Transitioning in STEM
sudneo @ sudneo @lemm.ee Posts 0Comments 569Joined 1 yr. ago
sudneo @ sudneo @lemm.ee
Posts
0
Comments
569
Joined
1 yr. ago
Absolutely...but how does that relate to the previous topic?
Tbh, in Italy there is no much "before university" in terms of "being excellent". The admission test was extremely easy, with a very high number of admitted students and on topics that are common to all high schools (we have a completely different school system in Italy). In fact, the vast majority of people in my class never studied those topics in high school. Also university costs were low (from 0 to ~2k/year depending on family income).
But I think that a mix of stereotypes (I.e. gender stereotypes), peer pressure (do you want to go study in a class 90% men) and other social issues definitely discourage all but the most motivated women to join, which is a shame.
The same exact thing applies to many other faculties of course. Psychology and "educational sciences" (literal translation) are basically just women (at least in Italy), which is exactly the same phenomenon.
Yep, if the number was not given specifically to connect that is what makes it inappropriate for me. But overall, an invite to a date besides being old fashioned is not necessarily creepy, even after long time. Of course, I don't know if there were additional clues that made the whole thing creepy (tone of voice, phrasing etc.).
I studied computer engineering in Italy, and I can relate with the number of women being very low. I think there were maybe <10 women in the whole class on a ~60 people total after the first semester (starting with 250 people). Most of them were top of the class, which to me always suggested that while many men signed up and then "see how it goes", only women who knew exactly what they wanted signed up.
Is that ... a bad thing? I am missing something, did he take the number from somewhere or you gave it to him? But otherwise calling someone and asking out is a pretty harmless thing to do.
It is generally used similarly to "life goes on". Even if with more pessimism about the fact that certain things don't change (sometimes for good though).
It is still going to be a big deal for a few weeks though...
A very old one indeed. It's never certain how conclaves will go.
Not to talk about annotations. Take screenshot, click preview, click edit, click rectangle tool, make rectangle (repeat), click done. Instead with flameshot it's literally 2 clicks. Thanks for writing documentation BTW, on behalf of whomever you work with.
I have opposite experiences! Multiple Linux laptop, with multiple docking stations: a bit of xrandr magic and everything works, forever. (BTW, try setting manually the refresh rate at different values for the two monitors via xrandr, I have solves a similar problem to yours in the past by creating a dedicated display class.)
On a Mac, it's impossible, I have to plug one cable directly in the computer to make it work, and the quality of the output on 2k monitor is way worse since they disabled sub-pixel rendering or some stuff.
Windows also works decently on this regard, until it doesn't (my partner's PC stopped recognizing HDMI monitor at some point, and the debugging was frustrating as hell).
I agree so much for flameshot. For work I moved to a Mac and we are not allowed to install flameshot (signing issue), and the workflow for taking screenshots (e.g., when writing documentation) is so much worse and slow with the default macOS tooling.
In 4 years I have never (and will never) used any service from /e/. There is no vendor lock whatsoever. That's fully optional.
Points 3, 4 and 5 in your list are moot IMHO.
Also
It takes a base level of understanding why you would buy a Fairphone
It doesn't really. "Phone is repairable and X can help me", "they pay the makers fair wages" are not really complex value propositions that require some (technical) understanding.
The point of /e/ and similar distributions is that you can buy a phone with it (average user will never reflash) and just have a phone that doesn't use Google (it does, for the amount that doesn't require you to do extra technical stuff and have a sane user experience at the same time).
That said, calyx seems a great alternative and so are iode. I think the advantages of one over the other (for my brief search) are quite small.
Gotcha, you are the classic person who is unnecessarily confrontational, but that dashes at any actual confrontation, because ultimately you have nothing to say. Your history shows this clearly.
We can all live without toxic people like you.
So your argument is repeating a cliché? OK.
I don't need to convince you, but I explained my reasoning. Maybe make some practical examples, show some CVEs that - if left unpatched - severely impact the privacy (or the broader security) of the average users.
Also, as anybody who works in security knows, security is not a binary, and securing often means paying a price (in usability, in Euro, in comfort, in performance, whatever). In my mom's threat model there is no the APT leveraging a 0 day to breach her worthless phone, there are opportunistic scammers who send her emails. There is also google and the like harvesting her data to sell her shit (hence a deGoogled phone with bootloader unlocked is more important than a Google phone with bootloader locked, for example).
In my threat model there might be some more resourceful attackers (because believe it or not, a financial org trusts me with securing their infra). However, as I also said, a much simpler and cheaper attack that recently has made the news is just to snatch the phone unlocked from my hands on the street, rather than exploiting an android CVE. This is why for example I have app pins for signal, email and everything that supports it, and I need to authenticate at every use. I also store all my TOTP on my yubikey, rather than keeping them on the phone (even with PIN), so my phone is not good as a 2FA device.
What you call blasé is actually just a way I personally assessed the risks and decided to invest accordingly. People whose threat model involve the bots who spam emails do not have to invest in security like if the NSA is after them. Updating android a month later is not going to be even a "low" risk for most people, especially if they adopt the much more important practice (IMHO) of not installing every shitty app under the sun. If you think otherwise, make concrete examples perhaps. Using a cliché is not really building your credibility here.
I definitely wait more than a week to update for example. The marginal security risk is completely irrelevant for me compared to the operational risk of a buggy update. N-1 is a common practice for updating software in fact, unless there is absolutely a great reason to upgrade.
Also, I want to be in your circle, because most people I know if the phone doesn't update automatically they probably won't even think of updating their phone (or their computer) at all.
For me the reason is simple, I don't care about the advanced threats that would be mitigated by GrapheneOS enough to buy a pixel and migrate. I already own a FP3 and that's what I am going to use until it breaks.
I might consider Graphene in the future, but having to buy a Google phone (even a used one) already pisses me off, compared to a FP (or similar). eOS also tries to be a "noob-friendly" distribution, that you can buy phones with and you never have to mess with the phones, which means people who don't have the skills or don't want to mess with their phones might trade the risk with ease of operation, and it might be the right choice for them.
Generally speaking privacy and security are related but not really linked to each other. Google services might be very secure, but a privacy nightmare for example. In this particular case, even more, because the chances that using a "googled" phone will mean data collection (I.e. privacy issues) are almost certain, while the risks we are talking about are much more niche and - as I elaborated on another comment - in my opinion not really in most people threat model.
I would like to hear your perspective instead, because I am not really into using authority arguments, but as a security engineer I believe to at least understand well the issue with security updates, vulnerabilities and exploits. So yes, I do think to know what I am talking about.
I am not dismissing it, I am saying that is not as big as you make it to be. Most users lag behind in updates anyway, besides using minimal and trusted applications, the outside exposure to exploitation is relatively small, for a device without a public address. I am not the one APTs are going to use the SMS no-click 0-day against.
Similarly for the bootloader issue. The kind of attacks mitigated by this are not in most people threat models. They just are not. As someone else wrote, it's possible to relock the bootloader anyway with official builds (such as my FP3). But anyway, even for myself the chance that my phone gets modified by physical access without my knowledge is a fraction of a fraction compared to the chance that someone will snatch the phone in my hand while unlocked, for example (a recent pattern).
If these two issues are what prompts you to call a "security dumpster fire", I would say we at least have very different risk perceptions.
FWIW, I have the FP3 for now more than 4 years. I have only replaced the battery 6 months ago. A case would have been extra waste (to produce the case itself) in my case, and probably will be trashed after as it might not fit the next phone.
No offense, but that's not what a security dumpster fire is. Security updates are important, of course, but they are also not the biggest deal.
In fact, I bet that the vast majority of users (on Android or otherwise) are lagging way behind in updates anyway.
It was! Yes, back to the base camp I think I have drank almost a liter in one go! That tap was the most delicious thing in my life!
I can relate with your story as a fellow acrophobic (relatively mild...), and it reminded me of a similar but very different situation I lived.
I was on a holiday with friends, we were planning to do some canyoning. I scouted the path beforehand just not to get stuck, and everywhere I read that there are always alternative paths to jumps. The day before we make a hike, 700m of climb over 5km, steep as hell and in the evening my legs were butter (not sure if the same is for you, but the more I don't feel my body in control, the more fear takes over).
Next day, we go canyoning and I could legit barely walk. I start the course already thirsty, and after almost 1h we were barely halfway. Having to climb and jump (small stuff) made me sweaty AF, I was completely dehidrated. At some point we reach a place and I clearly realize there is no way back. I am the last one of the group, tired and thirsty as fuck, we are all tied on a rope, and we are on top of a big boulder. There are 2 ways down: jump 10m or go down with the rope.
I have spent close to 10min on top talking to the guide, asking completely moronic questions, and I have 8 of them on video because my friend was just before me and filmed.
I ended up jumping, I figured that with the energy I had left, I would rather do something that takes 2s rather that rope myself down. I probably managed to do that just because I was that dehydrated and almost in a delirious state. I remember looking down the water and just the memory makes me dizzy. But the feeling of not having an option B (or C) is what really gets you, this is why I could relate with your story even though this is a completely different situation.
Fun fact, I ended up being the only one in my group to jump 10 meters, and now the memory is a mixed bag of emotions, but I will always have brag rights with my friends.
Edit: I added a picture of the jump as seen from top. It's a screenshot from the infamous video.
The view from below maybe is more realistic...
It's quite hard to make connections between statements about adult society (I.e. workplace, reproductive rights) and what happens in teenagers in a completely shielded (and tbh, fairly inclusive) environment like schools (mostly, high school as that's when people decide to sign up in university). Actually, possibly what happens even earlier, as many people who go to STEM faculties in university come from the "scientific high school" which is the only "liceo" where males are more than females.
On average females earn also higher grades, in all levels of school (which is why I don't find solid the argument that women have to abide higher standard of excellence in this context).
So all this to say, I definitely think there is a cultural issue that pushes women away from STEM subjects (a phenomenon quite common in all the West), but I don't think is what my interlocutor suggested - that is another expression of women having to meet higher standards. This wouldn't explain the corresponding imbalance in other areas.
To make an example: 91.8% of students in teaching sciences are females. 87% of students in computer science are males. I would say that culture stereotypes and fixed gender roles are responsible for both, and instead this idea of "higher standards" seems fuzzy and explains only one side of the equation.
Curious also to note that women are absolutely the vast majority of teachers in kindergarten (99.3%!), primary school (97%), secondary school (77%) and high school (65%). While women are perfectly capable of reproducing gender oppression, it's also fair to assume that there are plenty of women role models in STEM subjects.
Anyway, besides this long thing, I can't find solid connections between what you posted and the topic, can you maybe elaborate your point?