Readit News logoReadit News
mozman commented on Scientific American's departing editor and the politicization of science   reason.com/2024/11/18/how... · Posted by u/Bostonian
CamperBob2 · 9 months ago
Also, trial lawyers would rapidly become the wealthiest people on Earth if genuine, reproducible evidence of harm from non-ionizing radiation could be found.

If you thought the tobacco and silicone breast implant settlements were impressive...

mozman · 9 months ago
Divorce lawyers are generally the most profitable. $750/hr if you’re good.
mozman commented on Google reacts angrily to report it will have to sell Chrome   bbc.com/news/articles/cy4... · Posted by u/rmason
smgit · 9 months ago
The only regulation Adtech companies need is a cap on how many Ads they can show to a single person in a day. Right now its infinity.

All this other stuff won't make any diff cause its all about how much Attention they are allowed to capture, steal, buy, sell and waste.

mozman · 9 months ago
I haven’t seen an ad in years through careful ad blocking

Extensions API needs more granular controls and to remain functional

mozman commented on Ask HN: How do you communicate in a remote startup?    · Posted by u/aml183
diggan · 9 months ago
> 1. Gitlab somehow statistically tracks public / DMs. Haven’t implemented at my startup but if anyone knows a simple way to do - please let me know.

If you use Slack, I think the admin panel already contains the number of messages in channels VS DMs. Long time I last saw it myself, but I think it was missing a breakdown on how many members of the Slack received the channel/"public" messages (as not everyone is part of every channel, 2 member channels vs 200 member channels for example), maybe it looks different now.

> 5. Slack Is Great But (SIGB) - teach people that they don’t need to read everything. Many people get overwhelmed

I think this happens when Slack is the "source of truth", because the ephemeral feeling it gives since it's a chat ultimately. If you instead use a wiki/whatever to actually collect things that are important, there is less stress about possibly missing out on important things. Make summaries by week/month and it'll be even easier for people to catch up easily, which means even less stress :)

mozman · 9 months ago
Slack is meant to be addictive. I only use the web client and modify it with tampermonkey

All notifications disabled and I only read when pinged. davison updates are the only mechanism allowed.

mozman commented on Interview gone wrong   ashu1461.com/interview-go... · Posted by u/ashu1461
necovek · 10 months ago
I disagree: if you are demonstrating your mastery of a language (and with Python, these things are important: using appropriate syntax is the difference between dog slow code and fast code), you should use idiomatic patterns like the above.

Another of Python features is a great REPL: when unsure or confused by an interviewer, I'd just fire python from shell and type in 'x' == 'x' == 'x' to confirm and demonstrate it does the right thing (or write tests).

Obviously, the interviewer should be careful not to sidetrack the candidate much, and let them do the work and attempt to help only if things don't work out.

mozman · 10 months ago
In the real world you iterate, profile, and optimize
mozman commented on M4 MacBook Pro   apple.com/newsroom/2024/1... · Posted by u/tosh
kayodelycaon · 10 months ago
Humidity in the air can eventually trigger whatever they use to report wet damage.
mozman · 10 months ago
It’s a hygroscopic sticker made by 3m.
mozman commented on Cuba's power grid fails, plunging country into darkness   reuters.com/world/america... · Posted by u/Scoundreller
proc0 · 10 months ago
The reason why communism is always destined to fail is because it cannot process large amounts of information from the market. It's like a single core CPU trying to run a large operating system with millions of processes and services. There has to be a decentralized system for markets to grow to the scale of a first world economy, it's the only way to handle that much information and as a consequence growth.
mozman · 10 months ago
Communism will never work due to human ambition. There will be corruption, nobody will ever be equal. I have no opinion on who determines what other than corruption.

Cuba is full of rich and futile soil ripe for crops but the government owns the land and forbids it.

No system with humans will ever be perfect but communism doesn’t seem to be the answer.

Has it ever worked?

mozman commented on Should We Chat, Too? Security Analysis of WeChat's Mmtls Encryption Protocol   citizenlab.ca/2024/10/sho... · Posted by u/lladnar
tptacek · 10 months ago
The GCM IV thing didn't ring true to me either; in fact, the whole reason we have XAES-type constructions is to enable fully nondeterministic IVs, which don't fit comfortably in the GCM IV space.

Regarding padding oracles: it is most definitely not necessary for a target to generate a "padding error", or even an explicit error of any sort, to enable the attack.

mozman · 10 months ago
> nondeterministic IVs

Can you explain what this means?

mozman commented on Two never-before-seen tools, from same group, infect air-gapped devices   arstechnica.com/security/... · Posted by u/lisper
gnopgnip · 10 months ago
Since 2008 or so all US government computers on SIPR block USB storage devices are unless they are on an approved list. Autorun is disabled.

Physical security is another big factor, there is a long checklist for a SCIF that at some level takes into account TEMPEST type threats that mitigate many attacks on air gapped systems.

And none of these things are the default on commercial software because users want it to be frictionless. They want software to install right away when you plug in a usb drive, etc.

mozman · 10 months ago
Someone who gets it. I work in security and everyone hates me because I add friction and cost. On the flip side, I have a lot of PII to protect.
mozman commented on 1 bug, $50k in bounties, a Zendesk backdoor   gist.github.com/hackermon... · Posted by u/mmsc
portaouflop · a year ago
You can also view all submissions in h1 pre triage. This was incompetence on both h1 and zendesk as gp stated not a limitation of the platform per se.
mozman · a year ago
Sure, that’s why I am not naming a competitor. Security leadership is the biggest wildcard. I always want to do the right thing. Not everyone does.

Deleted Comment

m

u/mozman

KarmaCake day645August 12, 2020View Original