I have more important things to do than to lobby the government to send a tax bill.
Why would the CEO be dumb enough to say this in an interview? If your business model is fucking people, your CEO has to have a cool head when asked if he’s fucking people!
Did we read the same article? DNS-01 challenges require updates to DNS. This means you need an API for your DNS. This means you now have to worry about DNS permissions in your application cert workflow. We’ve just massively increased blast radius! Or you could do it manually but that’s already failed.
All of this is straightforward with infrastructure-as-code. While I don’t struggle with that, I’ve watched devs and sysadmins both stare blankly at this kind of thing for days at a time.
If you’re using any work-related anything to post “anonymously” or talk to journalists, don’t. That Blind redirection is chilling yet it’s well within the capabilities of employers. The right way to talk to journalists like 404 is to find their anonymous contact details eg Signal using your own internet connection and your own device. Work computers can be monitored. Traffic on work computers or work VPNs can be monitored. Company email usage can be monitored. Company phone usage can be monitored. You don’t need to be incredibly private with a VPN over tor and anonymous services; you just need to not use company resources. Whether or not this should be legal is a different story; you just gotta know you have fuck all for privacy on company resources.
I’ve only heard of Blind in passing; that corp email makes it too close to Glassdoor for comfort and it’s very clearly not private with that requirement.
Mullenweg is an original WP dev along with Mike Little. He’s fucking batshit and completely in the wrong but he did create the FOSS.
AWS makes this impossible in a few places such as a fair number of ACM use-cases.
I think your cert-per-session idea is interesting. We’d need significant throughput and processing boosts to make that happen, probably at least on the order of 10X computing speeds and 10X transmission speeds across the board minimum. These operations are computationally intense and add data to the wire so, for example, a simple Lemmy server with hundreds of users slows to a crawl and a larger site eg Mastodon goes to dialup speeds or worse. You can test at home by trying to generate an x509 self-signed cert before connecting to a website every time.
I read the Wires article for the first time just now to try and understand this article. I don’t really think it attacks SimpleX at all. I think it states the fact that nazis have moved to the platform, the fact that SimpleX is a very private platform, the fact that SimpleX claims to prevent extremist content and growth, the fact that extremist content is being spread and growing, and the fact that SimpleX is unaware of claims. As someone who has been following this discourse for decades, this is the kind of thing that gets published. There is a balance between privacy and extremism. Privacy-focused individuals like myself will always focus on the privacy provided there are tools to combat the extremism (where applicable).
I feel like SimpleX is being defensive because their claims are not panning out. Their response calls out all of the things I feel were said in support of them while ignoring the actual critiques of their system. Not adding a backdoor? Great! That’s law and smart! Supporting groups of over a thousand posting extremist content?
We never designed groups to be usable for more than 50 users and we’ve been really surprised to see them growing to the current sizes despite limited usability and performance
SimpleX will remove such content if it is discovered. Much of the content that these terrorist groups have shared on Telegram—and are already resharing on SimpleX—has been deemed illegal in the UK, Canada, and Europe.
This is the stuff that needs response, not the privacy stuff Gilbert is arguably a fan of.
I catch a lot of shit for my distaste of GPL. I don’t think I should be able to tell you what you can and can’t do with my source code. I’ve released it into the wild. If I put caveats on it it’s not really free.
Anyone in tech who knowingly works for Google supports these things in the same way that anyone that works in tech who knowingly works for Meta support genocide and the erosion of the democratic process. I give the caveat “in tech” because there are some roles like content moderation or executive assistant where you really don’t have the luxury of a huge market working almost anywhere else that doesn’t support genocide and I don’t fault those faults for taking a job that has better benefits. My engineering peers? I judge them for it.
The Security Online article only cites Margitelli’s post on the matter. My assumption has been the article used the post as its single source. On one hand, watching MS fuck shit up for years, I want to believe Margitelli. On the other hand, researchers using weird tools and uninterested in reality are why curl is now a CNA.
I’m personally frustrated with Margitelli’s post because it’s all about abandoning responsible disclosure globally rather than naming and shaming (Canonical? Red Hat? Both? Others? If it affects all GNU/Linux I’d expect every single distro maintainer to be named and shamed). Responsible disclosure is our best solution to make sure innocent bystanders don’t get caught in the crossfire. When specific entities don’t abide by responsible disclosure we lambast those specific entities not the entire process built to keep users safe.
This is complicated to unravel and has lots of similarities to the Tri-State Crematory Scandal.
Who owns a dead body? Does the state? Does the family? Take religion out of the picture for a few minutes as well so we can properly separate church and state. Someone dies without (available at that moment) relatives or a will defining what happens with the body. Alternatively someone dies and has not actually paid for the stuff stipulated in their will and does not have the resources to do so. What should happen? Something possibly like, in order,
Dead bodies can’t just sit around. They can cause serious health and environmental problems if not properly disposed of, so something has to be done. Remember, we’ve set aside religion, so a dead body is literally just a resource. It can be turned into cremains, it can be buried, or it can be sold for various uses. What should the state regulate here? What’s wrong with the state turning a dead body into some money? How much responsibility do families have in respecting last wishes? How much time and effort should the state put into investigating those? Do dead bodies really matter? How much land are we willing to turn over to cemeteries today? In ten years? In one hundred years?
Now if you bore with me this long and agree that dead bodies can be sold, I also strongly feel like there should be compensation to these families with interest for that shit. If you steal my resources and don’t tell me, the state already requires repayment. That’s what should happen here. It gets murkier once you add religion back in because you can’t really undo a lot of these things.
Dallas County is doing something wrong. But it’s way more complicated underneath the hood than normal Texas government shenanigans.
Boeing execs said they held nothing back. The union members took that to be threatening. I genuinely wonder how much profit was actually reserved and how much executive comp is still available to drop into the pool. To me, “holding nothing back” means the company genuinely cannot to fund anything else without going into the red. Holding nothing back means fat was cut, executive pay was reduced, and shareholders understand their dividends are gone because the people that make them money need to get some too. Holding nothing back means some rainy day assets are sold and corporate, non-union members experience some austerity (granted you have to remain competitive so as to not lose your value creators so you can’t cut everything or they’d leave; executives are almost never value creators so they can have austerity measures). Holding nothing back means jobs could be cut if more hardship appears.
Something tells me Boeing was holding stuff back with that offer. It could be all the deferred stock executives have or the lack of shareholder expectation management. Not sure! We’ll never know.
You’ve turned this into a catch 22. If there were no female characters, you could argue that’s sexist. If the idiotic boss was female, you could argue all of the dumb characters are female so that’s sexist. If Jarod were the only female, that would be sexist.
How does this sketch get rewritten in such a way that it is not casually sexist?
That’s fair! I agree with that.
Neither wins here. I cannot tell you how many libraries I have had to replace because FOSS devs move on. It’s probably greater than the number of products I’ve had to abandon for lack of support but I’m not sure what that is at a percentage level. In the DevOps world everything burns constantly, paid and free.
It’s very misleading to say “paying for software is stupid” and not consider the total cost of ownership. TCO includes things like infrastructure and maintenance. As an exec, I am constantly faced with two choices: free software that might do what I want or paid software that sort of does what I want. At face value, you would immediately tell me to get the free stuff. That’s where you miss TCO.
(Read the last paragraph if you think the business lens is bullshit)
Every FOSS solution I run requires me to deploy and maintain it. I only have so many hours in the day so at some threshold I have to hire more and more people to deploy and maintain. Integrating? That’s on me too because I’m using free software so now I need a resource to glue things together. My “free” option actually costs a portion of my engineering resources. I’m also on the hook for failures. Running my own ERP? I need to have support staff on-call to handle outages.
Every paid solution I run costs can require some of those things. Let’s ignore paid licenses and just focus on things I can completely outsource. This means I’m no longer on the hook for deployment and maintenance, so if I can show the cost of the paid software is less than my TCO, it’s a better deal. If I have a good relationship with the vendor, I might be able to delegate my integration needs to their product pipeline. I might be able to purchase a support contract that’s cheaper than running my own.
At some point every company will outgrow certain software. It’s a constant reevaluation of the costs of paid vs TCO of free and when I need to spend resources making it do something it doesn’t. A managed telemetry stack like Sumo or New Relic allows me to scale quickly but cheaply until I have the revenue to build an in-house team to instrument fucking everything.
The exact same logic applies to my time. I could run free everything. That comes with a higher TCO (usually). I say this as someone who has rebuilt dot files repos on the dot every three years and been running Linux since you could get it in a book at B Dalton at the indoor shopping mall so my tolerance for personal TCO is very high. However, I don’t change my own oil. It’s free! I could do it myself! I don’t want to. I buy certain things, like software, in my personal life because the TCO of FOSS is higher than I want to pay. I have outgrown Windows and Mac so I have some level required cost in Linux. I pay for some things like storage and routing solutions even though I could build and deploy and maintain all of that myself. Sometimes I just want my shit to work and not have to do it myself.
The reason to use mono over dotnet is political. This is stirring up some really old shit; I expect a continuation of that shit now. Mono is currently MIT as is dotnet core. Who knows what direction each project will go now? MS has a history of fucking with licenses and Wine uses copyleft setups.
Microsoft has had dotnet-core for awhile. If you are running production dotnet loads (eg a C# app), you’ve probably been using those Linux containers for awhile. This doesn’t surprise me; they usually aren’t interested in maintaining an open version of software they have more restrictive licenses for. Enterprises will continue to use dotnet-core and Microsoft will probably do something to shoot mono in the foot in a few years.
Let’s assume you’re arguing in good faith here so we can understand why land deeds and URLs are completely different.
Deeds are managed by a central authority. There is an agreed-upon way(s) to view and search those deeds. There is a single authority to update or remove deeds. The items the deed refers to also are controlled by a single authority and changing them has a single process.
URLs are registered (loosely) with a central authority but the similarities end there. I can impersonate a URL on a network (even up to large chunks of the internet if I’m able to confuse DNS in a large enough attack). So just because you’ve bought the domain referenced in the blockchain and set up some name servers doesn’t mean any consumer of the blockchain or even the internet is guaranteed to hit your instance of the domain. All a URL is is a reference to something so let’s assume for a minute we can have a global reference. What’s behind it? Again, completely uncontrolled. For now it could be your NFT; what happens if I am your hosting provider and destroy your instance? Move your hardware? What’s to prevent you, the owner of the assumed global reference, to change what that uniform resource locator is actually locating?
Land deeds and URLs are not analogous. Land and the content served at a URL are not analogous. Let’s look at NFTs quickly to see if we can actually do something about this!
Since we have a single-write, read-only database, why not store the full thing in the DB? Well, first you have to agree on a representation. It has to be unchanging so we can’t use a URL. It can’t ever duplicate so realistically hashing is out (unless our hash provides a bijection which is just a fancy way of saying use the fucking object itself). Assuming we’re only talking about digital artifacts (attempting to digitize a physical asset is a form of hashing meaning we get collisions so you can’t prove ownership), we’re now in an arms race for you to register all of your assets and their serialization methods before I brute force everything. Oh and this needs to live everywhere so it can be public so you need peta-many petabyte drives. But wait! Now we’re burning the sun in power just to show you have ownership of 10 and I have ownership of 01. Fuck me that’s dumb.
That’s not how that works.
What the actual fuck? Reddit, Facebook, TikTok, Instagram, and Snapchat are mass social media platforms. Bluesky is as well because it’s sure as fuck not federated. There has always been a crew of people that only use one platform vs another going all the way back to BBSs. The headline isn’t supported because we’re not going back to the forum days, leaving mass social media behind, and the article just describes the MySpace vs Facebook vs Friendster conflict oh wait the Facebook vs Instagram vs Twitter conflict oh wait the Instagram vs Snapchat vs Vine conflict oh wait the Reddit vs Facebook vs X conflict oh wait… As someone that was never much on Twitter and who yelled at lots of people who kept supporting fascism during the X transition, I feel like journalists really overindex on people that use Twitter.