thesmokingman

@thesmokingman@programming.dev

This profile is from a federated server and may be incomplete. For a complete list of posts, browse on the original instance.

thesmokingman ,

I don’t know if I’d say “inherently hopeful.” Sturgeon’s approach to science fiction was “ask the next question” which is sometimes not so hopeful. I do think a lot of golden age and even new wave (which Ellison defined) is very hopeful. I think genres like cyberpunk and more modern interpretations of dystopian science fiction explore less hopeful situations. You also have stuff like “The Heat Death of the Universe” by Pamela Zoline which could be evaluated from many perspectives on hope.

thesmokingman ,

It’s a really powerful story and shows up a lot in SF academia. I was introduced to through Dr James Gunn’s histories.

Is it possible to "manage up" on customer expectations? Or am I doomed to unreasonable SLAs? (Database as a Service Company)

I'm just so exhausted these days. We have formal SLA's, but its not like they're ever followed. After all, Customer X needs to be notified within 5 minutes of any anomalous events in their cluster, and Customer Y is our biggest customer, so we give them the white glove treatment....

thesmokingman ,

Your on-call experience is not the norm. That alone should cause you to seek another position. Experienced SREs are always in high demand. Find a place that isn’t abusing your off-hours.

In general, if my on-call engine are paged outside of business hours, I do not expect them to come in on time the next day and we’re having a postmortem ASAP. If we can’t fix the page, we’re evaluating the page’s necessity. It’s either something we can fix, something we can’t fix and don’t care about because we can’t fix it so we’re going to kill the alarm that causes the page, or ephemeral enough that we don’t think it’s worth the time chasing down. My team’s off-hours are not to be abused by stakeholders not giving us the resources we need to resolve issues and I will back that hard. In your case, you need more money and your company needs to either devote the serious resources in R&D to fix this shit, pass on the support cost to the customer at such a high level it’s actually painful for them making them get off the fucking pot, or both. For example, if a contract will affect my team’s off-hours and they’re making a bullshit alarm, they will will pay us a huge amount of money for that support. Usually the contract gets signed because stakeholders are dumb and then the first fucking time that fee hits that stupid alarm gets redlined out because financial stakeholders are smarter.

thesmokingman ,

I feel like there’s a growing understanding that the economy has nothing to do with the majority of our lives. For example, recession indicators, at least in the US, don’t include cost of living and inflation. Low employment doesn’t mean shit to me if the price of groceries grows faster than my salary. Large numbers of open jobs doesn’t mean shit to me if employers can justify lower wages because the market is flooded from layoffs. A high salary across the board doesn’t mean shit to me if I can’t afford a house on the wage, forcing me to dump increasingly larger portions of my pay on renting an asset I can never own.

thesmokingman ,

They’re mislabeling the license too. CC BY-NC-SA 4.0 has nothing to do with “anti-commercial-AI.” It provides some terms for using content and, in theory if OP is willing to take someone to court, should provide some basis if the license is being abused. Until there’s actual precedence, though, it’s debatable whether or not sucking up CC BY-NC-SA 4.0 content is a breach of the license. For it to actually matter, someone needs to demonstrably prove 1) CC BY-NC-SA 4.0 content was sucked up by AI, 2) it was their content and it was licensed at the time, 3) the terms of the license were violated, and 4) other legal shit that will pop up during the course of the litigation. “Someone” has to be someone with deep fucking pockets willing to go the distance in many international jurisdictions.

thesmokingman ,

I feel like a better analogy is someone who signs their text messages which is a more recent problem than people with obnoxiously long forum signatures.

thesmokingman ,

Calling a license by anything other than its name and stated purpose is something I’d dare to call mislabeling. If CC BY-NC-SA 4.0 decides to add “anti-commercial-AI” then and only then is it not mislabeling. That’s like me calling the US copyrights of the books sitting next to me “anti-bitfucker” licenses. They have nothing to do with you at this point in time so it is misleading for me to claim otherwise.

While you are correct that lemmy itself does not add a license and many instances do not add a license, it’s not as simple as “the user notifies [you] must abides by [their] licenses.” Jurisdiction matters. The Fediverse host content is pulled from matters. Other myriad factors matter. As you correctly pointed out, there is no precedence for any of this so as I pointed out unless you’re willing to go to court and can prove damages it is actually useless.

thesmokingman ,

That’s fair. I don’t disagree with licensing comments necessarily. I think users doing it to provide the basis for a legal argument is fine. I think my pushback comes from my lack of trust in any of these users actually acting on their license which could be construed as victim-shaming. I’m hung up on the follow-through which careful analysis like yours really highlights.

thesmokingman ,

You need pictures to really understand this.

Tap for spoiler

an article explaining this with lots of spider pictures

thesmokingman ,

The lede is in paragraph four. What the fuck. Why did I have to read three meaningless paragraphs to get to the headline.

thesmokingman ,

I really struggle with the justification present in the article. “I need to emulate to do my job as an academic” is pretty hollow. “I want to emulate because I want to learn” is the real reason and, as an academic myself, I don’t feel like there’s a higher ground that gives me access to literally anything I want just because I want to learn.

If the argument was “the copyright system is fucked and knowledge needs to be more open” I would be 100% behind that. I feel that way. I just don’t think someone should get to say “show me your secrets because I’ve arbitrarily decided to make my next publication about your secrets.”

thesmokingman ,

Users aren’t responsible for the plethora of security issues Microsoft regularly releases.

thesmokingman ,

A problem so common it has an official page

thesmokingman ,

Note that this was a comedian

thesmokingman ,

MFA for Smart Home devices is a really good idea given the security problems they present. You’re not locking each thermostat adjustment, you’re locking the ability to log in on a device to adjust the thermostat.

thesmokingman ,

I wasn’t aware you could use a Nest without an account. If that’s possible, absolutely no need for MFA. If you use a throwaway account and don’t connect the device to a network, then there’s no reason to pay the premium for the device.

Whether or not the device is connected to a network has little bearing on securing the account. Usually you’re getting a smart thermostat to control it remotely or for a savings program with your power company which requires at least the account be connected. You don’t want that to be exposed ergo you want MFA.

thesmokingman ,

Didn’t get a chance to watch the full video so I don’t know if they cover this. Existing internet service providers, mostly the infrastructure holders like cable companies, actively lobby against efforts like this and have been able to make many local internet initiatives illegal. Here is a good primer on the topic.

thesmokingman ,

I was Die Antwoord enjoyer until recently when I learned all the recent controversies they’ve been stirring up since at least 2013. It’s worth researching if you’re still riding off that old 2008 MySpace/OG Website high like I was.

thesmokingman ,

This is incorrect. There is not a one-to-one and onto mapping from the natural numbers to the real numbers ergo the sets have a different size. We have defined words to describe this. We can put uncountably many copies of the natural numbers inside of the real numbers so there are arguably infinitely more reals than naturals.

Granted you have to accept the axiom of choice for any of this.

thesmokingman ,

That does not make one set more infinite than the other. You cannot be more unending than to literally have no end.

Your use of language is incorrect. But, since you’re clearly the only published expert with any experience in this topic on the internet, it’s really not worth pointing out that we fall on two sides of the standard axiom of choice debate since you already knew that. Have fun!

thesmokingman ,

I think the Medium article is bullshit. It doesn’t provide anything more than the Wikipedia for its sources and all Wikipedia says is what you quoted. Direct organization funding by the CIA does not mean an employee is a CIA agent. Lots of DARPA projects that we use for radical things were made by radicals that vehemently opposed everything but government grants (many others were either agents or supporter; Surveillance Valley is a great read).

She’s totally a fucking stooge though. There’s no fucking way you say that about the CIA then (or in hindsight about then when she wrote her biography given all the other things that came out since then) without being a fucking stooge. I don’t think we can conclude anything more than that without more context, which I’ve yet to find.

thesmokingman ,

If the owners knowingly aided spearphishing and other business email compromise laundering, that’s not cool. That has nothing to do with any surveillance laws, either. Assuming there is evidence that proves this, then they should go down. If the evidence is just “yeaaaaahhhh they knew what it was used for,” that’s bullshit and falls into your complaint. Based on similar prosecutions, the feds wait to prosecute this stuff until they have actual evidence that shows the defendants knew they were directly supporting crime (assuming we’re not talking trumped-up narcoterrorism charges). As a security professional this narrow band, assuming all of my assumptions are true, is legit and should be prosecuted. You should not enable spearphishing and ransomware because that makes lots of problems.

If my assumptions don’t pan out, ie there is no direct evidence linking them to that narrow band, sure, it’s a shitty prosecution.

thesmokingman ,

This doesn’t appear to cover the cost of the electricity it would take to keep your stuff running. There is no way to pay anything out at all. Seems like a pretty straightforward pump-and-dump where the end users are collecting imaginary points while some company abuses their resources. Every blog and Reddit post I looked at to try to understand this was full of referral links. Equally classic sign of pump-and-dump pyramid scheme.

thesmokingman ,

I am so happy to have contributed to The Northern Boys winning. Kev deserves this.

thesmokingman ,

Based on my experience when I was still buying Domino’s, these emails that you can’t opt out of aren’t even ads. “Status of your account and points total” is what it says on the tin. It’s not promotional offers or spam, it’s information pertinent to your account meaning it’s rare.

This might have changed in the years since I stopped using Domino’s so YMMV.

thesmokingman ,

42, 47, and 50 all make sense to me. What’s the significance of 37, 57, and 73?

thesmokingman ,

See my link for 47. Its Wikipedia has more context. If you’re a Star Trek fan, you’ve seen it a ton.

thesmokingman ,

Jack Welch might not be the first; he’s certainly one of the biggest behind this trend. He’s also usually the one people cite for this. Mass layoffs are a huge part of moving “value” around the economy in ways that got huge in the late 70s and early 80s. The only people to see that “value” are the people who aren’t affected by layoffs.

thesmokingman ,

wat

https://programming.dev/pictrs/image/dbac1147-212a-4aef-884b-735849e3d93c.png

otl , to Privacy
@otl@hachyderm.io avatar

Finally deleted my LinkedIn account!

After putting my account into "hibernation" for the past few weeks, I finally closed it. But I'm still looking for work. Thankfully I can still find positions (SRE and software dev) by just going directly to the company's site and finding a Jobs page.

Good luck to everyone else out there looking for work!

@privacy

thesmokingman ,

This is how I use it. I’ve found a couple of jobs on LinkedIn. I’m currently happy at my job and not interested in dealing with passive searching so I check in maybe once a week to see visitors. Otherwise I don’t touch it at all.

thesmokingman , (edited )

You really shouldn’t apply a CC license to code. Someone who does that after saying what the dev said about not forking their open source code has no fucking clue what they’re talking about and is either about to spiral out or build something really dumb (or both).

Edit: yeah the dev seems pretty delusional

https://programming.dev/pictrs/image/9ec42025-3096-452e-a21e-48a7a44698f7.png

thesmokingman , (edited )

There were forks that wanted to hide the fact that they were Floorp forks, forks that did not want to contribute to Floorp at all, forks that used the code for life and just changed the name of Floorp, and many other forks were born.

There are three visible forks that have any stars. All of them have one star. You’re telling me that a project that is so widely and maliciously repackaged has no normal forks with more than one star? Is this tech that only bad actors want to use and has no following in the open source community?

Where are these evil forks, how do we actually know they’re forks, and why are they still up if they’re breaking license?

Edit: Here is a fork with 200+ stars that isn’t a direct GH fork. Given its premise is an opinionated and branded Floorp, is it morally wrong for its maintainers to not contribute to Floorp (assuming they don’t only for the sake of argument)? Does your answer apply to fediverse server owners (eg Mastodon, Lemmy) whose premise is hosting an opinionated and branded instance often explicitly without the technical skill to suggest patches?

thesmokingman ,

If a repo is very popular, it should have a lot of forks. The higher the upstream popularity, the higher the downstream popularity. When a dev makes a claim that there are a ton of malicious forks stealing IP, we can vet that claim by looking at the forks that respect the upstream. Big projects have a big community with big forks with many stars. The popular downstreams drive traffic to the upstream.

In this case, we have a couple hundred direct forks. That’s not a ton. Out of those, only three have stars. All of them only have one star. At face value, that could imply a few things: the repo is not very popular, the community is centralized around the upstream, or something else along those lines. Comparing this to other open source projects, our initial conclusion is that this is not a hugely popular repo and does not get a lot of development outside of its incredibly niche community.

Occam’s razor is a tool, not objective truth. Based on the facts as we can see them, this focus on forking from the dev is much more indicative of a burnout spiral, incredibly common in the FOSS community, than nefarious actors. If we see receipts, eg a collection of takedown requests on malicious forks attempting to claim ownership of the code, our analysis falls apart. That’s still a possibility, however remote.

thesmokingman ,

I used to work in a municipal city water department. Part of its job was to deal with some chemical blooms from bad waste disposal. While I am not a water science person, I trusted the water science people who told me it was safe and got to tour some of the cool filtration things.

I didn’t drink the water because water in that area has a “green” taste that’s hard to describe unless you’ve had it. Totally fine to drink, just personal preference. Most people I know gave me a lot of shit for it.

thesmokingman ,

He was also right about gay frogs. Sometimes the person you hate can make a good point.

thesmokingman ,

This headline was incredibly confusing to me because, as an American, I’d never heard of “mobes” as slang for mobile phones. The article does open with “phone motherboards” so I thought it was either a typo’d “mobos” or someone had changed the slang for motherboard when I wasn’t looking.

thesmokingman ,

The ostensible point is to prevent resellers from platforming your code. SSPL is an answer to, say, AWS offering your product much cheaper than you can. RSAL seems to be Redis spinning their own SSPL, BSL, whatever bullshit license because they’re not happy with the existing faux open source cloud licenses that prevent platforming.

There really isn’t a good way to handle this from an open source perspective. Cloud majors can and will undercut the fuck out of anyone to establish dominance. Ideally you’re providing a better support experience or working with them (until they decide to kneecap you) to maintain your business. Previously Redis had an paid tier that had functionality not available at the OSS level. I think that’s also legit.

I personally loathe the compliance issues these random shitty fucking licenses throw and don’t think trying to claw back business from majors is the right approach. The little guy is going to follow the path of least resistance which means you’ve made your software enterprise only.

thesmokingman ,

They already did that. They companies the tools to remove negative reviews. Glassdoor has not been much different from BBB for some time (if not all time).

thesmokingman ,

Create a new email address for each round of job hunting if you’re going to apply to many places. I can guarantee this email will get spam for years to come. Job boards and recruiting firms sell and reuse email lists. You don’t want to still get spam offering you junior roles ten years into your career.

A Proton address is fine. Like others have said, keep it professional.

thesmokingman ,

I’m really confused. The article points out why Brave is a bad choice right after saying it’s a good choice, says that logical fallacies are a problem, moves immediately into why false equivalence is something to look out for in general, and ends. Why is does this mean Brave isn’t going to steal our info? Because Mozilla might too? How does that address any of the valid privacy concerns with Brave (eg forced affiliate links, a privacy violation) rather than social ones (eg Brandon Eich being a piece of shit)? Empathy is a tool to have a conversation with others who might have different values, not a lens to evaluate privacy or user experience.

thesmokingman ,

It doesn’t sound like you’re aware of PCI DSS

Regulatory burden aside, you don’t do data analysis at scale running “some big wigs’ nephew’s VB/C# app.”

thesmokingman ,

Wait what

virtualization is a legacy technology

AWS, GCP, and Azure run on virtualization. Do you think all these cloud providers are providing everyone bare metal? This doesn’t include containerization which is a subset of virtualization. Your average shop might not run virtualization directly unless of course your team touches VirtualBox or Vagrant or qemu or (probably shouldn’t) HyperV.

Either your understanding of virtualization is very lacking or you didn’t explain your point very well. I am really curious what you meant.

thesmokingman ,

WSL is also shit for any kind of containerization and HyperV fucks up everything else. If you’re not doing any DevOps/SRE stuff WSL 2.0 is fine provided you don’t mix the filesystems. I have been so frustrated with their claims on release for 1.0 and 2.0 that I haven’t evaluated the recent systemd release for WSL. I provision WSL for people that don’t know why they should care and Linux VMs for people that need to work with CI tooling.

In general if you use a Microsoft tool you have to use the Microsoft ecosystem. Sometimes that’s not a huge deal, eg VS Code just adds a ton of telemetry and GitHub reads all your public code. Sometimes it’s a huge deal, eg you want to do literally anything beyond Docker Desktop defaults in the container world.

thesmokingman ,

I think that’s a fair point. Trying to build a new virtualization company today would have huge initial investment and a steep path to the companies that run their data centers.

thesmokingman ,

This is super common with niche hobby products I buy. Doesn’t make any fucking sense. Vendors will send out an email saying “hey we have a sale but we can’t tell you the dollar amount just the percentage until you put it into your cart.” I think it’s also common with some lines of luxury goods. You’ll find a few different reasons online if you Google “luxury brands hide price.”

https://programming.dev/pictrs/image/3f447ccf-f606-40b3-9c89-b5d7f9637465.jpeg

thesmokingman ,

Have you checked 5.11’s Rush 2.0 line? Is that too much Velcro? I’m not sure what size you’re looking for either. The RUSH12 is great for an every day backpack and small enough to easily fit under an airline seat if you don’t have a ton of attachments.

thesmokingman ,

Wow, I wasn’t aware that every employer in the world actively discriminated as much as Google does. I had no idea because there’s zero news coverage that you have zero options. You should get the word out!

thesmokingman ,

Good luck with all your lawsuits. You must be really rich by now what with literally no allies and no employers ever trying to do the right thing. No wonder you support FAANG companies!

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • test
  • worldmews
  • mews
  • All magazines
    •