FishFace @ FishFace @lemmy.world

Posts

0

Comments

345

Joined

2 yr. ago

Similar to how Bin Laden very much succeeded in his goals for the Sept 11th attack, by getting us to pass the Patriot Act, invade some countries and start ripping ourselves apart.

Bin Laden's goals were to get Americans to replace their government with one that would get out of the Arabian peninsula and stop supporting Israel. He consummately failed.

An overarching principle of security is that of minimum privilege: everything (every process, every person) should have the minimum privileges it needs to do what it does, and where possible, that privilege should be explicitly granted temporarily and then dropped.

This means that any issue: a security breach or a mistake can't access or break anything except whatever the component or person who had the issue could access or break, and that that access is minimal.

Suppose that you hit a page which exploits the https://www.hkcert.org/security-bulletin/mozilla-firefox-remote-code-execution-vulnerability_20230913 vulnerability in Firefox, or one like it, allowing remote code execution. If Firefox is running as root, the remote attacker now completely controls that machine. If you have SSH keys to other servers on there, they are all compromised. Your personal data could be encrypted for ransom. Anything that server manages, such as a TV or smart home equipment, could be manipulated arbitrarily, and possibly destroyed.

The same is true for any piece of software you use, because this is a general principle. Most distributions I believe don't let you ssh in as root for that reason.

In short: don't log in to anything as root; log in as a regular user and use sudo to temporarily perform administrator actions.

P.S. your description of the situation shows you don't know the nature of vulnerabilities and security - if you're running servers then this is something you should learn more about in short order.

Nice shot!

There's currently nothing to suggest a link with the ruling about the ruling on the office of president. The timeline makes it sound like the nutjob pulled a gun in a roadrage incident then tried to hide out in the courthouse.

And I thought getting banned from big subreddits was annoying...

Isn't "in furtherance of such violation of law" the critical thing there?

1. it doesn't have to be surprising to be news
2. it's an open legal question because the law is complex and "yeah, I reckon he did jan 6" is not enough work to prove that Trump took actions which are covered by the relevant laws, and that the relevant laws bar him from the primaries

Presumably self-execution is not that relevant here, since in every state there will be people with enough will and lawyers to take it to court?

If you federate with something too massive though it has undue weight on the entire system. It is likely to be Embrace, Extend, Extinguish again, and it's reasonable to want to avoid that.

For people who don't remember, the pattern would be something like:

1. Federate and use the existing ecosystem to help you grow and to grow mutually (Embrace)
2. Add new features that only work locally, drawing users away from other instances to your own (Extend)
3. Defederate - the remainder is left with a fraction of the users since many moved away, so the users on the local instance don't care. (Extinguish)

It depends whether 2 actually succeeds at pulling users in. Arguably most people already on the Fediverse are unlikely to jump ship to Facebook, but you have to consider what happens in a few years if it's grown, but Facebook is a huge name which makes people less likely to join other instances.

No-one actually dislikes stuff because it's lazy. You know what's lazy? Writing a story in your damn native language - everyone should only write stories in a language they can't speak. And featuring human beings? Too easy to relate to their emotions - lazy! Feature only animals after having done the necessary research to present their emotions fairly.

When people say lazy as a criticism they usually mean "boring" or "unoriginal" (a "lazy trope" is one that's been repeated too often) or just "bad" and lazy seems like a more objective way of expressing their dislike.

So don't be lazy - say what you mean.

Never knew the details of this!

Isn't it quite hard to hit ships with ballistic missiles?!

The social construct of race is which features we consider important enough by which to categorise people. So in the USA, this is white, black, asian or hispanic. Maybe native. Those categorisations are based on real observable traits, but we could choose other categorisations. It notably groups together traits which we can easily distinguish and pull out as subdivisions, such as south-east Asians.

We could redraw these groupings: we could for example together north Africans, middle-easterners and Indians, separating out those from southern and central Africa. We could separate Europeans so that Scandinavians, Finns and Slavs are together, separately from western and southern Europeans.

Every general election in the UK involves transporting ballot papers to a central location (per constituency). This isn't an issue.

You don't actually have to count IRV ballots in a central place; it just requires coordination for the multiple rounds: you can count the first-choice votes in many locations, sum them, determine who is eliminated then, still in those separate locations, count again, now transferring first choice votes for the eliminated candidate, and repeat.

STV is used all over the world and requires the same processes as IRV.

As to Arrow’s Impossibility Theorem

I didn't mention Arrow's theorem in the comment you replied to. The compromise I mentioned applies to scoring systems just as much as ranking systems.

And again, the lie about the spoiler effect. RCV still has the spoiler effect, and it’s even worse for enforcing a two party dominance than FPtP.

Citation needed.

The main thing to understand is that RCV/IRV whatever you call it, is still a series of FPtP elections on a single ballot. You cannot fix the problems of plurality by iterating plurality.

But... you can. Some of them, anyway. If there are three parties running, A, a similar party B, and Z, where you prefer A > B > Z, then in a FPTP election you have to choose whether to vote for A or B, and if A is the third-most-popular, it's a bad idea to. With IRV you can rank them A > B > Z, the third-most-popular party A probably gets eliminated, but you still express your opinion B > Z. That situation is, in FPTP, incredibly common.

The situations in which the introduction of option B negatively affects option A in IRV are substantially less common than in FPTP because of this: B has to be significantly more popular, to the point where enough people switch their first choice votes from A to B, resulting in A being eliminated, but B must not be so popular that it couldn't win head-to-head against Z.

Calling IRV "a series FPTP elections" ignores the important condition under which those successive counts happen.

To firebomb Palestinians living on Lebanese farms? OK dude but you have to prove it.

security issues

Sounds like FUD for any voting system. Security comes from other aspects. Lots of elections use Instant Runoff Voting and STV which has similar properties, without security problems.

spoiler effect, monotonicity issues

Listing these issues is a bit pointless given impossibility theorems. No electoral system can be both Condorcet compatible (always elects the candidate who beats all other candidates in a head-to-head, if such a candidate exists) without also potentially rewarding abstentions (i.e. there are situations where changing from not voting to entering a vote which prefers candidate A to candidate B can cause candidate B to win instead of A). STAR voting satisfies neither principle. IRV satisfies the property that if you switch from ranking A > B > C to A > C > B this can never cause A to lose - STAR voting does not (this is what I outlined above, or part of it).

All voting systems are compromises. But this last issue gets to the real heart of it: STAR voting has this issue precisely because it, as a scoring system, is explicitly saying "one hundred people each assigning this candidate a 1 indicates they should win over a candidate who got 49 2s and no other votes". Ranking methods are denying the ability to trade off many weak preferences against fewer strong preferences and go only by rankings. Each leads to different issues; you need to go more into those rather than just focus on a list of mathematical properties.

IRV is significantly better than FPTP because the spoiler effect is much less, possibly below the threshold where most voters would actually attempt to vote tactically. STV is significantly better than IRV because it is much more proportional. MMP is even better because it's simpler and arguably has better local ties between representatives and electorates. These are the real issues - mathematical properties are interesting but not the final word.

I use mine fairly often. I don't actually listen to music all that much but sometimes I do when my phone is my only data source, and I don't have wireless headphones.

I joined last.fm when it was still called audioscrobbler. I believe their logo with the stylised "as" is still a nod to that origin!

Think Spotify’s year in review, but running constantly.

To expand: it shows your top artists, albums and tracks, all the time. But it also performed spotify's function of a recommender system; it would link music together that people often listened to together, then if you listen to something it would recommend you similar stuff. I found A LOT of bands that way a long time ago.

So the relevance to this article, I take it, is that you suspect this attack was not a use of white phosphorous for smoke or signalling, because in the past, when having been accused of using white phosphorous in a city, the IDF initially denied it but then admitted it may have been used improperly, and you are therefore skeptical of their good faith this time around?

Perfectly reasonable.

Does not justify labelling this a definite war crime which is what you and Amnesty have done.

Mate, I know plenty about voting systems. You don't need to rattle them off.

As to “forcing you to rank candidates” that’s hogwash.

In STAR, if you have four candidates and you feel like two are pretty similar, you might give them both a three. But if they then make it to the runoff, you've no longer expressed a preference between them. Do you prioritise expressing your preferences in the first round (where you might not want to help either of them win against your favourite whom you awarded 5) or in the runoff?

Forcing people to use a bad system because you think they aren’t smart enough to rate someone on a scale of 0-5 is kind of mind-boggling.

Who is "forcing" people to use a "bad" system? Which bad system? Do you think that, because I don't like STAR which you've spammed the entire thread with, I must be in love with FPTP? Let's take a deep breath here...