(Feb 2022)
Readit Newswildmanx commented on Google Search Is Dying (2022) dkb.blog/p/google-search-... · Posted by u/punnerud
wildmanx commented on The six dumbest ideas in computer security (2005) ranum.com/security/comput... · Posted by u/sweenycod
> It hasn't aged well.
You’re wrong, it’s aged quite well.
Just take as one important set of examples the new mobile operating systems since this piece was published. Even the most thoughtfully designed and locked down (even with hardware, various uses of encryption etc) continue to have vulnerabilities at the base layer year after year. Bug hunting looks every year more and more like just an expensive sport for condescending security experts who think little about the broader context in which they operate. As much as we all appreciate the whack a mole.
Where there has been genuine security improvement is where we’ve taken the structural, locked down approach advocated here (see also djb’s paper about qmail security). iOS and Android apps (particularly the former) seem genuinely more secure than most desktop apps because they are structured to have very limited permissions from day one. The app environments on those systems looks like they were designed with many of the principles from this post expressly in mind.
The lessons for the OS layer seem obvious. Qubes and in particular Joanna’s post about “Qubes Air” point in one very promising direction.
> > It hasn't aged well.
> You’re wrong, it’s aged quite well.
Part of the problem is that there are many people in the field of security with overly strong opinions. This is not healthy. The field is full of know-it-all people, with if-only-people-were-not-as-dumb kind of attitudes. This is not helping anybody. Any not-as-strongly-opinionated bystander looks at this and has no clue whom to listen to, since so many people are strongly expressing 100% opposing views. Calling everybody else "dumb". This is not helpful to bring the field as a whole forward.
wildmanx commented on Google set to deprecate JPEG XL support in Chrome 110 phoronix.com/news/Chrome-... · Posted by u/berkut
> Twenty years ago, PNG wasn't really supported by any popular browsers of the day, but it showed its capabilities (especially compared to GIF) and was eventually incorporated. I'm assuming that you'll also say to me "You planned to move your entire business to a feature that has thus far never been shipped by any browser?"
That's rewriting history a bit. There was a long gap between 1997 when png was added and when people started to really use it. A lot of it due to issues with transparency in internet explorer.
But yes, if you in 1996 said you were moving your entire business to png, i would similarly think that is an odd move.
More generally moving your business to something that doesn't exist yet is usually pretty dangerous. Moving your business to something that both doesn't exist and that nobody has promised to for sure implement seems downright risky.
And sometimes that's what provides the edge over your competition.
wildmanx commented on Ask HN: Why are there not more Apple-quality products? · Posted by u/epicureanideal
This is a lie that often gets repeated over and over, but I have firsthand anecdotal experience of how this is not true. My mother has no formal education and when she was given an Android she struggled to do basic things. Once she got an iPhone it was night and day and an entire world was opened to her and she was able to use and discover her phone with almost no handholding.
That has still not changed with the latest Android updates. Yes the home screen might look "similar" but once you get past that first surface layer interaction, to people like her the Android system and UX design language are a mishmash of incoherent ideas and visions whereas on an Apple device things work as she would intuitively expect consistently regardless of the app she's using or what she's trying to do with her phone.
> This is a lie
Please check out what the word "lie" means and until then stop using the word.
Hint: The post you replied to did not claim something of which they know that it's not true.
I am paid to write code not sit in 10 meetings a day. If I raise the issue everyone gets all pouty. There is an unspoken feeling of being forced to attend every meeting assigned to you just in case something feels useful. You deliberately ignore this to make your (absolutely wrong) point.
> I am paid to write code not sit in 10 meetings a day. If I raise the issue everyone gets all pouty.
Then it's time to move on. This is not a way mature adults should be handling such a situation.
A passive-aggressive reaction isn't mature either though, so maybe this is mutual and your company and you are actually perfectly in tune.
My favorite part of this project has got to be the helmet. For one, because it's pure concrete, with no metal frame inside it like the other parts. And second, because it best illustrates the utility of the project in that a concrete helmet is literally worse than useless.
> a concrete helmet is literally worse than useless.
Is it? It would still absorb energy upon impact. Which, in contrast to popular belief about bike helmets, is its main function. Yes, ordinary bike helmets will also just break. But in doing so, they absorb energy which then won't be absorbed by your skull.
There is no point in a perfectly stiff helmet. It would just transfer the energy right through and you'd crash your skull into the helmet, which doesn't help.
The stationed troops and machines were not nearly enough to handle the situation, see my sibling comments. You can't suppress protests of several millions with 300k not-so-willing troops and 5000 not-so-good tanks (the Czechoslovaks manufactured their own tanks because of how bad the Soviet manufacturing was).
For one thing, the problem is your tanks and troops have to be ready all around the country - the protesting people are moving across the state quickly. One day there's a protest in Prague, second day it's in Brno - but you can't move your 300k troops and 5000 tanks from Prague to Brno in a day. And then the next day it's Ostrava and you have to do it again. Then an incident happens and that provokes a 10x bigger protest in Prague, Brno and Ostrava at the same time. That's impossible. You need much, much more troops and tanks to handle this scale of rebellion - and the requested air support that never came. And your tanks will never make people go back to work, anyways.
(I'm discussing Gorbachev, not GDR specifically)
> The stationed troops and machines were not nearly enough to handle the situation, see my sibling comments. You can't suppress protests of several millions with 300k not-so-willing troops and 5000 not-so-good tanks
I don't know how old you are or where you were at the time. I was there. In the GDR, in East Berlin. On the streets. And I can tell you, a few tanks and troops getting their guns out would have made major impressions on people.
It's not just a numbers game. You are greatly oversimplifying history here. Quite naively so, I might add.
It's a great achievement of history that Gorbachev made the Soviets keep their feet still and among many eastern Germans it's regarded as quite the miracle that this whole episode went down non-violently. Look around in the world in the last decades. This was the major exception, and Gorbachev was central to that.
Also, let's get the picture of the situation straight. He didn't just passively sit bunkered in in Moscow, letting things happen. He actively went out to meet leaders of other involved powers, including the German chancellor and foreign minister, Kohl and Genscher, which he outlived by a few years.
The thing is, the tanks would have to get there. Getting a tank 1000 km past at least 3 unfriendly borders is an enormous logistics issue, and a major resource drain - resources that simply did not exist, not even talking about the human resources.
And you're discounting the strength of millions of super-angry people too much. They would destroy the few tanks with rocks (or molotovs, as illustrated in Ukraine) if they had to.
Transport them? What are you talking about? The Soviets had bases all over the place in Eastern Europe.
The case being discussed here, Eastern Germany, was just behind the iron curtain, remember? Soviet troops were at ~300 locations on the GDR territory, ~50 airfields, over 300,000 soldiers, over 4,000 tanks.
wildmanx commented on Hydroponics: Growing an appreciation for plants bunniestudios.com/blog/?p... · Posted by u/zdw
Hydroponics should be taught to schoolchildren in the first grade in every school. It’s a wonderful way to convey science and for kids to see the fruits of their experiments.
Playing devil's advocate .. it will also get the kids more disconnected from the natural environment that we're embedded in, after all. You know those statistics of so-and-so-many kids out of 100 don't know where beefsteak comes from, where milk comes from or how potatoes grow? Since all they see is the result in the store? This gets worse when the kids change from lack of knowledge to thinking plants grow in glass pots without soil.
Hydroponics may be fun for hackers. But it's a bastardized form of growing plants, that happens to work, but it's a terrible way to convey science (if not taught very carefully and embedded in a much larger picture with actual nature).
Schools should visit more farms instead.
- Bah, it's not very fun.
- It's been done before.
- It took too long to make.
Seriously. Let me repeat that. An AI generates a game. It comes up with the rules for the game. It even writes the code and designs the web page for it!
Come on! This is amazing!
But it hasn't! This is just another step in the BS storm coming out of the latest AI hype. The language model has reproduced something that has existed before and was likely part of its training data. That's cool, but it's far from what's being claimed here.
We really need to get better at fact checking this stuff. And with "this stuff" I mean the output of LLMs and other AI frameworks as well as the claims about it. And with "we" I mean society as a whole and our industry in particular. Let's keep the hype in the drawer. The general population can be hyped up about sth, but we should know better, so instead of joining the hype, let's keep a cool head and educate people about what this is and what it isn't.