@dan_turner@cosocial.ca
@dan_turner@cosocial.ca avatar

dan_turner

@dan_turner@cosocial.ca

Software engineer in the PNW. I like boring systems and photography.

I want to build something that matters.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

timbray, to random
@timbray@cosocial.ca avatar

A programmer can say “I’m mocking time” and be making perfect sense.

dan_turner,
@dan_turner@cosocial.ca avatar

@timbray we tried to mock time, but it had an unexpected coupling with space 😕

</RelativelyBadJoke>

timbray, to random
@timbray@cosocial.ca avatar

visible but very faint at midnight in Vancouver

dan_turner,
@dan_turner@cosocial.ca avatar

@timbray It was incredible in Victoria at 10:40 - 11:30. I walked to the nearby Summit Park, which had less light pollution and let my eyes adjust. I saw Visible Aurora in all directions, even right overhead. I could even make out the colours without a camera.

It was much fainter on the walk back on well-lit streets. I could find a smudge from my North-East facing balcony, but the artificial light made it hard to see.

andymckay, to random
@andymckay@mastodon.social avatar

Does anyone in zoom actually do this?

dan_turner,
@dan_turner@cosocial.ca avatar

@andymckay This is one of my favourite papers of all time and it's so rarely relevant!

Gutmann, "Do Users Verify SSH Keys", 2011 Usenix

Abstract:

> No.

https://www.usenix.org/system/files/login/articles/105484-Gutmann.pdf

timbray, to YouTubeMusic
@timbray@cosocial.ca avatar

Gack, this story about Google apparently laying off YouTube Music employees who were trying to unionize? (Haven’t seen any reported/verified coverage yet, but watching.)

Long time YTM customer here. Initial feeling is that this is unacceptable and I guess I’m looking for streaming alternatives?

dan_turner,
@dan_turner@cosocial.ca avatar

@timbray I turned on home sharing on my windows box last night. VLC on my phone can play songs, but it's slow to load the track listings. Works if I'm at home, but doesn't work if I'm travelling.

timbray, (edited ) to random
@timbray@cosocial.ca avatar

Now that’s interesting: DALL-E 3 will content-tag its output with C2PA: https://petapixel.com/2024/02/08/ai-images-generated-on-dall-e-now-contain-the-content-authenticity-tag/

The effect is that unless you remove the tag (which is easy), 3rd parties can verify that the image was generated by DALL-E 3. The use-case for this is not obvious to me… anyone have an explanation in mind?

dan_turner,
@dan_turner@cosocial.ca avatar

@timbray my best read: removing the tag shows intent.

If you sub-contract artwork, and the subcontractor uses DALL-E and removes the tag, and you notice, then you get to ask why they felt they had to remove the tag. The obvious inference is deceit: they knew you wouldn't accept the legal or PR risks, so they took that decision out of your hands.

That defines your future relationship with that contractor: do you want to work with a contractor who lied to you?

rossgrady, to random

I just don't even know what else needs to be said about a bunch of people who are presumably pretty good at what they do -- the glibc maintainers -- still managing to introduce a new buffer overflow bug (new circa 2022) into one of the most important codebases anywhere, which in turn leads to multiple CVEs.

Like, if you're still writing C of any kind in the 21st century, you have to ask yourself "am I better at manual memory safety than the glibc team?" And if the answer is no, then you're probably also writing these kinds of bugs.

RE: https://infosec.exchange/users/BleepingComputer/statuses/111847408179020212

dan_turner,
@dan_turner@cosocial.ca avatar

@rossgrady possible Eldritch horror: can we write a libc alternative in Rust?

lauren, (edited ) to random
@lauren@mastodon.laurenweinstein.org avatar

AT&T is sending out letters warning they want to kill virtually all landlines (and perhaps related data circuits where fiber is unavailable) across essentially their entire coverage area throughout California. This would have devastating effects. Related CPUC meetings will be taking place through March.

Landlines provide crucial services for individuals, businesses, and other organizations in a wide variety of situations -- not just emergencies when cellular and Internet service tends to rapidly fail, but also for vast numbers of people in areas with poor, unreliable, or in many cases (even in large sections of major cities!) NO cell service, NO fiber, etc.

Landlines often provide the only available communication in a wide variety of security and safety situations, from elevators to interior spaces of all sorts where cell service simply doesn't work.

Many disabled and other persons have crucial equipment that depends on landlines. Often they are not tech-savvy and do not have friends or relatives to help them through forced technology changes.

AT&T has been shirking its public safety responsibilities for years, while still leveraging their effective monopoly on services in so many areas.

Their new effort must be stopped. I'll have much more to say about this as the situation progresses.

dan_turner,
@dan_turner@cosocial.ca avatar

@lauren Assuming they do go through with this, how do we support our non-tech-savvy friends who need a landline?

glyph, to random
@glyph@mastodon.social avatar

A tremendous number of words have been written—many of them by yours truly—about why we should, or should not, have required licensure for computer programmers. I think I’ve realized that we have been asking the wrong question. The real question is whether we ought to require licensure for operating computer networks of sufficient scale. The programming is a red herring.

dan_turner,
@dan_turner@cosocial.ca avatar

@glyph I like this model, but I'm struggling with how to deal with the accidental nature of many big systems.

Google started in a dorm room, Amazon in a garage. No-one accidentally brings a pacemaker to market.

Should there be some threshold above which regulations apply? What will we do with the systems supporting the business that were built before the regulations applied?

mattgrayyes, to random
@mattgrayyes@chaos.social avatar

I had a great day at my first unconference yesterday: @barcamplondon

The schedule for the day is entirely blank and made out of index cards. Any attendee can do a talk, by taking an index card and writing what they’re going to talk about!

It was very chill, friendly and welcoming.

Photo of my session’s index card on the schedule: How Radio Works From the presenter’s face to your ears Matt Gray (If my iPad is AV compatible)

dan_turner,
@dan_turner@cosocial.ca avatar

@mattgrayyes @barcamplondon electric wobbles in the presenter's brain goes to air wobbles in the room goes to electric wobbles in the sky goes to air wobbles in your house goes to electric wobbles in your brain

mattblaze, to random
@mattblaze@federate.social avatar

Been hearing whispers all weekend, some from people who I'd definitely listen to, of a remote execution 0day in the Signal desktop and possibly also mobile app. Mitigation is supposedly to disable link previews (under settings->chats).

I have no more details. What I've heard doesn't completely make sense, but disabling link previews should be at worst harmless and seems prudent until this is clarified.

dan_turner,
@dan_turner@cosocial.ca avatar

@mattblaze obviously it's misinformation as part of a GCHQ op 😐

dan_turner, to random
@dan_turner@cosocial.ca avatar

My Halloween costume this year is "sexy inexplicable outbound conn on tcp/389"

malwaretech, to random

I keep seeing this get reposted and I can't tell if people are trolling for engagements or if everyone is just completely financially illiterate. If you get any answer other than $400, you need to go back to school.

dan_turner,
@dan_turner@cosocial.ca avatar

@SwiftOnSecurity @malwaretech The US has allegedly failed to teach basic literacy in public schools for the last decade or so: https://features.apmreports.org/sold-a-story/

SwiftOnSecurity, to random

Truly impressive the enormity of the dipshits pushing their business acumen and mastery of capital suddenly finding out businesses have to generate money and they haven’t been fucking doing it this whole time and yet still expect us to peel their grapes for their presence.

dan_turner,
@dan_turner@cosocial.ca avatar

@malwaretech @SwiftOnSecurity Tide goes in tide goes out, you can't explain that.

Edent, to wordpress
@Edent@mastodon.social avatar

How sensible / feasible would it be to have a different CSS theme for each year on my blog?

So posts from 2009 have a different look from 2010's posts etc.

I was thinking about how… misleading it is that all my old posts look the same as my modern ones.

Why, yes, this Yak is particularly hairy. Why do you ask?

dan_turner,
@dan_turner@cosocial.ca avatar

@Edent you really want to yak shave? Step 1: define "year" unambiguously 😅

lcamtuf, to random

deleted_by_author

    •
    dan_turner,
    @dan_turner@cosocial.ca avatar

    @lcamtuf HONK

    Seems notable that Scotland also uses a thistle on their floral emblem.

    jacqueline, to random
    @jacqueline@chaos.social avatar

    so if it's a single board computer, how come you have so many of them?

    dan_turner,
    @dan_turner@cosocial.ca avatar

    @jacqueline ... They're ready to mingle?

    dan_turner, to random
    @dan_turner@cosocial.ca avatar

    The longest year on record was 1972.

    It was a leap year, so it had 366 days, but it is also the only year to have had 2 leap seconds, making it 31,622,402 seconds long. Most "regular" years are only 31,536,000 seconds.

    dan_turner,
    @dan_turner@cosocial.ca avatar

    Correction: It's the longest recorded year since introducing leap seconds.

    The longest recorded year up to that point was 46 BCE, where the Romans added three whole-ass months to their year, for a total of 445 days in one orbit of the sun.

    dan_turner,
    @dan_turner@cosocial.ca avatar

    @mansr I'm not sure off hand, but 1582 seems like a good candidate as many Catholic countries adopted the Gregorian calendar on that day and "lost" 10 days of their year, making the year 355 days long (the solar year was still 365 days). 1752 is also a candidate, since that's when the British Empire adopted the Gregorian calendar. Greece was the last country to adopt the Gregorian calendar in 1923.

    https://fem.social/@mehdorn/111126372538194311
    https://www.legislation.gov.uk/apgb/Geo2/24/23/contents

    dan_turner,
    @dan_turner@cosocial.ca avatar

    @mansr Most places "lost" 10 days, making their year only 355 days. However, different countries changed at different times. Some "lost" 13 days. Some converted from calendars other than the Julian Calendar (e.g. Egypt).

    dan_turner,
    @dan_turner@cosocial.ca avatar

    @mansr Indeed :-| https://cosocial.ca/

    mattgrayyes, to random
    @mattgrayyes@chaos.social avatar

    Computer storage NERDS: I'm looking for a cost-effective 1U faaast NAS.
    This is the best I've found, for about £700. The next best i found was ~£1800.

    Know owt better i could get, or any reason I shouldn't get this?

    No I'm not building my own from scratch.

    https://www.qnap.com/en-uk/product/ts-435xeu

    (I've got a perfectly functional Drobo 5D, whose old driver's going to stop working on MacOS shortly as the company's gone bust)

    dan_turner,
    @dan_turner@cosocial.ca avatar

    @mattgrayyes Not much experience in the last decade or so, but RAID6 is ≈essential given the size of today's drives. Ideally z6 on ZFS.

    Resilvering after a loss takes a long time with a big disk, and it puts stress on the remaining drives. You're at higher risk of a correlated failure while you have no redundancy in RAID5 (or z5). RAID6 reduces (but does not eliminate) that risk.

    If your data is expensive, it's often worth the extra disk. OTOH, you can get that safety through other means.

    dan_turner, to random
    @dan_turner@cosocial.ca avatar

    How do humans even do electronics?

    I'm trying to wire an Arduino to a temp/humidity/pressure sensor over I²C. My life currently revolves around the conductivity test on my multimeter and wobbling different wires and components.

    I swear it was never this hard when I did my GCSE/A-Levels.

    dan_turner,
    @dan_turner@cosocial.ca avatar

    @mattgrayyes oo, thanks! I'll look at that for my next project.

    I'm hoping to eventually make my way back up to making PCBs and what-not.

    Do you think this is a practice problem or a "tools/materials have changed" problem?

    I never used to get these problems in my teens, but that was 10+ years ago in a different country.

    SwiftOnSecurity, to random

    Once you open WireShark you realize all these machines are fucking eachother all the time.

    dan_turner,
    @dan_turner@cosocial.ca avatar

    @SwiftOnSecurity it's literally a "three-way handshake"

    They're not hiding it very well 😅

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • tacticalgear
  • magazineikmin
  • thenastyranch
  • Youngstown
  • mdbf
  • rosin
  • slotface
  • InstantRegret
  • khanakhh
  • Durango
  • kavyap
  • osvaldo12
  • DreamBathrooms
  • JUstTest
  • GTA5RPClips
  • ngwrru68w68
  • everett
  • tester
  • ethstaker
  • cisconetworking
  • cubers
  • modclub
  • provamag3
  • anitta
  • normalnudes
  • Leos
  • lostlight
  • All magazines
    •