Di4na

grimalkina, 20 days ago to random

By the way just a general comment that if I only studied the things I liked and supported personally I wouldn't be much of a social scientist

hazelweakly, 2 months ago to random

I love explaining complicated subjects in a quippy way that isn't necessarily wrong. For example:

Kubernetes is 20 while-true loops in a trench coat pretending to be a container orchestration platform.

What are your favorite quippy ways to explain a complicated topic? It could be anything! I'm just curious what y'all have :)

Di4na, 4 months ago to random

Redoing in case someone has a stash

If some of you are at #FOSDEM today, i would happily appreciate a gift of a few 3M Auras.

Long story short, mine stayed at home due to complex reasons. And no, other masks will not work. I tested a lot of them for the past few years, all other seal badly on my face.

Di4na, 4 months ago (edited 4 months ago) to random

If some of you are in #FOSDEM tomorrow, i would happily appreciate a gift of a few 3M Auras.

Long story short, mine stayed at home due to complex reasons. And no other masks will not work. I tested a lot of them for the past few years, all other seal badly on my face.

Di4na, 4 months ago to random

I pay at least 3 streaming services. I am more than happy to buy dvd, blu rays or digital versions of the shows and movies i want to watch.

And yet, i literally cannot find a good legal way to watch the shows i am interested in, in my country, except by "renting" a digital file. In a 4th totally different platform that only works on half of my machines.

Do i really have to pirate again, when I am ready to shell out hundreds of euros for a legit working copy?

What the flying horse?!?!

Di4na, 5 months ago to random

Boomers are numerous. They use 401k. Tons of money go to buying shares. They buy 90% of all of them and never sell.

This is our reality. We rarely talk about it but it is. Not super rich. Your parents. Aunt. Old lady May down the road.

So share price globally always go up. Have always. For 30 years.

Which means middle management results have been wholly unlinked to their performance evaluation for 30 years.

No wonder our corps are totally unmoored from reality.

Di4na, 5 months ago to random

Why not do #FollowFriday in here too? Even if it is Saturday for me.

@cstross for being a good voice to highlight the economic and tech stuff just under the surface

@norootcause for being a far better blogger than me around Safety science

@shortridge for being a voice of reason in the infosec crowd

@Wolven for bringing a needed lens to look at the SV beliefs

@kurtseifried for being a good sport about my dump yelling at infosec

Ty all!

Di4na, 5 months ago to random

@kurtseifried @joshbressers following some regulations discussions lately, i thought you would like this one
http://highscalability.com/blog/2023/8/16/the-swedbank-outage-shows-that-change-controls-dont-work.html

When you look at what we recommend for supply chain security, how different is it? ;)

Di4na, 7 months ago to random

Open question to possible FOSS lawyers out there.

Would a "license" that provide all the classic open source tenets but give fines for ever contacting the authors be possible and enforceable?

I don't think it is a good idea, but i am wondering about some things.

Di4na, 7 months ago to random

Small r rationalist today: Wake up. Check networks. See Andreesen posted a shitshow again. Read it.

Wait WAT. He tweeted it out? Really. Oh no.

Di4na, 8 months ago to random

That moment when you realise that the "state of the art" 2023 report you are reading, which has a reputation for being solid science and trustable, seems full of both dataviz crimes and basic data analysis mistakes.

I am usually big on Hanlon, but this time it is starting to be hard to not see something more problematic possibly under the crap...

Well. What was a small dataviz rant blogpost is turning into a full on sleuthing on the biggest authority in my field it seems. Lucky me.

Di4na, 8 months ago to random

Hello, I am looking for opportunities at the moment.

FTE. Remote from France is strongly preferred.
I have experience delivering results, helping teams move faster, and making users amazed by the products I work on.
I can help reinforce your team with Elixir expertise, devops chops, and getting a better process.

I have done all of this in the past, I have the skill and knowledge, and I am searching for my next employer.
contact me here or by email https://www.softwaremaxims.com/resume

#MyElixirStatus

Di4na, 8 months ago to random

Today has not been a particularly good day, but it was not a bad day either, and just...

I don't think it will resonate with anyone who does not have ADHD, and honestly idk if I need it to. But I need to yell about it and this is the best place.

I had no idea things could be this easy. The meds are not solving everything but like. Is it how it is for y'all? You can just... DO THINGS?!?!616?!

And yes I am crying saying it.

Oh Also. Some things can actually make you feel better after doing?!

Di4na, 9 months ago to random

So i will not have time until the weekend, at best, to write a full blogpost about it.

But fucking hell is this a ball of crap with nearly no ties to reality. I understand you all would love the real world to work like in this "manifesto" but... I am sorry, this is not reality.

https://openssf.org/blog/2023/08/24/join-us-in-adopting-the-open-source-consumption-manifesto/

Di4na, 10 months ago to random

I will repeat it again. If you have a hard time hiring for niche technologies like Elixir, feel free to reach out. I know dozens of experienced and skilled devs dreaming about an elixir job.

But every time they try, they find atrocious hiring practices, really bad work environment or get rejected.

The problem is not the market. It is your practices and your work environment. If you are ready to change that in order to beat the market, I am happy to help you do that.

#myelixirstatus

Di4na, 10 months ago to random

Has anyone tracked where Musk got the obsession with X as the killer app for everything?

The only real thing i can find as inspiration in my knowledge of the cultural material he draw from is The eXchange from SR. But iirc it is from 3rd edition aka 98, so could be a reverse influence.

Or is this a SAC?

Maybe @cstross or @davidgerard or your own networks? This guy has to have it from somewhere.

Di4na, 10 months ago to random

Open call to people with the knowledge. This is not urgent, I am not yet at this stage, but I am working on a (for now toy) language and trying to make sense of the state of using LLVM as a backend. In particular, do I want/would benefit from bringing in the whole MLIR circus, and if yes, how?

I do not know and understand enough to answer, so going for a "no" for now, but I also have a few passes in mind already that may fit well the MLIR framework...

So if you want to help me answer this, DM.

Di4na, 10 months ago to random

Ok, @davidgerard , sorry, not sorry. People around me are starting to realize that maybe there is a strange agenda behind all the AI claims and that a lot of the stuff around "Existential risks" seems... strange. Doh, right for us. The current trend seems to blame Musk for it all.

Is there a good book for an intro to the reality of the whole LW/Yudk cult etc? Neoreaction a Basilisk is a bit too advanced to just throw at them from my pov.

And yes. You were my port of call for this.

Di4na, 11 months ago to random

I just watched this fantastic talk by @amirian from #neverworkintheory and thank you so much for bringing the experience of the operators to this. And for fantastic research in this domain.
https://www.youtube.com/watch?v=ceuNc5cy1UA

I wonder, when we look at vulnerability and patches across the board, like Log4Shell, we see that around 60 to 80% of patches applied "timely" with a long tail forever seem to repeat. Do we have research on what makes this happen?

https://www.sonatype.com/resources/log4j-vulnerability-resource-center#dashboard

Di4na, 11 months ago to random

Discoveries this weekend:

Software Developer Experience problem is recursive. And we constantly fail to integrate that into our design.

Example: Tree-sitter is an excellent parser generator to allow the next generation of language to kickstart their parser with great syntax highlighting and outline tokens. Love it. Really easy to use, too (until you need external). It has excellent testing integrated, great!

It also has no LSP shipping with it or highlighting for its test format.

Di4na, 1 year ago to random

Who the fuck thought that passkeys and passwordless were a good idea?

One week into having moved to a yubikey 5 (after years of my previous yubikey), and every service on the planet wants me to use it as a passkey and not just a 2fa otp.

Except it is crap. Like at this point, I just want to delete 2FA from everything due to how worse the UX was.

It is time to unplug that experiment, this is going to make people stop doing the secure thing.

Di4na, 1 year ago to random

I rarely agree with the conversation of "lack of reciprocity" for FOSS maintainers. Reciprocity itself does not make sense to talk about in this situation imho.

But I do think that there is a double standard. Here is my example for today. Do better corp.

Just. Give your employees frigging security tokens.

https://www.softwaremaxims.com/blog/2fa-community-participation

Di4na, 1 year ago to random

Do I have anyone with a tool that could query the full range of code bases for idk... all the big FOSS tools? In my followers network? If yes, I would love to get data on the following questions.

"How many projects have a bin or scripts directory? What is the distribution of languages used in these?". Bonus point if you can count the "build tasks" too, things like npm assets.build or equivalent. Use of make as a task runner, and not as a build system, would probably be interesting too.

Di4na, 1 year ago to random

I think I finally found a name to put on the work that needs to be done to bring all the fantastic ideas that come out of academia and esolang into the tooling for developers out there.

And I think this is the way out of the pit of pain and security vulnerabilities our digital infrastructure is in rn.

What do you think?

We Need More Process Engineering in Software

https://www.softwaremaxims.com/blog/process-engineering-software

Di4na, 1 year ago to opensource

As a maintainer of OpenSource libraries and packages, there is something that kept feeling off in the whole Software Supply Chain discourse. I think this comes down to something simple.

I am not a Supplier.
You can read more explanation there https://www.softwaremaxims.com/blog/not-a-supplier

#opensource