adrake

adrake, 5 hours ago

@drahardja @overstrike file granularity isn't nearly good enough.

If you delete a paragraph from a document, it's deleted from normal search indexes as soon as the index is next updated. Not only would the app need to track which files were on screen for each screenshot, it would need to track which bits of the file contributed to that screenshot. That's a ludicrous amount of work to expect from application developers (and I doubt Microsoft will provide an API with that granularity, anyway).

A system that changes user privacy for the negative and requires every application to do a bunch of complicated work to get back to the status quo is broken. Most apps won't bother (or won't be up to date, etc.), and even a careful user won't be able to tell if the app screwed it up.

adrake, 2 hours ago

@drahardja @overstrike "most recent log entry for a file" is not something it can do without deep application integration. Windows does not have a magic wand it can wave to determine which file an app is displaying on screen at any given instant. At best, it can know what files the app opened at some point in the past, but it can't know how if or how long the app kept the logical contents in memory.

I'm not really concerned with how well this feature functions from the perspective of a user trying to retrieve something. I'm much more concerned with the fact that users will think they've erased something (or never saved it in the first place), but in reality the OS will have silently kept a copy of it, which sticks around for an extensive period of time.

That data is stored as an ordinary system file. It is accessible to malware, other admins on the same computer, and unless you pay for Windows Pro and turn on BitLocker, anyone with physical access to the device.

adrake, 16 days ago

@sysop408 it should be fine, yeah.

They are used somewhat more broadly as a reputational signal -- a PTR record and a A/AAAA that mutually agree imply that the domain and IP are probably controlled by the same entity. That's mostly useful for email, where the domain is critical.

If the PTR exists but the value doesn't point back to the same IP, that suggests the IP owner is trying to pretend to be associated with some domain (i.e. to trick a sysadmin looking at logs), which is a pretty negative signal for any type of traffic, and I've seen web application firewalls complain about it.

Not having a PTR at all should be pretty neutral outside of email.

adrake, 16 days ago

@flyingsaceur @sysop408 do those blocking reverse lookups hang on NXDOMAIN? Or only if they don't get a response at all?

adrake, 1 month ago

@divya transmit the sound through what medium, exactly?

adrake, 1 month ago

@divya Sound requires a medium like air or water to propagate through. "In space, nobody can hear you scream" is literally true -- outside of an atmosphere (or ocean, etc.) sound just isn't a thing.

"Within Voyager" is electronics and vacuum. No air for sound to propagate. You could technically use the spacecraft's structure as the acoustic medium, but that means you're subjecting the electronics to excessive vibration, which is a great way to cause premature failures.

There's zero chance Voyager would survive entry into some alien world's atmosphere on its own, so the only hope of the message being received is if it's picked up while still in space. With that level of sophistication one has to imagine they would already be aware it's some alien artifact, without it needing to vibrate to tell them!

adrake, 1 month ago

@shoq there's a script tag (id=NEXT_DATA) which is just a JSON blob with the conversation data in a fairly readable format.

I can throw together a tiny python script to extract it once I'm back at my desk if that would be helpful

adrake, 1 month ago

@divya that's basically how I lost 60 lbs. Committed to tracking all the food I ate in the Fitbit app, which was such a terrible user experience that I found myself skipping snacks to avoid having to interact with it.

The weight fell off.

adrake, 2 months ago

@drahardja as others replied, Parent.call(this, ...) is how you do that pre ES classes.

It's not exactly equivalent to what classes do, though, and there's no simple way to get behavior identical to classes without them. (Classes are not just syntactic sugar.)

adrake, 2 months ago

@thor why not go for 0.05" IDC? Half the pitch and exactly as easy to solder as pin headers IME. (That's what the standard Cortex debug connector uses.)

I sometimes skip the shroud to save even more space, since I can usually spare a pin for a key.

I've spent way too much time cursing my past self for designing a board that required carefully hooking up 20 individual wires when I could have used real connectors 😛

adrake, 2 months ago

@divya ahead, except for the part where (as of 2022) they emit ~10% more CO2 per capita than the US , and their energy mix emits ~35% more CO2 per watt-hour because it is nearly 50% coal (vs 10% in the US).

adrake, 3 months ago

@sysop408 these days most SSDs have a rated write volume, and the ones I'm aware of stop working (going read-only) when that limit is exceeded to avoid silent data loss. That limit is normally so high that the only way you'd hit it within a decade is with something like server use.

Any failures before that limit is exceeded are sort of definitionally not wear-related? So I imagine the candidates you're looking for are drives from before that built-in lifetime metering.

adrake, 3 months ago

@stevenray it beats their telephone hold music, which is a literally <20 second loop ending with a recording of someone saying how important my call is (which is way louder than the music).

Listening to that for an hour+ trying to reach the pharmacy really does a number on your sanity.

adrake, 4 months ago

@baloo I'm not a lawyer, but I would feel very confident doing so myself as long as the excerpts are only a portion of the spec, and that they only include the parts relevant to the code they're explaining.

Basically someone shouldn't be able to read your code comments as a substitute for the original spec.

https://www.copyright.gov/fair-use/index.html has some criteria courts like to use. Implementing a spec seems pretty obviously "transformative" to me.

adrake, 4 months ago

@baloo yeah, fair use doctrine is a mess 😞

If you're actually worried about a legal fight, I don't think claiming ChatGPT wrote it will help you. That caselaw is far from settled, and even if you ultimately win, you're still stuck with the bill from your lawyers (which will certainly be higher than for a straightforward fair use case!)

If you want to completely avoid the concern, cite section/page numbers and paraphrase the text you would have quoted.

adrake, 7 months ago

@Frances_Larina

• Passkeys are secured by the device itself, if you don't use biometrics on your device, the passkeys are secured by whatever you use to unlock your device (pin/password). None of those are sent to the site you're logging into.
• Passkeys can be synced between devices and backed up to the cloud. They aren't tied to the device any more than any other data you might have.

adrake, 7 months ago

@jonathankoren at least in production environments, people have been moving away from Docker proper for several years (well before this started) due to reliability issues. Kubernetes dropped support for it entirely last year. We've been using CRI-O in production since 2019ish.

On Linux desktop, podman is a drop-in replacement for interactive use (based on the same underlying container libraries as CRI-O).

Mac and Windows obviously need a VM of some sort to run Linux containers. There's an official tool for Podman to do that, but I've gotten mixed reviews from my Mac-using colleagues.

I'll also make the observation that if software freedom is a big issue for you, Mac OS is by far the worst choice of platform to be developing on.

adrake, 7 months ago

@harish @jonathankoren The https://front.com application backend has been running on Kubernetes since late 2018, which I think qualifies as real work.

Kubernetes and its ecosystem is incredibly complex, and it's crucial to balance that complexity against the benefits in your specific circumstances. If you have a workload that fits on a few reasonably-sized servers, or your workload is homogeneous, the benefits probably won't outweigh the complexity. Keep it simple!

When we made the switch, we had enough scale and enough growth to desperately need some more sophisticated automation to handle it. After a careful review of the options, we went with Kubernetes. It was a lot of work to deploy, but it paid itself off pretty quickly in both money and saved time, and has continued to pay dividends.

CRI-O itself is an implementation detail. Switching to CRI-O from Docker was a short project and completely transparent to developers (besides the reduced node failure rate).

adrake, 7 months ago

@harish no problem!

I guess I should clarify if "and what not" includes containers (Docker/Podman) -- I do still think containers are a valuable tool even at small scale. My personal servers run a stable LTS distro to minimize admin overhead, and I develop against modern dependencies to minimize development overhead, and containers make that strategy work. My management stack for those is just SSH and podman run, though, no need for Kubernetes.

adrake, 8 months ago

@cabel my best guess involves a broken UTF-8 implementation on the printer. That presumed smart-quote is 0x92 in Windows-1252, so you have the byte sequence 92 64 for the " 'd " that got replaced. That's an invalid UTF-8 sequence (the first byte doesn't have enough leading 1s) but you could maybe imagine some sort of bug in the implementation that leads to a nonsense codepoint (with whatever was left in some variable) instead of a replacement character. I haven't nailed down a great candidate for a bug, though, the bit patterns don't line up very well.

adrake, 9 months ago

@nsaphra looks like an American yellowjacket (V. alascensis) queen with two drones (males), presumably mating. https://bugguide.net/node/view/14087 has pictures showing the queen/drone markings.

We have a lot of yellow-faced bumblebees around us, and certain times of year I'll see the queen out foraging. The dead giveaway is that she's at least twice the size of a normal worker! Absolutely massive bee.

adrake, 9 months ago

@nsaphra yellow-faced bumblebees do, yeah. The queens only live for a year, born in the fall, they emerge, mate, find a new nesting site and hibernate through the winter there. Come spring they lay eggs and incubate the first generation of workers, and have to forage until the workers can take over. Then, towards the end of their lives, once the new queen and male eggs are laid, they return to foraging. They don't need to lay any more eggs, so gathering food for the next generation is presumably the most valuable thing for them to do before they die.

adrake, 9 months ago

@nsaphra Wow! That is much cooler. Quite a lucky find!

adrake, 10 months ago

@b0rk @joshsusser that sounds like how the average IoT device got its network stack!

adrake, 1 year ago

@reiver @jonty I think all you have to do to get that to work is make a S3 bucket called "xrpc" and make it publicly readable.

This kind of thing is one of the reasons other domain ownership verification protocols (e.g. ACME) use the /.well-known path prefix 😛