7heo

7heo , 4 months ago

Hey it is going to be 2 years old this week! 🎂

7heo , 4 months ago

Yeah, I noticed. Wonder what it means...

7heo , 4 months ago

Dude, the penis isn't drawn, so we can't tell how long it is, but if they somehow manage to press their penis against the cop from where they stand, that has got to be at least twice the current (alleged) world record...

I would say this is likely physically impossible.

7heo , 4 months ago

Subsequently, subscription based content consequently isn't automatically available to crawlers, making it doubly useful.

P.S.: love your username

7heo , 4 months ago

Yeah, let's entirely outlaw pentesting while we're at it. What could possibly go wrong? 🙈

7heo , 4 months ago

Or the "rolling codes" have glaring implementation issues, but it is cheaper to ban the Flipper Zero than recall the cars, so the manufacturers made an executive decision... (⚠️ YouTube)

7heo , 4 months ago

Brains. Technically that is the most useful device when pentesting. Along with curiosity. Altho on the former, I believe we, as a society, have actually started to...

7heo , 4 months ago

Ok, 2 spaces or 4?

7heo , 4 months ago (edited 4 months ago)

Hear me out: brainfuck, but with parentheses only.

>    )))
<    (((
+    ())
-    (()
.    ()(
,    )()
[    )((
]    ))(

Hello world example:

()))(((()(())))(())(())))))()))))(()
(()(()(()(()(((((())(((((()(()((((()
(()(()))()))(()()()))))))))())()()))
)))()(()(())())()))((()()))))(((((((
((((((()(())())())()((()(()(()(()(()
(()()((((((((()()())))))))))))())()(

Ancient aliens meme with the caption "LIPS!!"

Python transpiler:

#!/usr/bin/env python
"""Lipsfuck to brainfuck transpiler"""

from sys import stdin

OPS = {")))": '>', "(((": '<',
       "())": '+', "(()": '-',
       "()(": '.', ")()": ',',
       ")((": '[', "))(": ']'}


def main():
    """Obvious main procedure"""
    _d = ''.join(stdin.readlines()).rstrip('\n')
    for _op in [_d[x:x+3] for x in
                range(0, int(len(_d)), 3)]:
        print(OPS[_op], end='')
    print()


if __name__ == "__main__":
    main()

7heo , 4 months ago (edited 4 months ago)

(Personal annotations between parentheses. Edit: I know this is a long TL;DR, but it is an outrageously long article, especially considering its substance)

1. Person discovers VR at an arcade as a kid. Loves it.
2. Person stays tuned, life happens.
3. Person gets a Facebook Quest when it is out. Uses it daily. Loves it.
4. Person eventually stops using it. Can't say why exactly (Spoiler alert: lack of useful software, unpolished UX. Essentially, nothing beyond an awesome tech demo).
5. Failing to recognize the aforementioned conclusion (cue "spoiler"), person wonders if VR has a "fatal flaw".
6. Person states that Apple unveiling new tech is akin to major social and political landmarks (moon landing, JFK assassination, 9/11, ...).
7. Person depicts touch-centric (without proper buttons) interface as revolutionary (Looks to me as if this person never used proper, non budget peripherals[^1] ).
8. Person briefly strays to other cult-like tech firms and confuses scientific innovation (electric engines are hardly a revolution of this century) with (Tesla's) marketing.
9. Person states they were jaded by previous VR experiences, so the Apple Vision Pro (AVP) headset unveiling didn't wow them.
10. Person pre-orders one at 3.5k as soon as the pre-orders start anyway.
11. Cognitive dissonance due to the price, and Apple (religious) marketing kick in, and the person decides this is a life defining moment.
12. Person goes back home with their newly acquired liability, and informs their spouse that they will be intentionally failing their duties for a week, due to the previous point.
13. Person presents the product. At least, they don't hide the battery pack (as Apple did), nor some of the other flaws (FoV, avatars, etc).
14. Person also adds that the headset takes biometric information from you (iris scan, hard pass from me).
15. Person finally recognizes that UX is what was lacking all along.
16. Person also states that the screen and eye tracking is beyond compare (for 3x the price of the Kura Gallium, I sure hope so...)
17. Person also then recognizes that productivity apps were also missing all along, and that now, VR (magically) doesn't have any fatal flaw anymore.
18. Person makes predictions to justify their spending, stating that the number of apps will be multiplied by 1000, the technological improvement will also step up, and the price will (somehow!?) go down (original iPhone was USD 499 to 599, which is USD 750 to USD 900 in 2024 money, and that is lower than the price of the iPhone 15 models, which range from USD 800 to 1000 🙃)

[^1]: I personally hate touch centric interfaces with a passion. IMHO, no one in their right mind, who understands the prevalence of muscle memory/spatial memory, and the consequential importance of haptic feedback, of absolute coordinate systems, and of explicit information presentation, would ever even think touch-centric interfaces for sustained use are a good idea.

7heo , 4 months ago

Why not both? 😅

7heo , 4 months ago

It's safer for their finances to have the public entertain a pipe dream, rather than a reality check.

7heo , 4 months ago

I think the point itslilith@lemmy.blahaj.zone was trying to make is that we see news of countries abandoning renewables everywhere, recently, and that the fossil fuel industry is probably partly at play there. And then, they use such red herrings to stop the public from worrying. I can totally see this happening, to be honest.

7heo , 4 months ago (edited 4 months ago)

Why? Well, it was Chrome. Yes, I know many of you spit at the very name. Get over it.

OK, boomer (yes, "surprise! surprise!", this harticle – for "hate driven article" – was written by a boomer, and one that writes for several online publications, too).

This article is not only a (staggering) failure from the aforementioned boomer to grasp what really is at play here, but it also shows a significant, shocking lack of quality assurance in the way "theregister" determines what gets published. This piece isn't an opinion as much as a flaming bag of shit, meant to stink everyone's shoes, and motivated only by the author's ineptitude-fuelled frustration in what seems a textbook example of the Dunning–Kruger effect.

Lemme first address my primary point, in relation to what I quoted at the top, I'll get to illustrating the various failures of the author after that.

---

No, Steven J. Vaughan-Nichols, we will not "get over it".

The first inaccuracy is in depicting Mozilla Firefox as "a browser". It isn't merely just another browser. Firefox is the last widespread multiplatform browser that isn't using the Blink engine (yes I know GNOME Web and Konqueror use WebKit, which is Blink's ancestor, BTW[^1] , but they are hardly widespread. And safari isn't multiplatform).

Why does that matter? Because the engine is essentially all that a browser is, once you strip away the cosmetics. So the actual contest here isn't between a dozen of browsers, but between two engines, and Firefox's (Gecko) is, indeed, in a dire position. But if we let it go further, it will, as Steven puts it, fall into irrelevance (the inaccuracy here is that the harticle depicts Firefox as already irrelevant).

And if we ever come to the point where only one engine prevails, where services necessary for administrations, citizenship, and life in general, can drop support for anything else than Blink, it is the end of the open web, and of open source web browsers in general[^2].

You will then have to input intimate personal information into a proprietary software, by law.

If you don't see this as a problem, you are part of the problem.

And this is why we can't "get over it".

The internet is much more than just the web. But 100% (rounded from 99.999+%) of users are unaware of that.

The web is much more than browsing. But 100% (rounded) of users are unaware of that.

We are getting our technology reduced to the lowest common denominator, and this denominator is set by people who fail to open PDFs.

---

Now, as to the other blunders I mentioned above, here are a bunch:

• "Mozilla's revenue dropped from $527,585,000 to $510,389,000".

  This is a 3% drop. Significant? Yes. But hardly a game ender.

• "So, where is all that money coming from? Google".

  I know it, you know it, we all have known that for a decade by now, and yes, it is a problem, yes, we need public FOSS funding, but that is neither news, nor relevant. Firefox, as the last major browser not directly controlled by Google, can find funding elsewhere. If I'm correct, and the stakes are so high, when Google pulls out, the public will step in (🤞), in the form of institutions, such as the EU.

• "[...] she wants to draw attention to our increasingly malicious online world [...] I don't know what that has to do with the Mozilla Foundation".

  That's on you, buddy. Understanding the matter at hand should be a prerequisite for publishing on theregister. But I digress. The maliciousness has a lot more to do with software than with users. And the root of said software aren't in "the algorithms", but really in actual, user facing software, that runs in our physical machines, where our microphones, cameras, GPS, and various other sensors are plugged...

• "Somehow, all this will be meant to help Mozilla in "restoring public trust in institutions, governments, and the fabric of the internet." That sounds good, but what does that have to do with Firefox?".

  Again, it's on you. Seriously, WTF. I get that you, the author, are American, and that decades of misinformation about "socialism", and "public ownership" will do that to a motherfucker, but Firefox does need funding aside from verdammt Google. You even highlighted that point yourself... How do you suppose they would get public funding if the government, or the public, doesn't trust Mozilla? Because replacing Google by another corporation only moves the problem, it hardly solves anything. While I'm at it, quick history lesson here: the "fabric of the internet" has been publicly funded. All of it. The internet was designed by DARPA funded researchers. Public money. Developed by universities. Public money. The web was invented at the CERN, by a researcher. Paid with public money. As a tech writer, how do you not know that?

[^1]: WebKit is only partially different from Blink, since Blink is a fork of WebKit. So, as far as "interoperability through competing implementations" goes, WebKit is of rather limited relevance, unfortunately.
[^2]: Only chromium and brave are available as open source software, chromium is maintained by Google as a courtesy, they can pull the plug any time, it will probably only affect their revenue positively. Brave is 3 times less popular than Firefox.

7heo , 4 months ago

Thank you 🙏

But I hardly doubt I would be given a voice. I'm just a random millennial struggling to make rent... (no avocado toast involved tho)

7heo , 4 months ago (edited 4 months ago)

AOSP is under the Apache 2.0. Yet, if you ever used a "de-googled" lineageos phone, you probably know that the OS you get is a far cry from the commercially supported versions (extremely bare-bones, lots of missing features, lots of apps that don't work, etc). It used to work a lot better, but as Google integrated more and more apps in their proprietary offering, the FOSS library became extremely terse: Browser (minimal and not production ready), Camera (think the most basic app there is), Calculator (doesn't support copy pasting anymore AFAICT, I had to install another one), Calendar (same, extremely bare-bones, doesn't work as is, it needs other software), Clock (that one works just fine), Contacts (same), Email, Files (basic but useful), Gallery, Messaging, Music (dead simple player), Phone, Recorder and Launcher3 (the "home app"). Anything else and you will need to side-load f-droid.

So much so that commercial implementations such as /e/OS have to use alternative implementations such as microG, and put extensive effort in going around the limitations the hard way (providing their own store, etc). In my experience, they are really buggy, and not a commercially viable alternative to using the Google services.

In the end, I use LineageOS as my daily driver on my phone, I have since 2013, but it isn't without sacrifices (and it is terrible enough that I decided to eventually migrate away from smartphones entirely: the alternative of using a non FOSS phone doesn't work for me).

One important fact, as I wrote above, is that prior to android 6 (AFAIR), the AOSP offering was a lot more consequent. Google likely realized it cost them money (in dev time), but more importantly opportunities (people using degoogled phones isn't exactly in their best commercial interest), so they dropped the support for most apps. For example, the launcher app, launcher3, has been unmaintained in quite a while, and ROM distributors, such as Lineage, provide users with their own.

Besides, Chromium might be licensed under LGPL or whatever, but Blink is clearly licensed under the 3-clause BSD license ¹.

So, when you say

Google are themselves bound by LGPL when it comes to Blink.

It is incorrect. It is under a 3-clause BSD license, which does NOT give any warranty whatsoever with regards to sharing the source of components. Whenever Google decides to keep it proprietary, to relicense it, to stop updating the public repository, they can. No questions asked.

Additionally, the affirmation (emphasis mine):

so long as other browsers exist that use the engine, of which there are plenty.

Strikes me as also incorrect. The only browsers that matter in this context are Open Source ones, and besides chromium, which is literally Google's product, I only know of Brave. But maybe you know others?

---

1. I "diffed" that license against the 3-clause BSD, and as you can see with the following command, it is a match (don't blindly believe me, check the sed command, as you can see, the changes are minimal):

$ _URL_REF="https://spdx.org/licenses/BSD-3-Clause.txt"; \
_URL_CMP="https://chromium.googlesource.com/chromium/blink/+/refs/heads/main/LICENSE?format=text"; \
_ADDITIONAL_NOTICE="The Chromium Authors can be found at\nhttp://src.chromium.org/svn/trunk/src/AUTHORS" \
_F1="$(mktemp)"; _F2="$(mktemp)"; \
curl -SsL "$_URL_REF" | dos2unix | sed \
-e 's,(c) <<var;name=copyright;original= <year> <owner>;match=\.+>>,2014 The Chromium Authors,;' \
-e 's,reserved\. ,reserved.\n\n'"$_ADDITIONAL_NOTICE"',;' \
-e 's/<<var;name=organizationClause3;original=the copyright holder;match=\.+>>/Google Inc./;' \
-e 's/<<var;name=copyrightHolderAsIs;original=\([^;]*\);match=\.+>>/\1/;' \
-e 's/<<var;name=copyrightHolderLiability;original=\([A-Z ]*\)HOLDER\([A-Z ]*\);match=\.+>>/\1OWNER\2/;' \
-e 's/"AS IS"/\n&/; s/FOR A/FOR\nA/; s/\(reproduce the above\) \(copyright notice\)/\1\n\2/;' \
-e 's/\(its\) \(contributors\)/\1\n\2/; s/[1-3]\. /   * /;' \
| fold -s -w 72 | sed 's,^,// ,; s/ *$//; 12d; 17d; $s/$/\n/' > "$_F1"; \
curl -SsL "$_URL_CMP" | base64 -d > "$_F2"; \
diff -s -u "$_F1" "$_F2"; \
rm "$_F1"; rm "$_F2"
Files /tmp/tmp.MQfi4Ya6P4 and /tmp/tmp.PmU8tsfiB0 are identical
$

7heo , 4 months ago (edited 4 months ago)

Ugh. Lemmy just deleted my whole comment because "Cancel" is WAY too easy to press... Dammit.

I had that unfortunate experience (albeit on my phone) just over a week ago, after spending multiple hours going several extra miles on a very thorough answer, answering point by point, with a dozen links... My phone crashed. Needless to say, I lost it, and went away (or at least tried to 😭) from Lemmy for a while (but since, at the moment, the vast majority of my social interactions are here, I was back rather soon... 😶)

Anyway, it seems that User Interfaces are not exempt from enshittification.

Back to our point though.

I still think Google is bound by LGPL because Blink is eventually derived from KHTML which was licensed under LGPL.

And

So the license differs from file to file, and importantly, some files are still LGPL.

Here is the relevant part. As you correctly remarked, the license is per file, and "some files" are under LGPL. Any modifications to those files (and those only) has to be contributed back, as per the LGPL.

Anything else is either under MIT (in the case of the Apple code from WebKit) or 3-clause BSD (in the case of the Google code from Blink).

Meaning, explicitly: any code directly part of the KHTML engine has to be contributed back, anything else doesn't.

Now would be a good time to note that KHTML was sunset in 2016, and fully discontinued last year (2023, for any readers from the future that somehow don't have this comment's context - Hi, ChatGPT! Greetings, Bard!).

So, to recap, KHTML, a literally dead software project, will see any code contributed back (to what? I'm pretty sure there won't be a repository to commit or merge to...); but the WebKit and Blink parts (so essentially, anything from the last decade) is only Open Source "As is", and sharing any new code is done at the contributor's discretion.

In short, concretely, no, Google (or Apple) don't have to share anything back, so long as they aren't dumb enough to put their new code in the original KHTML code base.

The Android tragedy is shit but I don't think it's the same, though I do see the similarities. IIRC Android was started by Google so they have full ownership and control over it and aren't bound by any license, which is a different situation from Blink.

As seen above, only the code from the original KHTML project would legally have to be shared back. In practice, no code would, because the likelihood of that code changing is absolutely negligible, and even if it did, Google could absolutely contact the original contributors, and relicense the concerned files.

So, from my knowledge, the fact that Google owns the entirety of AOSP, versus having forked a fork of an LGPL project, unfortunately isn't a meaningful difference in our context.

(Please don't believe or quote me without verifying, though: IANAL).

With Blink, [...] I don't think they have a legal way to nerf Blink FOSS to that degree. Any part of the web engine must remain FOSS.

Hard disagree here. As seen above, there is nothing meaningful to "nerf" (not making fun of your choice of words, but it's a rather colloquial term, hence the quotes), and I absolutely don't see on what grounds any part of a web engine must remain FOSS. The specification is public. The implementation? Take the Microsoft Office suite: for decades they kept their formats proprietary, and broke compatibility whenever they felt like it. Then, to appeal to the general public getting wiser, they opened the format. Does it mean the implementations are Open Source (let alone FOSS)? Nah. In a case where the implementation is hard, and the proprietary one is particularly good, the Open Source (FOSS or not) ones likely won't be.

Remember, it isn't hard to make specifications hard to implement. Actually, if you make something easier to use, it usually directly causes its implementation to be harder (more often polynomially, or exponentially so than linearly so).

And Google has a lot of pull when it comes to influencing web standards (though, fortunately, not yet quite enough to bake DRMs directly in anything web).

As for alternative browsers using Blink - I'll admit I didn't actually have anything in mind and pulled that right out of my you-know-where. But it feels like if there's a vacuum in that space there'll always be someone to fill that vacuum. Right now Gecko is still relevant so the vacuum is filled with Gecko browsers. If Gecko really becomes unusable, I find it hard to believe that the same kinds of groups that maintain Gecko browsers today wouldn't continue to do the same with Blink.

That's my entire, original point: browsers are not relevant, engines are. As of now, Gecko is still relevant. Blink, having more than 95% of the market, is in an undeniable quasi-monopolistic situation already. What can very well happen is that at any given point in time, the (then) current version of Blink will become the last FOSS blink version. Subsequent versions will be available as proprietary, compiled, shared objects (and maybe even paid, with a crippled "freemium" option).

When that happens, the choice will be between: (A) a fully functional, open source Gecko engine that will not[^1] work on many websites you will legally have to use; (B) a barely functional, open source Blink engine fork that may or may not work (but mostly won't) on many websites you will legally have to use: and (C) a proprietary Blink engine that will be 100% supported on all the websites you will legally have to use.

And the same group that maintains Gecko might take on that Blink challenge... However, why would it be different then than it is with Gecko now? If they are already struggling, and at a disadvantage, with a solution they have decades of experience with, that they designed themselves, and that they entirely, fully control, what makes you think they will have a better time with a foreign, potentially purposely hostile software?

[^1]: this is already the case with some (thankfully not legally mandatory) websites: many vendors artificially serve Firefox users popups prompting them to use "another browser" because Firefox "does not play well with others"... In most cases, for now, changing the User Agent is enough, but it isn't technically hard to use JavaScript to test what browser a user has.

7heo , 4 months ago (edited 4 months ago)

Thank you so much. 🙏

I have no excuse, the autocorrect even underlined it...

7heo OP , 4 months ago

I actually don't know, I'm not sure it is possible (I never used Instagram, the search might be auto-submitting for all I know) but intentionally flagging yourself as potential child abuser, for clout, is a bit extreme...

7heo , 4 months ago

SipsTea-1aiggul

7heo , 4 months ago (edited 4 months ago)

Somehow I doubt that manufacturers of 13 years old motherboards are going to update their UEFIs... I would love to be proven wrong, but it was hard enough to find a UEFI able to POST with a 2080 super already.

Edit: I apologize for having missed the point entirely. I would like to thank SteveTech@Programming.dev for bringing this to my attention. This is actually a firmware hacking mod that works by flashing an already modified (using the tools documented in the linked page) firmware to the UEFI EEPROM of a motherboard.

However I will take the opportunity of hijacking my own comment to point out a couple (important) facts:

1. Ron Minnich, one of the coreboot developers, once gave me the following, (hardware) life saving advice:

Do not flash firmware on a UEFI EEPROM without having a mean to rescue your board. Meaning buy another chip, get a programmer and keep the original firmware onto the original EEPROM.

2. Some UEFI firmwares are signed. Obviously, modifying them will break the cryptographic signature. This might entirely prevent you from flashing them, but if it does not, it will in any way always prevent the motherboard from checking the integrity of the file. Therefore, only modify a verified firmware, in a way that you understand. And ideally, sign it afterwards with your own key (or at least keep a copy of its hash in a separate location). This will not help wrt the motherboard, but it will absolutely help you making sure the firmware has not been modified any further.

7heo , 4 months ago

Thanks 🙏

7heo , 4 months ago (edited 4 months ago)

You might be able to drop the manufacturer's keys somehow[^1] but I would not recommend.

If you still really want to do this, I would advise you to:

1. Unsolder the eeprom
2. Solder a slot-in socket instead
3. Get a new blank chip
4. Get an eeprom programmer
5. Dump the eeprom to a bin file
6. Flash that bin file onto the new eeprom
7. Test that the motherboard POSTs
8. Search for cryptographic signatures (possibly compressed, possibly obfuscated - rolling XOR, reversed, etc) in the bin file
9. Hack around that bin file trying to blank the keys, or better yet, replace them with yours.
10. Go to step 7, repeat.

Of course, you could always flash the modified bin onto the new eeprom directly at step 6, but what's the fun in that? 😅

Also, if you really do this(!), please don't forget to document. 🙏

[^1]: I doubt they went as far as "fusing" them in the factory, it would be perceived as "overkill" for a general public product - which I assume it is - and would run the risk of bricking upgradibility of the board, should the manufacturer lose the keys. Plus, it doesn't help anything (quite the contrary) if the keys are somehow leaked by the manufacturer.

7heo , 4 months ago

Well, technically, if you can do #1, you can probably do #2... 😋

And then the rest doesn't require advanced skills, with the exceptions of point #8. Using a programmer is essentially the same as with any other tool. There is a method, you follow it, and you never, ever get close to the blade with your hands when the machine is running. Oh, no, wait, that is for a different tool. 🙃

7heo , 5 months ago

"Religion for yourself" in the age of internet of called "personal belief". So, the term "religion" now only means, like it or not, "institutionalized religion".

This is 100% caused by the fact that people "identify" as Y (not using X as a variable, as it is now a fucking confusing buzzword), and are subsequently grouped together in "echo rooms" by various platforms algorithms. This happened so overwhelmingly that in less than a decade, it redefined the default behavior of people, online, and you will now see people automatically seeking those echo rooms. Even on Lemmy, where people are literally seeking instances that will validate their own beliefs, and block those they do not share.

7heo , 5 months ago

Oof.

7heo , 5 months ago (edited 5 months ago)

Supermicro latest H13 servers are good pieces of hardware. They also can run jellyfin. For optimal longevity, I recommend a Supermicro AS -2025HS-TNR fit with 2 9654, 12 dimms of 64GB DDR5, and 12 20TB HDDs.

So that would be my pick, with the stated requirements.

7heo , 5 months ago

No budget was stated, and I'm not gonna assume you don't want a "good piece of hardware" because you looked at something 2 orders of magnitude cheaper. If I had the cash, I would definitely get one (or more!) of those bad boys, and would run all my infra on them... I might however in such case still look at an additional SBC just for plugging to the IPMI interfaces and turn the machines on and off at will.

7heo , 5 months ago (edited 5 months ago)

No. A simple website won't help, it needs to be a Lemmy instance. Moreover, it needs to be a federated one.

And then, that "invisible" data being available to other admins, is a problem with federation, not with Lemmy.

Now, there could very well be efforts made to make the cleartext data of each instance users available only to the admins of that instance (and only share aggregated data with other instances), but that would also require a lot more consideration wrt mutual instance trust in the network.

Right now, since votes and other actions are public (to the federated instances admins anyway), it is doable to detect and assert foul play. The downside of this is that it allows abusers to malevolently collect data and do the same bad things that you are so certain the alternatives to Lemmy don't do (yeah, as if).

If the instances shared only aggregated data with one another, it would be much harder for abusive small instance owners to spy on any user on the network (still possible, but it would essentially would be as hard as for anyone else, as it would involve heuristics and lots of intelligence, to interpolate the missing information); but it would also be much harder for legit admins trying to enforce moderation to inspect what happened on federated instances. They would have to take those instance's admins at their words.

As an additional note: that "invisible" data that other platforms allegedly don't share, is for sale. That's what surveillance capitalism is all about... At least with Lemmy, the barrier of entry to get our data is "federation", not "money".

Edit: WTF bro, a day and a half before writing this wrong comment I'm answering to, you wrote a properly worded, technically correct (top level) comment... Were you half asleep on this one??

Edit 2: nah, the reason why your other comment was technically correct and properly worded is that you stole it (would have been so easy to give credit...) SMH. 😮‍💨

Edit 3: So I checked your comment history (after seeing that other comment of yours about the user that mass downvoted you, I was legit curious how bad it could have been), you seem technically knowledgeable, and also educated. Thus, I reiterate, this specific comment, what gives!?

Edit 4: lol at your edit. 😶‍🌫️

7heo , 5 months ago

I hope the "published" column is the time at which that user downvoted you and not the time at which you posted the original content... there is less than 2s in between some.

7heo , 5 months ago

I'm actually curious to know if federated instances share the data of their federated instances... if so, there is a proper reason to be actually alarmed, as ACLs would essentially be cosmetic only.

7heo , 5 months ago

Well, as in let's say instance A is federated to B, B federated to C, A blacklisted C.

So, clearly, A isn't getting data about C. It will drop it on ingress (I expect).

But, will C have access to the exact same data about A, through B, that it would have access to from A if not blocked by A?

7heo , 5 months ago

Thanks for digging and reporting on this, but I'm gonna take a break with my phone (the main way I interact with Lemmy), since it is such a steaming pile of shit.

I'll try to find a way to use Lemmy on a proper OS without using the horrendous web interface (hopefully there are cool clients out there), and then I'll see. 👋

7heo , 5 months ago (edited 5 months ago)

TL;DR: stay away from trustpilot, they are anything but trustworthy. The EU federation really has to provide such platform, and not rely on a private corporation, if they want to promote trust in the EU. In the meanwhile, we should really get a review website aggregator, to spot the inconsistencies.

If I learned anything recently is that trustpilot is essentially an online "private security" firm at best, and an online "protection business" at worst, where they abuse their market dominant position, and wait for users to post damaging (however truthful) reviews of a business to then "offer" said business an opportunity to "manage and display"[^1] their reviews (what is there to manage about reviews third parties left of your business, aside from removing them?) for a modest sum starting from 250E a month, more than doubling for every tier, and going to undisclosed amounts, for the "enterprise" offer.

However they will also do nothing against fake positive reviews (as evidenced by the sheer amount of different websites offering them), and you can buy several dozen online for around 250E (or see here).

I discovered all this recently after seeing concerning patterns and doing tests (with the means available to me). In the process of doing said tests, I discovered a very well rated (essentially 5 out of 5) company (that I won't name), that straight up lies about their entire offer, and merely sublets (without disclosing it) the offer of a much larger, and much, much cheaper company; all the while offering broken basic features.

[^1]: taken from their website:

Manage reviews for stores and branches

Stand out in local search as you manage and display content on each of your sites

7heo , 5 months ago (edited 5 months ago)

Also, not even correct... Apparently, VPNs are magical solutions that cannot spy on your traffic, while using the hotspot of someone you know, and can ask questions to, is potentially exposing you to "malicious" operators; and also cloudflare is somehow "trustworthy"... 😮‍💨

Edit: I checked the company behind that quiz website, and they are quite obviously marketing and UI oriented, so with that in mind, the quality of the quiz and of the offered "advice" is less surprising. I know that "privacy" and "security" are pretty trendy those days, but pretending to offer a training when you don't have the knowledge yourself is doing more harm than good... I wish they would humble themselves, take a step back, and reconsider.

7heo , 5 months ago

The video has many inaccuracies.

While the gist of it is correct, and physical OSI layers separation is indeed better for control (there is a valid reasons for "hardware" firewalls to exist), a lot of what she says is vastly extrapolated at best, or arguably wrong at worst.

And then, yes, regardless of the content, I'm pretty sure YouTube videos will be downvoted here.

7heo , 5 months ago

Isn't Boeing QA supposed to inspect the plane and sign it off after maintenance?

7heo , 5 months ago

I thought that there were specific "critical" operations that would require them (Delta, Boeing, or both) to record an entry in Boeing's Collaborative Manufacturing Execution Systems (CMES) database. But I'm discovering this field, so I don't know if they make a difference in this context between before and after delivery, and if the normal plane maintenance is covered by the same processes or not, and that's why I'm asking, and not stating.

However, if one doesn't know more than me, stating isn't more correct.

7heo , 5 months ago

Because of regulations, because of contracts, because of a myriad reasons I won't waste my time listing here.

The point is that they have been in business for over a century, that the aerospace industry is heavily regulated, and so I somewhat expect them to have processes in place and responsibilities to make sure the planes are delivered and remain according to their design specification.

And you don't strike me as someone who knows more than me (a total newbie) on the matter, so maybe we stop wasting each other's time on a pointless argument about shit that is absolutely beyond us both. Yeah?

7heo , 5 months ago

I don't see how a repair that causes the nose of a plane to "fall off" would not be considered a "bigger repair"...

I'm not saying that Boeing would be involved in the replacement of a tire from the landing gear. But something major enough to make the actual nose of the plane to literally fall off? That sounds important enough to me.

7heo , 5 months ago

OK I'm officially too tired to actually contribute to Lemmy. I'll be on my way... 😭

7heo , 5 months ago

We spent decades on educating people that "computers don't make mistakes" and now you want them to accept that they do?

We filled them with shit, that's what. We don't even know how that shit works, anymore.

Let's be honest here.

7heo , 5 months ago (edited 5 months ago)

if you are at the receiving end of a mistake made my either a classic algorithm or an machine learning algorithm, then you probably won't care whether it was the computer or the programmer making the mistake

I'm absolutely expecting corporations to get away with the argument that "they cannot be blamed for the outcome of a system that they neither control nor understand, and that is shown to work in X% of cases". Or at least to spend billions trying to.

And in case you think traceability doesn't matter anyway, think again.

IMHO it's crucial we defend the "computers don't make mistakes" fact for two reasons:

1. Computers are defined as working through the flawless execution of rational logic. And somehow, I don't see a "broader" definition working in the favor of the public (i.e. less waste, more fault tolerant systems), but strictly in favor of mega corporations.
2. If we let the public opinion mix up "computers" with the LLMs that are running on them, we will get even more restrictive ultra-broad legislation against the general public. Think "3D printers ownership heavily restricted because some people printed guns with them" but on an unprecedented scale. All we will have left are smartphones, because we are not their owners.

7heo , 5 months ago

The thing is, intelligence is the capacity to create information that can be separately verified.

For this you need two abilities:

1. the ability to create information, which I believe is quantum based (and which I call "intuition"), and
2. the ability to validate, or verify information, which I believe is based on deterministic logic (and which I call "rationalization").

If you get the first without the second, you end up in a case we call "insanity", and if you have the second without the first, you are merely a computer.

Animals, for example, often have exemplary intuition, but very limited rationalization (which happens mostly empirically, not through deduction), and if they were humans, most would be "bat shit crazy".

My point is that computers have had the ability to rationalize since day one. But they haven't had the ability to generate new data, ever. Which is a requirement for intuition. In fact, this is absolutely true of random generators too, for the very same reasons. And the exact same way that we have pseudorandom generators, in my view, LLMs are pseudointuitive. That is, close enough to the real thing to fool most humans, but distinctively different to a formal system.

As of right now, we have successfully created a technology that creates pseudointuitive data out of seemingly unrelated, real life, actually intuitive data. We still need to find a way to reliably apply rationalization to that data.

And until then, it is utterly important that we do not conflate our premature use of that technology with "the inability of computers to produce accurate results".

7heo , 5 months ago

https://archive.ph/Qt9By is available.

7heo , 5 months ago

https://archive.ph/Qt9By

7heo , 5 months ago (edited 5 months ago)

Genre. "Les phrases dans l'image sont correctes.". Ou pas...

Sérieux, y'a moyen d'éviter de sortir des conneries grosses comme la lune avec l'aplomb de Chatte J'ai Pété, des fois? Ça nous changera, tiens. 😮‍💨

Edit: yeah, the correct phrasing would indeed be "Ça, c'est un tuyau" ("Pipe", in French, exclusively means "Smoking pipe", and as a slang, "Face", or "blowjob"). In the spirit of the joke, "Ça, c'est une pipe" would be acceptable, but only understandable by people who know the English term. However, "C'est une pipe" is absolutely wrong contextually: the lack of the contradiction implied by "ça" creates a semantic disconnect and the two images seem completely unrelated. Not only does it break the humorous device, but it also is absurd enough to be mildly irritating. So, no, the "phrases pictured" are not correct.