falcon

falcon, 1 year ago to random

I can't believe I need to say this. If I notice your resume is written by an LLM like ChatGPT - and you can bet I likely will - I will be forced to assume you take the same kind of care with your work.

Asking me to read or review LLM output is disrespectful of both my time and intelligence. Want a job? Tell me, yourself, how you can contribute to my team.

falcon, 8 months ago to random

Having read the case against Google's new passkey rollout, I remain even more convinced that it's the right thing to do. Yes, some users have physical device compromise as a major feature in their threat model. But the vast, vast majority, even among vulnerable populations, are at greater risk from phishing and bruting. What Google should be doing is educating users and providing tools. Examples in thread:

falcon, 1 year ago to random

Decarbonization is not even a radical position. Everyone knows a "global supply chain" where goods do laps around the world is efficient only to capital, and only as to their desire to minimize wages, is inefficient. You don't need a deep analysis to figure out there is no reason for things like this to exist. How many train trips across your city could be had for the energy cost of avoiding a packing plant along the route of travel for this?

falcon, 8 months ago to random

You do not get to shut down valid criticism of your work and actions just by virtue of being a member of a minority. I can't believe how often this comes up even still.

Obviously if one is targeted, that's a problem, but please look up and understand disparate treatment and disparate impact. These concepts are /comparative/. Between marginalized and non-marginalized groups.

Also fwiw my own experience is that I feel most safe when my work gets the same type of feedback others' does.

falcon, 5 months ago to random

Eventually, the reality of all those empty office spaces is going to have to catch up with commercial REITs. Funding partners can either accept a reduction in rent and portfolio size, or let the market bleed them dry while they hold out for the past come back.

25 PSF per year doesn't make any sense for class C buildings in the CBD or light industrial in SoDo, when they sat vacant since 2020.

falcon, 1 year ago to random

Is it the dangers of the .zip TLD, or the dangers of rarely used features in HTTP URIs such as basic auth in the URL, or worse, just a username in the URL?

falcon, 5 months ago to random

Man, two (2) people are boosting piles and piles of COVID alarmism in my feed. Do I just unfollow them and all else they post, or do I continue to mute the senders of each toot forever? Decisions.

falcon, 1 year ago to random

I wonder if there is some reason we are not being offered updated covid boosters anymore?

falcon, 5 months ago to random

The focus on memory corruption vulnerabilities right now has in its roots a fundamental error in how we perform risk analysis. The types of software for which CVEs issue, which is a shrinking subset of all software, happens to be the type of software for which memory corruption vulnerabilities figure highly in the threat model.

So it may appear that 70% or whatever of 2023 vulnerabilities were about memory safety, but much less than 70% of annualized loss expectancy is attributable to it.

falcon, 1 year ago to random

Do you like forward secrecy? Or do you want TLS keys to be:

• Given to you by a security appliance which keeps a record of them to decrypt the traffic with
• Sent over the network to traffic inspection middleboxes
  Subject, of course, to corporate or institutional policy.

No? Tell NIST what you think before June 26th ->>> https://content.govdelivery.com/accounts/USNIST/bulletins/359534b

falcon, 11 months ago to random

I have caught a glimpse of what it might look like to have a functional relationship with another person after a lifetime of dysfunctional ones, and somehow managed to make it be probably dysfunctional too. I wonder how anyone else does it, but this experience taught me I completely lack a functional model of how to form and maintain a relationship with another person that isn't dependency or a trauma bond. So everything is rainbows and butterflies over there and I am like...

falcon, 10 months ago to random

I'm trying to research how people handle service-to-service authentication in microservice models, and somehow still getting a lot of "well it's inside your network, so just treat it as though the request came from the AWS API Gateway and you're good, you don't need to authenticate that". Ugh.

falcon, 1 year ago (edited 1 year ago) to random

I live with a complete barbarian.

falcon, 11 months ago to random

At baseline, things that just happen have no moral value one way or the other. If it just is - no intentionality - then it cannot be immoral. To believe otherwise is to believe in absurd contradictions such as that between predestination but also the existence of sin. This is the fundamental irreconcilable difference between reformationist theology and queer existence.

falcon, 3 months ago to random

Experience being my guide, where there is vulnerable code, there is nearly always one of these conditions in the developer team:

• Cannot explain the code's intent in the vulnerable case
• Does not know why legacy code exists or who owns it
• Is unaware of requirements imposed by the platform
• Did not intentionally incorporate the vulnerable functionality
• Is unaware the vulnerable case is implemented

By the way, memory safety is not even slightly the focus of these things.

falcon, 10 months ago to random

Today in excellent use of public funds and government authority: the TSA pigs searched my fucking harness.

falcon, 1 month ago to random

What a con it is, that everyday people have become convinced that the bound purpose of a company is to direct cash to its investors however it can.

People realized this was shitty when the colonial exploitation companies did it, when the robber barons did it, when the banks did it (1920s), and when the banks did it again in the 1980s, kind of; when financial markets did it in the 2000s, faintly; when banks did it again in 2008 to 2011, in vain, and when companies milk "inflation" now, nothing.

falcon, 9 months ago to random

Got that thing going on again where there are a couple specific people I need to hear from before I can engage in meaningful conversation with anyone else, but literally everyone else is blowing up my Signal number and Discord asking me to do things.

falcon, 1 year ago to random

I wonder how a good fraction of the people I know get to buy houses /and/ randomly quit their jobs and not work for 6+ months every couple years, /plus/ still have all these fun projects.

falcon, 1 year ago to random

You know, I have never really been convinced the pipelines are worth the focus put on them. The problem is the demand and there is all this focus, not even on the supply, but on the means of transportation. If oil doesn't move by pipeline, it still moves, just more of it gets imported in a way that burns even more and also funds theocratic oppressors abroad who waste, again, untold resources.

falcon, 1 year ago to random

Switzerland doesn't have a problem with constant mass shooters. It has lots of guns of the type typically used. The NRA loves to point this out.

What the NRA isn't saying:

• There is a community-centric gun culture, not a lone defender against the world gun culture
• If you are spouting hate or paranoia, you will typically not be allowed to have one

It's no utopia of course; there are xenophobia, crime, addiction, and unmanaged mental health challenges. The difference is the gun culture.

falcon, 7 months ago to random

Why the fuck is this locked.

falcon, 7 months ago to random

Man the $35 ham license fee makes me sad. I used to be able to get people their licenses same-day. Now it takes 2-5 days to get a callsign.

falcon, 1 month ago to random

Man, going about in public and seeing other people's tattoos, I can't help but think my forehead stars need some additions.

falcon, 30 days ago to random

• angry bird noises *