Contact: hi@rjevski.io
- Counterpoint: Andrew Tate resonates with the younger generations because modern society (at least in the UK) appears to be an ever-growing middle finger to them and Tate promises a (fake, but believable) way out.
When your future looks like endless toil just so you can give half of the fruits of your labor to subsidize senile politicians/their friends (via taxes) and the other half to subsidize boomers (via rent), Tate's messaging and whatever get-rich-quick scheme he's currently hawking sounds appealing.
You can ban Tate but without solving the reason behind why people look up to him it's just a matter of time before another grifter takes his place.
- Apple became infected with the same thirst for "engagement" as any advertising-driven company. That's why even first-party apps like Maps or Music now waste your time with bullshit notifications. Same for every OS update trying to con you into enabling Apple "Intelligence".
Whether the advertising is ultimately successful does not matter to those people, what matters is if they can convince the person paying them (the manager paying their salary, the ad agency, etc) that they are effective.
- Who needs to read mail when you can even make it receive mail!
Make an `smtp.socket`, which calls `smtp.service`, which receives the mail and prints it on standard output, which goes to a custom journald namespace (thanks `LogNamespace=mail` in the unit) so you can read your mail with `journalctl --namespace=mail`.
- Only when done by individuals, or against rich people.
- Someone leaked some politician’s video rental history back in the day (there wasn’t even anything controversial): https://en.wikipedia.org/wiki/Video_Privacy_Protection_Act
- When you're a company with funding and/or a network of benefactors behind it a lot of laws stop applying. And if all else fails, I hear pardons aren't particularly expensive these days.
- The expected result is that the complaints will rot in the queue for years and eventually either closed on a technicality or result in a token fine. That's the reality of GDPR "enforcement".
- A leak of politicians' dirty habits should hopefully do it.
- A firewall blocking outgoing connections (except those whitelisted through the proxy) would’ve likely prevented the download of the malware (as it’s usually done by using the RCE to call a curl/wget command rather than uploading the binary through the RCE) and/or its connection to the mining server.
- Container escapes exist. Now the question is whether the attacker has exploited it or not, and what the risk is.
Are you holding millions of dollars in crypto/sensitive data? Better assume the machine and data is compromised and plan accordingly.
Is this your toy server for some low-value things where nothing bad can happen besides a bit of embarrassment even if you do get hit by a container escape zero-day? You're probably fine.
This attack is just a large-scale automated attack designed to mine cryptocurrency; it's unlikely any human ever actually logged into your server. So cleaning up the container is most likely fine.
- But the firewall wouldn't have saved them if they're running a public web service or need to interact with external services.
I guess you can have the appserver fully firewalled and have another bastion host acting as an HTTP proxy, both for inbound as well as outbound connections. But it's not trivial to set up especially for the outbound scenario.
- Not that I’m disproving it but do you have a source? Companies say all kinds of things for hype and to attract investors, but it doesn’t necessarily make it true.
- The rules are fine and do prohibit this, it's their enforcement that's (intentionally) flawed.
Social media moderation has to balance "engagement" with the potential for bad PR or liability for the company. It turns out that content that is against the rules is also the one that generates the most engagement, so enforcing the rules as-is is bad for the bottom-line.
Thus for every piece of content that is potentially against the rules, the actual condition for removing it is whether the expected engagement potential outweighs the probability of someone rich/well-connected getting inconvenienced by it and how much inconvenience would it be. Content is only removed when the liability potential exceeds the profit potential.
At the beginning the reports were ignored because the system determined it is more profitable to stay up. I'm not sure what "his pleas to take it down" refers to, it would've likely been just his staff members flagging it with their personal accounts and those flags having very little weight. Eventually either someone managed to talk to a human and/or a letter to their legal department arrived, or the content achieving enough impressions to become a risk which caused the earlier flags to actually get reviewed by a competent human, at which point they realized what their liability was and quickly removed it.
You should expect to see an apology from their PR department soon and a promise they'll do better next time.
- It's performative when you talk whatever the market wants to hear rather than sticking to an opinion (no matter how flawed it is). This behavior reminds me of the cryptobros that were hailing NFTs/web3 as the next best thing since sliced bread, and when that didn't came to pass quietly moved onto the next grift (AI) with the same playbook.
(also I’m just talking out of my ass on a tech forum under a pseudonym instead of going to well-publicized interviews)
- It's backpedaling but I don't think it's planning ahead to prevent a developer shortage - rather it's pandering to the market's increasing skepticism around AI and that ultimately the promised moonshot of AI obsoleting all knowledge work didn't actually arrive (at least not in the near future).
It's similar to all those people who were hyping up blockchain/crypto/NFTs/web3 as the future, and now that it all came to pass they adapted to the next grift (currently it's AI). He is now toning down his messaging in preparation of a cooldown of the AI hype to appear rational and relevant to whatever comes next.
- This is an easy theory to prove; if AI was anywhere close to a senior engineer, we'd see the costs of software development drop by a corresponding amount or quality would be going up. Not to mention delivery would become faster. With LLMs being accessible to the general public I'd also expect to see this in the open-source world.
I see none of that happening - software quality is actually in freefall (but AI is not to blame here, this began even before the LLM era), delivery doesn't seem to be any faster (not a surprise - writing code has basically never been the bottleneck and the push to shove AI everywhere probably slows down delivery across the board) nor cheaper (all the money spent on misguided AI initiatives actually costs more).
It is a super easy bet to take with money - software development is still a big industry and if you legitimately believe AI will do 90% of a senior engineer you can start a consultancy, undercut everyone else and pocket the difference. I haven’t heard of any long-term success stories with this approach so far.
- This is performative bullshit pandering to the increased skepticism around AI. He wouldn't be saying that if AI investment was still in full swing.
I do agree with him about AI being a boon to juniors and pragmatic usage of AI is an improvement in productivity, but that's not news, it's been obvious since the very beginnings of LLMs.
- The main cartridge (with the cable modem) was presumably heavily subsidized by the expected recurring revenue, which relies on the ephemeralness of the games. Offering RAM carts (even at cost) would threaten that revenue as people can stock up on games and cancel their subscription once they've built up their collection.
- A lot of them got fooled by the caching; pages for signed-out users are cached heavily and those kept returning successful responses even if the actual backend server was down.
Unfortunately they do: https://www.hackerneue.com/item?id=38371307