted? Gimme a break.
i hope they tell them to frick off
So this FFmpeg account is trying to argue that open source is a bad thing...? Or what take am I supposed to be seeing here? Sounds like he's saying companies should focus on closed source projects they can control, and supporting open source is a bad thing
FFmpeg is mocking them.
Mocking them for using FFmpeg? That just makes this even more confusing. Sounds like this is a project that should only be used by individual hobbyists and not used commercially?
Mocking them for being cheap. They come in like boomers demanding the highest priority for their issue but don't wanna pay for it like the israelites they are.
ffmpeg devs set their own price when they released this as open source. they did this to themselves.
How?
Maybe if Microsoft sent a substantial "donation" they'd be ok with their high priority requests
Nice software you got there... using open source libraries in it?
Would be a real shame if some bugs or even vulnerabilities got introduced to it... you know how it is with these unpaid volunteers. Sometimes they just miss a comma or turn over the project to a chinese spy.
But I think we can work something out here... with just a small donation from you to our so-called open source foundation I think we just might find someone to take good care of this for you.
Maybe Microsoft should have read the License
>THERE IS NO WARRANTY
>they did this to themselves.
Did what exactly? It's the billion dollar company which is groveling and begging. FFmpeg devs can literally close the ticket and jerk off instead for all they care.
your reading comprehension needs a high priority ticket.
Anon, please learn to read something other than code.
I beg IQfy moderation to do that on a daily basis. If they could legitimately communicate in English, my problems would have been solved many years ago, literally.
Yes they are unintentionally arguing against open source. They are begging the billionaires that are making trillions off their free work to support them a little bit. But the pathetic begging that will never be considered without pushing caveats that give the cloud corp control will never be considered. As such, it is a reason to stop supporting OSS to anyone with a brain.
He can't read code either
they are exposing big tech who uses work from volunteers and expect high priority to their issues
Open and closed source share the same vulnerabilities, in that, if you let non-vetted people submit code and you accept that code then a child could hack the planet. True peer reviews by multiple people are the only safeguard regardless if open or close source.
>if you let non-vetted people submit code
or if you let the wrong people become vetted
this was a problem of someone deliberately infiltrating a project that was upstream of a major target and using the project as an attack vector
worse, the major target wasn't watching for it because they were immune... but the fiddled-around version distributed on some big Linuxes wasn't
Debian and RedHat: Asleep at the Wheel!
#nondisclosure #antisec
you zoomers are hopeless
$3.14 trillion company can write up a support contract instead of begging for free labor.
stallman was approached by companies and paid to prioritize features that wanted on free software, he got paid, free software improved, next gen of nerds got opportunity to use relevant software, everybody won.
>how a dependence on unpaid volunteers
How a dependence on random unverified people is more like it.
>random unverified people
Look, Klaus arent you a lil' bit on the old side to be posting on chinese cartroon forums?
You mean undocumented people?
No I mean unverified people. Letting random anonymous rando's contribute code is beyond full moron. All your undocumented people are about to be conscripted but that's a different issue.
Have fun with that, now go back to Facebook
why even have priority flags if you're just going to shit your diaper and throw a temper tantrum when someone uses them properly?
why even have report flags if you're just going to shit your diaper and throw a temper tantrum when someone uses them properly?
Really makes you think.
Microsoft is not a high priority. When they make Windows completely free and open source, they can be high priority, until then they go to the back of the queue.
@microsoft has to take over! we can't have this free software movement ruining society!
or just verify "who" is contributing to your project. /b/ should not be permitted to contribute.
>islamaphobia
Frick off poltard
I frick off ever 32ms. Can you do it faster?
this is just exposing why FOSS is shit. no one wants to learn C for free. time to pay up
I didn't mention anything about backdoors.
You dont even need backdoors when everything is on your servers anyway.
>Fire expensive white guys
>Hire cheap jeets
>Jeets break everything
>Expect white guys to fix it for free
https://trac.ffmpeg.org/ticket/10341
>https://trac.ffmpeg.org/ticket/10341
Elon Musk in the replies, doing the needful
AHAHAHAHAH
The issue was actually the jeets not being able to read documentation, good thing Elon Musk was there to help them out.
I'm sorry I ever doubted you Elon
what the frick is elon musk doing there??? he can program???
Knowing how to use a program isn’t programming.
Yeah, there is also Hasdrubal and Saitama in other forums in the same site. Didn't know those were programers too.
kek is that actually elon musk?
I highly doubt it. There's no way Musk spends his time on the FFMPEG issue tracker. He's got better things to do.
Of course not.
Elon's main focus is ffmpeg so he can efficiently download all the porn he can while he pretends to be doing actual work at Tesla.
He's just like us.
Using ffmpeg to procrastinate and fap.
So this is high priority to him.
use your brain
wait back the frick up, this musk for real dawg? I know he was doing paypal shit but was this before?
No, it's just one of ffmpeg's top developers 'avin a giggle by changing his name on Trac
this is fricking pure gold.
>pajeet from microshit doesnt read documentation, quick to ask for help
>real elon musk chimes in
>SAR PLS BIG COMPANY DEPANDS FIX IMMEDIATELY INFORM ME ASAP
>elon musk provides fix
What an indian chad. got elon musk himself to do the needful.
>The issue was actually the jeets not being able to read documentation
They probably can't read the documentation because Windows doesn't have:
man ffmpeg-all
>Sir posting a High Priority ticket
>"Elon Musk" responding
this is fricking comedy gold.
The bigger issue here is that they're wrapping the ffmpeg executable instead of using the library. This is what worries me more.
You obviously don't speak from experience here anon
If the command line interface for ffmpeg is a moderate challenge, libav's C API is like trying to swim in the ocean with cinder blocks chained to your legs
Here's how you transcode an audio file to AAC using their C API
https://github.com/FFmpeg/FFmpeg/blob/master/doc/examples/transcode_aac.c
3 trillion dollar company
That got nothing to do with my post about ffmpeg's CLI not being available from libav's C API
so have some autist write wrapper for python or whatever else those ms jeets use
>it's more difficult to do it correctly
That's not an excuse nor a defense.
Everybody should know C well enough already. Certainly Microsoft should have the best C programmers in the business. That example isn't even advanced C.
https://trac.ffmpeg.org/ticket/10341#comment:10
Looks like this commotion has caused a comedian to add to the thread.
I spose the deeper issue is that they upgraded to a newer version of ffmpeg and didn't test thoroughly to identify the change they needed ahead of time. And instead of rolling back to a functioning version they just made this ticket claiming it was broken.
True, Elon in the thread though provided them a command that shows the documentation they're looking for https://trac.ffmpeg.org/ticket/10341#comment:8 , and they still said they couldn't find it.
ffmpeg -h decoder=cc_dec
they were also name dropping 'highly visible product', what a bunch of passive aggressive buttholes
are these people thanking themselves?
this could be easily solved by just asking ChatGPT, they didn't need to open a ticket, lol
>default value was changed
I fricking hate this shit, it's the main reason why updating software is a pain in the ass. Who the frick knows what devs have decided to change in basic functionality.
>We have customers experience (sic) issues
You can look at IQfy for 10 seconds and figure that much out. If anything, they can only do serious damage in the medium and long term.
Funny because when you report a bug on any of these big corporation's bug trackers it sits there for 20 years without anyone fixing it.
Just like IQfy, reporting and feedback does nothing.
Honestly, what was the last time someone shit up a thread you were in and deserved to be banned? People that say this are always seething troons reporting people for racism.
I'm talking about entire threads that are full of people who shouldn't even be on the board.
yes it does, but it depends on the determination and resourcefulness of any given shitposter
reminder that webvtt is cursed and you probably don't want support for it in the first place
https://github.com/mpv-player/mpv/issues/7214#issuecomment-811678383
can't wait for this being exploited thanks to someone uploading the wrong video in shady sites
Christ, that's awful.
https://github.com/mpv-player/mpv/issues/7214#issuecomment-811719392
this is the worst idea for subtitling i have ever witnessed and whoever was involved in creating
these formats needs the gas chamber immediately.
>DOM, JS, CSS, HTML, and HTTP in subtitles
absolute state of webdevery
furthermore, WebVTT only allows URLs with a data scheme.
there is absolutely nothing insane about applying styling to all cues after/before a specific cue. implementing something like this is beyond easy.
>ASS, on the other hand, is basically just timed vectors with some transforms.
wrong
http://www.tcax.org/docs/ass-specs.htm
ASS can include text-encoded truetype font files and graphic files (images, audio and videos).
This is absolute bullshit. Once again mpv devs prove that they are useless pedos whose only skills are watching anime.
WebVTT is meant for use in connection with the HTML <track> element.
Programs that deal with HTML usually are able to handle CSS, so it makes sense to use it for WebVTT. Same goes for scripting with JS.
That being said, you don't have to support CSS/JS at all if you don't want to.
https://www.w3.org/TR/webvtt1/#conformance-classes
You can do some basic styling without CSS:
https://www.w3.org/TR/webvtt1/#caption-text
https://www.w3.org/TR/webvtt1/#default-classes
Don't get your post. You call mpv devs useless pedos, fair enough, then go on to 100% support their reasoning.
>WebVTT is meant for use in connection with the HTML <track> element.
>Programs that deal with HTML usually are able to handle CSS
Exactly why they don't want full support it in their non-HTML software
>That being said, you don't have to support CSS/JS at all if you don't want to.
If you look at the screenshots in the OP you will see that that is indeed what mpv currently does. The issue was about missing the additional "optional" styling
>ASS can include text-encoded truetype font files and graphic files (images, audio and videos).
All of which they already support anyway. (Dis)playing images/audio/videos is its main purpose after all and fonts are needed for text in the OSD. (More specifically the OSD is implemented by (ab)using the ASS renderer afaik)
If you look at the screenshots in the OP you will see that that mpv does not respect the position of the subtitle as defined in the vtt file. This has nothing to do with CSS, you do not need a CSS engine for this.
So this whole rant about muh DOM, JS scriptability (which is wrong, WebVTT is not scriptable) and CSS is completely misplaced.
If you read the bug they did not oppose some minimal subset of VTT being implemented. They just have no interest in doing that work themselves.
based non-nocoder BTFOing pedos
OSS maintainers are very often power tripping gays though, if Microsoft tried to push through their own patch or a fork they would be crying about being embraced-extended-extinguished instead
those volunteers can always ask for (arbitrarily valued) paid support :^)
Always good to have another reminder that OSS has been very effectively exploited by closed-source corpos. To have true FoSS we need a License that does not allow usage in any centrally controlled closed source/cloud tech corpo service. And we need people to stop trying to support F/oSS jsut to get a job in closed source/cloud tech.
And everyone will say no (despite not having a viable alternative)
This, everything should be licensed AGPL3-only at a MINIMUM
SSPL+Black person
running code on a remote server cannot be open source by definition, you can't know the code that is being run, so your comment makes no sense
furthermore corporations or any kind of organized entity can't exist without foss tools
releasing closed source software is the main problem
>running code on a remote server cannot be open source by definition, you can't know the code that is being run, so your comment makes no sense
Maybe this is why Stallman hasn't really pushed for the AGPL.
>releasing closed source software is the main problem
Not really, tho. Everything is on the cloud nowadays.
you are free to run your code on your server or a remote one. websites are just website, it displays information. it doesn't matter if you don't have the source code, you control the input.
excluding websites programs still need to be run on your machine.
>To have true FoSS we need a License that does not allow usage in any centrally controlled closed source/cloud tech corpo service
that's what the AGPL3 is for, while the GPL3 requires source access when you distribute binaries, the AGLP3 also requires source access when you provide only remote access to said software, rather than distributing binaries
Closed source/ open source is something that was important 20 years ago. But in the post-2010 world the important thing if it's a centrally controlled "cloud" service or not. For example: Microsoft it completely allowed by the GPL to sell access to linux-based servers, using their closed-source API, platform & interface.
Or facebook is allowed to use linux for all the hosting for their closed-source dystopian nightmare. "cloud" is many times worse than closed source that at least runs on your machine.
>open sores
This wouldn't have happened if you have listened to GNU/Stallman
Wait until the "local" AI chuds find out their python libraries have backdoors in them sending telemetry back home about your prompts.
I'm pretty confident the ai bros will consider this a feature
This is already integrated upstream in dependencies. All prompts are logged.
Well I guess the only real doujins profitable in the future will be e-girl and shota porn then.
Well done FBI.
You've made this happen.
https://github.com/Cyberes/automated-fbi-reporter
But that isn't illegal, so what is the point of reporting to the FBI. It's only illegal in the EU. Nice troll though.
Wait until israelites realise what hyperinflation really means and how cpus aren't edible.
another failed experiment in communism
tsk tsk tsk
>open sores
>communism
Pick one.
GNU and Free software is communism and it's based.
Open sores is literally being a cvck.
ffmpeg is FOSS
if anything this is good, shows how far the rot has gone inside big tech and how easy it is to dethrone them
behold oss:
>what do you mean the wheel is deflated? Ill get to it when I feel like it
>nooo dont reinvent the wheel!
>only I get to invent the wheel!
>>nooo dont reinvent the wheel!
>>only I get to invent the wheel!
who are you quoting
You fundamentally don't understand the dynamic. Teams is used by literally every fortune 500 company. If microshaft wanted to fix this problem, they could have devoted time or money or both to fix it. They didn't do either, but expect a community of unpaid volunteers to do it for free. This is like getting a good Samaritan to fix your flat tire, and then yell at them for not changing your oil.
>The xz fiasco has shown how a dependence on unpaid volunteers can cause major problems
every heard of WEBP?
you know, the thing that made all Androids, Web Browsers vulnerable for 9 years made by Google?
The trillion dollar corporation is free to pay some of its wagies to work on ffmpeg, and they can submit patches.
Not really a problem, now is it?
How do you suppose they'd be able to submit patches that are worthwhile when they don't even know how to use the software? See:
>the jeets are so incompetent they need to be spoonfed commands on how to use foss shit
why hasn't microshit collapsed already?
It showed a dependence on systemd can cause major problems.
right
>let's link this massive attack surface into sshd just to give it a dubious feature
brilliant idea
it also showed that the pressure for software projects to be "active" can cause major problems. this would have never happened if xz was considered finished.
but spelled right
Nobody asked to be a communist moron.
He fell for ~~*open source*~~ meme. It's literal Indian tier conscience.
Frick off shitskin ESL
THEY DID IT
FOR FREE
Honestly, they do it for the bullying aspect.
Didn't leftpad do that first and much more hilariously?
You were too young for heartbleed
What's the legal consequence going to be for "JiaT75"? Has some organizations yet requested github to disclose the information of the perpetrator?
Nothing at all. He's some rando colonel in best korea.
How about they fix Windows?
Clean it up, GPL/LGPL janny.
Frick you, pay me.
Was this kind of exploit even possible without systemd?
To backdoor SSHD? Without systemd it'd be much harder.
I really hate systemd mainly because it showed how easy it is to push giant piles of shit to lazy distro builders. This exploit is a wake-up call but unfortunately nobody is paying attention because it's being drowned out by smug arch buttholes who can't see the bigger issue.
Is there any effort to crowd fund general bug/exploit bounties? gayMAN sure as shit isn't going to fix things.
What would that prove that this exploit hasn't already proven?
Nothing? Do you know what a bug bounty is? I mean that there should be a community funded reward for catching issues like this to incentivize more people looking for backdoors and provide something slightly closer to a fair reward than nerd street cred.
Dude, all software has bugs. Giant blobs of code like systemd will have many, many, many bugs. It's also not a stationary target. More and more code is being added to this monstrosity, and it all has root privileges. Finding bugs in systemd is not going to make it secure.
Wtf are you talking about? Do you even write software?
Kek
Yes, and everything I said is the truth. The only solution is to shrink the amount of code that runs in privileged memory. systemd does the fricking opposite of that. You can't fix systemd, you can only replace it with something sane
You're right that systemD is fubar but a exploit bounty will still have positive effects. It will make more people look, making people realize how bad it is, The ones found will punish potterling for his bloat, and there's a slightly higher chance that someone that finds an exploit reports it instead of using it.
Again, what would that prove that this exploit hasn't already? Oh, well prove it again, only this time they'll listen! No, they won't. The only solution is to make a better alternative
Everything you said is completely unrelated to what I am proposing. If your original point is that getting off of systemd will fix all or most of these issues then you're moronic. I think it's justified at this point but there needs to be more corp-independent quality incentives regardless.
You're not even trying to understand what I'm saying despite my plain English.
ANY giant blob of software running in privileged memory (including those Intel firmware blobs) is going to leave you vulnerable. systemd isn't a problem because it's buggy. All software has bugs. systemd is a problem because it's a fricking monstrosity
Again, I don't disagree with any of that. It's beside my point entirely and nowhere near sufficient to prevent these kinds of attacks.
LOL, OK I'm done with you.
You never even began
With that sort of attitude, why do you use computing devices at all? You should go and hide under the bed-covers for the rest of your scared little life.
LOL what kind of take is this?
"I mean why even care about security you LUDDITE!" - lowest IQ poster in this thread
That's a LA-
>Mossad
I believe it
>Mossad
WHY IS /misc/ ALWAYS RIGHT????
IT'S **INFURIATING*
>These ADL's are connected to Bill Gates and other ADL's like him
I hate 'jeets so fricking much it's unreal.
>source: ramzpaul
>Indymedia
Didn't know these Black folk know how to use anything other than bad dragon sex toys.
oh, well if qarium says so
>Jews using malware to gaslight politicians and corporations into limiting free software
That makes a lot of sense.
No wonder why they're killing that traitor Stallman!
>israel/mossad/unit8123818238/companies contracted by the government already have plenty of malware attributed to them beyond almost any reasonable doubt
>some random turdie has to make shit up, and shoehorn in some whining about ukraine for good measure
why do they do this?
>be trillion dollar corpo
>get FREE support from seething neets
It's a twitter post thread where the OP pic is an image of the comment.
>FOSS is the way !!!
>NOOOOO BIG CORPO STOP TAKING ADVANTAGE OF FOSS AND PAY US !!!
We warned you that proprietary software was the only way for your labor to be valued.
You rejected it and now you're expected to work for free.
When we told you this was gonna happen, you called it anti-free software FUD.
Now, you get what you fricking deserve.
>xz has shown that accepting randos as maintainers can have bad consequences
>meanwhile, github:
How else can the CIA, FBI, Army, MS and Google get their foot in the door and sockpuppet projects?
holy based. I hope ffmpeg doesn't fix it.
also, how the frick are commercial entities using something like ffmpeg in the US? how autismal in compiling features do you have to be to make sure you don't have a build that violates some software patent?
there wasn't even a bug to fix, the jeet just didn't know how to use something
corporates should be required to pay any open source they use.
no the point of open source is to allow anyone else to contribute regardless of their financial backing or history
the actual problem is that these projects get subsumed into closed source mega-apps with dark branches that never get pushed upstream, ran by outsourced third-worlders that go into these volunteer projects expecting support like they're paying for a contract, which isn't the fricking case
"burnout" from lack of funding is real, but it's not nearly as widespread a problem as the above
didn't ask
they should be forced to pay
i don't think it will ever happen. for corporations it is much cheaper to hire thirdies to shill open source 7/24 than to pay for it, if they haven't already. we can only redpill a few developers like the tale of the starfish.
until all foss devs start doing the foss-hacktivism like node-ipc, detect code is used by MS/RHEL and just nuke their pc, suddenly all foss livraries need to be hard forked and MS and RHEL need to hire maintainers for every and each one of them, no more free lunch
>the actual problem is that these projects get subsumed into closed source mega-apps with dark branches that never get pushed upstream, ran by outsourced third-worlders that go into these volunteer projects expecting support like they're paying for a contract, which isn't the fricking case
Well, that's when the pajeets Get Told.
If you or anyone else want a thing done on your time schedule, better be prepared to pay to see it happen. You might get lucky and get away without paying, but getting anything reliably requires money. And not being an butthole.
>And not being an butthole.
So THAT'S why IQfy management and moderation can't form a good userbase! You reap what you sow, I suppose. Plant butthole seeds, get buttholes.
microsoft devs get paid and they can't even fix windows fricking loooooooooooooooool
Fix what?
>windows doesn't have bugs all day every day
holy frick you're an IDIOT
Fix the gigantic pile of steaming shit that is Windows.
I WILL NEVER FRICKING PAY FOR LINUX FRICK YOU I WILL BREAK PEOPLES FRICKING NOSES
so glad i didn't fall for certain bleeding-edge linux distro
>he does it for free
Don't worry, the copyleft licenses that FFMPEG uses made them a lot of money just from offering support and code.
This is why opensource software is made for cucks and GPL is a cuck license!
Hmmm... sweaty... thanks to the GPL Microsoft still made money out of software they only contributed six patches for in 4 years (since 2020) nor paid for its development, and even got free support from seething NEETs. That's not what being a cuck is like.
>go to sleep having only 1 (one) sponsor, a fellow Apache member for the utility under a permissive license you have been developing for free for years during your free time
>wake up
>Log4Shell happens
>now everybody wants to see you answering their support calls
>ALSO now you have 108 sponsors, among them Amazon Web Services
Now that the momentum is gone, he has 15 sponsors, which is 15 times more sponsors he had before the controversy.
No need to do that, my friend.
Seething NEETs already helped the trillion dollar corporation FOR FREE.
>problems Anonymous 04/02/24(Tue)21:40:13 No.9979
>this post was shilled by the mag 7
>embrace, extend, extinguish
microsoft dev just 'happens' to find crippling bug? yeah, right
Am I the only one with Jeet fatigue?
>The xz fiasco has shown how a dependence on unpaid volunteers can cause major problems
Thats absolute bullshit
Why doesn't Microsoft, a billion dollar corporation with some of the best talent in the industry, simply have a team of employees working on FOSS bug fixes?
They're not google.
And that's a good thing given how pervasive and destructive Rust shills have been to free software.
A trillion dollar worth corporation. Trillion. That's bigger than the worth of several nations.
Sorry, can't afford to pay actual programmers, though. Can only hire Indians who have no idea how to fix anything other than copy/pasting JS Electron shit from stack overflow and asking chatGPT to generate newer code
The White Engineer who caught the XZ backdoor was working on Postgres at Microsoft.
They hoarded those trillions by NOT paying programmers. Why pay for the cow when you can get the milk for free?
>BSD is the cuck lice-AAAAACK
Why is everyone saying the guy is indian?
He is from Tunisia and lives in Canada.
https://www.linkedin.com/in/zied-aouina-94b24318/
Microsoft nowadays outsource everything. Welcome to the age of MBA in front of development.
>Why is everyone saying the guy is indian?
the writing style, not that's in indian per-se, it could be one of many esl's, it's just that microsoft is well known to have many indians working there
>actively, blindly create problem
>try to blame everyone else for it
>still don't try to fix it to save themselves from the embarrassment of being wrong despite being ridiculed by everyone already
Dang, Microsoft got that Hiro/mod/janny mindset. Why are "tech minded" "people" like this?
linux is shit
>Trillion dollar corporations expect free and urgent support from volunteers
That's kinda bullshit, everyone is in agreement that this is an issue that needs to be fixed quickly, that doesn't suddenly become the result of corporate greed abusing open source volunteers because MS stated the obvious here that a fix is high priority.
ITT morons that blame an OS for a single piece of software
IQfy is all little kids who are pedos that should be gassed in auschwitz
Considering the OS is owned by one of the largest and most powerful companies to ever exist, the arguments seem legit.
>linux is owned by a company
yeah? which company would that be, can't wait to hear. can't wait to laugh