he/him/his, cis, gay, husband, Beagle chew-toy, JavaScript jockey, Rustacean

  • 31 Posts
  • 20 Comments
Joined 1Y ago
cake
Cake day: Apr 06, 2021

help-circle
rss

Garage leverages the theory of distributed systems, and in particular Conflict-free Replicated Data Types (CRDTs in short), a set of mathematical tools that help us write distributed software that runs faster, by avoiding some kinds of unnecessary chit-chat between servers.

Huh, “avoiding some kinds of unnecessary chit-chat” is the weirdest benefit of CRDTs to mention here (and I’m not sure it actually is a benefit)

I would have pointed out that they help multiple devices safely synchronise copies of data, or something 🤷

The word “efficient” doesn’t even appear in the main part of the Wikipedia page (just once in the footnotes): https://en.wikipedia.org/wiki/Conflict-free_replicated_data_type


If the USA and it’s allies were truly enthusiastic about human rights and democracy, then they should find out how much a company saves by having supply chains with worse human rights protections, and tax them some portion (I’d say at least half) of that saving

To encourage them to employ more expensive staff in countries with decent democracy and human rights laws

(And encourage other countries to transition to better human rights frameworks)


I wonder if the monitor for an output/sink is enabled as an input/source? Using a pulseaudio control panel like pavucontrol might show you more information? Most distributions provide pulseaudio/pipewire as a useful layer on top of ALSA, so pure-ALSA tools like alsamixer might not be showing you the whole picture


Might be worth trying a bunch of different live USBs to find a distribution with a working sound setup, and then seeing what it’s doing differently compared to Zorin


Really odd that it doesn’t use the recommended credential storage APIs on Windows at least



> Imagine being a preteen or young teenager in Borneo 31,000 years ago. Your small community survives by hunting and foraging in the mountainous, cave-riddled tropical forests. And then it happens: You get an injury so severe that cutting off your leg offers the only chance of saving your life. Most likely, something has cut off circulation to your lower leg, some of the tissue is now smelly and gangrenous, and it’s spreading fast. What’s your prognosis? > >Based on Tebo 1, that situation was less dire than you might expect, although it almost certainly wasn't easy. > >For one thing, the severed leg bones show no signs of inflammation, which means that if Tebo 1 suffered any infection after the amputation, it wasn’t serious enough to reach the bone. Without antibiotics, infection is a major threat; most of the casualties in American Civil War field hospitals died of infection, not of their actual injuries. > >The fact that Tebo 1 apparently didn’t face serious infection suggests that whoever performed the amputation understood how to keep the wound, the surgical tools, and their hands clean and understood that they needed to do so (which puts 31,000-year-old hunter-gatherers ahead of European and American surgeons just a century ago). It also suggests that someone took very good care of Tebo 1 after the operation.
fedilink

Anyone who thinks it’s actually because of silly things like “not wanting to be associated with such a disgusting, festering cesspool of a site” is naïve.

Not sure where you got this from, this didn’t seem to be in the CloudFlare blog post anywhere


> The new type of USB4 will continue the USB-IF's questionable naming scheme that only its members and a thumbtack-and-string-covered corkboard can truly appreciate. When it's all said and done, it seems you'll be able to find USB-C ports that are USB4 Version 2.0, USB4 Version 1.0, USB 3.2 Gen 2x2, USB 3.2 Gen 2, USB 3.2 Gen 1, or USB 2.0, plus some will opt for Intel Thunderbolt certification. And in the case of USB4 Version 1.0, you'll still need more information to know if the port supports the spec's max potential speed of 40Gbps. **screaming intensifies**
fedilink

> - “The age problem”: Young people aren’t using Facebook at all and are using Instagram less, but the success of both platforms as advertising revenue bonanzas is predicated on usage by the youth demographic. > - “The innovation problem”: Facebook hasn’t invented a new hit since the blue app itself and its other successes were all acquired. > - “The metaverse problem”: They’re betting the company on AR/VR, but it remains to be seen whether that’s going to be a big thing. > - “The antitrust problem”: No summary necessary. I really hope Meta/Facebook/Zuckerberg runs out of money and goes away forever
fedilink

In theory, a government is democratically-elected, and courts are democratically-controlled, so isn’t a corporation obeying laws and courts exactly what we want here?

I’m not sure we can expect them to go above and beyond what is legal, no matter how much we might wish them to do so, they simply wouldn’t exist for very long otherwise

We hated them (and they hated it, too) when they extra-judiciously blocked traffic they didn’t agree with in the past, so surely requiring laws/courts to do so in future is better?


Seems like Cloudflare have come up with other ways to avoid blocking content they disagree with:

For instance, when a site that opposed LGBTQ+ rights signed up for a paid version of DDoS mitigation service we worked with our Proudflare employee resource group to identify an organization that supported LGBTQ+ rights and donate 100 percent of the fees for our services to them. We don’t and won’t talk about these efforts publicly because we don’t do them for marketing purposes; we do them because they are aligned with what we believe is morally correct.


> Just as the telephone company doesn't terminate your line if you say awful, racist, bigoted things, we have concluded in consultation with politicians, policy makers, and experts that turning off security services because we think what you publish is despicable is the wrong policy. To be clear, just because we did it in a limited set of cases before doesn’t mean we were right when we did. Or that we will ever do it again.
fedilink

> Japan's newly appointed Minister of Digital Affairs, Taro Kono, has declared war on the floppy disk and other forms of obsolete media, which the government still requires as a submission medium for around 1,900 types of business applications and other forms. The goal is to modernize the procedures by moving the information submission process online.
fedilink

A review of postmarketOS on the Xiaomi Poco F1
> On the whole, I would rate the Poco F1’s bull**** level as follows: > - Initial setup: miserable > - Ongoing problems: minor
fedilink

> Google has a right to decide which users it wants to host. But it was Google’s incorrect algorithms, and Google’s failed human review process, which caused innocent people to be investigated by the police in these cases. It was also Google’s choice to destroy without warning and without due process these fathers’ email accounts, videos, photos, and in one case, telephone service. The consequences of the company’s error are not trivial.
fedilink

> Google has a right to decide which users it wants to host. But it was Google’s incorrect algorithms, and Google’s failed human review process, which caused innocent people to be investigated by the police in these cases. It was also Google’s choice to destroy without warning and without due process these fathers’ email accounts, videos, photos, and in one case, telephone service. The consequences of the company’s error are not trivial.
fedilink

> The reasons for NOT tracking are myriad: First, you’ll engender goodwill with your supporters. Second, you may not imagine your organization to be the likely target of ransomware or of a data breach, but the less data you collect, and the less you share with outside organizations or companies, the less likely that your supporters will be affected. Third, data privacy laws vary across regions, and we are in a time of rapid change with respect to those laws. Minimizing data collection and retention can help ensure you’re complying with those laws.
fedilink

> It sounds like something out of an urban legend: Some Windows XP-era laptops using 5400 RPM spinning hard drives can allegedly be forced to crash when exposed to Janet Jackson's 1989 hit "Rhythm Nation." > >But Microsoft Software Engineer Raymond Chen stands by the story in a blog post published earlier this week, and the vulnerability has been issued an official CVE ID by The Mitre Corporation, lending it more credibility.
fedilink

> It sounds like something out of an urban legend: Some Windows XP-era laptops using 5400 RPM spinning hard drives can allegedly be forced to crash when exposed to Janet Jackson's 1989 hit "Rhythm Nation." > >But Microsoft Software Engineer Raymond Chen stands by the story in a blog post published earlier this week, and the vulnerability has been issued an official CVE ID by The Mitre Corporation, lending it more credibility.
fedilink

> Australian police last month arrested the man, now 24, and identified at least 201 of his Australian customers, in an investigation that began in 2017 and involved a dozen law enforcement agencies in Europe and Australia, and information provided by Palo Alto Networks and the FBI. The case underscores the sheer scope of the market for stalkerware—the app, costing just $35, was sold for seven years before law enforcement shut it down. Tens of thousands of victims were spied on, police said. Its customers included domestic violence perpetrators and even a child sex offender.
fedilink

> Australian police last month arrested the man, now 24, and identified at least 201 of his Australian customers, in an investigation that began in 2017 and involved a dozen law enforcement agencies in Europe and Australia, and information provided by Palo Alto Networks and the FBI. The case underscores the sheer scope of the market for stalkerware—the app, costing just $35, was sold for seven years before law enforcement shut it down. Tens of thousands of victims were spied on, police said. Its customers included domestic violence perpetrators and even a child sex offender.
fedilink

Perhaps what we could do is have a preference that is like Firefox’s privacy settings (standard versus strict), as a way for the user to tell NetworkManager their risk-appetite and which set of default behaviours is more appropriate?

It would be even better if this was a system-wide


> As with Colossal's mammoth plans, TIGRR intends to obtain thylacine genomes, identify key differences between that genome and related lineages (mostly quolls), and then edit those differences into marsupial stem cells, which would then be used for IVF. It, too, faces some significant hurdles, in that nobody has made marsupial stem cells yet, nor has anyone cloned a marsupial—two things that have at least been done in placental mammals (though not pachyderms).
fedilink

> Regulators must take more effective voluntary actions against harmful content and adopt moderation frameworks that are consistent with human rights to make the internet free and limit the power of government agencies in flagging and removing potentially illegal content.
fedilink

Look, everything here is a good suggestion for someone who knows what they are doing, but all of them have the potential to have some impact on the user experience in a variety of negative ways


MAC addresses should be randomised by default, but only when scanning and when connecting to untrusted networks, but how do we know that a network is untrusted? Many newer open networks (e.g. at restaurants, resorts, hotels, parks, etc) use a WPA2-PSK instead of an unencrypted captive portal, so it’s not true that a WPA2-PSK means a network is trustworthy

So, we’d have to prompt the user to ask them, but now we need to explain the risks and why they should care, and we now also need to help inform the user and offer to reverse this choice if it’s not compatible with the network they really want to join


The UX for dealing with all of these suggestions becomes complicated pretty quickly

A privacy-minded person will appreciate the extra knowledge of what their system is doing, but someone trying to switch from Windows or macOS is probably going to be confused unless developers spend a huge amount of time considering every possibility (spoiler: many won’t)



Alternative title: please make it impossible to get normal people to like Linux


I dearly wish Google would switch back to contextual advertising, and then add proper tracking protection to Android and Chrome out-of-the-box

It’s frustrating knowing there are talented security-minded and privacy-minded folks at Google who aren’t allowed to ship any code that would jeopardise the money tree


> In my spitball theory here — which I think Heer shares — App Tracking Transparency is not the cause of Facebook’s troubles, but just an extra kick in the pants as they stumble downhill toward legacy media irrelevance — a decline that was in the making years before “Ask App Not to Track” was in our vernacular.
fedilink



Hypothetical: Apple's "Find My" network as a proper mesh network used as an alternative to cellular/ISP networks
Probably not an original thought, but I'm just thinking about how Apple originally wanted nothing to do with cell carriers and for the iPhone to use WiFi instead, and how 15 years later we have Apple's "Find My" network It would be neat if e.g. iMessage (starting with text-only messages) worked peer-to-peer via this decentralized mesh network, only using carrier/ISP networks as a fallback And it'd be even better, of course, if such a mesh network was as broadly-deployed and yet operated by a community of individuals/volunteers, on hardware of their choosing (e.g. cheap single-board computers instead of Apple iDevices) It reminds me of the zero-trust mesh networks that are described in science fiction like [Cory Doctorow's "Walkaway"](https://bookwyrm.social/book/137722/s/walkaway)
fedilink

PGPP | What Is Pretty Good Phone Privacy?
Fascinating service, just wish I was in one of the available countries
fedilink

PGPP | What Is Pretty Good Phone Privacy?
Fascinating service, just wish I was in one of the available countries
fedilink

https://twitter.com/gitlab/status/1555325376687226883

We discussed internally what to do with inactive repositories. We reached a decision to move unused repos to object storage. Once implemented, they will still be accessible but take a bit longer to access after a long period of inactivity.


About the only thing we can really do about Microsoft is to stop using Windows/Office/Azure, stop buying computers that are preloaded with Windows/Office, stop buying and playing Xbox, etc

Stop directly giving money to any company that we cannot trust

If we don’t do these things, then Microsoft will continue to have the power to do things, and we’ll only have ourselves to blame


UEFI Secure Boot ended up being a pretty good example of how to do cryptographic requirements well: require signatures, but allow the owner of the hardware to use their own keys


Helping to standardise a global dark mode preference is nice


I exclusively run web browsers in flatpak

I love that no firefox or chromium process has access to e.g. ~/.ssh or /etc or any number of other things a web browser has no business accessing

It’s not feasible to read the source code for every application I run now, so anything that makes sandboxing convenient and simple is very much appreciated