• 0 Posts
  • 20 Comments
Joined 2 years ago
cake
Cake day: June 14th, 2023

help-circle
  • I think in the future, it is advisable to use larger distributions where a lot of eyes look at, like Debian.

    This reminds me of the time when Debian broke their OpenSSL and for two years, ssh keys generated on Debian were basically taken from a pool of only 32k different keys…

    That time it was an honest mistake, but it would actually have been a very efficient attack too if it had been intentional. Imagine succeeding at getting your target to use private keys for ssh or ssl etc. from a tiny pool that makes something usually impossible to brute force suddenly trivial. And nobody noticed it for two years.



  • I’m not sure about this… the build systems I work with are either so complex that something like cmake gets used because that way we can support multiple build systems on different platforms without maintaining five different projects, or they are so simple that it frankly doesn’t matter whether it’s make or something else.

    And in the former case, i.e. the only case where I even care what tool we use, what I care about the most is speed, so I would want something like ninja instead of make (which cmake conveniently supports). I don’t want to micro-optimize by doing everything myself with redo.


  • It doesn’t seem to be based on petroleum, since they’re explicitly comparing it to petroleum-based plastics…

    There also are other non-petroleum based plastics that dissolve in water. This part is not new. E.g. polyvinyl alcohol is used widely.

    What’s new about this one is that it specifically needs salt to dissolve and they claim it’s otherwise relatively sturdy. So maybe it could be used instead of pet bottles for drinks? Or maybe they’re not quite there yet but it’s a new step in that direction…




  • IMHO, LISP is ok for theoretical fundamentals but it won’t necessarily get you a practical understanding of how computers work. Functional languages are more like how mathematicians wish computers worked. All programming languages are abstractions, but functional languages abstract away how the underlying hardware works in ways that procedural languages don’t.

    And Java is pretty useful if you want to get a job but if you don’t want that, then there are less painful options. The difference to Python is mostly that Java often feels like it was intentionally made annoying to use. But it’s a pretty high level language, I wouldn’t call it more fundamental or basic than Python. Java wins on performance but that has nothing to do with how high level it is.

    For practical fundamentals, if you actually want those, I’d recommend starting with microcontrollers and their assembly. Modern CPUs are so complex that learning fundamentals from scratch with assembly is quite difficult. But with smaller/older microcontrollers (like PIC or something) it’s both more approachable and more useful. It’s almost a shame that hobbyist microcontroller platforms are pretty advanced now too. But you can move on to C first, you can ignore MicroPython for a while if you want.

    If you want a game way to learn absolute basics, there is a game called Turing Complete. It basically teaches you how to build your own CPU architecture from logic gates. You start with the basics about logic circuits and eventually build a simple CPU, and then another more complex one. I think this actually goes a bit too far in terms of fundamentals, it will take you forever to learn how to even make something write Hello World on a screen. But I guess this is the closest to how I started out. Of course for me the logic part was theory only. And the CPU I eventually learned programming first was a 6502 and not something I designed myself.



  • Tbh, I’m in my 40ies and I don’t think my education was so much better than what younger generations are getting. I’m a software engineer and most of the skills I need now are not skills I learned in school or even university.

    I started learning programming when I was 9 because my father gave me his old Apple II computer to see what I would do. At the time, this was a privilege. Most children did not get that kind of early exposure. It also made me learn some English early.

    In high school, we eventually had some basic programming classes. I was the guy the teacher asked when something didn’t work. Or when he forgot where the semicolons go in Pascal. During one year, instead of programming, there was a pilot project where we’d learn about computer aided math using Waterloo Maple that just barely ran on our old 486es. That course was great but after two months the teacher ran out of things to teach us because the math became “too advanced for us”.

    And yes the internet existed at the time; I had access to it at home starting 1994. We learned nothing about it in school.

    When I first went to university I had an Apple PowerBook that I bought from money I earned myself. Even though I worked for it, this was privilege too; most kids couldn’t afford what was a very expensive laptop then, or any laptop. But the reason I’m bringing it up is that my university’s web site at the time did not work on it. They had managed to implement even simple buttons that could have been links as Java applets that only worked on Windows. Those were the people I was supposed to learn computer science from. Which, by the way, at the time still meant “math with a side of computer science”. My generation literally could not study in an IT related field if we couldn’t understand university major level math (this changed quickly in the following years in my country, but still).

    So while I don’t disagree about education having a lot of room for optimization, when it comes to more recent technologies like AI, it also makes me a bit salty when all of the blame is assigned to education. The generations currently in education, at least in developed countries, have access to so much that my generation only had when our parents were rich or at least nerds like my father (he was a teacher, so we were not rich). And yet, sometimes it feels like they just aren’t interested in doing anything with this access. At least compared to what I would have done with it.

    At the same time, also keep in mind that when you say things like education doesn’t prepare us for AI or whatever other new thing (it used to be just the internet, or “new media”, before), those who you are expecting the education from are the people of my generation, who did not grow up with any of this, and who were not taught about any of it when we were young. We don’t have those answers either… this stuff is new for everyone. And for the people you expect to teach, it’s way more alien than it is for you. This was true when I went to school too, and I think it’s inevitable in a world moving this fast.



  • If I want to use my main bank account with wero I have to link my mobile number to it and can’t use it for wero with my other account anymore, because that’s the only way my bank supports it. Only a small number of banks actually let you use the wero app with multiple sources. Makes it completely useless for me. Paypal isn’t the only one that can do that either. Basically everything not made by companies that primarily want to be banks can do this. E.g. Klarna.

    The other thing is that I need something that works outside the EU. That’s where replacing paypal and credit cards is actually difficult. In my own country or in the EU, I have plenty of options.




  • I’m not sure how much sense it makes to complain that an AI chat bot collects so many categories of data and then highlight “user input”, which it obviously needs to function? Like how is something like DeepSeek the “middle ground” if that’s what the author thinks is the biggest problem with it? When I look at DeepSeek on the app store, it does list at least “coarse location”, so why not highlight that? DeepSeek can’t answer my questions about e.g. “restaurants nearby”, unlike e.g. ChatGPT, which comes up with a map. So that’s what I would be interested in, what DeepSeek uses my location for.

    Although just in principle this kind of analysis rarely finds surprises.

    If you can enter text or click on things in an online app, obviously it collects user input.

    If it can refer back to previous answers, obviously it retains chat history.

    If it can process pictures, obviously it collects photos if you upload any.

    If it can be interacted with using voice, obviously it collects audio.

    If it can answer questions about things near you, obviously it will use location data.

    If there are IAPs, it better not forget that you bought those, too.

    And so on.






  • Comparing to macOS is actually impossible because fde can’t be turned off on Macs at all. Macs (and iPhones etc.) handle encryption of internal storage transparently in hardware at pretty much no overhead and without the CPU even having access to the key. You can only choose whether a login is required for the Secure Enclave hardware to be able to access the key.

    On other platforms it’s pretty much a hardware question too. PC vendors and hard disk vendors could do the same thing Apple is doing regardless of whether the OS is Windows or Linux or whatever. How fast the OS based encryption is only matters on hardware that doesn’t have this functionality.