- risThis rules out some extremely useful sparse memory tricks you can pull with massive mmaps that only ever get partially accessed (in unpredictable patterns).
- Zscaler enrages me with their use of the term "zero trust" in marketing, because due to their MitM-ing of TLS, they become a single-point-of-interception for all your organisation's traffic. "100%-trust" would better describe it for me, as you have to have 100% trust of Zscaler and anyone who has admin access to your organisation's Zscaler account.
- Using nix to install Ansible, oof you're hurting me..
- For a while I've been saying it's a pity we hadn't been regularly trusted-timestamping everything before that point as a matter of course.
- The only company that appear to be taking a different tack on this are https://www.slate.auto
Anyone know of any others?
- Malware scanners are such trash.
- There are very few pieces of free software that don't lean very heavily on top of a mountain of other free software that make it possible, and I think the author would be surprised how much of that was written by people who strongly disagreed with his worldview and considered him a "bad guy".
- See also the "lite assertions" mode @ https://gcc.gnu.org/wiki/LibstdcxxDebugMode for glibc, however these are less well documented and it's less clear what performance impact these measures are expected to have.
- Native applications are a scourge, if only from a security standpoint.
- Have been tempted to get one of these just for printing out tickets/QR codes so I can keep my dumbphone and not fight dried up ink cartridges etc.
- If they ever get liquidated I wonder who's going to end up with that massive dataset of photos of people looking like a tit.
Or perhaps they'll pivot..
- I can't be the only one to find the TALA output to be the worst of all the engines. I almost always end up using ELK.
- > My government requires me, by law, to send it tens of thousands of dollars every year
That's only because you have those tens of thousands to give it. The same will not generally be true for people who have nothing.
- The paradox being that every thing you customize about your browser config becomes another thing that can potentially be fingerprinted and makes you stand out as one of the 1% who has ever looked in about:config.
- Disable WebGL. Not in a funny javascripty extension, in about:config.
- > While it's still a good idea for companies to have an endpoint protection software on their employees' machines
Disagree
- The logging examples given don't appear to be too different to what any structured & annotated logging mechanism would give you. On top of that it's normally encoded with grpc, so that's already one-up on basic json-encoded structured logs.
The main difference I see with otel is the ability to repeatedly aggregate/decimate/discard your data at whatever tier(s) you deem necessary using opentelemetry-collector. The amount of data you end up with is up to you.
- > I'm not as allergic to AI content as some
I suspect it's less about phobia, more about avoiding training AI on its own output.
This is actually something I'd been discussing with colleagues recently. Pre-AI content is only ever going to become more precious because it's one thing we can never make more of.
Ideally we'd have been cryptographically timestamping all data available in ~2015, but we are where we are now.
- It's the idea that every application can near-arbitrarily choose a bespoke-but-exact mix of versions of every underlying package and assume they all work together. This is same attitude that leads to seemingly every application on planet earth needing to individually duplicate the work of reacting to every single dependabot update for their thousands of underlying packages and deal with the fallout of conflicts when they arise.
Packages in nixpkgs follow the "managed distribution" model, where almost all package combinations can be expected to work together, remain reasonably stable (on the stable branch) for 6 months receiving security backports, then you do all your major upgrades when you jump to the next stable branch when it is released.
- The main problem here is wanting to hang on to the "bespoke version soup" attitude that language package managers encourage (and is totally unsustainable). The alternative Mise doesn't appear to have any ability to understand version constraints between packages and certainly doesn't run tests for each installed package to ensure it works correctly with the surrounding versions. So you're not getting remotely the same thing.