There is a lot of alarmist stuff going around about .io ccTLD being "retired", fedi instances that use it having to move, etc. 👀
Keep calm. Here's the one thing you need to know about this right now:
👉 Even if .io ever gets "retired", it will take *years* for this to affect already delegated .io domains in any way at all.
I cannot stress this enough, we are talking years if not decades.
Soviet Union dissolved 33 years ago, but .su domains still resolve.
Deep breaths.
Carry on.
Lapo Luchini likes this.
reshared this
Lisa Melton e Lapo Luchini reshared this.
Just in case you need a NodeJS script to sort extended #ZSH history which doesn't break on multi-line entries:
#! /usr/bin/env node
const fs = require('fs');
const lines = fs.readFileSync(process.argv[2], 'utf8').split(/(?<=[^\\])\n/);
lines.sort((a, b) => a.split(/:/)[1] - b.split(/:/)[1]);
fs.writeFileSync(process.argv[2], lines.join('\n'), 'utf8');
Sort extended ZSH history (works with multi-line entries)
Sort extended ZSH history (works with multi-line entries) - zsh_history_sort.jsGist
In principle I could even see myself supporting Mozilla's advertising thing.
It would not be a bad idea, in general, to have a privacy-preserving, ethical advertising network. It would serve as an alternative for vendors, and as an example to regulators that this is possible – and that banning targeted advertising can be done without hurting organizations that rely on ads to stay afloat.
Problem is, I don't trust Mozilla to hold up their side of this.
I used to, but not anymore.
Lapo Luchini likes this.
Lapo Luchini reshared this.
Mozilla has been experiencing a trust problem for years, and should have done some real soul-searching and focusing on regaining that trust – which would allow it to dive into projects like the ad network thing with community support.
Instead, they keep doing things that either seem irrelevant, or outright alienate their core audience. Logo redesign. AI. Now the ads thing.
Or, well, what used to be their core audience:
neilzone.co.uk/2024/09/am-i-st…
Am I (still?) in Mozilla's target audience?
I have used Mozilla’s software - Firefox and Thunderbird in particular - for many more years than I care to remember.neilzone.co.uk
At some point they will hit a Trust Thermocline, if they haven't already:
every.to/p/breaching-the-trust…
This is a great moment for someone to come in and offer what Mozilla's the soon-to-be-former core audience is looking for.
And that core audience will then promote it among their friends and family, on their campuses, and in their workplaces.
Exactly the same way Firefox was being promoted, very successfully, when the Web was young.
Breaching the Trust Thermocline Is the Biggest Hidden Risk in Business
Companies have no way back from a sudden loss of trustevery.to
Anyway...
Firefox users: can we have the RSS button back please?
Mozilla: no, nobody wants that.
Also Mozilla: hey we're building an ad network!
@drakenblackknight yeah, it might be a decent stop-gap solution.
Long term we need a fully independent fork or a completely new browser.
Ads keep the internet cheap and available for every income.
The problem is less with ads, for me, but more with the profiling and tracking of user data. If we can have an advertisement platform that actually respects user privacy and avoids tracking, the internet can become a slightly better place again.
if possible yes. But contextual isn't always possible. And then the options are currently limited (Google practically owns the place). Having options next to Google is not a bad thing.
When running without targetable context (e.g. timelines or so) ad space needs to be sold for far cheaper and far fewer advertisers are interested in renting in the first place. This limits ad quality and revenue, so even more ads need to be shown to make it worth renting it out in the first place.
@Voline totally. There is a browser project based on Servo, Verso:
github.com/versotile-org/verso
GitHub - versotile-org/verso: A web browser that plays old world blues to build new world hope
A web browser that plays old world blues to build new world hope - versotile-org/versoGitHub
@FediThing 🏳️🌈 Holy crap, the Mozilla CEO takes 7 million per year?? 😮
I've used it since before it was named Netscape Navigator, but I think it's time to evaluate a few alternatives now...
I actually worked on a privacy-preserving ethical private-data-using thing for a few years - and it could've been beautiful, alas, funding.
but the core idea (store everything locally, give the end users fine-grained control over what processes can access which data how, process everything locally-only) still is valid and is now a nice little project to see whether one could (with consent!) locally capture and evaluate KDE user metrics for UX improvements.
@jollyorc yeah, I'm with you, this is work that is worth doing and figuring out.
But it requires people to trust whoever is doing it and handling their data, and Mozilla has proven itself untrustworthy.
Also, as far as online ads are concerned, there's quite some data on how contextual ads might be better for advertisers, better for organizations living off of ads, and obviously better for privacy. But I assume you already knew that. 
to be honest, I think that advertising as the predominant business model for websites needs to die, it is the original sin of the Internet, setting all the wrong incentives.
sure, there'll always be some ads, but they shouldn't be the main source of income for websites and services.
Lapo Luchini likes this.
blog.mozilla.org/en/mozilla/di…
blog.mozilla.org/en/mozilla/im…
blog.mozilla.org/netpolicy/202…
Privacy-Preserving Attribution: Testing for a New Era of Privacy in Digital Advertising - Open Policy & Advocacy
An update on Mozilla's PPA experiment and how it protects user privacy while testing cutting edge technologies to improve the open web.Udbhav Tiwari (Open Policy & Advocacy)
@dynom again, seems to me you are completely ignoring the context.
And the context is: Mozilla used to be seen as trustworthy, ethical entity in the space. By and large it no longer is seen this way. Partially because it is seen as selling out.
But I am starting to suspect you ignore this context on purpose.
@BassRck5000 I'm not ignoring it, I just think that i prefer a lesser evil over more ones who've lost their moral compas decades ago.
Not agreeing with you, doesn't make me ignorant. It just means I evaluate it differently.
@dynom @BassRck5000 it's not about agreeing or not, it's about throwing around clichés like "running a profit is not a bad thing".
And I did not call you ignorant. I said you seem to be ignoring the context. That's a different thing, please don't twist my words like that.
OUTDATED⚠️
Mozilla bought the Android email app K-9 (which didn’t include any trackers) and integrated trackers as part of #Mozilla‘s rebranding under the #Thunderbird name.
They even made it opt-out instead of opt-in. Their defense for breaking the law: ”we wouldn’t have enough data if we obeyed the law.“
It doesn’t matter whether you ”anonymized“ the data or not: If you want to extract data from someone’s device to yours, you may do so only if they knowingly consented.
sigmoid.social/@davidculley/11…
Gibt sogar ein GitHub-Issue dazu. Money quote:»Unfortunately we cannot make this type of data collection opt-in because the limited data from voluntary reports wouldn’t provide enough insights to make informed product decisions. Opt-in data would come from a small, biased subset, leading to flawed conclusions.«
Datenschutz und Einwilligungen sind grundlegende Rechte der Nutzer, die respektiert werden müssen, selbst wenn dies die Datenerhebung erschwert.
github.com/thunderbird/thunder…
Expose the ability to mange Telemetry settings on first-time use · Issue #8199 · thunderbird/thunderbird-android
Checklist I have used the search function to see if someone else has already submitted the same bug report. I will describe the problem with as much detail as possible. App version 8.0b1 Where did ...GitHub
reshared this
Lapo Luchini, Matteꙮ Italia, Michał "rysiek" Woźniak · 🇺🇦 e Clemens reshared this.
Why laptop support, why now: FreeBSD’s strategic move toward broader adoption | FreeBSD Foundation
FreeBSD has long been a top choice for IT professionals and organizations focused on servers and networking, and it is known for its unmatched stability, performance, and security.Drew Gurkowski (FreeBSD Foundation)
Lapo Luchini likes this.
Lapo Luchini reshared this.
Around 2000, humankind split into two groups:
One who was convinced it needed expensive Content Management Systems to keep office documents.
And the other who had an unprecedented productive, global collaboration with repositories and text files.💁♂️
Lapo Luchini likes this.
Lapo Luchini reshared this.
I read that the official Mastodon instance of the Swiss government will be closing down.
They say there are few active users, low engagement, and minimal interaction, which seems quite plausible. Additionally, they claim that "on platforms like X or Instagram, the Federal Council and the Federal Administration have many more followers." I believe that too, of course.
However, I do not agree with their decision. I think a government shouldn’t be overly concerned about follower counts and interactions, but rather about providing free, autonomous communication that is independent of third-party companies. In my view, a government shouldn’t operate like a business focused on "numbers."
Still, I appreciate their experiment - many governments, like the Italian one, haven’t even tried.
Regarding costs and management effort: an instance with 5 users and 3,500 followers (numbers provided by them) can run on a VPS for €3 a month and doesn't require heavy moderation. The cost for them is nearly zero. Yet, the freedom of information and discussion, especially for a Neutral Country, should always be a priority.
I believe that maintaining control over one’s information channels is crucial, especially in today's world. But, I fear that decision-makers only consider the numbers, which often favor the flashiest - but worse - solutions.
Encouraging citizens to use closed platforms is, in my opinion, a wrong choice.
Thanks to the Swiss government for at least giving it a shot.
admin.ch/gov/it/pagina-inizial…
#Mastodon #FreedomOfSpeech #Switzerland #Fediverse #SocialNetworks
La Confederazione chiude la sua istanza su Mastodon
Aktuelle Informationen aus der Verwaltung. Alle Medienmitteilungen der Bundesverwaltung, der Departemente und Ämter.www.admin.ch
Lapo Luchini likes this.
reshared this
Lapo Luchini e Matteꙮ Italia reshared this.
Matteꙮ Italia reshared this.
ma infatti mi sembra una decisione decisamente errata...
But indeed it seems to me a definitly wrong decision...
"I think a government shouldn’t be overly concerned about follower counts and interactions, but rather about providing free, autonomous communication that is independent of third-party companies."
Agreed!
Plus if they post on X then anyone who does not have an X account cannot see threads/replies, only the first post.
And even then it's kind of wonky! Sometimes when I look at an X profile (not logged in since I have no account) I see old posts and not the latest ones.
The cost isn't 0, as the risk is potentially unbounded.
Imagine if somebody hacks into the VPS, waits for a Twitter outage, and posts a message from a top government official that Zurich is under imminent nuclear attack from Russia, then conveniently forwards the link to that official government instance to all the media.
Beautifully said! Also agree with your stance in this.
Things take time... they will come back to the Fediverse.
IMHO a Mastodon presence for a government can't be evaluated just in views: it's a sort of "Official Gazette" to inform citizens.
«I think a government shouldn’t be overly concerned about follower counts and interactions, but rather about providing free, autonomous communication that is independent of third-party companies. In my view, a government shouldn’t operate like a business focused on "numbers."»
Absolutely 👏
Exactly this. A closed platform should never be supported; Facebook and Twitter are now severely limited of you don't hav an account, to thr point where most posts are not viewable. "But creating an account is free" is not the solution, obviously.
They missed the point there, I think, and as stated they didn't really push it in any form.
CC: @stefano@bsd.cafe
reshared this
Lapo Luchini, Ruben Schade 🇦🇺🇸🇬, ✧✦Catherine✦✧ e Ryan Castellucci reshared this.
I thought alignment charts were supposed to clearly narrow things down. Most of these are databases, and that center one (text files) underpins a lot of how Unix works.
/etc/passwd is a text file database.
/etc/services is a text file database.
/etc/hosts is a text file database that was the immediate predecessor of the distributed network DNS database.
not sure how cook books don't let you access the information they contain but sea shanties do. Not every cook book has a good index but they basically all have an index.
If someone knows a sea shanty where the chorus is an index of the verses, I'd love to hear it.
the cookbook pictured (and its contemporary competitor from Betty Crocker, among others) is basically a binder full of cards which may arrive in some kind of order but shortly becomes a scrambled mess. nowadays cookbooks are just bound books full of blog posts or whatever but they used to be Not Like Other Books
also you're focusing too much on this index concept; think of a sea chanty more like sequential tape storage. if you want to access information later in the song you have to start drinking and seek forward. retrieval isn't guaranteed if you can't hold your liquor
Wait they used to be tear-out books full of index cards that you would then jam into your recipe box and at some point misplace? Madness!
The old cookbooks I'm familiar with are the sort of encyclopedic ones that don't assume you've ever held a spatula before - 50s / 60s era Joy of Cooking and its UK counterpart the Penguin Cookery Book.
I have a Better Homes & Gardens cookbook too but it's only like 15 or 20 years old.
It was a binder, with the idea that you could take the recipe you were working with and put it on the counter without needing the whole heavy binder taking up half your kitchen! There was an index, and the binder was separated with tabbed guides, the accuracy of which necessarily depended on the amount of effort the user was willing to put into returning removed pages.
The other reason they were ring-bound is because lay-flat perfect binding hadn't been invented in 1930.
I was obviously referring to Dragon NaturallySpeaking here
CC: @pearl@rrr.sh
"What were you asked, and offered?" the dragon said.
"To drive you off, to receive the hand of the princess and half the kingdom," the knight replied.
"Very well, I'll go."
"Wait, what?"
"There once was a huge empire, that was halved..." The dragon laughed. "I'll go. For now."
Lapo Luchini likes this.
Lapo Luchini reshared this.
Lapo Luchini likes this.
Lapo Luchini likes this.
reshared this
Paul_IPv6, Renato Ramonda, The 500 Hats of LambdaCalculus, Lapo Luchini, Matteꙮ Italia, Stefan Eissing, Michael Lucas, Joshua A.C. Newman, CatSalad🐈🥗 (D.Burch) e 🆘Bill Cole 🇺🇦 reshared this.
priceless!
i still remember years ago when someone did a fake traceroute to whitehouse.gov via kremvax (kremlin vax). these are fun things to construct.
And they did it in TLS as well:
openssl s_client -connect signed.bad.horse:443 -servername signed.bad.horse
Lapo Luchini likes this.
I had a few things to say about it, too. DNS is an improbable medium for humor, but it does work.
someweekendreading.blog/bad-ho…
DNS: An Improbable Medium for Humor
We members of the Nerd Tribe like our little jokes. The more obscure, requiring loads of intellectual context, the better. The DNS system is taking this one step further.www.someweekendreading.blog
Of course, if any of the DNS fails to resolve to a name, the failure needs to trigger a route that goes through:
on.the.first.p.art
of.the.journ.ey
i.was.looking.at
all.the.life
there.were.plants.and.birds.and.rocks.and.thin.gs
…
Lapo Luchini likes this.
reshared this
Lapo Luchini reshared this.
JavaScript™
Oracle, it's time to free the JavaScript trademark. Join us in asking Oracle to release the trademark, and helping us file a Petition for Trademark Cancellation with the USPTO.JavaScript™
Lapo Luchini likes this.
reshared this
Lapo Luchini e Matteꙮ Italia reshared this.
Hey folks, so the Quantum Witch demo has been released :) It lets you explore a few locations from the beginning of the story, and even get up to the first big story event!
I hope you enjoy it, and all boosts and very appreciated :)
store.steampowered.com/app/310…
Quantum Witch on Steam
Wake up lovely, you've got things to do! First, find your lost flock of faer. Then find your wife, she'd look so cute wearing that flower you found. And if you have time, attack and dethrone god. Ok? Don't worry about that portal.store.steampowered.com
reshared this
Eniko Fox e Lapo Luchini reshared this.
Reading about the computer you made... On the computer you made.
How meta.
Lapo Luchini likes this.
Lapo Luchini reshared this.
ssh banner seems not to follow RFC · Issue #97 · rapier1/hpn-ssh
The current ssh banner defined in ssh_api.c:423 is this: sshbuf_putf(banner, "SSH-2.0-%.100s\r\n", SSH_RELEASE) and the constant is defined in version.h:3-7 as: #define SSH_VERSION "OpenSSH_9.7" #d...GitHub
Lapo Luchini likes this.
reshared this
Lapo Luchini reshared this.
like this
Lapo Luchini e Hypolite Petovan like this.
reshared this
Lapo Luchini, Paul_IPv6, Lisa Melton, Foone🏳️⚧️, Graham Sutherland / Polynomial, Hypolite Petovan e The 500 Hats of LambdaCalculus reshared this.
The Pentium as a Navajo weaving
Hurrying through the National Gallery of Art five minutes before closing, I passed a Navajo weaving with a complex abstract pattern. Suddenl...www.righto.com
Two weeks ago I asked on here about indie developers and everyone told me I had to speak to @nikki so I did! Quantum Witch looks wonderful
theguardian.com/games/article/…
Quantum Witch: where religious cults collide with 80s Spectrum games
This queer emancipation story is set in a cosy pixellated art world but all is not what it seems. You’ll tend your flock, pick some flowers – and also have to dethrone GodKeith Stuart (The Guardian)
Lapo Luchini likes this.
reshared this
Nikki is making Quantum Witch e Lapo Luchini reshared this.
I have seen Threads messages shared/boosted by others, but I can't manage to do it myself from my Friendica account.
Is that possible?
Fun fact: the code which took Apollo 11 to the moon is available on github github.com/chrislgarry/Apollo-…
And if you look through it you'll see that - joyfully - it also includes original comments.
My absolute favourite thing about the Moon Code is that it includes comments like this: "TEMPORARY - I HOPE HOPE HOPE"
Apollo-11/Luminary099/LUNAR_LANDING_GUIDANCE_EQUATIONS.agc at master · chrislgarry/Apollo-11
Original Apollo 11 Guidance Computer (AGC) source code for the command and lunar modules. - chrislgarry/Apollo-11GitHub
Lapo Luchini likes this.
reshared this
Lapo Luchini, Matteꙮ Italia, Lisa Melton e ✧✦Catherine✦✧ reshared this.
“HOPE” is pretty upbeat
Usually the time limit is 18 months and the person being critical is your future self.
Lapo Luchini likes this.
#golang Fediverse please help a Go-noob: is it possible to get the `git describe` string from a `go install github.com…@latest` type installation?
In order to use for `--version` output, that in various projects report no version when installed that way.
E.g.:
% go install github.com/walles/moar@latest
% moar --version
Should be set when building, please use build.sh to build
Else, I'll answer it myself linking your answer here.
with pleasure.
Will do immediatly :)
Thanks for doing this.
EDIT: it's done :)
Lapo Luchini likes this.
pkg.go.dev/runtime/debug#ReadB…
(That doesn’t work yet when installing from a local directory. See github.com/golang/go/issues/50…)
cmd/go: stamp the pseudo-version in builds generated by `go build` · Issue #50603 · golang/go
NOTE: The accepted proposal is #50603 (comment). cmd/go embeds dependency version information in binaries, which is very useful. From Go 1.18 onwards, cmd/go also embeds VCS information in binaries...GitHub
Lapo Luchini likes this.
Lapo Luchini likes this.
Lapo Luchini reshared this.
Priorities. So important.
- EU-Petition to keep video games playable by forcing the publishers to NOT remove essential functions: 302.000 signatures in less than a month.
[1]- EU-Petition to tax the rich and keep our planet inhabitable: 271.000 signatures after 10 months.
[2]If you care about playing your games, please also support the other petition to make sure you still can do that and many other things, ok? :)
[1] eci.ec.europa.eu/045/public/#/…
[2] eci.ec.europa.eu/038/public/#/…
Lapo Luchini likes this.
reshared this
Lapo Luchini reshared this.
Lapo Luchini likes this.
reshared this
Daniel Carosone e Lapo Luchini reshared this.
ahh, another startup that burnt out trying to build some silly AI project on crap hardware. I wonder what they did? I check their URL:
ahh. healthcare. great, great.
Lapo Luchini likes this.
reshared this
CatSalad🐈🥗 (D.Burch) e Lapo Luchini reshared this.
no one wiped these.
I have now stuck the hard drive in my imaging box
it turns out it was in service as of June.
and this one has log errors about the sensors in the bathroom and bedroom. this was used. fuck.
HEY FUN FACT: this was used as part of an Alexa/google home type thing! this is the "cloud" half, as in the part sitting in a warehouse somewhere.
It turns out every time the customer asked for something from the smart assistant, the WAV file was sent to the cloud box
where it is still stored. and I now have eleven thousand wave files
god the logs are full of errors about assorted video streams failing.
so this thing was connecting to something which had cameras. like, I can tell which room of the house failed.
now I don't think there's any video stored on this device, but keep in mind: the fools that made this thing fill up with WAV files? they also designed the video streaming part. Where are those videos stored, and how safe are they?
and now I can email the lead developer.
or just commit to their git repo, I guess.
the other good news is that they have a secrets manager
the bad news is that they rolled their own secrets manager
the extra bad news is that I have the source for said secrets manager
and the extra extra bad news is that it has to decrypt those keys without external input, meaning I have all the parts here to pull out their s3 keys
reshared this
CatSalad🐈🥗 (D.Burch) reshared this.
oh hey!
this thing authenticates to some of their servers (which are still up, even if the company might not be (this is unknown at the moment)) over SSH! using keys kept in the same home-rolled vault thing!
so I can SSH into their servers now!
oh god this thing sends email from gmail
please tell me they didn't embed the google login into this device
reshared this
CatSalad🐈🥗 (D.Burch) reshared this.
and test sets the server to... FOOBAR.EGG
and in case anyone is getting deja-vu:
This is a completely different company than the other one I found like 3 weeks ago:
digipres.club/@foone/112817523…
good lord. I pulled a microSD card out of a Raspi inside an IoT product and it appears they had some developer use a raspi to develop/test some software, and then they just yanked the SD card out of that machine and duped it on to all of their deployed products.it's got .bash_history of the development process! there's git checkouts of private repos! WHY WOULD YOU DO THIS?
CatSalad🐈🥗 (D.Burch) reshared this.
Why the fuck is this on hacker news? ugh. I'm gonna need to run my own mastodon instance, aren't I?
If you found this on hacker news, you owe me 5$:
digipres.club/@foone/112929955…
I'm a few thousand dollars away from being able to pay my bills this month, but the most important thing I need to pay for is my health insurance: I've got meds I can't afford without it and an upcoming CT scan.
If you can donate a few dollars or more, that'd really help! Thanks!ko-fi.com/fooneturing
#mutualaidreqest
I shudder to think of what the AUbros and billionaire cos players on the orange site are saying there.
@jwz has a rewrite rule on his web server to goatse requests with a referrer from there. (I wonder it that still works? I have no clue what the current state of referrer headers from modern browsers is.)
remember how I said there was a gaylord full of NUCs?
yeah. I took one. of like, a hundred.
I haven't exploited their git repos.
I haven't misused their leaked AWS credentials
I haven't gone to the media to try and expose this company.
but I took only one of NUCs. The same content is on all the rest of them, I assume
For reference: packagewarehouse.com/boxes/car…
tonisagrista.com/blog/2023/jpe…
JPEG XL vs AVIF: a comparison
An unscientific analysis of these two image formats based on file size and image quality.tonisagrista.com
Lapo Luchini likes this.
Lapo Luchini reshared this.
Lapo Luchini likes this.
reshared this
Lapo Luchini e Matteꙮ Italia reshared this.
like this
Hypolite Petovan e Lapo Luchini like this.
reshared this
Lapo Luchini e Matteꙮ Italia reshared this.
New Bark by Aria Salvatrice @woof :
Video Tutorials
Considered Harmful
Video tutorials are harmful to some, for reasons of accessibility, and to everyone, for reasons of mortality.
aria.dog/barks/video-tutorials…
Lapo Luchini likes this.
reshared this
Matteꙮ Italia e Lapo Luchini reshared this.
It turns out Google Chrome ships a default, hidden extension that allows code on `*.google.com` access to private APIs, including your current CPU usage
You can test it out by pasting the following into your Chrome DevTools console on any Google page:
chrome.runtime.sendMessage(
"nkeimhogjdpnpccoofpliimaahmaaome",
{ method: "cpu.getInfo" },
(response) => {
console.log(JSON.stringify(response, null, 2));
},
);
More notes here: simonwillison.net/2024/Jul/9/h…
hangout_services/thunk.js
It turns out Google Chrome (via Chromium) includes a default extension which makes extra services available to code running on the `*.google.com` domains - tweeted about today [by Luca Casonato](https://twitter.simonwillison.net
Lapo Luchini likes this.
reshared this
Royce Williams, Dan Goodin, CatSalad🐈🥗 (D.Burch), Paul_IPv6, Matteꙮ Italia, Poul-Henning Kamp, Clemens e Lapo Luchini reshared this.
"VM68:1 Uncaught
TypeError: Cannot read properties of undefined (reading 'sendMessage')
at <anonymous>:1:16
(anonymous) @ VM68:1"
Although on a non-google site it offers me "Explain Console errors by using Copilot on Edge"
Not near a laptop ATM but does this CLI flag disable it --disable-component-extensions-with-background-pages
IME you can see most hidden Chrome extensions via chrome://system
I'm just wondering how many things goes wrong on modern websites, if I set "*.google.com" and affiliated sites in Blocklist of my opnsense router 🤔
Google really belongs to the same category, like facebook and chinese toktik 😂
Royce Williams reshared this.
Default extensions are a place where Google has done some real damage to the web, and those of us working on platform have been grumpy for more than a decade that this and the Docs Offline nonsense continues to persist.
In both cases, it fell to other teams (not the Hangouts or Docs peeps) to build replacement APIs; e.g.:
@mitch You know how we spent years building Service Workers and Background Sync and Periodic Background Sync and fixing storage quotas for large-volume offline data?
Um, yeah. About that (latest dev channel, fresh profile):
@mitch The tragedy in both instances is that the teams that dropped turds in Chrome have faced no pressure to move to open, interoperable APIs, meaning other browsers (including other Chromium ecosystem browsers) feel forced to include them to make sure that Google's very popular web properties "work right".
This also keeps web APIs from advancing because teams that would push them forward already have theirs, Jack. It's not Android levels of bad, but it's bad.
chromium/chrome/browser/resources/hangout_services/manifest_v3.json at 114ce7cc6f47e4d06bb8a5168e3ed2efd38fc0d6 · chromium/chromium
The official GitHub mirror of the Chromium source. Contribute to chromium/chromium development by creating an account on GitHub.GitHub
from what I've heard on the Xitter, this is mostly used to debug performance issues. What's scummy is that they only enable it on their domain, which comes off as anti-competitive.
I imagine they'll get in trouble with the court for this, because it's clearly giving them an unfair advantage.
```
{
"value": {
"archName": "x86_64",
"features": [
"mmx",
"sse",
"sse2",
"sse3",
"ssse3",
"sse4_1",
"sse4_2",
"avx"
],
"modelName": "12th Gen Intel(R) Core(TM) i7-12800H",
"numOfProcessors": 20,
"processors": [ <cut>],
"temperatures":
[] }
}
```
(tested with Edge 126.0.2592.87 on google.com)
Following people were surprised:
I stopped using Google services many years ago. I haven't "googled" anything in years.
Just to confirm the command line flag does disable this extension e.g.
open -a "Google Chrome Canary" --args --disable-component-extensions-with-background-pages
One screenshot is with the flag, one as default
(Core Web Vitals Visualiser is an extension I installed rather than one that's bundled with Chrome)
Many of clients use Google products like Drive and Chat. So, sort of stuck often time. It's really too bad because many google products are useful that they have to muck it all up with their trust (as in confidence in and faith in) breaking practices.
friendly reminder that you need root access to fully remove Google from many android phones and tablets and that root access generally voids your warranty. That said, most warranties don't last longer than a couple years so if you've had your phone for 2 or more years then you likely have little to lose by ripping your *.google.com applications out and replacing them with much more secure applications.
If you don't want to do that, the paid version of #netguard can at least lock down your phone's network traffic app by app and web address by web address.
The third article in a week that I’ve read suggesting that GenAI is not actually doing anything useful:
www-businessinsider-com.cdn.am…
Even Goldman Sachs, who can generally make money out of any ludicrous hype cycle, think there’s nothing of value there.
Summary from the others:
- Only 5% of businesses are doing any kind of AI roll out and, of those, a lot are scaling back because the returns are nonexistent or negative.
- Experienced developers using Copilot are 20% less productive.
- Silicon Valley companies spent $50B on NVIDIA GPUs and that led to a $3B increase in revenue (not profit).
- Improvements in newer generation AI models is incremental, but the costs of training are increasing disproportionately.
Goldman Sachs says return on investment for AI may be disappointing
Tech companies are spending big on AI, but so far have little to show for it. A Goldman Sachs report gives AI investments mixed reviews.Katie Balevic (Insider)
Lapo Luchini likes this.
Lapo Luchini reshared this.
) bull time is over, it's bear time now. mastodon.gamedev.place/@lritte…Leonard Ritter (@lritter@mastodon.gamedev.place)
the horns of jericho crash imminent it's bear time oh lawd he comin https://www.bbc.com/news/articles/c511x4g7x7joGamedev Mastodon
It is amazing how quickly people forget what was said about each tech hype, then get surprised when the next one fails.
Lapo Luchini likes this.
@WiseWoman That one was over a week ago (possibly shouldn't have been in the list). It was shared in a bunch of places, but I didn't keep a link.
It reflects my experience quite well: Copilot is great at writing code that looks right. I spent more time chasing a single issue where it had flipped a 0 and a 1 in two bitfield constructions than it has saved me in typing in total over several months.
All of the things where I've seen claims that it increases productivity have been from people saying 'look it lets me generate this boilerplate fast' and the problem is that boilerplate wouldn't exist in a well-designed API, so it's really just saying 'look, it lets me accumulate technical debt more quickly'.
I've heard from one person that they're using Copilot to spot missing abstractions. If Copilot is able to autocomplete a non-trivial chunk in their codebase, it tells them that there's a good chance that they've exposed things at the wrong level of abstraction and they need to build helpers. I can see that having some value. It's also reasonably good at telling me when I've named things inconsistently because it will autocomplete the wrong name (this is less reliable, but it's a good pause-and-think moment in API design).
Some EU officials know nothing about how technology works but know what they want. And they're on the verge forcing technology companies to make everyone much less safe by destroying strong encryption and eviscerating personal privacy.
netzpolitik.org/2024/client-si…
(Tweaked to be clear it's not all EU officials...)
Client-Side-Scanning: Chat Control is Pure Surveillance State
The planned chat control makes the world less secure and more authoritarian, as it is directed against private and encrypted communication. Proponents are using disinformation, lies, and sleight of hand to push through the project.netzpolitik.org
Lapo Luchini likes this.
reshared this
Lapo Luchini reshared this.
Lapo Luchini likes this.
reshared this
Ruben Schade 🇦🇺🇸🇬 e Lapo Luchini reshared this.
vague memory of someone else’s debugging story from i can’t remember where … :
they are called to an office which is complaining that the wifi stops working for two hours twice a day
this office is in portsmouth so it’s fairly obvious that the timing is related to the tides
but what on earth? how can the wifi be sensitive to the tides?!
reshared this
Lapo Luchini e Matteꙮ Italia reshared this.
our hero is standing in the office staring out of the window in frustration, looking out over the city towards the harbour … in the distance, a naval radar is just peeking over the roofline
when the tide is high, it lifts the ship enough for the radar to get line of sight to the office, so it can interfere with the wifi!
(tell me if you know where this story came from!)
Lapo Luchini likes this.
@SteveBellovin
In a former job the ethernet at the London(UK) office blanked out exactly once per second...
... when the radar in nearby Heathrow lit up the building.
Explaining proper ethernet grounding to the electrician solved that.
FreeBSD 14.1-RC1 is now available: lists.freebsd.org/archives/fre…
If no major problems show up, we're going to start 14.1-RELEASE builds on Friday. THIS IS YOUR LAST CHANCE TO TEST BEFORE THE RELEASE.
Lapo Luchini likes this.
reshared this
Lapo Luchini reshared this.
ASN1js tree mode
I like that, but it's a huge change to the website historical look&feel #UX.
What do you think about it?
Better? Worse? Can be further improved?
Lapo Luchini likes this.
reshared this
Lapo Luchini reshared this.
Lapo Luchini likes this.
@silverwizard @Ruben Schade :runbsd:🇦🇺🇸🇬 @aru I store the password database on NextCloud through the synchronization client on Windows, and the password database has my NextCloud password in it. I'm retrieving the database using the iOS NextCloud app and open it using KeePassium.
I also store all my TOTP seeds in the database using the TOTP plugin in KeePassXC and it's a native feature in KeePassium.
Can't wait for version 2.7.7 to be in the Ports, as it adds supports for Passkeys! 🎉
(I already use it on Windows and on SteamDeck/Linux)
PS: I also use Syncthing on all my PCs and also on my mobile phone, on which I run KeePassDX.
“yea, that rings a bell.”
Lapo Luchini likes this.
reshared this
Lapo Luchini e ✧✦Catherine✦✧ reshared this.
I did that using OpenSSL CLI and Perl github.com/wllm-rbnt/asn1templ…
GitHub - wllm-rbnt/asn1template: Convert DER or PEM encoded ASN.1 structures to an equivalent textual description compatible with OpenSSL's ASN1_generate_nconf(3) function
Convert DER or PEM encoded ASN.1 structures to an equivalent textual description compatible with OpenSSL's ASN1_generate_nconf(3) function - wllm-rbnt/asn1templateGitHub
oh! I didn't know you were on Mastodon.
Thank you SO MUCH for making asn1js. It was absolutely instrumental in my recent escapades into the world of DNSSEC.
Genuinely an inspiring tool.
Lapo Luchini likes this.
reshared this
Lapo Luchini e Lisa Melton reshared this.
Corollaria Branch for MIT
Corollaria Branch by Nervous System at MIT. photo credit: Emily Katrencik In the end of January, we traveled to MIT to teach a workshop for undergraduates hosted by MIT’s Morningside Academy …Nervous System blog
Corollaria Branch for MIT
Corollaria Branch by Nervous System at MIT. photo credit: Emily Katrencik In the end of January, we traveled to MIT to teach a workshop for undergraduates hosted by MIT’s Morningside Academy …Nervous System blog
Michał "rysiek" Woźniak · 🇺🇦
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •Q: You're just some rando on the Internet, what can you possibly know? 🤔
A: I used to work for the .IS ccTLD registry. I currently work for Quad9 DNS resolver. I happen to know a thing or two about DNS.
Q: Okay, but you don't have personal stake in this, do you? So of course you're not worried! 🤷♀️
A: My home domain – where my blog is, where my personal infra is, and where my hobby projects are hosted – is rys.io. Yes, a .io domain. I have a very personal stake in this.
Michał "rysiek" Woźniak · 🇺🇦
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •Q: Does this mean .io domains will be around forever?
A: It is possible that the .io ccTLD will become a generic TLD, sponsored by some organization instead of being tied to a specific territory. It is also possible that it will get retired in some years.
Q: So what's your plan with your rys.io?
A: I will wait and see what happens. Once a decision is made about .io, I wil either just keep using it, or plan an orderly migration. I expect to have *years* for that at that point.
Michael Lucas reshared this.
Michael Lucas
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •Patrick Mevzek
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •Michał "rysiek" Woźniak · 🇺🇦
in reply to Patrick Mevzek • • •@pmevzek because we know ICANN is in no way receptive to arguments, especially ones that happen to be backed by loads of money.
*cough* .zip *cough*
Patrick Mevzek
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •artemist
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •IANA has made a specific policy about this because they don't want a repeat of .su or .yu. Most TLDs for countries removed from ISO3166 have been deleted from the root zone, e.g. .tp, .yu, .zr, and .an.
Under the policy retirement would take up to 5 years after ISO 3166/MA takes action, or 10 years if the registrar requests an extension.
Retirement of a Country-code Top-level Domain (ccTLD)
www.iana.orgMichał "rysiek" Woźniak · 🇺🇦 reshared this.
Tony Finch
in reply to artemist • • •@artemist yeah
there’s a nice summary at domainincite.com/30406-five-ti…
the crucial thing is how Mauritius decides to handle the territory
if i were them, i would arrange to keep chagos separate enough that ISO 3166 MA agree it can continue to have its own code, and name chagos so it can keep the code IO
then insist to IANA that chagos should have sovereign control over the .io TLD, while keeping everything working
then use the income to compensate the chagossians
Five times ICANN deleted a ccTLD, and what it means for .io - Domain Incite
Kevin Murphy (Domain Incite)Royce Williams reshared this.
Michał "rysiek" Woźniak · 🇺🇦
in reply to Tony Finch • • •@fanf ideally, yes.
@artemist
Michał "rysiek" Woźniak · 🇺🇦
Unknown parent • • •Kévin ⏚
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •you pretty much said it. If France can still have what is effectively just another ccTLD for .aq, certainly the UK will not have a problem keeping .io alive for their claim.
That's not even mentioning .gb exists and hasn't been used for decades, with the UK only last year giving their intention to retire it
Michał "rysiek" Woźniak · 🇺🇦 reshared this.
Robert Cassidy
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •David Raygoza Gómez
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •Michał "rysiek" Woźniak · 🇺🇦
in reply to David Raygoza Gómez • • •Internet country-code top level domain for the Soviet Union
Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)Michał "rysiek" Woźniak · 🇺🇦
Unknown parent • • •@toriver docker[.]io seems to still be a thing...
@jima @james
Tor Iver Wilhelmsen
Unknown parent • • •@jima @james I think the people initially using .io for cloud* tech related domains have started using .cloud by now?
*) It’s just code and data on someone’s server someplace.
Michał "rysiek" Woźniak · 🇺🇦
Unknown parent • • •@jima ICANN made those rules, ICANN can fudge them.
@james
Michał "rysiek" Woźniak · 🇺🇦
Unknown parent • • •@jima sure. But this is not vacuum, this is .io, used by docekr[.]io, Google, who knows what else.
@james
Jima
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •@james I agree, just probably not in a vacuum.
mspsocial.net/@jima/1132739471…
Jima :Compromise_bi_flag: (@jima@mspsocial.net)
MSP Social.netJima
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •@james Any feelings on the requirement that gTLDs be 3+ characters, per ICANN? 🤔
mspsocial.net/@jima/1132738071…
Jima :Compromise_bi_flag: (@jima@mspsocial.net)
MSP Social.netJobu Tupaki
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •fuck anyone who profiteered
off the backs of the Chagossians:
you aren't even a serious technologist
if you prioritized marketing vanity
over sustainability for your project.
you reap what you sow;
you get exactly what you deserve.
Erik Uden 🍑
in reply to Michał "rysiek" Woźniak · 🇺🇦 • • •Michał "rysiek" Woźniak · 🇺🇦
Unknown parent • • •Michał "rysiek" Woźniak · 🇺🇦
Unknown parent • • •Space Catitude 🚀
Unknown parent • • •@fasnix
When I decided to use a .tv domain, I investigated to find out where that is and where the money is going: Island nation of Tuvalu -- a good deal for an atoll in an age of sea level rise.
I wonder if, similarly, the just thing to do with io wouldn't be to transfer the entirety of the (very profitable?) domain ownership to the displaced/repatriated islanders. Sounds like they could use the money.
🤔
Michał "rysiek" Woźniak · 🇺🇦
Unknown parent • • •@fasnix the context was people freaking out in my timeline that their fedi instances might disappear any day because of that.
And the point was to calm people down and remove some stress, as this is going to take years.