Sunday July 21st, 2024
With Charlene (fixed pic)
With Charlene
Gathering with the unicorns to ride into Rivertown Revival.
Saturday July 20th, 2024
The things about taking the time and intention to actually hear what people are saying is that I can no longer tell if this high pitched background noise is tinnitus or dog whistles.
14 years ago, the guy who just fucked up and took down Windows computing infrastructure worldwide with the CrowdStrike debacle yesterday did something similar as head of McAfee.
A blast from the past, How Linux Saved A Fast Food Giant is about rescuing 700 Burger King restaurants from disaster in the age of many connections still being dial-up.
Via.
Also, I thought I linked it elsewhere, but just in case: How Windows 3.1 is saving Southwest's butt
Friday July 19th, 2024
RT deilann v -0.2 :neodog_hyper: :neodog_nom_verified: @deilann@tech.lgbt
sorry if you find golang somehow aesthetically pleasing i don't think i can trust you
it doesn't mean you're invalid or that you're wrong
just that i find this aspect of you incredibly disturbing to the point that it gives me pause and it's something that could not stand alone, something that necessarily requires a deep foundation of troubling perceptions of the world
we can still hang, but essentially what i'm saying is, if i were about to jump out of a plane and you, a JavaScript enthusiast, and a complete stranger all tried to hand me a parachute
i'm trusting a stranger in that moment
SpaceX rivals are trying to capitalize on Elon Musk’s move to Texas by poaching his employees. Stanislas Maximin, of Latitude:
"For SpaceX employees misaligned with these values and looking to join an inclusive and highly ambitious rocket company in a great living city near Paris, my DMs are open," he wrote on X.
"We take care of everything for you; moving out, visas, full healthcare, your house/apartment, finding your spouse a job… a few have already taken the plunge, join them!" Maximin said. He added that he would offer 12 bottles of champagne to every engineer making the move.
Via.
In case you're unaware, last night there was a major Azure outage, and this morning a faulty Crowdstrike update has caused outages across the world.
The difference between security software vendors and ransomware extortionists is that security software vendors get you to pay before they destroy your systems.
RT LittleAlex @littlealex@infosec.exchange
Too funny: In 2010 McAfee caused a global IT meltdown due to a faulty update. CTO at this time was George Kurtz. Now he is CEO of #crowdstrike
Pivot to AI: Proton Mail goes AI, security-focused userbase goes ‘what on earth’
Not since Signal messed around with cryptocurrencies has a security-focused brand managed to burn so much goodwill in such a short time.
Thursday July 18th, 2024
I remember when we were aghast that in the Soviet Union typewriters had to be registered. Now there's discussion about rooting through your phone's pictures with automated systems, and whether or not "law enforcement" should be able to read your texts. in a thread about Photobucket's TOS changes around biometrics, Kyle Memoir 🍉 @f800gecko@mastodon.online notes
It’s not hard to envision or predict a time not far off when the only computers and phones available to the public will have zero ungoverned user storage space available.
We’ll have plenty of time-wasting options like these to contemplate, and background colour options, etc., but no real choice.
For ‘security reasons’ naturally.
And it won’t matter particularly who’s elected where in the next few years, the way things are going.
We’ve been seeing that already if we’ve had our eyes open.
Patricia Aas has been on a tear recently, reading economics books and destroying them, RT Patricia Aas @Patricia@vivaldi.net
Here I am innocently watching Edward Tufte’s keynote on data visualization and then he absolutely MURDERS economics 💀
The punchline:
There have been 6 Nobel prizes in economics trying to rescue this curve
When every point on the two dimensional plane fits your model, that’s called prayer, that’s astrology!
RT Shannon Prickett @Binder@petrous.vislae.town
Making all the golfers (& only the golfers) on the team happy by rating their effort as subpar.
RT 𝐿𝒶𝓃𝒶 "not cool Garfield" @Lana@beige.party
Kyle Gass should go on a solo tour and call it Tenacious Me
RT David Penfold :verified: @davep@infosec.exchange
A robber pulled a gun on the bank clerk and manager saying, “Give me all the money! I need it to set myself up in a trade or profession. You know, an initial investment is needed to cover the overheads until my cash flow is established and turned into passive income.”
"I think he means business," said the manager
RT Charlie Stross @cstross@wandering.shop
Someone on Bluesky just made a point that stabbed me in the eye:
The ENTIRE STORY about the current US presidential election campaign is: it's Joe Biden vs. the fat cats—Business Plot 2.0, as Shiv Ramdas put it.
And look what newspaper of record carried water for the coup conspirators in 1933/34?
Yeah, Newsweek, we see what you're doing there. Emphasis in the quotes is mine: Newsweek: Who Is JD Vance's Wife Usha Vance? What to Know About Family
The Vance children are Ewan Blaine, born in 2017, another son, whose name is not widely known and was born in 2019, and Mirabel Rose, who was born in December 2021.
Today: Who are JD Vance's children? Everything to know about Ewan, Vivek and Mirabel
Wednesday July 17th, 2024
I've been thinking a lot about the external costs of things. Automobiles are easy, except that even now, in twenty freakin' twenty four, we're still finding direct ways (tire dust) that cars have huge external costs, let alone all of the far down the list effects like increased personal mobility allowing decreased density which means ideas propagate more slowly leading to less innovation.
Advertising is a cost. I remember writing a very angry screed to a science fiction author who spammed a bunch of us who'd signed on to an ITAR export violation (eg: potential felony) with a "you like freedom, maybe you'd like my book!" ad. Spoiler: Dude had not signed on to the same list. But while that, and, of course, the original Canter & Siegel thing, was something worthy of outrage. Today we've accepted the destruction of all of those amazing email lists, indeed, of email itself, as we buckle under the weight of all of the crap.
Looking back at the early electronic currencies of the '90s, or Bitcoin starting in 2008, I'd like to see who predicted this incredible load on our critical infrastructure that it enabled: Ransomware continues to pile on costs for critical infrastructure victims. and as we hear that AT&T reportedly paid $370k for a video of someone allegedly deleting their stolen call records the external costs of cryptocurrencies that are imposed on all of us are only gonna get worse.
As some of you know, I was laid off last year. It's been 14 months during which time I have applied for about 200 positions, had about 20 interview, and zero offers. The way the current tech job market works, you rarely get any actual response from recruiting. Due to the massive tech layoffs, the job of the "talent acquisition engineer" in HR has changed. Before the spate of layoffs, TA would reach out to top candidates via LinkedIn or email. Now, TA gets 500-1000 applications per day while the position is posted. So, now, instead of fostering a relationship with a candidate (like me) the TA has to filter several thousand applications down to about 10 to give to the hiring manager, who will further filter that list to about 3 candidates who will be interviewed by the team. This means instead of relationship building, TA engineers (or recruiters) have to focus on how to quickly sort through thousands of applications.
I have had a few recruiters using the older methodology reach out to me. The advantage here is I don't have to worry about the initial culling. Unfortunately, this has not had good results, as I see it I have 3 strikes against me:
- I am a transgender woman, when people see my name on a resume that evokes a particular image. When I am seen, they feel "duped" or at least that there is some discrepancy which results in a strike against me. TBH, I encounter far less outright hatred than expected.
- I have been working in tech a very long time, Dan and I worked together (1990-1992) in what was actually my second job as a professional developer. I've been turned down 3-4 times with comments like "we intended the position for a more junior person" which means either they are afraid I won't work for how little they want to pay, or the hiring manager has trouble with someone reporting to them who has more experience than they do. I'm thinking of restricting experience to just the past two decade (which means removing a lot from LinkedIn).
- I am mostly interested in working in Berlin and my German language skills are only at an A2 level (demonstrated at Goethe Institut in Berlin), and I don't yet have a work visa in Germany. These two factors get me culled early in the process when I apply in Berlin.
A 4th strike is that my resume references DEI a lot. I was active with DEI at Netapp and have continued since being laid off (mentoring with Out in Technology and participating in Unicorns in Tech in Berlin). Evidently DEI might be the next big target for the right-wing now that being transgender or advocating critical thinking about history has slowed. Evidently even Microsoft is crapping on DEI.
I am currently in London and will be return to Berlin at the start of September.
Enjoyed this episode of Sundman Figures It Out particularly because I've been reading about the 3 story walk-up form-factor in "Escaping the Housing Trap", and it really brought home (sorry) the culture around the form.
Jailbreaking RabbitOS (The Hard Way), using an exploit in the secure boot process of the hardware to boot the original firmware in an inspectable way, with revelations about GPL compliance (not) and... well...
Tuesday July 16th, 2024
Copying my response to an AskMeFi "Why don't we already have AI powered voice assistants?" question here:
Charitably? A lot of people in the VC and tech communities are unable to distinguish bullshit language generation from intelligence. The LLMs are remarkably good at generating language that sounds plausible, and even sounds plausible in the context of the text that you prime them with, but if you look at what Google's "AI" results are giving you, it's rarely even in the ballpark of correct.
The whole reason that Humane AI and Rabbit had to ship what were essentially cut down phones with their product was that when you run a scam, you need to have enough different moving parts that people can't tie them all together. Yes, the assistant which reliably did what they said their assistant did, just through your existing phone, would totally be a useful product that people would pay for, but if you don't have those other moving parts as a part of your scam, then people start to look at the individual items more closely and realize what's going on.
The bullshit generation is getting "better", as in "more plausible more often", but there's no indication that the technology can get good enough to do a lot of what's getting claimed for it without a lot better feedback loop in terms of verification from the user (witness the problems with Android Auto, where it can say "sure, I can navigate you to...", and then navigate you to some place miles away that's plausibly what you asked for, because it didn't have a clarifying pass).
Given who's done the training of these systems, and what they're currently able to pose as, the question to ask about AI applications is: Would this communications process be enhanced by the insertion of an insecure Nigerian teenager with the tendency to make shit up rather than admit that they don't know? And, yes, there are totally applications where that might be useful (if you don't have coworkers you can talk out a problem with, for instance), and there are attempts at bolting on augmentation for answerable questions when the pattern can be identified, but until there's a solid breakthrough on building a knowledge model that's more than just language probabilities, this is just a bunch of people who've been educated to confuse language generation with smarts pushing their career bets on you.
Charlene just asked me if we could turn off AI search on her phone, because it lied to her one too many times. I didn't quite get her on to Firefox, but I did put a link to https://udm14.com/ on her phone's home screen to slightly deshittify Google.
I'll write something longer at some point, but damn Chuck Tingle's "Bury Your Gays" hit me in all the right feels. And given the voice talent for the audiobook, I may have to experience it that way too.
Monday July 15th, 2024
Here’s how carefully concealed backdoor in fake AWS files escaped mainstream notice
Files available on the open source NPM repository underscore a growing sophistication.
Including a piece of JavaScript code that nominally calculated an average brightness for a .JPG file, but extracted code embedded in the JPEG to run. One of the JPEGs included (interestingly, not the one that JPEG loading code reported as corrupt) code to hit a C&C HTTP server for further instructions...
Ugh. Digging through Apple Messages on my laptop because no matter how many times I try to fill out the "I don't have a fucking iPhone any more" form, critical messages end up sent to that.
Apple: Not even once.
Seirdy: MDN’s AI Help and lucid lies
If all web development questions were easy to answer by browsing MDN, this tool wouldn’t be necessary. Uncommon and specific questions are the hardest questions to answer without expert assistance. A tool designed to answer hard questions that is so likely to fail under these conditions is worse than no tool all.
I think this is related to the concerns people have with AI "help" agents: By the time the FAQ and the user-accessible tools have failed, inserting a chatbot into the process is a net negative that removes value from the interaction.
CORECURSIVE #102 Navigating Corporate Giants : Jeffrey Snover and the Making of PowerShell
...the mouse is antisocial, The GUI is antisocial, So what’s that mean? you have a problem to solve and you solve it with the GUI. What do you have? A problem solved. But when you solve it with a command line interface in a scripting environment, you have an artifact. And all of a sudden that artifact can be shared with someone.
From Saturday 's Mike Seastrom dance at Circle 'n Squares: Sherrie and Dean Black, Lisa and Mike Seastrom, Charlene Marie, Dan Lyke, Lawrence Johnstone, Allison and Dan Drumheller.
Last night's dance at Circle 'n Squares was super fun! Mike Seastrom is always amazing, and for the last couple of tips Mike invited each of the callers in attendance to share a tip.
Karl Joost captured us singing the middle break of Wagon Wheel...
Sunday July 14th, 2024
Saturday July 13th, 2024
I'm guessing that AntennaPod is giving me these Apple Podcast recommendations because they get some money to shovel this shit at me, but... The Joe Rogan Experience? Like what if Art Bell but malicious? Ben Shapiro? Inflicting intergenerational trauma rather than pursuing therapy? Big media hates us, is the only answer I can come to, and truth is I will consider podcast player recommendations if I can get away from this shit (or get good recs).
All this talk about Web Rings is making me realize how much I miss Nibelung. Not sure I will ever forgive JavaScript for taking that from us.
Friday July 12th, 2024
San Francisco is healing: ‘Nailed the guy’: Nudists tackle ‘pirate’ after random attack on tourist in the Castro
The naked samaritans—Pete Sferra of San Jose and Lloyd Fishback of San Francisco—were letting it all hang out on a July 2 stroll through the neighborhood when they spotted a “crazy kind of pirate guy” threatening a man with a blowtorch.
Dear Zapier: I'm gonna suggest that a 1.6MB RSS entry that's packed with pages of inline CSS is perhaps not in the spirit of the format?
I'm kind-of in a pissy mood this morning, but in what kind of dumb-ass world do whatever dipshit decisions that led to this particular asshattery allow people to rise to decision-making levels?
JFC, people.
AT&T says criminals stole phone records of ‘nearly all’ customers in new data breach
Stolen data includes millions of AT&T customer phone numbers, calling and text records, and location-related data.
Some speculation that maybe this involved a breach of their law enforcement portal data, this appears to be via AT&T's use of Snowflake, which "...Provides Faster Insights While Lowering Estimated Annual Costs by 84%", and, of course, observations except for the poorest 10%, phone number is a pretty solid long-term identifier, so, yeah, if you communicate with someone on AT&T, your social graph just leaked.
With the regular Nixle alerts about AT&T's 911 service going up and down like a horse on a merry go round, ya gotta wonder what's happening with AT&T these days.
RT Alice McFlurry @Alice@beige.party
Who cares that Biden accidentally used the wrong names?
I use the wrong names all of the time and my husband doesn't even care because he's just happy to be having sex.
High schooler lands a thrust-vectored solid fuel model rocket vertically: JRD Propulsion — I Landed A Model Rocket! (YouTube video) (mad props that it starts with the money shot). Two stage, one engine for ascent, one for descent.
More stuff at JRD Propulsion . com
RT Graham Sutherland / Polynomial @gsuberland@chaos.social
STOP DOING SPECULATIVE EXECUTION MITIGATIONS
observeable side effects are unavoidable.
years of spex-ex bugs and no real world exploitation because it's effort.
wanted to break systems anyway, for a laugh? we can do that already, all the user code is buggy AF.
"SRBDS/MFBDS in SGX EGETKEY. we targeted RAPL with PLATYPUS" - statements dreamed up by the utterly deranged.
"Hello I would like one STIBP please."
"Please give me some IBRS/IPBP."
They have played us for absolute fools.
RT green-threaded gay @dysfun@treehouse.systems
@gsuberland stop doing speculative execution. years of security holes and no use found for GOING FAST
Propane tank bowl gongs.
Needs running, but got some preliminary sounds from the propane tank tongue drum. #hankdrum #tonguedrum