irotsoma

irotsoma, 6 days ago

American “Libertarians” consider liberty as self-sufficiency, not just freedom from a government, but from being required to contribute to society as a whole.

irotsoma, 11 days ago

Sounds like the instructions were unclear so the person implemented all possible interpretations in order to avoid any misinterpretation causing problems. If they were forwarded an email and told to send “this” to someone, I can easily see that being interpreted as the email itself. Especially if this wasn’t the first time your instructions were unclear and they got in trouble for not guessing the right interpretation. Being more clear and saying “the product” instead of just “this” might help or even saying the name of the product. Good communication is about being precise, but brief.

If people are always having to guess your intentions, then some are going to get it right and some won’t. Some will learn how you think and how to interpret your vague instructions and some won’t. But if you learn better communication skills to be more direct in your instructions and leave fewer things open to interpretation, then there won’t be any need for people to guess your intentions. Remember, no one else has the information in your head, only the information in your communication.

irotsoma, 11 days ago

Is that employee autistic? One of the things that management requires is learning to communicate with all types of people and help others communicate. After all, your job isn’t producing something, it’s making sure your employees that do the actual work are able to do their job effectively.

I’m just using autism as an example because I happen to be on the spectrum, though I’ve learned to mask well over the years. Autism has tons of advantages in the way we think. Great at analysis, great at handling emergencies, etc., but our communication style is a little different. We tend to need communication to be direct and precise because we analyze things too much sometimes. Problem is that because we’re so used to being misunderstood or misunderstanding people and getting into trouble for it and being scolded for asking clarifying questions because we “should just know what they meant”, that we often don’t ask the questions and try to interpret things in all the possible ways.

And maybe it’s not even at this job that they were scolded, they just are used to neurotypical people scolding them for the way they think, that they no longer even try to ask questions. So my advice is to make sure the person is not only able to ask questions, but is encouraged to do so if they need to. Make sure to be very positive when they do and make sure the other people they interact with are positive as well. It’s a very small accommodation that could help them thrive and end up being one of your best employees if given the right atmosphere.

Again, I’m using autism as an example because it’s a commonly misunderstood condition that is not a disease and not curable, nor should anyone try to cure it, it is just a different way of thinking and is a spectrum of various types of ways of thinking that people are often forced to mask and so is commonly undiagnosed or misdiagnosed. Heck, I didn’t figure it out until a few years ago and I’m in my mid-40s. But it took me decades to learn to effectively communicate without knowing why some people just couldn’t get me. Even now I tend to over-communicate as you can see from this wall of text.

But as a manager you should try to get to know your employees’ strengths and weaknesses, communication styles, etc., and help them to communicate more effectively with each other. It has helped me to be effective at coordinating people.

irotsoma, 11 days ago

Ok, I was just assuming you were looking for advice, but if it’s just a vent post, that’s my bad.

irotsoma, 11 days ago

Been there, done that. Salaried workers have no limit on how much they can be required to work without additional pay.

irotsoma, 11 days ago

It seems it’s not so much they stole the domain, it’s that they are using the same name with a different top-level domain. This is a common shady practice in malware. Most people can’t afford to purchase every TLD or their domain and so just pick one or two. Problem is that search engines will find the bad TLDs and suggest them over the real TLD if the malware providers do proper SEO manipulation. A FOSS author is unlikely to be able to or afford the time and effort it takes to manipulate search results and most popular search engines are not doing much to fix the problem, and instead relying on “AI” to reduce the costs of maintaining their search results, which does a pretty bad job, IMHO.

irotsoma, 11 days ago

Ah, thanks for clarifying. I didn’t see that mentioned anywhere and the git repo is showing .io

irotsoma, 11 days ago

Yeah, the big search engines have been getting more and more useless as SEO has taken over. And now using “AI” which will be even more susceptible to manipulation.

irotsoma, 14 days ago

Food and gasoline prices have skyrocketed. Infrastructure is a mess in most of the country so it takes longer and longer to get anywhere at peak times. Companies have cut costs in offices so they’re just crowded and full of distraction and germs. So yeah, lots of time and money is saved by working from home.

irotsoma, 14 days ago

Unfortunately, the cost of healthier foods has gone up at the same pace. Instead people end up eating less or giving up other necessities like downsizing their housing or moving in with parents.

irotsoma, 14 days ago

Not really. An ever shrinking head of iceberg lettuce is about $2.50. A pound of the lowest grade ground beef is about $8. Bag of store brand buns is $2. A beefsteak tomato is $1.50. Pack of store brand American Cheeses is $4.50. Add in the other condiments that are harder to break down the price of, electricity/gas cost for cooking, water for cleaning, etc., and the cost for the cheapest, crappiest version of 4 quarter lb burgers is not much different than the $8 times 4 that McDonald’s is charging and I guarantee the quality is lower (lower ratio of meat:fat in the burger, buns with more sugar and preservatives and less fresh, etc.) And this is just the consumables, not the having a kitchen to do this in, the pans, utensils, etc. Unhoused people don’t have those things.

It used to be that because McDonald’s, etc., got their stuff in bulk and used lower quality ingredients and low paid employees, they offered these products for very low profit because of high volume. Now the cost including labor, supplies, etc., is less than half of what they charge. So their profit margins are huge if they have the same number of customers. But their customer base is going to dwindle, and so the profit margins will shrink, but that’s not a concern to corporations that only focus on today’s stock prices and don’t care about tomorrow.

irotsoma, 14 days ago

I was just giving an example. Sure if you avoid fresh produce, eggs, milk, or meats you might be able to make some cheap meals. But those things right now are very expensive. Beans are still pretty affordable for the nutrition.

irotsoma, 14 days ago

Eggs are around $6/dozen for the cheapest right now but have been as high as $14/dozen in the last year due to the shortages from processing company consolidation. And milk right now is $6/gallon. Plus with borderline cholesterol I avoid cow’s milk. If a dozen eggs costs an hour’s labor, that’s not very affordable. Especially when rent costs more than most people make in a month. My partner lives with 3 roommates and only makes around $20/hr. Food has to be quite cheap.

irotsoma, 13 days ago

Yeah, I doubt the median income is higher here, especially if you have socialized medicine. I make ok money, but the minimum wage here is still only $7.25/hr across the majority of the country, and the median income is around $18/hr. If you figure in the cost of health insurance average around $600/month. Though employers often cover a portion of the premium. And the median rent is $2000, much higher in cities of course. And gasoline in my city is over $5/gallon even with all of my tax money that subsidizes it. And of course, lower middle class pays the highest effective tax rates generally. So having a budget of $200-300/month for food is relatively normal for a single person with a median income.

irotsoma, 19 days ago

That electric bill, though. 🤣

irotsoma, 1 month ago

They’ll just call it something different and hide the size in small print. Or they’ll increase the price so that the large is still $.40 per oz since people don’t usually do the math these days and just assume larger things are a better deal. A lot of times they aren’t anymore because companies don’t care as much about selling a lot as they do about profit on the sale due to there not being much competition with all the consolidation.

irotsoma, 1 month ago

Brag about it and use it as leverage for power. The money doesn’t actually exist, it’s stock mostly that gets instantly created from nothing. But they can use the idea of its existence to take other people’s real money for the things they want and the rest is just other people agreeing to do what they want because of the idea of power that having it conveys.

irotsoma, 1 month ago

Depends. Ideological movements can push past distributed money using targeted money aimed at those it puts in power that don’t care about the effects of their actions, even if usually only briefly. Like what led to prohibition of alcohol. If Trump gets into office and is given enough money by the ideologs, he’ll be perfectly happy to destroy the whole system for personal profit. And he doesn’t care if a whole section of the oligarchy falls apart, he just wants to be dictator for the rest of his life. And that’s not all that many years anymore.

irotsoma, 1 month ago

Not related to the article itself, but I’m curious why use of archive.is has become so popular around here considering that they refuse to provide DNS replies without edns personal information attached? I’m not familiar with the politics involved, but a lot of DNS providers are getting blocked by archive.is for not providing that info, including my own home DNS server and cloud flare 1.1.1.1 and many others, so I’m surprised to see it gaining popularity on Lemmy.

irotsoma, 1 month ago

Firefox won’t for much longer. Or at least not without significant spyware installed. I’m hoping it gets forked before the new CEO can do too much damage. Sucks that it will split the community with such a small user base already. But I guess that’s the point.

irotsoma, 1 month ago

Librewolf on desktop/laptop for now. Blocking Mozilla telemetry for now and sticking with Firefox for Android until a better option comes around.

irotsoma, 1 month ago

Problem is that if the factor is not authenticated by the server, it doesn’t count. Not saying it’s not helpful, but it’s not part of the consideration when designing the security of the system.

The device can be attacked for an indefinite time and the server knows nothing about that. Or the device can disable that additional security either knowingly or maliciously and the server has no knowledge of that breach. So it’s still a single factor, “something you have” to the perspective of the server when considered security.

I’ve worked with healthcare data for decades and am currently a software architect, so while it’s not my specialty directly, it is something I’ve had to deal with a lot.

irotsoma, 1 month ago

But authentication to access the passkey is on a remote device. So the server doesn’t have any information about if or how authentication was performed for the person to access the key. If they use a 4 digit pin or, worse, the 4 point pattern unlock, it’s easy enough to brute force on most devices.

This is also why using a password manager is not two factor authentication. It is one factor on your device and one factor on the server. But no one monitors the security logs on the device to detect brute force attacks and invalidate keys. Most don’t even wipe the device if the pin is being brute forced.

irotsoma, 1 month ago

I’m not saying it doesn’t count as authentication, it just doesn’t count as authentication to the security of the server directly. That’s the device’s security and configured by the user, not the server. And user devices are very prone to exploits to the point that many law enforcement agencies don’t even bother asking for a password anymore to access a device.

So, let’s move to a physical model as an example. Let’s say you have a door. It has a very simple door handle lock. You keep your key inside a hotel safe. Sure it might be difficult to get the key if they had to enter the hotel room, cut open the safe in place, and get the key while they’re standing in front of the secure door, exposed. But that’s dumb. They could just as easily grab the safe out of the room and open it later where there’s room for proper equipment, use a known exploit for the particular safe, or use other exploits all out of view of the door/server and at any time until the user realizes you know how to open their safe, because the door/server will never find out. Once that safe is open, you have not just the key to the door, but the key to all locks the user uses since now we only have “something you have” factors and the user uses only one device. Just like when we only had “something you know” factors and the user uses the same password everywhere.

So what does the passkey help with? It makes the lock and thus the key itself more complex. This makes it so that brute force attacks against the server are more difficult. But it doesn’t solve anything that existing TOTP over text messages didn’t solve, other than some complexity, and it eliminated the password (something you know) factor at the server. Something a lot of companies are already doing and we already know from experience is a bad practice. It has changed the hacking target to the device rather than the person. But still just one target, you don’t need both. Sure it’s better than a really bad password that’s reused everywhere. But it’s not better than a really good password unique to a site that’s only stored in a password manager on the user’s device that requires a separate master password to access (outside of MitM attacks that TOTP mitigates).

Now, what if we have a door with two locks, one that requires a code, and one that requires you to have access to a device. Now in order to attack the door, you need two factors right at the time you’re standing at the door. Also, there’s probably a camera at the door and someone paid to check it periodically when someone tries too many times, which isn’t the case in the user’s safe/device. So even if you get the key from the user, you still need to brute force the second lock efficiently or you need to implement a second exploit to get the second factor ahead of time. This is the idea of two factors at the server and the current state of things before passkeys.

irotsoma, 1 month ago

But that’s not really how the stock market works anymore. Now investors don’t buy stock to support a company and draw a portion of the profits. That version of the market hasn’t existed for a while.

Now, the market is used as a gambling platform for wealthy people and is kept afloat only by IRA, 401k, charitable trusts, etc. Basically, a company is having trouble with profit. You buy into the company, put in a CEO you can control, have them boost the price at the expense of employees, customers, and long-term profit. Sell the stock. Let the company fall apart.

Then buy it low, have the CEO make up a new product based on whatever tech fad is popular. Sell just before the money is spent. Let the project fail because all the money was spent on marketing and consultants and not on the employees to actually do the project. Buy up the stock again, do some stock buybacks, sell again, etc.

But it’s never a strategy of: hire really good employees, make them happy, give them an achievable project with enough funding, increase the company’s reputation by making quality products, etc. That requires actually good business plans and products and a lot of work and no short term, “hey look at how much money I saved by cutting budgets even though everyone said our products will be crap without it,” kinds of flashy quarterly reports.

Playing the gambling game is more reliable profit and with retirement funds and all that keeping serious market crashes from happening, and the politicians being on their side and willing to bail them out if it does get bad, there’s a lot of wiggle room and a lot of people to lose money and funnel to them that doesn’t affect the corporations.