If someone doesn’t understand the difference between swearing at and swearing around, that’s a shitty environment. If I say, “that was a shitty fucking outage” I am using some filler for emphasis so my mouth can catch up to my brain. If I say “you’re a fucking asshole” or “don’t be such a bitch” or “that’s fucking sexy” I am not being professional and I deserve some training on how to not be an ignorant walnut. Even with swearing around, I do think it’s smart to limit yourself to damnation, defecation, and simple fornication rather than gendered swears. There are also some places it’s not wise to swear around, such as client-facing roles because many of the people you will see don’t understand that swearing around is not swearing at.

I once lost a job after the onsite interview. I wait to swear until I I hear them swear. Apparently my use of “fuck” meant I was going to blow up and be a terrible person to my peers. Two years later I started running a department doing the thing I was interviewing for and my staff tends to be fiercely loyal. I’d argue my swearing speaks for itself and have shaped my professional attitude toward swearing around around this experience.

I work in tech and I’m quick to police my language if necessary. I’m also concerned about relative comfort (eg I try really hard not to blaspheme around some Christian peers). I do not swear at people. I do not work in a super corporate environment. YMMV.

I like study (you can find the full article online) and I think there’s been more research down this path in the years since.

I have more important things to do than to lobby the government to send a tax bill.

Why would the CEO be dumb enough to say this in an interview? If your business model is fucking people, your CEO has to have a cool head when asked if he’s fucking people!

Did we read the same article? DNS-01 challenges require updates to DNS. This means you need an API for your DNS. This means you now have to worry about DNS permissions in your application cert workflow. We’ve just massively increased blast radius! Or you could do it manually but that’s already failed.

All of this is straightforward with infrastructure-as-code. While I don’t struggle with that, I’ve watched devs and sysadmins both stare blankly at this kind of thing for days at a time.

If you’re using any work-related anything to post “anonymously” or talk to journalists, don’t. That Blind redirection is chilling yet it’s well within the capabilities of employers. The right way to talk to journalists like 404 is to find their anonymous contact details eg Signal using your own internet connection and your own device. Work computers can be monitored. Traffic on work computers or work VPNs can be monitored. Company email usage can be monitored. Company phone usage can be monitored. You don’t need to be incredibly private with a VPN over tor and anonymous services; you just need to not use company resources. Whether or not this should be legal is a different story; you just gotta know you have fuck all for privacy on company resources.

I’ve only heard of Blind in passing; that corp email makes it too close to Glassdoor for comfort and it’s very clearly not private with that requirement.

Mullenweg is an original WP dev along with Mike Little. He’s fucking batshit and completely in the wrong but he did create the FOSS.

AWS makes this impossible in a few places such as a fair number of ACM use-cases.

I think your cert-per-session idea is interesting. We’d need significant throughput and processing boosts to make that happen, probably at least on the order of 10X computing speeds and 10X transmission speeds across the board minimum. These operations are computationally intense and add data to the wire so, for example, a simple Lemmy server with hundreds of users slows to a crawl and a larger site eg Mastodon goes to dialup speeds or worse. You can test at home by trying to generate an x509 self-signed cert before connecting to a website every time.

I read the Wires article for the first time just now to try and understand this article. I don’t really think it attacks SimpleX at all. I think it states the fact that nazis have moved to the platform, the fact that SimpleX is a very private platform, the fact that SimpleX claims to prevent extremist content and growth, the fact that extremist content is being spread and growing, and the fact that SimpleX is unaware of claims. As someone who has been following this discourse for decades, this is the kind of thing that gets published. There is a balance between privacy and extremism. Privacy-focused individuals like myself will always focus on the privacy provided there are tools to combat the extremism (where applicable).

I feel like SimpleX is being defensive because their claims are not panning out. Their response calls out all of the things I feel were said in support of them while ignoring the actual critiques of their system. Not adding a backdoor? Great! That’s law and smart! Supporting groups of over a thousand posting extremist content?

We never designed groups to be usable for more than 50 users and we’ve been really surprised to see them growing to the current sizes despite limited usability and performance

SimpleX will remove such content if it is discovered. Much of the content that these terrorist groups have shared on Telegram—and are already resharing on SimpleX—has been deemed illegal in the UK, Canada, and Europe.

This is the stuff that needs response, not the privacy stuff Gilbert is arguably a fan of.

It is in the recycle bin if you didn’t know. Nothing is lost; just moved. That has scared some folks

Anyone in tech who knowingly works for Google supports these things in the same way that anyone that works in tech who knowingly works for Meta support genocide and the erosion of the democratic process. I give the caveat “in tech” because there are some roles like content moderation or executive assistant where you really don’t have the luxury of a huge market working almost anywhere else that doesn’t support genocide and I don’t fault those faults for taking a job that has better benefits. My engineering peers? I judge them for it.

There’s really nothing preventing that now. Used to be you just forwarded X (mobaXterm is great); looks like there’s an MS offering now.

As for Linux-exclusive games, there are some (eg this publisher) but really only because no one has bothered to make a Windows port. tbh you could probably get them running on macOS without much trouble because the toolchain’s all the same.

This is actually true. Essentially a big drug manufacturer took down a scientist through a serious harassment campaign and blew him the fuck up when he finally snapped. In no large part to this coordinated glowup, published literature in the US agrees with the chemical manufacturer while it’s been banned in the EU for 20 years. The EPA might disagree with me that it’s true; the EPA and others funded in no small part by Syngenta refuse to look at things by Dr Hayes because he lost his cool a few times. Unfortunately Alex Jones further eroded the credibility of Dr Hayes but, imo, only because Syngenta actively deplatformed his research. Also Jones said some crazy shit about it.

The Security Online article only cites Margitelli’s post on the matter. My assumption has been the article used the post as its single source. On one hand, watching MS fuck shit up for years, I want to believe Margitelli. On the other hand, researchers using weird tools and uninterested in reality are why curl is now a CNA.

I’m personally frustrated with Margitelli’s post because it’s all about abandoning responsible disclosure globally rather than naming and shaming (Canonical? Red Hat? Both? Others? If it affects all GNU/Linux I’d expect every single distro maintainer to be named and shamed). Responsible disclosure is our best solution to make sure innocent bystanders don’t get caught in the crossfire. When specific entities don’t abide by responsible disclosure we lambast those specific entities not the entire process built to keep users safe.

Nice! That second one is just a repost of your first.

I wonder where the sources for this are? The hidden Margaritelli Twitter post?

Canonical and Red Hat have not only confirmed the vulnerability’s high severity but are also actively working on assessing its impact and developing patches.

The Twitter account has been privated and there are no news stories about it. Other communities where this has been shared are reasonably suspicious.

That’s a huge misrepresentation of what Mitnick did and how the government mischarged him. He did a bunch of dumb stuff that was illegal. He was overcharged in very bad ways supporting ridiculous lies from the companies he broke into.

In another post you’re actively looking at purchasing GPS systems. The satellites you’re sending info to are not available to dissect and I highly doubt the firmware of the devices you’re looking at is publicly available much less libre. Your trolling is not internally consistent so it’s clear you don’t have any clue what you’re on about. Good luck with that.

The claim is that audio and video are E2EE. I’m not sure how you’re unable to disprove that using the linked code, audit report, and COTS debugging tools. Can you expand on that? I see a lot of FUD without anything more than “they’re not libre” which, again, doesn’t do a great job of selling your point.

Interesting. I was able to access the linked whitepaper and repositories without trouble and the 3rd party stuff too. Do you have local config preventing you from downloading the source code to review?

While I can respect your distaste for non-libre software, you’ll need to back up the malware claim. There are real security concerns out there in common non-libre; labeling things that are not libre as malware solely because they are not libre muddies the waters and makes your message much less palatable.

Give me concrete examples. You don’t seem to know what you’re talking about so I want to discuss something specific; the agency you’re talking about is actually there and is centered around the core of the script.

Give me concrete examples. You don’t seem to know what you’re talking about so I want to discuss something specific; the agency you’re talking about is actually there and is centered around the core of the script.

In your hypothetical where you’ve now decided everyone is just following orders, I can still say the worker did a bad job. You gonna tell me the worker is gonna get fired for not following dumb instructions? Okay. Still did a bad job, orders or not.

I do not understand why you’re so dead set on telling people critical analysis is bad. Is it morally wrong to like something more than something else? Kinda seems like that way if I can’t ever judge anything because there are constraints outside the control of the thing. I’m not going to attack a straw man here. You should expand on what we can and can’t analyze.