Readit News logoReadit News
khaki54 commented on Ask HN: Are AI filters becoming stricter than society itself?    · Posted by u/tsevis
stuaxo · 2 days ago
Isn't political correctness just politeness ?

Many of the arguments against just seem to come down to "I want to be a jerk".

khaki54 · 2 days ago
No. Political correctness in practice is a way to exercise control by shaming people for adhering to long established norms of behavior and vocabulary.
khaki54 commented on When root meets immutable: OpenBSD chflags vs. log tampering   rsadowski.de/posts/2025/o... · Posted by u/todsacerdoti
dspillett · a month ago
I feel this is fixating on the wrong problem. Even with immutable flags there are various ways an attacker with root access could, after getting what they want from the system, cover their tracks by trashing the whole system⁰, and as usual if someone has physical access all bets are off. I see filesystem level flags like that to be more tools to stop you or a bug accidentally doing something stupid, than to get in the way of a malicious action by someone else.

While the standard might effectively call for immutable logs¹, he needs to read between the lines one step further: those logs do not need to be on the same machine. You could stream logs to another system that stores them immutably from the PoV of anyone except those with root or physical access to it. You still have a problem if an attacker gets access to both the source system(s) and the log sinks², there might be a latency issue meaning you could easily lose the last few log entries in the case of a complete disaster, and you have an extra moving part in your infrastructure to monitor, but it satisfies the requirement where immutable filesystem flags can not.

----

[0] Yes, you'll know something happened, and you might guess it was malicious and not random corruption, but enough tracks might be covered to stop you working out the initial who & how.

[1] and some standars explicitly call for them

[2] Careful granular access management should largely mitigate that risk. That could be a problem if you are a small organisation trying to protect against internal disgruntled admins³, but you could use a a 3rd party log-sink service in that case.

[3] This may seem overly paranoid, but if it is required for the standard your target audience wants you to have a certificate for…, and TBH it isn't that paranoid.

khaki54 · a month ago
Yep use syslog server or similar in conjuction with this, which basically gives you something like immutability since the data is on a remote server with hopefully different security controls. You really don't want to be trying to sort an attack out after the fact on attacker-controlled machine. They could of course turn off network links or syslog eventually, but you'd at least have the early stages of the attack and or perhaps be able to detect it before they actually get full access.
khaki54 commented on Show HN: Piano Trainer – Learn piano scales, chords and more using MIDI   github.com/ZaneH/piano-tr... · Posted by u/FinalDestiny
hofrogs · 2 months ago
This is cool. I am wondering if anyone knows if there is a game like Guitar Hero (old playstation game with a custom controller), but for piano and with MIDI input support, something to practice the mechanical skills, preferably with a library of beginner-friendly charts?
khaki54 · 2 months ago
Simply Piano and Yousician are pretty close to Rocksmith. A little more focused on teaching though. You can plug in midi or USB to your keyboard or it can use a mic to do note tracking
khaki54 commented on Basically Everyone Should Be Avoiding Docker   lukesmith.xyz/articles/ev... · Posted by u/Fred34
khaki54 · 2 months ago
Hmmm this reads like the author neither understands Docker or Linux, many of the issues they seem to have is just stuff they don't know the right approach to tackling.

Imagine pairing with a mid/Sr and watching them scroll up 40 commands in the terminal and they are complaining that bash won't let them up-arrow 10 lines at a time. In this case, someone writes 5000 words about how they can't get certbot working with their docker setup. They would benefit a lot from working with someone who knows what they are doing.

khaki54 commented on Hidden interface controls that affect usability   interactions.acm.org/arch... · Posted by u/cxr
TylerE · 2 months ago
One of my big beefs with modern UI is two-state controls where it's impossible to determine what the current state actually is. Like a button that says "Music Off" where it's unclear if that means the music is CURRENTLY off, or if clicking the button turns it off.
khaki54 · 2 months ago
Yep the best example. Especially if the result is not immediately obvious. Am I commanding "system on" or are you telling me "system on"
khaki54 commented on A Mysterious Website I Stumbled Upon   sbnation.com/a/17776-foot... · Posted by u/_Yguy_
khaki54 · 2 months ago
Works great in edge on mac
khaki54 commented on Learn touch typing – it's worth it   typequicker.com/blog/lear... · Posted by u/absoluteunit1
khaki54 · 3 months ago
Yeah I had a touch typing class for a quarter in 8th grade. I repeatedly cheated by lifting the paper obscuring my hands and never learned how to type. It's a notable lifetime regret!
khaki54 commented on Show HN: Defuddle, an HTML-to-Markdown alternative to Readability   github.com/kepano/defuddl... · Posted by u/kepano
khaki54 · 3 months ago
seems pretty much perfect including obsidian clipper. Thanks!
khaki54 commented on A Fire Sale of Portland's Largest Office Tower Shows How Far the City Has Fallen   wsj.com/real-estate/comme... · Posted by u/kamaraju
khaki54 · 3 months ago
A lot of words to bury this being the result of "the state’s botched experiment with drug decriminalization"

Dead Comment

k

u/khaki54

KarmaCake day517January 1, 2013View Original