booly

booly , 4 days ago

Self deprecation comes off wrong when it seems like the thing you're criticizing is actually important, and that you actually believe it.

So it's funny when the audience knows you don't believe it's important, either because everyone agrees it's not important ("I can't sing on tune to save my life") or if it's a particular example that doesn't matter ("I'm such a bad mom because [something inconsequential])," or if it's a topic that people can see isn't important to you (jokes about being socially awkward, bad at your job, etc.).

If you're in one of those lanes, you can go pretty hard on yourself before it seems to go too far.

booly , 13 days ago

Dual purpose breeds for both egg laying and meat production are poorly optimized at either. So the industry has moved onto specialized breeds that are best at doing one of them.

Plus raising roosters together is much more logistically challenging than raising hens. So they'd need much more space and much more oversight/labor. So rather than devote some resources to raising males of breeds that are good for laying eggs, they'd rather devote those same resources to raising much more meat from females of meat breeds.

booly , 13 days ago

Wasteful of what, though?

If a particular farm can produce 1000 kg of meat and 500kg of bones/other waste in a year by raising female meat chickens, would it be a waste to devote that farm to raising 500 kg of meat and 400 kg of bones from male egg chickens? In a sense, that's a waste of the farm to produce half as much meat as it can produce through killing chicks.

It's a philosophical difference on what weight to assign to the lives of chicks, adult chickens, other resources including human labor, etc. The lazy shortcut is to maximize return on dollar investment with no regard for any of those moral, ethical, and philosophical considerations, and that's what most of the industry does today, but even if you shift to a new moral framework you'll need to decide how to weight those things.

booly , 13 days ago

Well yeah the key is to acquire that passive income before you're born, through your parents, so that you can pursue your dreams as soon as you're old enough to form them.

booly , 13 days ago

For what it's worth, that particular format war, the format backed by more porn studios (HD-DVD) actually lost to the one with less porn backing (Blu-ray). Personally I think that the PS3 tipped things over the edge.

booly , 1 month ago

Motorola Solutions is a dominant radio manufacturer in the government/first responder space, as well as major infrastructure providers. Yes, that means cops, but it also means firefighters, ambulances, trains, buses, airports, and any fleet of mobile service for mission critical stuff like electric utilities, telecom, and some aviation uses. Back in the day of trunk radio, it used to be common for taxis, too.

Motorola sold its consumer mobile businesses (cell phones) in 2011 in a spinoff as "Motorola Mobility," around the time it was shutting down and selling off pieces of its space/satellite businesses, but kept most of its other businesses. Today's Motorola Solutions is the legal successor to the Motorola that invented the cell phone.

booly , 1 month ago

At least 50, but I'd make it larger. Maybe increase from 50 to about 8 billion and make sure all the villagers' needs are met.

booly , 2 months ago

The typical default configuration has the ISP providing DNS services (and even if you use an external DNS provider, the default configuration there is that the DNS traffic itself isn't encrypted from the ISP's ability to analyze).

So even if you visit a site that is hosted on some big service, where the IP address might not reveal what you're looking at (like visiting a site hosted or cached by Cloudflare or AWS), the DNS lookup might at least reveal the domain you're visiting.

Still, the domain itself doesn't reveal the URL that follows the domain.

So if you do a Google search for "weird sexual fetishes," that might cause you to visit the URL:

https://www.google.com/search?q=weird+sexual+fetishes

Your ISP can see that you visited the www.google.com domain, but can't see what search you actually performed.

There are different tricks and tips for keeping certain things private from certain observers, so splitting up the actual ISP from the DNS resolver from the website itself might be helpful and scattering pieces of information, but some of those pieces of information will inevitably have to be shared with someone.

booly , 3 months ago

Can't fix the vulnerability, but can mitigate by preventing other code from exploiting the vulnerability in a useful way.

booly , 3 months ago

This particular class of vulnerabilities, where modern processors try to predict what operations might come next and perform them before they're actually needed, has been found in basically all modern CPUs/GPUs. Spectre/Meldown, Downfall, Retbleed, etc., are all a class of hardware vulnerabilities that can leak crypographic secrets. Patching them generally slows down performance considerably, because the actual hardware vulnerability can't be fixed directly.

It's not even the first one for the Apple M-series chips. PACMAN was a vulnerability in M1 chips.

Researchers will almost certainly continue to find these, in all major vendors' CPUs.

booly , 3 months ago

It basically varies from chip to chip, and program to program.

Speculative execution is when a program hits some kind of branch (like an if-then statement) and the CPU just goes ahead and calculates as if it's true, and progresses down that line until it learns "oh wait it was false, just scrub all that work I did so far down this branch." So it really depends on what that specific chip was doing in that moment, for that specific program.

It's a very real performance boost for normal operations, but for cryptographic operations you want every function to perform in exactly the same amount of time, so that something outside that program can't see how long it took and infer secret information.

These timing/side channel attacks generally work like this: imagine you have a program that tests if variable X is a prime number, by testing if every number smaller than X can divide evenly, from 2 on to X. Well, the bigger X is, the longer that particular function will take. So if the function takes a really long time, you've got a pretty good idea of what X is. So if you have a separate program that isn't allowed to read the value of X, but can watch another program operate on X, you might be able to learn bits of information about X.

Patches for these vulnerabilities changes the software to make those programs/function in fixed time, but then you lose all the efficiency gains of being able to finish faster, when you slow the program down to the weakest link, so to speak.