mspencer712 @ mspencer712 @programming.dev

Posts

0

Comments

162

Joined

2 yr. ago

Or one of those laser “pointers” with crazy high power, 1 watt or higher?

Even old HP printers aren’t safe. I have a two-generations-back HP Color LaserJet I got from a tech recycler for $300. (MFP M477fdw) It can be optionally configured to enforce or not enforce genuine toner. I can get a four-pack of CYMK high-capacity cartridges for $70-80 on Amazon. Prints wonderfully, toner is cheap, so I’m in the clear, right? Safe from this BS?

Turns out that wear items (intermediate transfer belt, for example) within the printer have chips with versioned firmware. And the printer will throw error codes if different firmware versions within the printer aren’t mutually compatible.

I’m sure the moment they believe they can get away with it, replacement ITB assemblies, fixers, document scanners, etc will include a shrink wrap license and firmware that requires you to update everything else to match - and the matching firmware will make official toner no longer optional.

Definitely Fuck HP. The moment any of that comes to pass and disables my own printer I’m re-recycling this printer and buying another brand immediately.

Clearly my comment annoyed you. What should I have done differently? Apart from switching away from Windows, what plan or idea should I have attempted to rally support for?

Ok that tears it. What firewall rules do I need to set so I get security updates and absolutely nothing else?

Wait don’t do that. They garnish wages for student debt. They’re happy to do it, too, as they get to keep a big chunk of extra fees that way.

Agreed. They are deliberately taking advantage of the fact that people don’t understand how autopilot is actually used in aircraft.

Sure, the most pedantic of us will point out that, with autopilot enabled, the pilot-flying is still in command of the aircraft and still responsible for the safe conduct of the flight. Pilots don’t** engage autopilot and then leave the cockpit unattended. They prepare for the next phase of flight, monitor their surroundings, prepare for top-of-descent, and to stay mentally ahead of the rapid-fire events and requirements for a safe approach and landing. Good pilots let the autopilot free them up for other tasks, while always preparing for the very real possibility that the autopilot will malfunction in the most lethal way possible at the worst possible moment.

Do non-pilots understand that? No. The parent poster is absolutely correct: Tesla is taking advantage of peoples’ misunderstanding, and then hiding behind pedantic truth about what a real autopilot is actually for.

** Occasionally pilots do, and many times something goes horribly wrong unexpectedly and they die. Smart, responsible pilots don’t. Further, sometimes pilots fail to manage their autopilot correctly, or use it without understanding how it can behave when something goes wrong. (RIP to aviation Youtuber TNFlygirl who had a fatal accident six days ago, suspected to be due to mismanagement of an unfamiliar autopilot system.)

Hmm I’ve got an old Compaq 575e with a PCNet32 nic, and an old 3com 3c509 ISA adapter in a closet with 10base2 and AUI ports.

Use a modem router or managed switch to get down to 100baseT, give this box a Linux distro, enable Ethernet bridging in the kernel, and slaps case this baby can drop almost 20k packets a second, no sweat!

Ok now I’m curious what I’m missing out on. Can anyone recommend a good PCIe token ring adapter and concentrator?

Really great ideas. I read up a bit on Fediblock and I think you’re absolutely right.

If I could riff off of your ideas a bit: instance-blocking recommendation lists bundle an entire stack of things together:

• statements of fact or intent: this is wrong, this is right, this is insulting and harmful, this is insulting but not harmful if you can laugh at it
• value judgements about those statements: I care about this issue but not that issue, this wrong statement is easily disproven, that wrong statement takes paragraphs to disprove, etc.
• actions to take based on those value judgements: block, tag with a statement, link to an article, etc.

With things bundled, the whole stack has to be a pretty close match for a user’s own values, or else there’s friction. The user can just tolerate the friction, maybe miss out on some content, or they can decide to switch to a whole new list.

Suppose we could unbundle those from each other. Subscribe to the work of a group of volunteers that recommends safe defaults but lets you customize things when you encounter friction points.

I feel like we need different ways to share and learn things about harmful posts and comments. Like, sure maybe your server aggregates the posts, and because you own the server you can remove or edit things if you really want to. But I should be able to say “this is objectively wrong in a dangerous way, and here’s proof” in a side channel that the server owner can’t block.

And for it to have any point at all, clients should be able to subscribe to feeds. Like, a science educator I respect can say “I trust this foundation that fights harmful disinformation” and I should be able to click a button and see their stuff. Without the server owner banning me for some weird reason.

A 20 lb (or so) sealed lead acid battery and an inverter, at U Nebraska at Omaha around 2003-2004. I had imported a Sharp SL-C700 and it was very power hungry. Smart phones were barely a thing (blackberries) at the time.

I think I was vaguely aware of the possibility of some unexpected metal shorting the battery and getting hot enough to start fires, so I bought a green rubber bath mat (which I remember had little sucker feet on one side) and wrapped it around the battery.

I finished my undergrad in 2004 with no incidents.

Agreed, -10 post. Better Congress critters would help. Less of this uninformed Biden-I-did-this-sticker crap would help.

Are there any beneficial side effects? If they discover a URL is malicious after it’s been exported, would this allow them to intercept the click and stop someone from reaching the malicious site?

Do you keep a shopping list? A personal to-do or reminders list? You should stop because that’s a ritual and rituals are clearly bad.

I mean, no, you should keep the rituals that help you work better and discard the rest. Which is what successful agile teams are already doing.

The first sentence “It was the year of the Linux desktop 1978” stopped me.

I’d love to see this become something greater. Consider this challenging problem:

Suppose you have an instance with a community (“C”) that likes to promote subtle but wrong things.

Suppose there’s a community of fact checkers (“F”) who wants to promote actual, verifiable/falsifiable facts by responding to lies with compelling and relevant references. They want to help by directly replying to posts or applying tags in community C, but they are not permitted to contribute by that instance. The community C seems to want their lies to remain unchallenged.

And then suppose there’s some opted-in users (“U”) who want to receive help understanding when posts in community C are not factual. They would like to receive posts or tags from fact checkers, because people they trust have recommended they listen to these fact checkers.

I’d love to see a tagging system that can help “U” and “F” connect, even if the owners of “C” don’t want them to, when browsing content in “C”. Ideally in an extensible way that lets some future implementer come up with novel ways to organize and maintain the fact-checking side of things in response to new threats.

I probably explained this badly, and the letters are probably more pretentious than helpful. But I hope someone smarter can pick this up and run with it, because it’s something the world desperately needs.

That’s right. I know I was thrown off by large projects earlier in my career. The more you learn the stronger you get at understanding and packaging/setting-aside larger and larger pieces of a project. Bigger projects stress this ability in new ways. I think I lost a job in 2016 because I couldn’t stretch my brain around something bigger, at a small business with maybe 14 devs.

This might be a bad way to communicate this, and I think I’m taking this in a weird direction, but: I’ll use the Mozilla project as an example of a large project, though I’ve never looked at its source.

Suppose you were in an interview, and due to the specifics you are expected to be fast and fluent with the same technologies used in the Mozilla project, though you’ve never looked at the source before. Given a machine with the source already checked out and open in an IDE, you have one hour to read through the source and familiarize yourself with it, so you can answer questions about how you would approach adding features or test coverage.

What I want to know is: how high does your heart rate go? Does it go up just a little, as expected for a high stakes situation? Or does it go up a lot, because you honestly have no idea how much another dev in your situation would be expected to accomplish, so you have no clue what “good enough” looks like?

This is a crappy example because no interviewer could ever actually use this metric. But I’d say if it goes up a lot, for the reason I gave, you might not be ready for senior. And by this metric, it might not ever be possible to grow to “senior” without working at a company with large multi-team projects. But I think that’s accurate.

(Edit: yes, sorry, Software Development Engineer. I think that’s a protected term in the US, in Texas and California at least, but anywhere else in the US you don’t need to pass an engineering board exam to use that title.)

It sounds like you’ve got enough familiarity with the whole development lifecycle, as applied to a smaller single-dev-sized project, that you’d be great as an SDE 2 at a larger company, ready within a few years to step up to Senior. There are companies with hundreds of developers who only rarely hire straight out of college, where your level of experience is exactly what they want.

(There are also companies with hundreds of developers who do hire straight out of college, and I’m not trying to disillusion recent grads.)

When I last had to job hunt (2016) - I just jinxed it didn’t I? - I was complimented by interviewers for separately listing “Classroom experience” and “Professional experience”

I think you get a lot of points for a resume that says “I may or may not be the best fit for you, and that’s ok. Here’s accurate information, so you can make that determination for yourself. I trust you.”

For example, nearly ten years ago the FBI arrested Ross Ulbright and seized his encrypted laptop while it was running. One group caused a scene, distracting Ulbright, and another group separated Ulbright from his laptop. That bust was a good thing, and it’s good that Ulbright was convicted for what he had done. But details of the operation make it clear that any adversary - not just law enforcement working against a suspect - can use similar tactics to steal encrypted data.

This tool, along with other security practices, can help at-risk users (yes, including criminals) mitigate this kind of attack.